For Java / Kotlin

DepScope for Maven Central

One API for every artifact in Maven Central.

The problem

AI coding agents (Claude, Cursor, ChatGPT, Copilot) recommend Maven Central packages based on training data 6-12 months stale. Recent CVEs missed, deprecated libraries still suggested, package names sometimes hallucinated.

Every agent also queries central.sonatype.org independently — billions of redundant fetches a day, tokens burned parsing JSON the model doesn't need.

One API call — live health, vulnerabilities, alternatives

curl https://depscope.dev/api/check/maven/org.springframework.boot/spring-boot-starter

Returns a health score, list of live CVEs, deprecation flags, latest version, alternatives — all from OSV + GitHub Advisory Database, cached.

For AI agents that prefer token-efficient responses:

curl https://depscope.dev/api/prompt/maven/org.springframework.boot/spring-boot-starter

Same signal, much more compact payload — less input tokens per decision.

Integrate in one line

Claude Desktop / Cursor MCP server on npm:

npm install -g depscope-mcp

GitHub Actions CI Audit your Maven Central dependencies on every PR:

- uses: cuttalo/depscope@main
  with:
    ecosystem: maven

Any language Just call the API. No auth, 200 req/min.

Next steps

→ Try the API now with org.springframework.boot/spring-boot-starter

→ Source code on GitHub (MIT)

→ Full API documentation

→ Data attribution & licenses

Package intelligence is infrastructure. DepScope is the shared layer so every AI coding agent — and every developer — can rely on the same live data. Open infrastructure, MIT, EU-hosted.