Version status
Know when a range already accepts the latest stable release and when a newer target is available.
VS Code extension for npm manifests
Dep Beacon
See dependency update paths, pnpm catalog context, and OSV security risk beside the versions you already edit.
package.jsonpnpm-workspace.yamlOSV.devnpm registry
4 update pathspatch, minor, major, latest
Catalog awaredefault and named pnpm catalogs
Risk visibleOSV severity mapped to editor signals
Editor nativeCodeLens, diagnostics, and commands
The moment it helps
Turn a dependency line into a decision.
Dep Beacon keeps version status where the change happens. You can compare the next safe move, spot security risk, and understand catalog-managed ranges without leaving VS Code.
3"astro": "^6.4.0"latest 7.0.0minor ^7.0.0
4"react": "catalog:react19"catalog resolves ^19.0.0
5"left-pad": "1.1.0"high vulnerability reported
Useful signals, not another dashboard.
The extension focuses on maintainers who review manifests all day: clear status colors, practical update targets, and commands that fit the VS Code workflow.
Semver choices
Apply patch, minor, major, or latest updates while preserving common `^` and `~` range style.
pnpm catalogs
Resolve `catalog:` and `catalog:name` entries before showing status, diagnostics, and update context.
Security risk
Use OSV results to separate routine update work from low, medium, high, and critical advisory risk.
Designed for the files teams actually touch.
Dep Beacon reads package manifests and workspace policy files, then keeps dependency maintenance actions close to the line that needs attention.
Ready when the manifest opens