Documentation

Dep Beacon Docs

Dep Beacon brings dependency status into VS Code manifests. It checks npm registry metadata, calculates semver-aware update targets, resolves pnpm catalogs, and marks OSV security risk with clear status colors.

Install extension Explore features

latest 7.0.0minor ^7.0.0catalog resolves ^19.0.0high vulnerability reported

Start here:Install Dep Beacon from the marketplace, open `package.json` or `pnpm-workspace.yaml`, and review the inline signals beside each dependency range.

01Install

Add Dep Beacon from Marketplace or Open VSX and open a supported manifest.

02VS Code Extension

Understand inline labels, CodeLens actions, commands, and status colors.

03pnpm Workspaces

See how default and named catalogs resolve before dependency analysis.

04Security Signals

Use OSV severity signals to separate routine updates from advisory risk.

Core ideas

Stay on the line

Keep update decisions beside the dependency range instead of sending maintainers to another dashboard.

Choose the next move

Show patch, minor, major, and latest targets instead of one vague update suggestion.

Respect workspace policy

Resolve pnpm catalogs before analysis, so `catalog:` never looks like an unknown version.

Separate risk from noise

Keep outdated packages, invalid ranges, and vulnerability severity visually distinct.

Supported files

package.json

Dependency sections, npm overrides, Yarn resolutions, and pnpm-specific blocks.

pnpm-workspace.yaml

Default catalogs, named catalogs, overrides, and package extensions.

Command palette

Refresh signals, clear registry cache, sort manifests, toggle prereleases, and run installs.