dep-brain 1.5.0 → 1.5.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/README.md +15 -10
  2. package/package.json +1 -1
package/README.md CHANGED
@@ -6,6 +6,8 @@
6
6
 
7
7
  `dep-brain` is a CLI and library for explainable dependency intelligence in JavaScript and TypeScript projects.
8
8
 
9
+ Current release `1.5.1` adds upgrade-advice output, stepped major-version guidance, release-note links, and analysis output contract `1.6`.
10
+
9
11
  ## Vision
10
12
 
11
13
  `dep-brain` aims to become a dependency decision engine:
@@ -35,7 +37,7 @@ The long-term goal is not just to list problems, but to answer:
35
37
  - Can I remove it safely?
36
38
  - What should I fix first?
37
39
 
38
- ## v1 Features
40
+ ## 1.5 Highlights
39
41
 
40
42
  - Duplicate dependency detection with lockfile instance tracking
41
43
  - Unused dependency detection with runtime vs dev-tool heuristics
@@ -167,7 +169,9 @@ Suggestions:
167
169
  dep-brain analyze --json
168
170
  ```
169
171
 
170
- Output includes `outputVersion` for schema stability and can be validated with:
172
+ Output includes `outputVersion` for schema stability. `dep-brain@1.5.1` writes contract version `1.6`.
173
+
174
+ Validate against:
171
175
 
172
176
  - `depbrain.output.schema.json`
173
177
 
@@ -384,17 +388,18 @@ src/
384
388
 
385
389
  ## Product Direction
386
390
 
387
- `dep-brain` is in its `v1.0.0` production-ready CLI stage. The roadmap delivered through v1:
391
+ `dep-brain` is in `v1.5.1` production CLI stage, with current focus on actionable dependency decisions instead of raw issue lists.
392
+
393
+ Recent releases added:
388
394
 
389
- - `v0.6`: explainability and confidence scoring
390
- - `v0.7`: safe removal guidance and actionable recommendations
391
- - `v0.8`: supply-chain trust and risk intelligence
392
- - `v0.9`: deeper monorepo and ownership intelligence
393
- - `v1.0`: stable CI, ecosystem exports, and production readiness
395
+ - transitive risk ownership and path tracing
396
+ - dashboard and plugin support
397
+ - baseline, focus, and CI workflows
398
+ - structured upgrade advice with release-note links
394
399
 
395
- The project should optimize for trust, clarity, and actionability over flashy UI, generic graphs, or simply adding more checks.
400
+ Project should optimize for trust, clarity, and actionability over flashy UI, generic graphs, or simply adding more checks.
396
401
 
397
- Risk findings now include a `trustScore`, structured `riskFactors`, `transitiveRiskScore`, and `riskyTransitiveDeps` path traces so teams can see which direct package introduces supply-chain risk.
402
+ Risk findings include `trustScore`, structured `riskFactors`, `transitiveRiskScore`, and `riskyTransitiveDeps` path traces so teams can see which direct package introduces supply-chain risk.
398
403
 
399
404
  ## Repository Notes
400
405
 
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "dep-brain",
3
- "version": "1.5.0",
3
+ "version": "1.5.1",
4
4
  "description": "CLI and library for explainable dependency intelligence",
5
5
  "type": "module",
6
6
  "main": "dist/index.js",