Tour: Dependencies
Dependency health — the two things about your dependencies that are worth acting on: what’s vulnerable and what’s behind. (The descriptive import graph and matrix used to live here too; the structural picture now belongs to Architecture, which turns it into layer findings you can act on rather than a map you just read.)Security
Known vulnerabilities in your dependencies, sorted by severity (critical → info), with a “fix available” badge and a direct-vs-transitive indicator. Reikon reads your project’s own ecosystem — JavaScript/TypeScript (npm), Python, Rust, Go, Ruby, PHP, and Java — and runs the official scanner for each (npm audit, pip-audit, cargo audit, govulncheck,
bundler-audit, composer audit, and so on). If the scanner for your language isn’t
installed, Reikon tells you which one to install rather than pretending everything is
fine. For Java it reads an existing OWASP dependency-check report if your build produced
one, rather than running that lengthy scan itself.