Show HN: Eolds, a scanner for EOL open source packages across 12M versions
eoldataset.comHey HN. I'm part of the team that built this, though not the engineer behind it. Happy to answer what I can and will loop in the people who built it for anything technical.
The reason we built it: most teams only find out they're running EOL software during a CVE incident or a compliance audit. We kept hearing this problem from customers and couldn't find a tool that clearly answered: which of my dependencies will never get another patch, including the ones your packages depend on?
SCA tools cover known CVEs. They don't cover EOL status or what's coming. That's the gap this is built for.
One thing worth saying directly: HeroDevs is a for-profit company. But part of why we built this is that we think someone needs to be a responsible steward for open source software when maintainers move on. We see this as part of that commitment, not just a product.
Run it with npx @herodevs/cli scan or upload an SBOM on the site (https://eoldataset.com/). Free to use. Curious what you find, especially in ecosystems we haven't covered well yet.
No comments yet.