Scan project dependencies for outdated packages and known vulnerabilities Scan {path} for package manager files Identify primary package manager from detected files Report: "No supported package manager detected" Execute audit command for detected package manager Capture stdout and stderr Parse output for vulnerabilities Look up outdated_command for detected package manager from detection config Execute {outdated_command} for the detected package manager Fall back to {command} if no outdated_command defined (skip outdated check) Capture stdout and stderr from outdated command Parse output for package versions: - current: currently installed version - wanted: latest version satisfying semver range - latest: latest available version Classify outdated packages by severity: - major: major version behind (breaking changes likely) - minor: minor version behind (new features) - patch: patch version behind (bug fixes) Filter by severity_threshold Format output according to output_format ``` Dependency Check Report ======================= Project: {project_name} Package Manager: {package_manager} Date: {date} Vulnerabilities: - Critical: {critical_count} - High: {high_count} - Medium: {medium_count} - Low: {low_count} Outdated Packages: {outdated_count} Top Issues: 1. {top_issue_1} 2. {top_issue_2} 3. {top_issue_3} ```