Stack/Dependency Auditor
Builds & Reproducibility

Dependency Auditor

Paste a package.json or a requirements.txt. It flags the pins that quietly break reproducible builds: wildcards, caret and tilde ranges, open lower bounds, duplicates across groups, and the same package pinned two different ways. Nothing is uploaded.

INPUT
OUTPUT // tesserakit-deps

Paste, then run. Findings appear here.

A preview of a Tessera pack

This browser demo runs a handful of checks client-side. The full deps pack audits dependency manifests for pinning, duplicates, and conflicts. It is one of 24 job packs in Tessera, an offline toolkit that turns a repository into a single reviewable HTML report.

Every pack follows one contract: normalize, validate, generate artifacts. No services, no API keys, no network calls, nothing executed against your code.

install.ttyoffline

$ pip install tesserakit-deps

$ pipx install tesserakit-deps # isolated CLI install

$ uv tool install tesserakit-deps

$ tessera run --input . --output run

# then open run/index.html