Development & Code Intelligence Tool

The Dependency Analyzer Tool

Parse a repository’s dependency manifests and internal import relationships to map what it relies on and how its modules connect — the dependency picture an agent needs before any change, on infrastructure you control.

Explore VDF AI Agents
ManifestsParses declared dependencies
ImportsMaps internal relationships
SnapshotWorks on a repo snapshot
100%On-prem analysis
The Dependency Problem

You can’t change safely what you can’t map

Every repository depends on external packages and a web of internal imports. Without a map of both, changes ripple in surprising ways and upgrades become guesswork.

01

Hidden coupling

Internal imports tie modules together in ways no one tracks.

02

Opaque dependencies

What the project actually relies on is scattered across manifests.

03

Risky upgrades

Without an import map, the blast radius of a change is unknown.

04

Manual mapping rots

Hand-drawn dependency diagrams are stale immediately.

How the Tool Works

Manifests plus import relationships

Manifests

What the repo depends on

Parsed from the source of truth.

The tool parses dependency manifests to enumerate the external packages a repository declares, building the outward picture of what it relies on.

  • Manifest parsing
  • External package inventory
  • Per-ref analysis
  • Snapshot-based
Deps
Declared

From manifests

PackagesManifestsInventoryExternal

Imports

How the modules connect

The internal wiring.

It also extracts internal import relationships, revealing how modules depend on one another — the coupling that determines the blast radius of any change.

Graph
Import Map

Internal coupling

ImportsCouplingModulesRelationships

Governance

On-premise analysis

Source stays internal.

Analysis runs against a snapshot inside your perimeter with audit logging, so dependency visibility never requires exposing code.

100%
On-Prem

IP-safe, logged

On-premIP-safeAudit logPrivate
Inputs

Parameters

The analyze_dependencies tool accepts these inputs when an agent calls it. Required inputs are flagged.

Name Type Required Description
owner string Optional GitHub repository owner.
repo string Optional GitHub repository name.
ref string Optional Branch, tag, or commit SHA. Defaults to the default branch.
user_id integer Optional User ID for resolving a stored GitHub token.
Where it pays back

Where dependency analysis pays back

Upgrade planning

See what depends on a package before bumping its version.

Refactor scoping

Map internal coupling to size a refactor.

Onboarding

Help a new engineer understand how modules connect.

Risk assessment

Identify heavily-depended-on modules that need care.

Architecture review

Feed the import map into higher-level architecture inference.

Agent grounding

Give an engineering agent the dependency context for changes.

How VDF AI connects it

Assigned to agents, orchestrated as networks

On VDF AI, an industry’s use cases map to agents, and you assign tools like this one to those agents. Compose multiple agents into a governed, on-premise network.

Industry Your sector Finance, healthcare, telecom, government, and more. Use Case A job to be done Concrete workflows the business needs solved. Agent A specialized worker Governed AI agents that execute the use case. Tool Dependency Analyzer The capability you assign to an agent. Network Agents, orchestrated Many use cases and agents, working as one.
ROI Snapshot

What changes after you assign it

Mapped
External and internal deps
Safer
Upgrades and refactors
Current
Generated, never stale
100%
Analyzed on-prem
FAQ

Questions about the Dependency Analyzer tool

What does the dependency analyzer do?

It parses a repository’s dependency manifests and internal import relationships from a snapshot, producing both an inventory of external packages and a map of how modules depend on each other.

Why does the import map matter?

Internal coupling determines the blast radius of a change. Knowing what imports what lets an agent — and an engineer — change code without unexpected ripple effects.

Does it run on a live repo?

It analyzes a snapshot at a given ref (branch, tag, or commit), so results are stable and reproducible.

Is our code exposed?

No. Analysis runs on-premise with audit logging; source never leaves your perimeter.

How does it pair with other tools?

It feeds architecture inference and change-impact analysis, and is often assigned alongside the repository map for full structural context.

Related tools

Tools that work well alongside this one

development

Repository Dependency Graph

Build a module import graph from your source files.

Development & Code Intelligence Tools Explore tool development

Architecture Inference

Infer components and their relationships from a repo.

Development & Code Intelligence Tools Explore tool development

Change Impact Analysis

Estimate impacted files, APIs, and risks for a change.

Development & Code Intelligence Tools Explore tool development

Repository Map

Build a structural map of any repository.

Development & Code Intelligence Tools Explore tool development

Dependency Manager

List, audit, update, and check packages for Python and Node.

Development & Code Intelligence Tools Explore tool
Keep exploring

Where this tool delivers value

Migrate LangChain to VDF AI NetworksVDF Code Product TeamsFinance & Banking Browse all tools

Map what your code depends on

See the dependency analyzer give an engineering agent a current dependency map — on-premise.

See how tools work on VDF AI Deploy on your own infrastructure