Q: How is Kurynt any different than tools like Dependabot?
A: Dependabot will simply upgrade every package to the latest version and create a pull request. It doesn't test any packages for stability or review their actual compatibility with all your other packages. Kurynt brings back the human element of software: the fact that even well tested and heavily used external libraries can sometimes introduce breaking changes and critical bugs by accident or sheer dumb luck.
Q: What about Snyk?
A: Snyk is focused primarily on security issues. However, likewise to Dependabot, it will simply automatically make pull requests onto your codebase to upgrade any vulnerable package versions to the latest recommended version based on the security exploit. Like dependabot, it won't run any tests on your system or be able to know if the recommended updates introduce breaking changes for the project you have.
Q: Couldn't I get all this same information on GitHub?
A: Sure, you definitely could, and you are welcome to try :) But we all know the truth is that any project of value quickly has a large package and dependency footprint. For most product managers, QA engineers, and developers, time is always the most critical resource, and sifting through hundreds of issue threads in GitHub for each package used in a codebase just isn't feasible. It's Kurynt's duty and mission to do this reliably for you, bringing the most critical issues and warnings forward for you to review without wasting your time.
Q: Okay, I'm convinced! How do I get started?
A: Get started by heading over to the dashboard:Get started ➜