Is there a tool which does not only verify if you are on the lastest version of a python package, but also how old that "lastest" version actually is? The use case is simply abandonware packages which got replaced by forks (Example: flask-security being dead and replaced by flask-security-too ... which actually is relevant to application security).
All the tools I've found only verify that you use the latest package version, which is not what I'm looking for.
Ideally it should be able to easily fail a CI build if an issue is found (i.e. ability to define limits instead of just outputting text) as well as have an ignore-list.
Basically something where I'd have a call like sometool requirements.txt -max-age=365 -max-revisions=10 -max-latest-age=730 and it highlights all packages that are either more than 10 revisions behind, where my revision is over a year behind latest, or where the latest is released over 2 years ago.
