microsoft/vscode vs mularahul/keyviz
microsoft/vscode shows stronger signals overall
As of June 2026, vscode shows healthier maintenance signals than keyviz. vscode rates Healthy overall while keyviz rates Mixed. vscode was committed to today with 24+ active contributors, while keyviz last saw a commit 2 months ago with 2+ active contributors. vscode is MIT-licensed while keyviz is GPL-3.0-licensed. Neither has known critical or high-severity CVEs in its dependency tree.
Informational only. RepoPilot summarises public signals at the time of analysis. Not professional, security, or legal advice.
microsoft/vscode →
Healthy across the board
Permissive license, no critical CVEs, actively maintained — safe to depend on.
Has a license, tests, and CI — clean foundation to fork and modify.
Documented and popular — useful reference codebase to read through.
No critical CVEs, sane security posture — runnable as-is.
- ✓In RepoPilot's curated trusted-corpus (29 projects)
- ✓Last commit today
- ✓24+ active contributors
- ✓Distributed ownership (top contributor 28% of recent commits)
- ✓MIT licensed
- ✓CI configured
- ✓Tests present
Computed from maintenance signals — commit recency, contributor breadth, bus factor, license, CI, tests, cross-checked against dependency CVEs from deps.dev and OpenSSF Scorecard
mularahul/keyviz →
Single-maintainer risk — review before adopting
copyleft license (GPL-3.0) — review compatibility; top contributor handles 97% of recent commits…
Has a license, tests, and CI — clean foundation to fork and modify.
Documented and popular — useful reference codebase to read through.
No critical CVEs, sane security posture — runnable as-is.
- ⚠Small team — 2 contributors active in recent commits
- ⚠Single-maintainer risk — top contributor 97% of recent commits
- ⚠GPL-3.0 is copyleft — check downstream compatibility
- ⚠No test directory detected
- ⚠Scorecard: default branch unprotected (0/10)
- ✓Last commit 6w ago
- ✓2 active contributors
- ✓GPL-3.0 licensed
- ✓CI configured
What would improve this?
- →Use as dependency Concerns → Mixed if: relicense under MIT/Apache-2.0 (rare for established libs)
Computed from maintenance signals — commit recency, contributor breadth, bus factor, license, CI, tests, cross-checked against OpenSSF Scorecard
Signal-by-signal breakdown
| vscode | keyviz | |
|---|---|---|
| Stars | 186,836 | 9,248 |
| Last commit | today | 2mo ago |
| License | MIT | GPL-3.0 |
| Open issues | 18,813 | 52 |
| Has tests | ✓ | — |
| Has CI | ✓ | ✓ |
| Test coverage | 4% | 0% |
| Dependency CVEs | No CVEs | No CVEs |
| Architecture grade | — | — |
| Cycles | — | — |
| Bottom-line | Healthy signals | Mixed signals |
Want the full analysis? microsoft/vscode · mularahul/keyviz
Ask AI about microsoft/vscode vs mularahul/keyviz
Open the chat with a comparison question pre-filled.