The idea of a package like this was born from having gotten security vulnerability reports about production dependencies (shipped into production) which turned out to not not even be in use.<p>The goal would be to be able to run this tool in CI, which will catch cases where the developer forgets to remove unused dependencies. An example of such a case could be when doing refactorings.