Measuring the updatedness of dependencies and vulnerable dependencies in NPM, PyPI, and Cargo packages is crucial for software supply chain security.