Skip to main content
Code Drift Intelligence

Your AI assistant is writing outdated code.

Vibgrate feeds it version-correct context from your lockfile, gives it a deterministic map of your real code, scores how far your stack has drifted, and flags the CVEs hiding in your stale dependencies — from one CLI.

Code Drift Intelligence — how far your code, and the AI writing it, has drifted from current, correct, well-understood truth. Not infrastructure drift, not ML model drift.

Free CLI · results in about 60 seconds · never reads your source · no signup

Replay
demo@vibgrate — bash
npx @vibgrate/cli scan
 
╭──────────────────────────────────────────╮
Vibgrate Drift Report
╰──────────────────────────────────────────╯
 
── node-turborepo (node) .
Runtime: >=18.0.0 (6 majors behind)
Frameworks:
Turbo: 1.13.4 → 2.10.2 (1 behind)
TypeScript: 5.9.3 → 6.0.3 (1 behind)
Dependencies:
1 current 2 1-behind 2 2+ behind 1 unknown
 
── @repo/admin (node) apps/admin
Frameworks:
TanStack Query: 5.101.2 → 5.101.2 (current)
React: 18.3.1 → 19.2.7 (1 behind)
React DOM: 18.3.1 → 19.2.7 (1 behind)
TypeScript: 5.9.3 → 6.0.3 (1 behind)
Vite: 5.4.21 → 8.1.2 (3 behind)
Dependencies:
4 current 9 1-behind 2 2+ behind 4 unknown
 
── @repo/api (node) apps/api
Frameworks:
Express: 4.22.2 → 5.2.1 (1 behind)
TypeScript: 5.9.3 → 6.0.3 (1 behind)
Vitest: 1.6.1 → 4.1.9 (3 behind)
Dependencies:
7 current 6 1-behind 2 2+ behind 4 unknown
 
── @repo/web (node) apps/web
Frameworks:
Next.js: 14.2.35 → 16.2.9 (2 behind)
React: 18.3.1 → 19.2.7 (1 behind)
React DOM: 18.3.1 → 19.2.7 (1 behind)
TypeScript: 5.9.3 → 6.0.3 (1 behind)
Dependencies:
2 current 7 1-behind 2 2+ behind 5 unknown
 
── @repo/config (node) packages/config
Frameworks:
TypeScript: 5.9.3 → 6.0.3 (1 behind)
Dependencies:
2 current 3 1-behind 4 2+ behind 0 unknown
 
── @repo/database (node) packages/database
Frameworks:
Prisma: 5.22.0 → 7.8.0 (2 behind)
TypeScript: 5.9.3 → 6.0.3 (1 behind)
Dependencies:
1 current 1 1-behind 2 2+ behind 1 unknown
 
── @repo/types (node) packages/types
Frameworks:
TypeScript: 5.9.3 → 6.0.3 (1 behind)
Dependencies:
0 current 1 1-behind 0 2+ behind 1 unknown
 
── @repo/ui (node) packages/ui
Frameworks:
React: 18.3.1 → 19.2.7 (1 behind)
TypeScript: 5.9.3 → 6.0.3 (1 behind)
React: 18.3.1 → 19.2.7 (1 behind)
Dependencies:
1 current 5 1-behind 0 2+ behind 1 unknown
 
── @repo/utils (node) packages/utils
Frameworks:
TypeScript: 5.9.3 → 6.0.3 (1 behind)
Vitest: 1.6.1 → 4.1.9 (3 behind)
Dependencies:
0 current 2 1-behind 1 2+ behind 1 unknown
 
Findings (12 errors, 5 warnings)
Node.js runtime ">=18.0.0" reached end-of-life on 2025-04-30 (latest: 24.0.0).
vibgrate/runtime-eol in .
40% of dependencies are 2+ major versions behind in node-turborepo.
vibgrate/dependency-rot in .
@types/node is 6 major versions behind (spec: ^20.11.0, latest: 26.1.0).
vibgrate/dependency-major-lag in .
Vite is 3 major versions behind (current: 5.4.21, latest: 8.1.2).
vibgrate/framework-major-lag in apps/admin
vite is 3 major versions behind (spec: ^5.0.12, latest: 8.1.2).
vibgrate/dependency-major-lag in apps/admin
Vitest is 3 major versions behind (current: 1.6.1, latest: 4.1.9).
vibgrate/framework-major-lag in apps/api
@types/node is 6 major versions behind (spec: ^20.11.0, latest: 26.1.0).
vibgrate/dependency-major-lag in apps/api
vitest is 3 major versions behind (spec: ^1.2.1, latest: 4.1.9).
vibgrate/dependency-major-lag in apps/api
Next.js is 2 major versions behind (current: 14.2.35, latest: 16.2.9).
vibgrate/framework-major-lag in apps/web
@types/node is 6 major versions behind (spec: ^20.11.0, latest: 26.1.0).
vibgrate/dependency-major-lag in apps/web
44% of dependencies are 2+ major versions behind in @repo/config.
vibgrate/dependency-rot in packages/config
eslint-plugin-react-hooks is 3 major versions behind (spec: ^4.6.0, latest: 7.1.1).
vibgrate/dependency-major-lag in packages/config
Prisma is 2 major versions behind (current: 5.22.0, latest: 7.8.0).
vibgrate/framework-major-lag in packages/database
50% of dependencies are 2+ major versions behind in @repo/database.
vibgrate/dependency-rot in packages/database
Vitest is 3 major versions behind (current: 1.6.1, latest: 4.1.9).
vibgrate/framework-major-lag in packages/utils
33% of dependencies are 2+ major versions behind in @repo/utils.
vibgrate/dependency-rot in packages/utils
vitest is 3 major versions behind (spec: ^1.2.1, latest: 4.1.9).
vibgrate/dependency-major-lag in packages/utils
 
╭──────────────────────────────────────────╮
Top Priority Actions
╰──────────────────────────────────────────╯
 
1. Upgrade EOL runtime in node-turborepo
End-of-life runtimes no longer receive security patches and block ecosystem upgrades.
./.
>=18.0.0 → 24.0.0 (6 majors behind)
Impact: −10 drift points (runtime & EOL)
 
2. Upgrade Vite 5.4.21 → 8.1.2 in @repo/admin (+2 more)
3 major versions behind. Major framework drift increases breaking change risk and blocks access to security fixes and performance improvements.
./apps/admin
Vite: 5.4.21 → 8.1.2 (3 majors behind)
./apps/api
Vitest: 1.6.1 → 4.1.9 (3 majors behind)
./packages/utils
Vitest: 1.6.1 → 4.1.9 (3 majors behind)
Impact: −5–15 drift points
 
3. Reduce dependency rot in @repo/database (50% severely outdated)
2 of 4 dependencies are 2+ majors behind. Run `npm outdated` and prioritise packages with known CVEs or breaking API changes.
./packages/database
@prisma/client: 5.22.0 → 7.8.0 (2 majors behind)
prisma: 5.22.0 → 7.8.0 (2 majors behind)
Impact: −5–10 drift points
 
4. Reduce dependency rot in @repo/config (44% severely outdated)
4 of 9 dependencies are 2+ majors behind. Run `npm outdated` and prioritise packages with known CVEs or breaking API changes.
./packages/config
eslint-plugin-react-hooks: 4.6.2 → 7.1.1 (3 majors behind)
@typescript-eslint/eslint-plugin: 6.21.0 → 8.62.1 (2 majors behind)
@typescript-eslint/parser: 6.21.0 → 8.62.1 (2 majors behind)
eslint: 8.57.1 → 10.6.0 (2 majors behind)
Impact: −5–10 drift points
 
5. Reduce dependency rot in node-turborepo (40% severely outdated)
2 of 5 dependencies are 2+ majors behind. Run `npm outdated` and prioritise packages with known CVEs or breaking API changes.
./.
@types/node: 20.19.43 → 26.1.0 (6 majors behind)
eslint: 8.57.1 → 10.6.0 (2 majors behind)
Impact: −5–10 drift points
 
╭──────────────────────────────────────────╮
Drift Score Summary
╰──────────────────────────────────────────╯
 
Drift Score: 74/100
Risk Level: HIGH
Projects: 9
Classified: 8 nano · 1 micro · 0 small · 0 standard
Billable: 0.42 · 9 detected → 0.42 billable projects (micro-project pricing)
0.1 micro · 0.32 nano
These fractions add up across repositories, then round down to whole billable projects.
 
Score Breakdown
Runtime: ████████████████████ 100
Frameworks: ████████▊░░░░░░░░░░░ 44
Dependencies: █████████████████▌░░ 88
EOL Risk: ████████████████████ 100
 
Scanned at 2026-07-01T14:03:20.184Z · 25.5s · 14 files scanned · 56 workspace files · 27 dirs
 
 
╭──────────────────────────────────────────────────╮
Get AI-aware answers in your editor
╰──────────────────────────────────────────────────╯
 
vg install --all
 
· Code map in your assistant — call trees, impact surfaces, import paths
· Offline drift — DriftScore and upgrade priorities, right inside your editor
· Version-correct library docs — pinned to your lockfile, no hallucinated APIs
Press Run to start.

A replay of the actual CLI against our test repos — nothing executes in your browser.

Scans ~19 ecosystems20-language deterministic code graphCycloneDX & SPDX nativeSARIF for code scanningSigned, verifiable releases
The shift

The workflow changed. The guardrails didn't.

AI now writes a large, growing share of production code — at machine speed, against "latest", generic, or hallucinated context. It ships code that targets deprecated APIs, pulls vulnerable dependencies, and misreads the structure of the very repo it is editing. Codebases drift from current, supported truth faster than ever, and almost no team can see it happening.

The teams that win the next few years are the ones whose humans and AI work from the same current, verifiable ground truth.

Three kinds of drift. One system that closes all three.

Give your AI the context and the map to stop guessing — and measure the dependency drift that proves the risk is real, not vibes.

Context drift

Your AI writes against "latest" — and hallucinates deprecated APIs.

Vibgrate AI Context serves library docs pinned to the exact versions in your lockfile — plus your code map and offline drift — to your AI assistant. Offline, no account.

Version-correct context
Knowledge drift

Agents re-read your repo every session, burning tokens.

Vibgrate Graph gives them a deterministic, committable map of your real code — so they answer in one tight call instead of re-deriving what they could have been told.

A map your AI can trust
Dependency drift

Runtimes fall behind LTS; dependencies rot silently.

Vibgrate scores how far you have drifted, 0–100, and turns it into an upgrade plan you ship. Add --vulns to surface the CVEs hiding in your stale dependencies.

DriftScore, explained

Measure it. Prioritize it. Ship it.

SEE

A 0–100 DriftScore for every project, rolled up to repo, team and portfolio.

How the DriftScore works
DECIDE

A prioritized upgrade plan — effort, risk and cost-of-delay — not a wall of alerts.

Tour Vibgrate Cloud
SHIP

Hand remediation to the AI agent you already pay for. Vibgrate verifies the result.

AI integrations & MCP
Vibgrate Cloud

The overview your team shares

The portfolio view Vibgrate Cloud opens with — DriftScore, critical risks, and per-project health across every repo. Running here on example data.

Real dashboard widgets · swipe to explore

Open the full demo — no sign-in

Example data · no account, no card · push one scan to replace it with your own

Five products. One drift problem.

Free tools for the developer. A shared dashboard for the team. Each piece works on its own — together they cover context, map, and measurement.

Vibgrate CLI

Free

One command. A 0–100 DriftScore in about 60 seconds.

  • Scans ~19 ecosystems — Node, .NET, Python, Java, Go, Rust, Docker, Terraform and more
  • Add --vulns to check every dependency against known advisories, with fix versions
  • SARIF output and CI gates: --fail-on, --drift-budget, baselines
See the CLI in action
Vibgrate CLI terminal output showing a scan with a DriftScore, risk level and prioritized findings

Vibgrate Graph

Free

A map of your codebase — and what breaks if you change it.

  • vg impact shows affected call sites and the tests that cover them
  • vg hubs, areas and oddities reveal structure and surprises
  • Committable and team-shareable with vg share — readable by any AI
Explore Vibgrate Graph
Illustration — how vg impact maps a change
changed filemodulemodulecall sitemoduletests

The green path is what a change touches — and the tests that cover it.

Vibgrate AI Context

Free · offline

Stop your AI guessing which version you run.

  • Library docs pinned to the exact versions in your lockfile — not "latest"
  • Served together with your code map and offline drift, over local MCP
  • No account, nothing uploaded — vg serve and it works
Set up Vibgrate AI Context
Illustration — what Vibgrate AI Context serves, locally
your lockfilelibrary docs pinned to your exact versions — not "latest"
your working treea deterministic map of your real code
offline scanhow far your stack has drifted
offlineno accountserved to your AI over local MCP

Vibgrate Cloud

Free plan available

The dashboard your whole team works from.

  • DriftScore trends, dependency and vulnerability registers, audit-ready reports
  • Policies, drift budgets, approvals and an audit trail on the higher plans
  • Unlimited seats on every plan — you pay per project, not per person
Tour Vibgrate Cloud

Vibgrate MCP

With Vibgrate Cloud

Ask your AI assistant about your whole estate.

  • Hosted MCP server over your Vibgrate Cloud workspace data — distinct from the local, offline Vibgrate AI Context
  • DriftScores, vulnerabilities, dependencies and approvals — answered in Claude, Cursor or ChatGPT
  • One-click OAuth, read-scoped tokens, tenant-isolated
Connect your assistant

We don't sell you a destination.

Hyperscaler tools modernize you toward their cloud. Vibgrate is independent: we measure, prioritize and verify — and route execution to whatever agents and platforms you choose.

Pay for what drifts.

Scan everything free. Pay per project under governance — not per developer, not per seat. Tiny projects bill as fractions: a nano project counts 1/25, a micro project 1/10. Unlimited seats on every plan.

Free— scan everything
Team— $3.50–6/project
Business— $8–15/project
Estimate your bill

Get your DriftScore in minutes.

Install the CLI, run one scan, see exactly how far behind your estate has drifted — and hand your AI the context to stop writing outdated code.

# Run without installing anything
npx @vibgrate/cli scan

# Pin a version or see every command
npx @vibgrate/cli@latest --help

no install·Nothing is installed globally — ideal for CI or a one-off scan.

Start free — no card

No sign-up required · results in under 60 seconds · never reads your source