Configuration: vibgrate.config.ts Reference

Config File Formats

Vibgrate supports three config file formats:

• vibgrate.config.ts (recommended)
• vibgrate.config.js
• vibgrate.config.json

Run vibgrate init to generate the default config.

Full Config Example

import type { VibgrateConfig } from '@vibgrate/cli';

const config: VibgrateConfig = {
  exclude: ['legacy/**', 'examples/**', 'vendor/**'],
  thresholds: {
    failOnError: {
      eolDays: 180,
      frameworkMajorLag: 3,
      dependencyTwoPlusPercent: 50,
    },
    warn: {
      frameworkMajorLag: 2,
      dependencyTwoPlusPercent: 30,
    },
  },
  scanners: {
    platformMatrix: { enabled: true },
    dependencyRisk: { enabled: true },
    dependencyGraph: { enabled: true },
    toolingInventory: { enabled: true },
    buildDeploy: { enabled: true },
    tsModernity: { enabled: true },
    breakingChangeExposure: { enabled: true },
    fileHotspots: { enabled: true },
    securityPosture: { enabled: true },
    securityScanners: { enabled: true },
    serviceDependencies: { enabled: true },
  },
};

export default config;

Exclude Patterns

The exclude array accepts glob patterns for directories and files to skip during scanning:

exclude: [
  'legacy/**',      // Skip a legacy directory
  'examples/**',    // Skip example code
  'vendor/**',      // Skip vendored code
  '**/test-fixtures/**',  // Skip test fixtures anywhere
]

Thresholds

Thresholds control when findings are raised and when the CLI should fail.

failOnError

warn

Scanner Toggles

Each extended scanner can be individually enabled or disabled. Set scanners: false to disable all extended scanners (the core drift scan always runs).

Disable a specific scanner

scanners: {
  securityScanners: { enabled: false },  // Disable this one
  // All others remain at their default (enabled)
}

Disable all extended scanners

scanners: false

This runs only the core drift analysis — faster but with less detail.