The Breaking Change Exposure Scanner flags packages and code patterns that are known to cause pain when you upgrade. It runs during a normal scan and feeds your DriftScore. This article is for developers planning a major version bump and for leaders estimating migration effort.
What it detects
The scanner identifies dependencies and usage patterns with a track record of breaking changes — libraries that frequently ship incompatible major versions, and patterns that are known to need rework when those libraries move. Rather than waiting for the upgrade to fail, it tells you where exposure is concentrated today.
Why it matters
The cost of a major upgrade is dominated by surprises. A dependency that quietly sits three majors behind is not free risk you can defer indefinitely; it is a growing migration that gets harder every release. Knowing which packages carry breaking-change exposure lets you sequence upgrades, budget time honestly, and avoid stacking several risky migrations into one unreviewable change.
For executives, exposure data converts "upgrades are scary" into a ranked list of where the real risk lives, so investment goes where it reduces the most risk.
How to act
Scan the repository:
vg
Review the breaking-change findings and rank them by how central each package is to your application. Tackle high-exposure, high-centrality dependencies first, one major version at a time, with focused tests around each. Avoid bundling multiple high-exposure upgrades into a single pull request.
Gate regressions and worsening drift in CI:
vg scan --drift-worsening
Triage tips
- Upgrade one high-exposure dependency per change so failures are easy to attribute.
- Use the scanner before planning a quarter so estimates reflect real exposure.
- Re-scan after each migration to confirm exposure actually dropped.
Related
Use this alongside the Dependency Risk Scanner and the TypeScript Modernity Scanner. To find exactly which tests to run before shipping a change, use Vibgrate Graph via vg impact with the tests option. See Drift Baselines for the gating workflow.