Sensible Defaults, Full Control
Vibgrate is designed to be useful the moment you run it — no configuration required. The default thresholds and scanners work well for most teams. But as your drift practice matures, you will want to customise:
- When findings trigger errors vs. warnings
- Which extended scanners run alongside the core drift analysis
- Which directories to exclude from scanning
Generating the Config File
Run vibgrate init to create a configuration file:
vibgrate init .
This creates a vibgrate.config.ts file (also supports .js and .json) and a .vibgrate/ directory:
import type { VibgrateConfig } from '@vibgrate/cli';
const config: VibgrateConfig = {
exclude: ['legacy/**'],
thresholds: {
failOnError: {
eolDays: 180,
frameworkMajorLag: 3,
dependencyTwoPlusPercent: 50,
},
warn: {
frameworkMajorLag: 2,
dependencyTwoPlusPercent: 30,
},
},
scanners: {
platformMatrix: { enabled: true },
dependencyRisk: { enabled: true },
dependencyGraph: { enabled: true },
toolingInventory: { enabled: true },
buildDeploy: { enabled: true },
tsModernity: { enabled: true },
breakingChangeExposure: { enabled: true },
fileHotspots: { enabled: true },
securityPosture: { enabled: true },
securityScanners: { enabled: true },
serviceDependencies: { enabled: true },
},
};
export default config;
Threshold Configuration
Thresholds control when findings are raised and at what severity:
Error Thresholds (failOnError)
| Setting | Default | What It Does |
|---|---|---|
eolDays | 180 | Raise an error when a runtime or framework is within this many days of EOL |
frameworkMajorLag | 3 | Raise an error when any framework is this many major versions behind |
dependencyTwoPlusPercent | 50 | Raise an error when this percentage of dependencies are 2+ majors behind |
Warning Thresholds (warn)
| Setting | Default | What It Does |
|---|---|---|
frameworkMajorLag | 2 | Raise a warning when any framework is this many major versions behind |
dependencyTwoPlusPercent | 30 | Raise a warning when this percentage of dependencies are 2+ majors behind |
Adjust these to match your team's risk tolerance. A team maintaining a critical financial application might set eolDays: 365 (a full year of warning). A team running an internal tool might accept frameworkMajorLag: 4.
Scanner Toggles
Beyond the core drift score, Vibgrate runs a suite of extended scanners that collect migration intelligence: platform matrix, dependency risk, TypeScript modernity, security posture, and more.
Each scanner can be individually toggled:
scanners: {
platformMatrix: { enabled: true },
tsModernity: { enabled: false }, // disable if not using TypeScript
securityScanners: { enabled: true },
}
Or disable all extended scanners to run only the core drift analysis:
scanners: false
All extended scanners are read-only, run in parallel, and never affect each other. Disabling a scanner simply omits its section from the output — it does not change the core drift score.
Excluding Directories
Use the exclude array to skip directories that should not be scanned:
exclude: ['legacy/**', 'vendor/**', 'examples/**']
This is useful for monorepos that contain archived projects, vendored dependencies, or example code that does not represent your production stack.
Config as Code
Because the config file lives in your repository, it is versioned, reviewed, and shared across the team. When you tighten a threshold or enable a new scanner, that change goes through the same PR process as your code.
The Vibgrate Drift Intelligence Engine respects your configuration on every scan — whether run locally, in CI, or via the dashboard. One config file, consistent results everywhere.
Configure your drift practice. Sign up at dash.vibgrate.com to set up your config, fine-tune your thresholds, and start tracking drift on your terms.
