Tutorials & Learning Paths
Step-by-step tutorials for code migration and modernization. Learn at your own pace with hands-on examples and best practices.
Install the Vibgrate CLI Globally with npm
Install @vibgrate/cli globally with npm so the vg command is available everywhere, then confirm the install with a quick scan.
Try the Vibgrate CLI with npx (No Install)
Run a one-off Vibgrate drift scan using npx without installing anything, ideal for trying the CLI or running it in disposable environments.
Install the Vibgrate CLI with pnpm, yarn, or bun
Install @vibgrate/cli globally using pnpm, yarn, or bun and verify the vg command works regardless of which package manager you prefer.
Run the Vibgrate CLI with Docker
Run a Vibgrate drift scan inside Docker by mounting your project, keeping the scan isolated from your host toolchain and reproducible in CI.
Run Your First Vibgrate Scan on the Current Directory
Run your very first Vibgrate drift scan with a bare vg command and learn what the scan looks at and what it produces.
Understand Your DriftScore
Learn what the DriftScore measures, how to read its risk levels, and how to use it as the headline metric for upgrade health.
Read and Interpret Vibgrate Scan Output
Make sense of the default Vibgrate scan output: the results table, the findings it lists, and the DriftScore that summarizes them.
Choose an Output Format: Table, JSON, or SARIF
Switch the Vibgrate scan output between the default table, JSON for tooling, and SARIF for code scanning using the --format flag.
Initialize Vibgrate Config with vg init
Use vg init to create the .vibgrate directory and config file so your scans are repeatable and shareable across the team.
Connect the CLI to Vibgrate Cloud with vg login
Sign the Vibgrate CLI into your workspace from the browser with vg login, with no DSN to copy or paste, then push scan results.
Sign Out of Vibgrate Cloud with vg logout
Sign the Vibgrate CLI out of your workspace by clearing the stored login credential, useful on shared machines or when rotating access.
Configure Ignore Patterns to Exclude Paths
Keep Vibgrate scans focused by excluding generated, vendored, or irrelevant paths using config exclusions and the --exclude flag.
Understand Vibgrate Exit Codes for Scripting and CI
Learn how Vibgrate exit codes work so you can gate pipelines on drift with --fail-on and --drift-budget and react in shell scripts.
Keep the Vibgrate CLI Current with vg update
Check for and install Vibgrate CLI updates with vg update so your scans use the latest detectors and output improvements.
Scan a Single Subdirectory or Monorepo Package
Target a single package in a monorepo by scanning from its directory, so the DriftScore reflects that package rather than the whole repo.
Add Vibgrate to a GitHub Actions Workflow
Run the Vibgrate CLI on every push and pull request with GitHub Actions so upgrade drift is scanned automatically in CI.
Gate Pull Requests on a Drift Budget
Use vg scan --drift-budget in CI to fail pull requests that exceed a DriftScore threshold, keeping upgrade drift inside an agreed limit.
Upload Vibgrate SARIF to GitHub Code Scanning
Produce SARIF output with vg scan --format sarif and upload it to GitHub code scanning so drift findings appear in the Security tab and on PRs.
Run Vibgrate in a GitLab CI Pipeline
Add a drift-scanning job to .gitlab-ci.yml using the Vibgrate CLI, with artifacts and a SARIF report for merge requests.
Run Vibgrate in an Azure DevOps Pipeline
Add a Vibgrate drift scan to an Azure Pipelines YAML pipeline for .NET and Node.js projects, with a drift budget gate.
Run Vibgrate in a Jenkins Pipeline
Add a drift-scanning stage to a Jenkins declarative pipeline with the Vibgrate CLI and fail the build on a drift budget.
Run Vibgrate on CircleCI
Add a Vibgrate drift-scanning job to a CircleCI config using a Node executor, store the SARIF report, and gate on a drift budget.
Run Vibgrate in Bitbucket Pipelines
Add a drift-scanning step to bitbucket-pipelines.yml with the Vibgrate CLI, keep the SARIF report as an artifact, and gate on a drift budget.
Fail CI Builds with vg scan --fail-on
Use the --fail-on flag to make the Vibgrate CLI return a non-zero exit code at a chosen severity so CI builds fail on real problems.
Schedule Nightly Drift Scans in CI
Run a scheduled Vibgrate scan every night with a GitHub Actions cron trigger and push the DriftScore to Vibgrate Cloud for trend tracking.
Comment Drift Results on Pull Requests
Generate a Markdown drift report with the Vibgrate CLI and post it as a pull request comment so reviewers see the DriftScore in context.
Scan Only Changed Files in CI
Use vg scan --changed-only to focus pull request scans on modified files for faster, more relevant drift feedback in CI.
Cache Vibgrate Between CI Runs
Persist the Vibgrate cache directory across CI runs so repeated scans reuse prior work and finish faster.
Matrix Drift Scans Across a Monorepo
Use a CI matrix to run a Vibgrate scan per package in a monorepo, with the --cwd flag targeting each workspace directory.
Push Drift Results to Vibgrate Cloud from CI
Upload Vibgrate CLI scan results to Vibgrate Cloud from your pipeline with vg scan --push, authenticated by a DSN secret, for team-wide trend tracking.
Run vg in a Pre-Commit Hook
Add the Vibgrate CLI to a pre-commit hook so drift is caught locally before a commit ever reaches CI.
Create Your First Drift Baseline with vg baseline
Capture a point-in-time snapshot of your project's upgrade drift so future scans can be compared against a known-good reference.
Scan Against a Drift Baseline for Delta Comparison
Compare a fresh scan against a saved baseline with vg scan --baseline to see exactly how your upgrade drift changed since the snapshot.
Set a Drift Budget to Cap Acceptable Upgrade Drift
Use vg scan --drift-budget to define a maximum acceptable drift level and turn your DriftScore into an enforceable quality gate.
Ratchet Your Drift Budget Down Over Time
Progressively tighten vg scan --drift-budget release after release so your project's upgrade drift only ever moves in one direction: down.
Fail CI When New Drift Appears Against a Baseline
Wire vg scan --baseline into your pipeline so any new upgrade drift introduced by a change fails the build before it merges.
Track Your Drift Trend Across Releases
Baseline each release and compare scans against it to see whether your DriftScore is improving or degrading over the project's lifetime.
Baseline a Monorepo One Package at a Time
Create and scan per-package drift baselines in a monorepo so each workspace owns its own drift ceiling instead of one shared number.
Update and Refresh an Existing Drift Baseline
Re-run vg baseline to refresh your snapshot after intentional, reviewed changes so the baseline reflects the new accepted normal.
Initialize a Project With a Baseline Using vg init --baseline
Bootstrap Vibgrate and create an initial drift baseline in one step with vg init --baseline so new projects start with a reference snapshot.
Compare Two Drift Baselines to Measure Change
Pin a scan to an older baseline file while a newer one exists to measure exactly how much your upgrade drift moved between two points in time.
Enforce Per-Team Drift Budgets
Give each team its own vg scan --drift-budget so ownership and accountability for upgrade drift map cleanly to the people who can fix it.
Prevent Drift Regressions on a Legacy Module
Pin a baseline to a legacy module and gate it so the old code can't get worse, even while you avoid a risky full rewrite.
Interpret Baseline Diff Output
Learn how to read the delta from vg scan --baseline so you can tell new drift apart from carried-over drift and act on the right items.
Commit the Drift Baseline to Your Repository
Check your baseline file into version control so every developer and CI run compares against the same shared drift reference.
Export a CycloneDX SBOM with Vibgrate CLI
Generate a standards-compliant CycloneDX SBOM from your project in one command and write it to a file ready for sharing or archival.
Generate an SBOM in CI with GitHub Actions
Add a GitHub Actions step that produces a fresh CycloneDX SBOM on every build and uploads it as a workflow artifact.
Attach an SBOM to a GitHub Release
Generate a CycloneDX SBOM during your release workflow and publish it as a downloadable asset on the GitHub Release.
Review Dependency Risk Findings with Vibgrate CLI
Run the Dependency Risk Scanner to surface deprecated packages, native modules, and platform-specific dependencies, then review the findings.
Surface Known-Vulnerable Dependencies with Vibgrate CLI
Use the Security Posture Scanner to surface audit counts and structural security hygiene, exporting results to SARIF for code scanning.
Produce an SBOM for Compliance and Audit
Generate an SPDX or CycloneDX SBOM as documented evidence for a compliance audit, with a readable report to accompany it.
Scan a Containerized Project for Supply-Chain Signals
Scan a Dockerized project so the Build & Deploy Scanner detects containerization signals, then export an SBOM of its dependencies.
Export an SBOM per Package in a Monorepo
Generate a separate CycloneDX SBOM for each workspace package in a monorepo by scanning and exporting per package directory.
Push Scan Results and SBOM to Vibgrate Cloud
Authenticate the CLI, push scan results to Vibgrate Cloud for team visibility, and export an SBOM as a local supply-chain artifact.
Use the Dependency Risk Scanner in Vibgrate CLI
Learn what the Dependency Risk Scanner classifies and how to run a focused scan to inventory deprecated, native, and platform-specific packages.
Review License Findings in Your Dependency Inventory
Export an SBOM and a readable report to review the licenses of your dependencies and flag obligations for legal and compliance review.
Integrate SBOM Generation into a Release Pipeline
Add a release-pipeline stage that scans, exports a CycloneDX SBOM, and publishes it as a versioned artifact for every release.
Combine a Drift Scan and SBOM Export in One CI Job
Run a single CI job that scans for drift with a failing gate and exports a CycloneDX SBOM, covering quality and inventory together.
Verify Supply-Chain Posture Before Shipping
Run a pre-ship checklist with Vibgrate CLI: scan with a gate, review risk and security findings, and export an SBOM before release.
Build a Code Graph from Your Repository with Vibgrate Graph
Map your source code into a queryable graph artifact that powers vg show, vg ask, vg impact, and every other Vibgrate Graph query — incrementally and offline.
Explain Any Code Node with vg show
Use vg show to get the richest single-node view in Vibgrate Graph — what a function or module is, what it calls, and what calls it.
Ask Your Codebase Questions with vg ask
Use vg ask to query the code map in natural language and get a budget-bounded context block ready to paste into any AI assistant — fully offline after first use.
Run Impact Analysis Before a Change with vg impact
Use vg impact to compute the deterministic blast radius of changing a node and, with --tests, surface exactly the tests to run before shipping.
Find the Dependency Path Between Two Modules with vg path
Use vg path to reveal the shortest connection in the call graph between node A and node B, so you can understand how two parts of your codebase reach each other.
Explore the Call Tree with vg tree
Use vg tree to view the depth-bounded, cycle-safe call tree rooted at a node — callees by default, or callers with --callers.
Find Architectural Hubs with vg hubs
Use vg hubs to surface the most-depended-on nodes in your codebase — the high-leverage modules where changes ripple the furthest.
Detect Architectural Smells with vg oddities
Use vg oddities to surface surprising cross-area links in your code graph — the unexpected dependencies that signal architectural smells.
Discover Natural Code Groupings with vg areas
Use vg areas to reveal the natural communities in your codebase — clusters of tightly related modules that map to features and subsystems.
Get Version-Correct Library Docs with vg lib
Use vg lib to serve version-correct library docs pinned to your lockfile — the Free Dev Docs Library, available offline to any AI assistant.
Export Your Code Graph with vg export
Use vg export to output your code map as JSON, GraphML, Graphviz DOT, Neo4j Cypher, Markdown, HTML, or an SBOM for downstream tools and visualization.
Precompute the Semantic Index with vg embed
Use vg embed to precompute the semantic index so your next vg ask is instant — a local ONNX model downloaded once, then fully offline.
Make the Code Graph Committable for Your Team with vg share
Use vg share to install a pre-commit hook, deterministic merge driver, and .gitignore so your code graph stays committable and auto-updating across the team.
Check Code Graph Freshness with vg status
Use vg status to see graph freshness, node and edge counts, staleness, and resolver rungs — comparing the committed graph against your working tree.
Generate Deterministic Facts for AI with vg facts
Use vg facts to produce deterministic, epistemic-typed facts about a node — contract, invariant, and characterization — to ground AI assistants reliably.
Map Tests to Code with vg tests
Use vg tests to see which tests cover a node, find untested nodes nearby with --missing, and run the minimal test command with --run or --exec.
Scan a Node.js/TypeScript Project for Upgrade Drift
Run your first Vibgrate CLI scan on a Node.js/TypeScript project to get a DriftScore and a prioritized list of upgrade risks.
Scan a .NET Solution for Upgrade Drift
Point Vibgrate CLI at a .NET solution to measure upgrade drift across projects and produce a SARIF report for Azure DevOps.
Scan a Python Project for Upgrade Drift
Use Vibgrate CLI to scan a Python project for upgrade drift, read the DriftScore, and export JSON for further processing.
Scan a Java/Maven Project for Upgrade Drift
Run Vibgrate CLI against a Java/Maven project to measure upgrade drift and export SARIF and Markdown reports.
Scan a Go Module for Upgrade Drift
Use Vibgrate CLI to scan a Go module for upgrade drift, read the DriftScore, and export results for CI.
Scan a Rust Crate for Upgrade Drift
Run Vibgrate CLI on a Rust crate to measure upgrade drift from Cargo dependencies and export JSON for tooling.
Scan a PHP Project for Upgrade Drift
Use Vibgrate CLI to scan a PHP project for upgrade drift across Composer dependencies and produce a shareable report.
Scan a Ruby Project for Upgrade Drift
Run Vibgrate CLI on a Ruby project to measure upgrade drift across Bundler gems and export results for CI.
Scan a Polyglot Monorepo for Upgrade Drift
Scan a multi-language monorepo with Vibgrate CLI to get one DriftScore across every ecosystem and gate the whole repo in CI.
Assess Structural Security Posture with the Security Scanner
Use the Vibgrate Security Posture Scanner to check structural security hygiene like lockfiles, .gitignore coverage, and audit counts.
Map Security Findings to OWASP Top 10 Categories
Use the Vibgrate OWASP Category Mapping scanner to organize security findings into OWASP Top 10 categories for triage.
Find Breaking-Change Exposure Before You Upgrade
Use the Vibgrate Breaking Change Exposure Scanner to flag packages and patterns known to cause upgrade pain before you commit to an upgrade.
Analyze Lockfiles with the Dependency Graph Scanner
Use the Vibgrate Dependency Graph Scanner to find duplicate packages, phantom dependencies, and workspace graph issues from your lockfile.
Inventory Your Tech Stack with the Tooling Scanner
Use the Vibgrate Tooling Inventory Scanner to map your full technology stack by detecting packages across categories.
Detect CI/CD and IaC with the Build & Deploy Scanner
Use the Vibgrate Build & Deploy Scanner to detect CI/CD systems, containerization, and infrastructure-as-code in your repository.
Find Complexity Hotspots with the Code Quality and File Hotspots Scanners
Use the Vibgrate Code Quality and File Hotspots scanners to surface cyclomatic complexity and upgrade-friction hotspots in your codebase.
Generate a Human-Readable Drift Report with vg report
Turn raw scan artifacts into a shareable Markdown, text, or JSON drift report using vg report so stakeholders can read your DriftScore at a glance.
Push Scan Results to Vibgrate Cloud
Upload your local scan results to Vibgrate Cloud with vg push or vg scan --push so the whole team can see drift trends in one dashboard.
View Drift on the Vibgrate Cloud Dashboard
After pushing a scan, learn to read your DriftScore, risk levels, and drift contributors on the Vibgrate Cloud dashboard.
Track Drift Trends Over Time in Vibgrate Cloud
Push scans regularly so Vibgrate Cloud builds a DriftScore trend line, letting you see whether your codebase is drifting toward or away from risk.
Serve Version-Correct Context to AI with vg serve
Start Vibgrate AI Context, the local offline MCP server, with vg serve so any AI assistant gets your code map, drift, and lockfile-correct library docs.
Connect Vibgrate AI Context to Your AI Editor
Use vg install to wire Vibgrate AI Context into Claude, Cursor, Windsurf, VS Code, Codex, or Gemini so your assistant reasons over real code and lockfile-correct docs.
Create a Vibgrate Cloud Data Source with vg dsn create
Generate an HMAC-signed DSN token with vg dsn create to authenticate non-interactive dashboard uploads from CI and automation.
Schedule Recurring Drift Reporting
Run vg scan --push on a schedule with cron or a CI scheduled job so drift reports and dashboard trends stay current without manual effort.
Share Drift Results with Your Team
Use vg share, vg push, and vg report to make drift results visible to your whole team, from a committable code map to a shared dashboard.
Produce a SARIF Report for Security Tooling
Generate a SARIF report with vg scan --format sarif so drift findings flow into GitHub code scanning and other SARIF-aware security tools.
Export JSON for Custom Dashboards
Produce machine-readable JSON with vg scan --format json or vg report --format json and feed your DriftScore into custom dashboards and BI tools.
Set Up a Portfolio View Across Repositories
Push scans from every repository to Vibgrate Cloud so you get one portfolio view of DriftScore across your whole organization.
Use Vibgrate CLI Output Programmatically
Drive scripts and automation from Vibgrate's JSON output and exit codes, so vg scan results can gate, branch, and trigger downstream steps.
Generate an Executive Drift Summary
Combine vg report with Vibgrate Cloud trends to produce a concise, leadership-ready summary of DriftScore and direction across your repositories.