Scan a Node.js/TypeScript Project for Upgrade Drift
Install Vibgrate CLI and run your first scan on a Node.js/TypeScript project. Read the DriftScore, export SARIF/JSON, and add a fail-on gate for CI.
Node.js and TypeScript projects accumulate upgrade drift quickly: lockfiles age, transitive dependencies fall behind, and TypeScript settings drift from current best practice. Vibgrate CLI scans your repository and assigns a DriftScore (0-100) so you can see, at a glance, how far behind you are and where the risk concentrates.
Prerequisites
- A Node.js/TypeScript project containing a
package.jsonand a lockfile - Node.js 18 or newer
Steps
1. Install or try the CLI
Install globally, or try it with no install:
npm i -g @vibgrate/cli
npx @vibgrate/cli scan
2. Run the default scan
From the project root, the bare command scans the current directory:
vg
Vibgrate detects the Node.js/TypeScript ecosystem from your manifests and lockfile, then reports drift findings grouped by severity.
3. Read the DriftScore
The scan prints a DriftScore between 0 and 100 plus the findings that drive it. A higher score means more accumulated upgrade risk. Skim the top findings — outdated packages, breaking-change exposure, and TypeScript modernity signals — to decide what to address first.
4. Export SARIF and JSON
For code-scanning dashboards and scripting, emit machine-readable formats:
vg scan --format sarif
vg scan --format json
5. Set a quality gate
Fail the command when findings reach a chosen severity, which is ideal for CI:
vg scan --fail-on error
Verification
Confirm the run printed a DriftScore and a findings list. When you use --fail-on error, a clean project exits 0 and a project with error-level findings exits non-zero — check echo $? after the run to confirm the gate behaves as expected.
Next Steps
Create a baseline with vg baseline to track drift over time, and explore the TypeScript Modernity and Breaking Change scanners for deeper analysis.