Skip to main content

Scan a Python Project for Upgrade Drift

Scan a Python project with Vibgrate CLI to get a DriftScore, review dependency findings, export JSON, and add a fail-on gate for CI.

Difficulty
Beginner
Duration
15 minutes
Steps
5

Python projects carry upgrade drift in their requirement files and lockfiles. Vibgrate CLI detects the Python ecosystem, scans for outdated and risky dependencies, and reports a DriftScore so you can prioritize upgrades before they become migrations.

Prerequisites

  • A Python project with dependency manifests (such as requirements or a lockfile)
  • Vibgrate CLI installed, or use the no-install form

Steps

1. Install the CLI

npm i -g @vibgrate/cli

Or run it without installing:

npx @vibgrate/cli scan

2. Run the scan

From the project root:

vg

Vibgrate detects Python from your manifests and reports drift findings by severity.

3. Read the findings

The DriftScore (0-100) summarizes accumulated upgrade risk. Work through the top findings — outdated packages, breaking-change exposure, and dependency-risk signals — to plan upgrades.

4. Export JSON

Emit JSON for scripting or dashboards:

vg scan --format json

Write it to a file:

vg scan --format json --out vibgrate.json

5. Add a CI gate

Fail the run when error-level drift is present:

vg scan --fail-on error

Verification

Confirm a DriftScore and findings printed, and that vibgrate.json exists and is valid JSON. With --fail-on error, check the exit code with echo $? to confirm the gate works.

Next Steps

Snapshot the current state with vg baseline to track drift over time, and review the Dependency Risk scanner for deprecated or native-module packages.

Prerequisites

  • A Python project with dependency manifests
  • Vibgrate CLI installed

Steps

  • 1
    Install the CLI
  • 2
    Run the scan
  • 3
    Read the findings
  • 4
    Export JSON
  • 5
    Add a CI gate

Category

Vibgrate