Scan a Python Project for Upgrade Drift
Scan a Python project with Vibgrate CLI to get a DriftScore, review dependency findings, export JSON, and add a fail-on gate for CI.
Python projects carry upgrade drift in their requirement files and lockfiles. Vibgrate CLI detects the Python ecosystem, scans for outdated and risky dependencies, and reports a DriftScore so you can prioritize upgrades before they become migrations.
Prerequisites
- A Python project with dependency manifests (such as requirements or a lockfile)
- Vibgrate CLI installed, or use the no-install form
Steps
1. Install the CLI
npm i -g @vibgrate/cli
Or run it without installing:
npx @vibgrate/cli scan
2. Run the scan
From the project root:
vg
Vibgrate detects Python from your manifests and reports drift findings by severity.
3. Read the findings
The DriftScore (0-100) summarizes accumulated upgrade risk. Work through the top findings — outdated packages, breaking-change exposure, and dependency-risk signals — to plan upgrades.
4. Export JSON
Emit JSON for scripting or dashboards:
vg scan --format json
Write it to a file:
vg scan --format json --out vibgrate.json
5. Add a CI gate
Fail the run when error-level drift is present:
vg scan --fail-on error
Verification
Confirm a DriftScore and findings printed, and that vibgrate.json exists and is valid JSON. With --fail-on error, check the exit code with echo $? to confirm the gate works.
Next Steps
Snapshot the current state with vg baseline to track drift over time, and review the Dependency Risk scanner for deprecated or native-module packages.