Skip to main content

The automated modernization workflow

Dependify uses a sophisticated 6-step process to analyze, refactor, and modernize your codebase. Every step is automated, parallelized, and validated for maximum speed and reliability.
All processing happens in secure, isolated Modal containers with real-time progress updates via Supabase

Architecture overview

User → Next.js Dashboard (Vercel)

    FastAPI Backend (Render)

    ┌────┴────┐
    ↓         ↓
Modal         GitHub API
Containers    (Fork, Clone, Push, PR)

Groq AI
(Code Analysis & Refactoring)

Supabase
(Real-time Progress Updates)

Step-by-step process

1

Repository connection and fork detection

What happens

When you submit a repository URL, Dependify first authenticates with GitHub and determines repository ownership:
# From git_driver.py:11-86
def create_fork(repo_owner, repo_name):
    # Check if user owns the repository
    if username.lower() == repo_owner.lower():
        # No fork needed - work directly on the repo
        return original_repo_data
    
    # Check if fork already exists
    # If not, create a temporary staging fork
    fork_data = create_new_fork()
Key features:
  • Detects if you own the repository (no fork needed)
  • Reuses existing forks when available
  • Creates temporary staging forks for external repos
  • Uses authenticated GitHub API for private repo access
Temporary forks can be safely deleted after the PR is merged or closed
2

Intelligent code analysis

What happens

Dependify clones the repository and analyzes all files in parallel using Modal containers. Each file is scanned for outdated syntax patterns:
# From containers.py:18-51
@app.function(secrets=[modal.Secret.from_name("GROQ_API_KEY")])
def run_script(repo_url: str) -> list[CodeChange]:
    # Clone repository into isolated container
    subprocess.run(["git", "clone", repo_url, "repository"])
    
    # Scan for outdated patterns using Groq AI
    data = fetch_updates(os.getcwd() + "/repository")
    
    return [change.model_dump(mode="json") for change in data]
Detection capabilities:
  • Outdated syntax patterns (e.g., varconst/let)
  • Deprecated API usage
  • Legacy framework patterns (e.g., class components → hooks)
  • Outdated import statements
  • Non-idiomatic code patterns
AI model: Uses Groq’s llama-3.1-8b-instant for rapid analysis
3

AI-powered refactoring

What happens

Files identified in step 2 are processed in parallel—up to 100 files simultaneously—using Modal’s distributed container system:
# From modal_write.py:33-186
@app.function(
    timeout=300,  # 5 minutes per file
    max_containers=100,  # Process 100 files in parallel
    min_containers=3,  # Keep 3 warm for faster response
)
def process_file(job):
    # Initialize Groq client with instructor
    client = instructor.from_groq(Groq(api_key=GROQ_API_KEY))
    
    # Generate refactored code with explanations
    job_report = client.chat.completions.create(
        model="llama-3.3-70b-versatile",
        response_model=JobReport,
        messages=[...]
    )
    
    # Validate syntax and calculate confidence score
    validation_result, confidence_score = validate_and_score(
        file_path, old_code, job_report.refactored_code
    )
Refactoring features:
  • Complete file rewrites (not just snippets)
  • Syntax validation before accepting changes
  • Confidence scoring (0-100) for each file
  • Detailed AI explanations for every change
  • Language-specific modernization rules
AI model: Uses Groq’s llama-3.3-70b-versatile for high-quality refactoring
Each file includes a confidence score. Files scoring below 80 are flagged for manual review.
4

Comprehensive changelog generation

What happens

For every refactored file, Dependify generates detailed changelogs explaining what changed, why it changed, and the impact:
# From changelog_formatter.py:363-430
def generate_pr_description(file_changes: List[FileChange]) -> str:
    # Calculate accurate diff statistics
    total_added, total_removed = calculate_diff_stats()
    
    # Extract key changes from AI explanations
    key_changes = extract_key_changes(old_code, new_code, explanation)
    
    # Generate file-by-file breakdown
    # - What changed (specific modernizations)
    # - Why it changed (AI reasoning)
    # - Impact (lines added/removed)
Changelog includes:
  • Summary statistics (files updated, lines changed)
  • File-by-file breakdown with:
    • Key modernizations applied
    • AI reasoning for each change
    • Confidence score per file
    • Lines added/removed
  • Review checklist for maintainers
  • Categorized changes (deprecations, API updates, best practices)
Low confidence files (score < 60) are clearly marked as “NEEDS REVIEW” in the changelog
5

Automated branch creation and push

What happens

Dependify creates a new branch with a unique identifier, commits all changes, and pushes to GitHub:
# From git_driver.py:114-180
def create_and_push_branch(repo, origin, files_to_stage):
    # Create unique branch name
    new_branch_name = f"dependify-{uuid.uuid4().hex[:8]}"
    new_branch = repo.create_head(new_branch_name)
    new_branch.checkout()
    
    # Stage all refactored files
    repo.index.add(files_to_stage)
    
    # Commit with descriptive message
    commit_message = """🤖 Automated code modernization by Dependify
    
    This commit contains automated refactoring to update outdated syntax
    and improve code quality using AI-powered analysis.
    
    Generated with Dependify 2.0
    """
    repo.index.commit(commit_message)
    
    # Push to remote with authentication
    origin.push(new_branch)
Branch management:
  • Unique branch names prevent conflicts (dependify-a3f9d2c8)
  • Authenticated push URLs for private repos
  • Automatic handling of fork vs. owned repo scenarios
  • Real-time status updates via Supabase
6

Pull request creation

What happens

Finally, Dependify submits a pull request with the comprehensive changelog:
# From git_driver.py:182-302
def create_pull_request(new_branch_name, repo_owner, repo_name, 
                       base_branch, head_owner, is_own_repo, 
                       changelog_markdown):
    # Determine PR head based on ownership
    if is_own_repo:
        head = new_branch_name  # Direct branch in user's repo
    else:
        head = f"{head_owner}:{new_branch_name}"  # Fork branch
    
    # Create PR with detailed changelog
    data = {
        "title": "🤖 Automated code modernization by Dependify",
        "head": head,
        "base": base_branch,
        "body": changelog_markdown
    }
    
    response = requests.post(github_pr_url, json=data)
PR features:
  • Professional title with emoji
  • Complete changelog with file-by-file breakdown
  • Review checklist for maintainers
  • Confidence scores for quality assessment
  • Links back to Dependify
  • Clear instructions for fork cleanup (if applicable)
For external repos, the PR clearly indicates it’s from a temporary fork that can be deleted after merging

Quality assurance features

Syntax validation

Every refactored file is validated for syntax correctness before being accepted: 
# From validators.py
def validate_and_score(file_path, old_code, new_code):
    language = SyntaxValidator.detect_language(file_path)
    
    # Language-specific validation
    is_valid = SyntaxValidator.validate_syntax(new_code, language)
    
    # Calculate confidence score based on:
    # - Syntax validity
    # - Code complexity changes
    # - Pattern modernization accuracy
    
    return validation_result, confidence_score

Confidence scoring

Each file receives a confidence score (0-100) based on:
  • Syntax validity: Does the code parse correctly?
  • Semantic preservation: Are the semantics maintained?
  • Pattern accuracy: Are modernizations applied correctly?
  • Code quality: Is the refactored code cleaner?
ScoreBadgeRecommendation
80-100🟢 HIGH CONFIDENCESafe to merge after quick review
60-79🟡 MEDIUM CONFIDENCEReview changes carefully
0-59🔴 NEEDS REVIEWRequires thorough testing

Real-time progress tracking

Throughout the entire process, Supabase provides live updates: 
# From server.py:169-247
# Progress updates sent to Supabase at each step
supabase_client.table("repo-updates").insert({
    "status": "ANALYZING",  # or REFACTORING, WRITING, LOADING
    "message": f"Processing file: {filename}",
    "code": current_file_content
}).execute()
Users see real-time status in the dashboard:
  • Files being analyzed
  • Refactoring progress
  • Validation results
  • PR creation status

Performance characteristics

Parallelization

  • Analysis: All files scanned simultaneously in isolated containers
  • Refactoring: Up to 100 files processed in parallel
  • Warm pools: 3 containers kept warm for instant response

Typical processing times

Repository sizeFilesProcessing time
Small (< 10 files)1-1030-60 seconds
Medium (10-50 files)10-501-3 minutes
Large (50-100 files)50-1003-7 minutes
Enterprise (100+ files)100+7-15 minutes
Processing time scales linearly with parallel containers. Larger repos may be faster per-file due to warm pool optimization.

Security and privacy

Data handling

  • Repository data processed in isolated Modal containers
  • No code stored permanently on Dependify servers
  • Temporary staging directories cleaned up after PR creation
  • GitHub tokens stored securely in Modal secrets

Authentication

  • GitHub OAuth with 7-day session expiration
  • JWT tokens for API authentication
  • Scoped GitHub tokens (only repo access required)
  • Automatic token refresh handling

Next steps

Try it now

Start modernizing your code

Quickstart

Detailed setup guide

API reference

Integrate into your pipeline

GitHub integration

Learn about fork management

Build docs developers (and LLMs) love

Get started for freeTalk to us