
BumpGuard
from appcreationsca
BumpGuard is an MCP server for pre-flight dependency-upgrade analysis: before you bump a dependency, it reports which of your usages break, with line numbers, severity, and fix hints. It also verifies AI-written code against installed APIs to catch hallucinations. Static analysis only β never executes third-party code. Python + .NET.
BumpGuard
Guard your dependency bumps. BumpGuard is a Model Context Protocol (MCP) server that tells your AI coding agent exactly which lines of your code break when you upgrade a dependency β and verifies AIβwritten code against the API that is actually installed, so it stops calling functions that don't exist.
It does this by static analysis only. BumpGuard never imports or executes thirdβparty code; it reads a package's real public API straight from its source.
Docs tell your agent what should exist. BumpGuard tells it what actually exists here.
Why this exists
The #1 frustration developers report with AI coding tools is code that's "almost right, but not quite." A huge slice of that is API drift and hallucination:
- The model writes
pydantic.BaseSettingsoropenai.ChatCompletion.create(...)β perfectly valid two versions ago, gone in the version you have installed. - You bump
pandasfrom 1.5 to 2.2 and discover the breakage one stack trace at a time. - A changelog lists 1,800 breaking changes; you only care about the three your code actually touches.
BumpGuard closes that gap with ground truth from your environment instead of the model's memory.
What it does
A real example β upgrading pydantic 1 β 2 in code that uses BaseSettings:
// check_upgrade(package="pydantic", to_version="2.0.3", from_version="1.10.13", code="...")
{
"safe_to_upgrade": false,
"summary": { "breaking": 1, "total_api_changes": 4919, "breaking_api_changes": 2015 },
"findings": [
{
"symbol": "pydantic.BaseSettings",
"line": 2,
"severity": "breaking",
"message": "You use 'pydantic.BaseSettings', which no longer exists in the target version...",
"suggestion": "Consider 'pydantic.v1.env_settings.BaseSettings'"
}
]
}Out of 2,015 breaking API changes, BumpGuard surfaced the one that affects this code β with the line number and a fix hint.
Tools
| Tool | What it answers |
|---|---|
check_upgrade β | "If I upgrade package to to_version, what in this code breaks?" Diffs the installed (or from_version) API against the target and reports only the changes your code actually hits, with severity and fix hints. |
diff_versions | "What changed between two versions of this library?" The raw breakingβchange list, no code scan β good for planning a migration. |
verify_snippet | "Do the imports and API calls in this code really exist here?" Catches hallucinated/typo'd package names (slopsquatting) and attributes that aren't on the installed package. |
check_import | "Is this package installed? If not, what's the closest real name?" |
list_symbols | "What's the real public API of this package?" Discover functions/classes/methods + signatures instead of guessing β for the installed version or any fetched version. |
list_languages | Which ecosystem providers are available. |
Every answer is grounded in evidence (installed version, source location). Because analysis is static, "no findings" means "nothing proven to break," not a guarantee β BumpGuard is explicit about that in its output.
Configure your MCP client
Claude Desktop / Claude Code (claude_desktop_config.json):
{
"mcpServers": {
"bumpguard": {
"command": "bumpguard-mcp"
}
}
}Cursor / Windsurf / VS Code (Copilot) β point your MCP config at the bumpguard-mcp command (or python -m bumpguard.server). Any MCPβcompatible client works.
Then ask your agent things like:
- "Before upgrading pandas to 2.2, check whether my data pipeline breaks."
- "Verify this snippet actually uses the installed OpenAI SDK."
- "List the real methods on
httpx.Client."
How it works
βββββββββββββββββ languageβneutral core βββββββββββββββββ
MCP tools β β diff engine Β· breakingβchange classifier Β· analyzer β
β (matches API changes against YOUR usage) β
βββββββββββββββββββββββββ¬βββββββββββββββββββββββββββββββ
β Provider interface
βββββββββββββββββββββββββ΄βββββββββββββββββββββββββββββββ
β Python provider β .NET (NuGet) β Java (Maven) β
β β’ AST surface β β’ DLL metadata β β’ jar bytecode β
β β’ usage scanner β β’ Roslyn scan β β’ source scan β
β β’ wheel fetch β β’ nupkg fetch β β’ jar fetch β
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββ- Extract a package's public API surface by parsing its source with Python's
astβ for the installed version, and for the target version (downloaded as a wheel and unpacked, never installed or executed). - Diff the two surfaces into removed / signatureβchanged / added symbols, and classify each as breaking, potentially breaking, or info.
- Scan your code (also via
ast) for usages β resolving import aliases, reβexports, instanceβmethod calls, and the keyword/positional arguments each call passes. - Match usages against changes and report a precise, perβline verdict.
Safety: BumpGuard never imports thirdβparty code, so there are no import side effects, no hangs from heavy packages, and no arbitrary code execution. Wheel downloads are sandboxed to a temp dir, timeβbounded, and guarded against path traversal / zip bombs.
Multiβlanguage by design
BumpGuard is built around a pluggable provider interface. The diff engine, breakingβchange classifier, analyzer, reporting, and MCP tools are all languageβneutral; only the surface extraction and usage scanning are ecosystemβspecific.
- β Python (PyPI) β available now.
- β
.NET (NuGet) β available now. Reads public API from assembly metadata via reflection-only loading (no code executed); needs the .NET SDK (
dotnet) on PATH. A small helper is built once on first use. - β
Java (Maven) β available now. Reads public API directly from compiled
.jarbytecode (constant pool, access flags, descriptors) in pure Python β no JDK or Maven required and no thirdβparty code is executed. - π JS/TS (npm) β parse
.d.tsdeclarations.
Adding an ecosystem means implementing one Provider β see docs/ADD_A_PROVIDER.md.
.NET specifics (v1)
- Pass
language: "dotnet". Example: "Before upgrading Azure.AI.OpenAI to 2.1.0, check whether my client code breaks (from_version 1.0.0-beta.17)." - Supported:
check_upgrade,diff_versions,list_symbols,check_import. - Prefer passing
from_versionβ the "installed" baseline is taken from the NuGet global cache, which isn't your project's pinned version. - Reliable signal: type / method / property removals and additions (e.g. the
OpenAIClientβAzureOpenAIClientrename is caught as a breaking removal with a suggestion). Parameter-level diffs run only for unambiguous single-overload members; overloaded members are tracked by presence (a documented v1 limit). - Fully-qualified references are reported confidently; short names resolved via
usingare reported as lower-confidence "potentially breaking" to avoid false hard-breaks from namespace collisions. verify_snippetis not supported for .NET in v1 (accurate C# hallucination detection needs semantic binding).
Java specifics (v1)
- Pass
language: "java"and identify packages by their Maven coordinategroup:artifact(e.g.com.google.code.gson:gson). Example: "Before upgrading com.google.code.gson:gson to 2.10.1, check whether my code breaks (from_version 2.8.9)." - Supported:
check_upgrade,diff_versions,list_symbols,check_import. - The public API surface is read directly from
.jarbytecode (the jar is a zip of.classfiles; BumpGuard parses the classβfile structure withstructβ reading metadata, never running it). The target jar is fetched from Maven Central (sandboxed, sizeβcapped, timeβbounded). No JDK/Maven needed. - Prefer passing
from_versionβ the "installed" baseline is read from your local~/.m2cache, which may not match your project's pinned version. - Reliable signal: type / method / field / constructor removals and additions, and arity changes. Fully-qualified references hard-break; short names resolved via
importare reported as lower-confidence "potentially breaking" to avoid false hard-breaks from namespace collisions. - Documented v1 limits: generics are erased in bytecode descriptors (so generic type-argument changes aren't seen); return-type-only changes and varargs removal are tracked conservatively; overloaded members are tracked by presence (per-overload removal isn't detected); multi-release jars use the highest version overlay. The source usage scanner is a robust heuristic, not a full parser β it can pick up a name's own declaration or
importline as a reference, but these resolve to unqualified names that are capped at "potentially breaking" and can never produce a false hard-break.verify_snippetis not supported for Java in v1 (accurate hallucination detection needs semantic binding).
Known limitations (v1, Python)
BumpGuard is honest about static analysis. It may miss (false negatives) or, rarely, overβflag (false positives):
- Dynamically generated APIs (
__getattr__modules, plugin registries,boto3βstyle clients). BumpGuard detects__getattr__modules and suppresses confident "missing symbol" findings under them. - Members created at runtime that aren't visible in source.
- Compiled (C/Rust) extension internals β the Pythonβlevel surface is still read.
- Deep instanceβflow tracking is limited to direct
x = Class(...)patterns. - Star reβexports (
from .x import *) are not expanded.
Treat findings as highβsignal guidance, and absence of findings as "not proven unsafe," not a guarantee.
Development
git clone https://github.com/appcreationsca/bumpguard-mcp
cd bumpguard-mcp
python -m venv .venv && . .venv/Scripts/activate # Windows
pip install -e ".[dev]"
pytestThe test suite (42 tests) runs offline using fixture packages β no network required.
Releasing
Releases are automated via GitHub Actions. To cut a release:
- Bump the version in
pyproject.tomlandsrc/bumpguard/__init__.py. - Move the
CHANGELOG.md"Unreleased" notes under a new version heading. - Commit, then tag and push:
git tag v0.1.0
git push origin v0.1.0The Release workflow runs the tests, builds the wheel + sdist, and publishes to PyPI via Trusted Publishing (OIDC β no stored tokens). The CI workflow runs the test matrix (Linux + Windows, Python 3.10/3.13) on every push and PR.
pip install bumpguard-mcpInstall
pip install bumpguard-mcpRequires Python 3.10+. The server speaks MCP over stdio.
Install BumpGuard into the same environment as the project you're working on, so it sees the packages you actually have installed.
No common issues documented yet. If you hit a problem, the repository's GitHub Issues page is the best place to look.
Licensed under MITβ you can use, modify, and redistribute it under that license's terms.
License
MIT β see LICENSE.