bootspring audit | Bootspring Docs

Quality, security, and best practices audit for your codebase.

Overview#

The audit command performs comprehensive quality and security audits, identifying issues and generating prioritized recommendations. Perfect for code reviews, security assessments, and maintaining code health.

Usage#

Loading code block...

Commands#

Command	Description
(default)	Run full audit
`status`	Show current progress
`resume`	Continue from checkpoint
`reset`	Reset workflow state

Options#

Option	Description
`--phase=<phase>`	Run specific phase only
`--severity=<level>`	Filter by severity: `critical`, `high`, `medium`, `low`
`--fix`	Auto-fix safe issues where possible
`--ci`	CI mode with exit codes

Audit Phases#

Phase	Description
`quality`	Code quality metrics (complexity, duplication)
`security`	Security scan (secrets, vulnerabilities)
`performance`	Performance analysis
`practices`	Best practices checks
`techDebt`	Tech debt inventory
`recommendations`	Generate prioritized recommendations

Severity Levels#

Level	Definition	Action
CRITICAL	Security vulnerability, data loss risk	Immediate
HIGH	Major issue, significant risk	1-2 days
MEDIUM	Moderate issue, tech debt	1-2 weeks
LOW	Minor, optimization opportunity	Backlog

CI Mode#

When running in CI mode, the command returns exit codes:

Exit Code	Meaning
0	All checks passed
1	High severity issues found
2	Critical issues found

Loading code block...

Output#

Audit generates a report at /planning/AUDIT_REPORT.md containing:

Executive summary with scores
Critical/high findings with remediation
Quality metrics table
Security vulnerabilities table
Tech debt inventory
Prioritized recommendations

Examples#

Loading code block...

bootspring analyze - Deep codebase analysis
bootspring quality - Run quality gates
bootspring health - Quick health overview