Quality, security, and best practices audit for your codebase.
The audit command performs comprehensive quality and security audits, identifying issues and generating prioritized recommendations. Perfect for code reviews, security assessments, and maintaining code health.
bootspring audit [ command ] [ options ]
Command Description (default) Run full audit statusShow current progress resumeContinue from checkpoint resetReset workflow state
Option Description --phase=<phase>Run specific phase only --severity=<level>Filter by severity: critical, high, medium, low --fixAuto-fix safe issues where possible --ciCI mode with exit codes
Phase Description qualityCode quality metrics (complexity, duplication) securitySecurity scan (secrets, vulnerabilities) performancePerformance analysis practicesBest practices checks techDebtTech debt inventory recommendationsGenerate prioritized recommendations
Level Definition Action CRITICAL Security vulnerability, data loss risk Immediate HIGH Major issue, significant risk 1-2 days MEDIUM Moderate issue, tech debt 1-2 weeks LOW Minor, optimization opportunity Backlog
When running in CI mode, the command returns exit codes:
Exit Code Meaning 0 All checks passed 1 High severity issues found 2 Critical issues found
# In CI pipeline
bootspring audit --ci
Audit generates a report at /planning/AUDIT_REPORT.md containing:
Executive summary with scores
Critical/high findings with remediation
Quality metrics table
Security vulnerabilities table
Tech debt inventory
Prioritized recommendations
1 # Full audit
2 bootspring audit
3
4 # Run specific phase
5 bootspring audit --phase = security
6
7 # Filter by severity
8 bootspring audit --severity = high
9
10 # Auto-fix safe issues
11 bootspring audit --fix
12
13 # CI mode
14 bootspring audit --ci
15
16 # Check progress
17 bootspring audit status
18
19 # Resume after interruption
20 bootspring audit resume
bootspring analyzebootspring qualitybootspring health