Skip to main content

Detect tech stack and production-readiness issues from a live URL or GitHub repo. Zero config, one command.

Project description

app-auditor

Built by the Nometria team. We help developers take apps built with AI tools (Lovable, Bolt, Base44, Replit) to production - handling deployment to AWS, security, scaling, and giving you full code ownership. Learn more →

Detect tech stack and surface production-readiness issues from any live URL or GitHub repo. One command, zero config.


Quick start

# Clone and install
git clone https://github.com/nometria/app-auditor
cd app-auditor
pip install -e .

# Audit a live URL
app-audit url https://vercel.com

# Audit a GitHub repo
app-audit repo myorg/myrepo

# JSON output
app-audit url https://myapp.com --format json

Usage

Audit a live URL

app-audit url https://myapp.com

# JSON output
app-audit url https://myapp.com --format json

Output:

URL: https://myapp.com
Title: My App
Stack: nextjs, react, supabase

Risks:
  • Supabase client: verify auth flow, RLS, and env key exposure in client.
  • Hosting on Vercel/Netlify: ensure env vars and serverless limits are documented.

Audit a GitHub repo

app-audit repo github.com/myorg/myrepo
# or shorthand
app-audit repo myorg/myrepo

Output:

Repo: myorg/myrepo
Detected: vite, react, supabase

Missing:
  ⚠ No Dockerfile found - containerization recommended for production.
  ⚠ No GitHub Actions workflows - consider adding CI/CD.

Suggestions:
  → Vite SPA: add Dockerfile and ensure server rewrite rules for SPA routing.
  → Supabase: verify RLS, auth flow, and env key exposure in client.

Set GitHub token to avoid rate limiting

export GITHUB_TOKEN=ghp_...
app-audit repo myorg/myrepo

Use as a library

from app_auditor import audit_url, analyze_repo_url

# Website audit
result = audit_url("https://myapp.com")
print(result["detected_stack"])  # {"nextjs": True, "react": True, ...}
print(result["risks"])           # ["Supabase client: verify RLS...", ...]

# GitHub repo audit
result = analyze_repo_url("https://github.com/vercel/next.js")
print(result["detected"])        # {"nextjs": True, "docker": False, ...}
print(result["missing"])         # ["No Dockerfile found..."]
print(result["suggestions"])     # ["Next.js: check output mode..."]

Detected stack signals

Signal Detection method
Next.js __next in HTML, _next/ paths, next.js in server header
Vite /assets/ + modulepreload in HTML
React react / reactdom in HTML or package.json
Vue v-bind or vue in HTML
Supabase supabase in HTML or repo file paths
Vercel vercel in HTML, server header, or vercel.json
Netlify netlify in HTML, header, or config files
Docker Dockerfile in repo tree
GitHub Actions .github/workflows/ in repo tree

Commercial viability

  • Free tier: CLI and library (open source)
  • Paid: API with bulk auditing, team dashboards, Slack notifications
  • Inbound funnel: developers debugging production issues → upgrade path to managed services

Example output

app-audit url https://vercel.com

URL: https://vercel.com/
Title: Vercel: Build and deploy the best web experiences with the AI Cloud
Stack: nextjs, react, vercel

Risks:
  • Hosting on Vercel/Netlify: ensure env vars and serverless limits are documented.

app-audit url https://supabase.com

URL: https://supabase.com/
Title: Supabase | The Postgres Development Platform.
Stack: nextjs, react, vue, supabase, vercel

Risks:
  • Supabase client: verify auth flow, RLS, and env key exposure in client.
  • Hosting on Vercel/Netlify: ensure env vars and serverless limits are documented.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

app_auditor-0.1.3.tar.gz (7.9 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

app_auditor-0.1.3-py3-none-any.whl (8.2 kB view details)

Uploaded Python 3

File details

Details for the file app_auditor-0.1.3.tar.gz.

File metadata

  • Download URL: app_auditor-0.1.3.tar.gz
  • Upload date:
  • Size: 7.9 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.11.15

File hashes

Hashes for app_auditor-0.1.3.tar.gz
Algorithm Hash digest
SHA256 9ded051202c548258a5f2b1c20c9e3a94d6a3b86cc7ac0d1308f04bbe1ed32e6
MD5 bb484b3fd9d9f88cd47f1f8705393a0e
BLAKE2b-256 1e6a569ec1765857997015b3f60f8aa23296cba487653347c339cbfe79373524

See more details on using hashes here.

File details

Details for the file app_auditor-0.1.3-py3-none-any.whl.

File metadata

  • Download URL: app_auditor-0.1.3-py3-none-any.whl
  • Upload date:
  • Size: 8.2 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.11.15

File hashes

Hashes for app_auditor-0.1.3-py3-none-any.whl
Algorithm Hash digest
SHA256 98ee331d1aaa90cff478c07cdbe042307d1b0101017799de3bfdd05e4bd1a58a
MD5 cdca86dd9d677f50a55b8f066fd48542
BLAKE2b-256 54d5f29ff285ba58dad59e4bb87eb6f911a3a59ef2ca13dfb41572d9c9c28bf2

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page