Skip to main content

Local CLI for fullstack code validation — import directions, migrations, secrets, and more

Project description

validate-tools

Local CLI for fullstack code validation. Runs the same checks as the MCP server without the token overhead — pipe files in, get JSON out.

Installation

pip install validate-tools
# or
uv tool install validate-tools

Usage

validate-tools [--human] [--pretty] COMMAND [OPTIONS]

When stdout is not a TTY (piped to a script or agent), JSON is emitted automatically. No --json flag needed.

Global flags:

Flag Description
--human / -H Force rich/table output even when piped
--pretty Indent JSON output (default: compact)

Exit codes: 0 = clean · 1 = warnings (with --strict) · 2 = violations


Commands

imports — Clean Architecture import directions

grep -rn "^from\|^import" src/ --include="*.py" | validate-tools imports

Rules: domain → no project imports; application → domain only; infrastructure → domain + application; presentation → all layers.


commits — Conventional Commits format

git log --format="%H %s" origin/main..HEAD | validate-tools commits

Checks type(scope)?: description format (required) and ≤72-char subject (recommended). Allowed types: feat fix docs chore refactor test ci perf build style revert


migration — Alembic migration safety

validate-tools migration alembic/versions/*.py

Flags: drop_column, drop_table, rename_table, rename_column, add_column with nullable=False and no server_default (required); alter_column, execute (recommended).


env — Settings ↔ .env.example completeness

validate-tools env --settings src/config/settings.py --example .env.example

Every UPPER_SNAKE_CASE field in class *Settings* must have a matching KEY= entry in .env.example.


tests — pytest test name quality

validate-tools tests test/unit/test_auth.py

Flags duplicate test_* names (required) and names with fewer than 3 tokens after test_ (recommended).


logs — Logging anti-patterns

validate-tools logs src/application/use_cases/auth_use_case.py

Flags print() calls (required) and f-strings inside logger.*() (recommended).


coverage — Per-layer coverage thresholds

pytest --cov=src --cov-report=xml
validate-tools coverage coverage.xml

Thresholds: domain ≥90% · application ≥85% · infrastructure ≥65% · presentation ≥55%


supply-chain — Dependency manifest risks

validate-tools supply-chain pyproject.toml   # or package.json

Flags VCS/URL/local-path sources and wildcard versions (required); pre-release versions (recommended).


sensitive-logging — Sensitive data in logs

validate-tools sensitive-logging src/application/use_cases/auth_use_case.py

Flags passwords, tokens, secrets, API keys, and card numbers passed to log.*() or print().


secrets — Hardcoded credentials

validate-tools secrets src/config/settings.py

Detects Stripe, Slack, GitHub, Google, and AWS key literals; JWT tokens; and sensitive variable assignments (password = "...", secret = "...").


Batch mode (run) — for AI agents

Run multiple validators in a single invocation. Accepts a JSON config on stdin and returns a JSON array — one report per check.

cat <<'EOF' | validate-tools run
{
  "imports":  "<output of grep -rn ...>",
  "commits":  "<output of git log --format='%H %s' ...>",
  "supply_chain": "<content of pyproject.toml>",
  "secrets": [{ "filename": "settings.py", "source": "<file content>" }],
  "logs":    [{ "filename": "auth.py",     "source": "<file content>" }]
}
EOF

Config keys (all optional):

Key Value
imports grep output (string)
commits git log output (string)
migration migration file content (string)
coverage coverage.xml content (string)
supply_chain pyproject.toml or package.json content (string)
env {"settings_source": "...", "env_example": "..."}
tests [{"filename": "test_foo.py", "source": "..."}]
logs [{"filename": "foo.py", "source": "..."}]
sensitive_logging [{"filename": "foo.py", "source": "..."}]
secrets [{"filename": "foo.py", "source": "..."}]

For per-file checks, a plain string is also accepted (filename defaults to source.py).


Output format

Every command emits the same JSON schema:

{
  "analysis": "validate_import_directions",
  "status": "clean | warnings | violations",
  "total_items": 42,
  "required_count": 0,
  "recommended_count": 0,
  "summary": "All 42 file(s) respect the layer dependency rules.",
  "findings": [
    {
      "rule_id": "backend/imports/domain-no-infrastructure",
      "severity": "required | recommended",
      "location": "src/domain/entities/user.py:12",
      "message": "Domain layer must not import from infrastructure layer",
      "hint": "Remove the cross-layer import. Domain may only depend on: domain only."
    }
  ]
}

Errors also follow a consistent schema when piped:

{"status": "error", "error": "git_log is empty — run: ...", "analysis": "validate_commit_messages"}

License

MIT

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

validate_tools-0.1.0.tar.gz (17.5 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

validate_tools-0.1.0-py3-none-any.whl (26.7 kB view details)

Uploaded Python 3

File details

Details for the file validate_tools-0.1.0.tar.gz.

File metadata

  • Download URL: validate_tools-0.1.0.tar.gz
  • Upload date:
  • Size: 17.5 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for validate_tools-0.1.0.tar.gz
Algorithm Hash digest
SHA256 ea12b7ffbaeb2117750b5517cc530ea46f3e75ced15e39dc9c623e62bc734cd1
MD5 5b99c7ea697878aa27b28e34ee1a9bf0
BLAKE2b-256 3030c5113969162ddee08bb090a463b17852eff6d636f32bab697bf33c95ec35

See more details on using hashes here.

Provenance

The following attestation bundles were made for validate_tools-0.1.0.tar.gz:

Publisher: publish-cli.yml on scardoso-lu/fullstack-agent-guidelines

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file validate_tools-0.1.0-py3-none-any.whl.

File metadata

  • Download URL: validate_tools-0.1.0-py3-none-any.whl
  • Upload date:
  • Size: 26.7 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for validate_tools-0.1.0-py3-none-any.whl
Algorithm Hash digest
SHA256 7de3111be68b4644d98fa9a339a400789c5bcc2f35994024d666b5885fd826bd
MD5 0dbddb6ec49a7d71e7b61540d90ea9f5
BLAKE2b-256 e1a0f501f051fe2d99d1d1a15f9149ae1937af41b63d79f5f73d2932adad8cf6

See more details on using hashes here.

Provenance

The following attestation bundles were made for validate_tools-0.1.0-py3-none-any.whl:

Publisher: publish-cli.yml on scardoso-lu/fullstack-agent-guidelines

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page