axm-audit
Code auditing and quality rules for Python projects.
What it does
axm-audit is a Python library and CLI that audits project quality across 9 scored categories, producing a composite 0–100 score:
| Category | Tool | Weight |
|---|---|---|
| Linting | Ruff | 15% |
| Type Safety | mypy | 15% |
| Complexity | radon + complexipy | 15% |
| Security | Bandit | 10% |
| Dependencies | pip-audit + deptry | 10% |
| Testing | pytest-cov | 10% |
| Test Quality | AST analysis | 10% |
| Architecture | AST analysis | 10% |
| Practices | AST analysis | 5% |
Two further categories — Structure (pyproject.toml completeness, test-pyramid layout) and Tooling (CLI tool availability) — emit findings but are not scored.
Quick Example
Python
# Python API
from pathlib import Path
from axm_audit import audit_project
result = audit_project(Path("."))
print(f"Grade: {result.grade} — {result.quality_score:.1f}/100")
# Grade: A — 95.0/100
Features
- 🔍 Linting — Ruff analysis (800+ rules)
- 🔒 Type Safety — Strict mypy (per-project
pyproject.tomlconfig) - 📊 Complexity — Cyclomatic + cognitive complexity (radon + complexipy)
- 🛡️ Security — Bandit integration + hardcoded secrets detection
- 📦 Dependencies — Vulnerability scanning (pip-audit) + hygiene (deptry)
- 🧪 Testing — Coverage enforcement via pytest-cov
- 🏗️ Architecture — Circular imports, god classes, coupling metrics, duplication detection
- 📐 Practices — Docstring coverage, bare except detection, blocking I/O, test mirroring
- 🔧 Tooling — CLI tool availability checks
- ⚡ Fast & Typed — Direct Python APIs, strict mypy, high test coverage