Skip to content

AXM Logo

axm-audit

Code auditing and quality rules for Python projects.

CI axm-audit axm-init Coverage PyPI Python 3.12+


What it does

axm-audit is a Python library and CLI that audits project quality across 9 scored categories, producing a composite 0–100 score:

Category Tool Weight
Linting Ruff 15%
Type Safety mypy 15%
Complexity radon + complexipy 15%
Security Bandit 10%
Dependencies pip-audit + deptry 10%
Testing pytest-cov 10%
Test Quality AST analysis 10%
Architecture AST analysis 10%
Practices AST analysis 5%

Two further categories — Structure (pyproject.toml completeness, test-pyramid layout) and Tooling (CLI tool availability) — emit findings but are not scored.

Quick Example

Bash
# CLI
axm-audit audit .

# Or via the unified AXM CLI
axm audit .
Python
# Python API
from pathlib import Path
from axm_audit import audit_project

result = audit_project(Path("."))
print(f"Grade: {result.grade}{result.quality_score:.1f}/100")
# Grade: A — 95.0/100

Features

  • 🔍 Linting — Ruff analysis (800+ rules)
  • 🔒 Type Safety — Strict mypy (per-project pyproject.toml config)
  • 📊 Complexity — Cyclomatic + cognitive complexity (radon + complexipy)
  • 🛡️ Security — Bandit integration + hardcoded secrets detection
  • 📦 Dependencies — Vulnerability scanning (pip-audit) + hygiene (deptry)
  • 🧪 Testing — Coverage enforcement via pytest-cov
  • 🏗️ Architecture — Circular imports, god classes, coupling metrics, duplication detection
  • 📐 Practices — Docstring coverage, bare except detection, blocking I/O, test mirroring
  • 🔧 Tooling — CLI tool availability checks
  • Fast & Typed — Direct Python APIs, strict mypy, high test coverage

Learn More