Audit – Pre-Commit Sanity Check
When to Apply
- •User asks to audit the project, run the full check, verify before commit, or sanity-check the codebase.
- •User asks to run any of: npm install, npm audit fix, lint, format check, type check, build, unit tests (individually or as a sequence).
Instructions
Run from the project root (where package.json is). Request network permission for install and audit.
Execute in this order (stop on first failure and report the error):
- •
Install dependencies
bashnpm install
- •
Fix known vulnerabilities
bashnpm audit fix
- •
Lint
bashnpm run lint
If the user wants auto-fixes, run
npm run lint:fixinstead or after. - •
Format check
bashnpm run format:check
If the user wants to fix formatting, run
npm run formatinstead or after. - •
Type check
bashnpm run type-check
- •
Build
bashnpm run build
- •
Unit tests
bashnpm run test:unit
- •
Optional – find unused code/deps
bashnpm run knip
Run when the user asks for unused dependency/code checks; can report false positives.
- •For a full audit, run steps 1–7 (and 8 if appropriate); stop on first failure and report the error.
- •If the user asked for specific steps only, run those.
- •Report success or failure for each step; on failure, show the relevant output.
Notes
- •Use
npm installunless the project or user requiresnpm cior another package manager (pnpm, yarn). - •Do not run
npm audit fix --forceunless the user explicitly requests it; report remaining advisories instead. - •E2E tests (
npm run test:e2e) are slower and require a running app; run only when the user asks for full test coverage or e2e.