A configurable code quality checker for Node.js β auto-detects your package manager and runs TypeScript, ESLint, Prettier, Knip, and Snyk with all dependencies bundled.
- All tools bundled β no need to install TypeScript, ESLint, Prettier, Knip, or Snyk separately
- Auto-detects package manager β npm, bun, pnpm, yarn
- CLI + Library β use from terminal or programmatically
- Detailed reports β generates
.quality-report.mdwith AI-friendly error info --logsflag β verbose terminal output for debugging--fixflag β auto-fix ESLint and Prettier issues automatically- Environment-based configs β different tools for dev vs CI/CD
- Snyk token validation β validates tokens before running security scans
- TypeScript definitions β full type safety included
npm install -D code-quality-lib # npm
bun add -D code-quality-lib # bun
pnpm add -D code-quality-lib # pnpm
yarn add -D code-quality-lib # yarn# Install and run (first time will auto-start wizard)
npm install -D code-quality-lib && npx code-quality
# Or with bun
bun add -D code-quality-lib && bunx code-quality
# Or with yarn
yarn add -D code-quality-lib && yarn code-qualitycode-quality # run all quality checks
code-quality --wizard # run interactive setup wizard
code-quality --config # generate .code-quality.json config file
code-quality --logs # show detailed error output
code-quality --fix # auto-fix ESLint and Prettier issues
code-quality --env dev # run development checks (ESLint, TS, Prettier)
code-quality --env ci # run CI/CD checks (all tools)
code-quality --env prod # run production checks (all tools)
code-quality --help # show help
code-quality --version # show versionUse the wizard to configure options before running:
code-quality --wizardThe wizard will guide you through:
π§ββοΈ Code Quality Setup Wizard
ββββββββββββββββββββββββββββββββββββββββββββββββββ
Let's configure your quality checks!
π¦ Detected package manager: npm
Use npm? (Y/n):
π§ Select tools to run (default = all checked):
[β] TypeScript? (Y/n):
[β] ESLint? (Y/n):
[β] Prettier? (Y/n):
[β] Knip? (Y/n):
[β] Snyk? (Y/n):
π Set up environment-specific tool sets?
This allows different tools for development vs CI/CD
Configure environments? (y/N):
π Configuration Summary:
ββββββββββββββββββββββββββββββββββββββββββββββββββ
π¦ Package Manager: npm
βοΈ Config: Project configs (detected)
π§ Tools: TypeScript, ESLint, Prettier, Knip, Snyk
π Load .env: Yes (always)
ββββββββββββββββββββββββββββββββββββββββββββββββββ
Run checks with these settings? (Y/n):
Smart Features:
- Remember settings β First run creates
.code-quality.json, future runs skip questions - Yes/No questions β Simple Y/n prompts with sensible defaults
- Checkbox-style tools β Each tool can be individually enabled/disabled
- Always uses project configs β Automatically detects and uses your existing ESLint/Prettier configs
- Always loads .env β Environment variables are always available for your tools
After confirmation, it runs the quality checks with your selected settings.
If you run code-quality without any configuration file, it automatically starts the wizard:
code-quality # First run: no config found β starts wizard
code-quality # Subsequent runs: uses saved settingsThis ensures proper setup on first use while being fast on subsequent runs.
The CLI provides step-by-step progress like setup wizards:
π Code Quality Setup
ββββββββββββββββββββββββββββββββββββββββββββββββββ
π¦ Package Manager: npm
βοΈ Config: Project configs
π§ Tools: 5 quality checks
1. TypeScript... β
Done
2. ESLint... β
Done
3. Prettier... β
Done
4. Knip... β
Done
5. Snyk... β
Done
ββββββββββββββββββββββββββββββββββββββββββββββββββ
π Quality Check Summary
β
TypeScript Passed
β
ESLint Passed
β
Prettier Passed
β
Knip Passed
β
Snyk Passed
ββββββββββββββββββββββββββββββββββββββββββββββββββ
π Success! All quality checks passed.
β
Your code is ready for production!
Automatically fix ESLint and Prettier issues:
code-quality --fix # Fix all issues
code-quality --env prod --fix # Fix in production mode
code-quality --ESLint --fix # Fix only ESLint
code-quality --Prettier --fix # Fix only PrettierThe --fix flag will:
- Run quality checks normally
- If ESLint or Prettier fail, automatically run:
eslint --fixfor ESLint issuesprettier --writefor Prettier issues
- Re-run checks to verify fixes
- Show final results
Different tool sets for different environments:
code-quality --env development # ESLint, TypeScript, Prettier
code-quality --env ci # Add your own ci environment config
code-quality --env production # Add your own production environment configOr configure environments in .code-quality/config.json:
{
"environments": {
"development": {
"tools": ["ESLint", "TypeScript", "Prettier"]
}
},
"packageManager": "npm"
}Add CI/Production environments manually:
{
"environments": {
"development": {
"tools": ["ESLint", "TypeScript", "Prettier"]
},
"ci": {
"tools": ["ESLint", "TypeScript", "Prettier", "Knip", "Snyk"]
},
"production": {
"tools": ["ESLint", "TypeScript", "Prettier", "Knip", "Snyk"]
}
},
"packageManager": "npm"
}Generate a configuration directory with reference configs:
code-quality --configThis creates .code-quality/ directory with:
- config.json β Main configuration file
- tsconfig.json β TypeScript reference config
- eslint.config.mjs β ESLint reference config
- .prettierrc β Prettier reference config
- knip.json β Knip reference config
- README.md β Usage documentation
The CLI automatically loads .code-quality/config.json if it exists:
code-quality # uses your custom configOr use it programmatically:
const config = require('./.code-quality/config.json')
const checker = new CodeQualityChecker(config)
await checker.run()The library automatically detects and uses your project's existing configuration files (.eslintrc, .prettierrc, tsconfig.json, etc.) if they exist. If no project configs are found, it uses bundled configurations.
Environment variables from .env files are always loaded automatically.
const { CodeQualityChecker, runQualityCheck } = require('code-quality-lib')
// Quick β run all checks with defaults (auto-detects project configs)
const result = await runQualityCheck()
console.log(result.success ? 'All passed' : 'Some failed')
// Advanced β custom configuration
const customChecker = new CodeQualityChecker({
environments: {
development: { tools: ['ESLint', 'TypeScript'] },
// Add ci and production environments as needed
},
packageManager: 'npm',
commands: {
TypeScript: 'tsc --noEmit',
ESLint: 'eslint src/ --ext .ts,.tsx',
},
})
const result = await customChecker.run({ showLogs: true })
console.log(result.results) // per-tool results array| Option | Type | Default | Description |
|---|---|---|---|
tools |
string[] |
All 5 tools | Which tools to run (deprecated - use environments instead) |
packageManager |
'npm' | 'bun' | 'pnpm' | 'yarn' |
auto-detected | Force a specific package manager |
commands |
Record<string, string> |
bundled paths | Custom commands per tool |
descriptions |
Record<string, string> |
built-in | Custom descriptions per tool |
environment |
string |
auto-detected | Override environment (development, ci, production) |
environments |
Record<string, EnvironmentConfig> |
- | Environment-specific tool configurations |
EnvironmentConfig:
interface EnvironmentConfig {
tools: string[]
}The library intelligently resolves tools in this order:
- Project's
node_modules/.binβ Uses your project's installed versions first - Library's bundled tools β Falls back to bundled versions if not found in project
- Custom commands β If you specify custom commands in config, uses them as-is
This means:
- β Uses your project's tool versions and configurations by default
- β Works out-of-the-box with bundled tools as fallback
- β Custom commands use tools from your project's PATH
All tools are included as dependencies for fallback:
| Tool | Description |
|---|---|
| TypeScript | Type checking (tsc --noEmit) |
| ESLint | Linting with plugins (react, sonarjs, unicorn, import, prettier) |
| Prettier | Code formatting validation |
| Knip | Dead code and unused export detection |
| Snyk | Security vulnerability scanning |
Automatically detected by lock file presence:
bun.lock/bun.lockbβ bunpnpm-lock.yamlβ pnpmyarn.lockβ yarnpackage-lock.jsonβ npm- Fallback: checks installed binaries, defaults to npm
Every run generates .quality-report.md with:
- Status of each check (pass/fail)
- Full error output for failed checks
- AI-friendly structured information for automated fixes
Add .quality-report.md to your .gitignore.
The library validates Snyk tokens before running security scans:
# Set your Snyk token
export SNYK_TOKEN=your_token_here
# Or add to .env file
echo "SNYK_TOKEN=your_token_here" >> .env
# Run with validation
code-quality --env productionToken Validation Features:
- Pre-scan validation - Checks token before running full scan
- Clear cache - Forces token validation by clearing Snyk cache
- Detailed errors - Shows helpful fix instructions for invalid tokens
- Fallback handling - Graceful degradation for token issues
Error Messages:
β Snyk token validation failed. Token may be expired or invalid.
To fix:
1. Get a new token at: https://snyk.io/login
2. Set SNYK_TOKEN in your .env file
3. Or run: npx snyk auth
This library includes .ai/skills/ β markdown files that teach AI coding assistants (Cursor, Copilot, Windsurf, etc.) to follow the project's coding standards. See .ai/skills/README.md.
- Node.js >= 18.0.0
Tested on every push across 4 runtimes:
- Node.js 25.x (npm)
- Bun 1.3.x
- pnpm 10.x
- Yarn 4.13.0
See CONTRIBUTING.md for development setup and guidelines.
MIT β see LICENSE.