Ship with confidence.
Catch security and deploy-blocking issues before you ship. Run 30+ structured tests across your code and running app, get a 0–100 readiness score, and apply AI-powered fixes — all in one command.
Runs locally · works offline, no AI required
One command, complete visibility
Deploy with confidence. Every check you need, built into a single CLI tool.
Ready to scan your app?
Four steps to production-ready apps
Parse
DeployReady parses your codebase using Babel AST for JS/TS and Python, detecting stack, dependencies, and routes.
Static Scan
Run 30+ static tests: secrets detection, OWASP Top 10 vulnerabilities, weak crypto, Row-Level Security gaps, and insecure patterns.
Dynamic & Active Tests
Probe your running app for auth bypass, exposed routes, missing headers, and CORS — then, with your token, actively test access control: IDOR/BOLA, tenant isolation, and privilege escalation.
AI Analysis & Score
AI analyzes each finding (Claude, OpenAI, or Ollama) and proposes fixes. Get a 0–100 readiness score, reports, and one-approval fixes.
See Issues & Fix Them
DeployReady analyzes each finding and suggests fixes with before/after code. Review and approve the changes instantly.
Detailed Analysis
AI reviews each issue with context and severity
Smart Suggestions
Proposed fixes with before/after code snippets
One-Click Apply
Approve fixes instantly with automatic backups
What DeployReady Checks
30+ structured tests run locally on your code and running app to catch issues before production
Parse. Scan. Score. Fix.
DeployReady runs your entire pipeline in seconds. Static analysis, live testing, active authorization testing, AI-powered fixes, and a 0–100 readiness score all in one command.
Interactive Commands
Guided session with interactive commands to scan, view findings, apply fixes, and verify results.
Reports & Dashboard
Export detailed findings as markdown reports or view in an interactive HTML dashboard. Share with your team.
$ npx deployready@latest ./my-app
What would you like to do?
1 Scan this project now (recommended)
2 Set up or change the AI model
3 How does DeployReady work?
4 Go to the command prompt
5 Exit
Pick a number: 1
✦ Parsing codebase... done in 0.8s
✦ Running static analysis... done in 2.3s
✦ Testing localhost app... done in 4.1s
✦ Analyzing with AI... done in 6.2s
Production Readiness Score: 0 / 100
🔴 16 critical issues found
🟡 0 warnings
🔵 0 suggestions
deployready › issues
Finding #1: [CRITICAL] Hardcoded secret in .env
Finding #2: [CRITICAL] Hardcoded secret in .env
...
deployready › show 1
Full details, code snippet, and fix guidance
deployready › fix 1
AI-proposed fix applied. Backup created.
deployready › verify 1
Re-running checks... ✓ Fixed!
deployready › export
Report saved to deployready-report.md
deployready › open
Opening HTML dashboard...Static, Dynamic & Active Testing
30+ structured tests: code analysis, secrets & RLS detection, live app testing, and opt-in active authorization testing (IDOR, tenant, privilege, JWT).
Stage 1: Parse
✓ Detects tech stack (Next.js, Express, etc.)
✓ Maps routes and dependencies
✓ Analyzes AST for JavaScript/TypeScript/Python
Stage 2: Static Analysis
✓ Hardcoded secrets & credentials
✓ XSS sinks and vulnerable patterns
✓ Weak cryptography & randomness
✓ OWASP Top 10 violations
✓ CWE-mapped findings
Stage 3: Dynamic Testing (Live Localhost)
✓ Auth bypass vulnerabilities
✓ Exposed admin routes
✓ Missing security headers
✓ Wildcard CORS issues
✓ Rate limiting gaps
✓ Slow endpoints & caching problems
Stage 4: Active Authorization Testing (opt-in, --active)
✓ Broken object-level access (IDOR/BOLA)
✓ Broken tenant isolation (org/tenant swap)
✓ Privilege escalation (forged role: admin)
✓ Unverified JWTs (alg:none accepted)
Stage 5: AI Analysis (Optional)
✓ Deeper vulnerability context
✓ Fix recommendations with diffs
✓ Architecture improvement suggestionsOne-Shot CI/CD Integration
Run DeployReady in your CI pipeline with simple flags. Fail on critical issues to block unsafe deployments.
name: DeployReady Security Gate
on: [push, pull_request]
jobs:
deployready:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/setup-node@v3
with:
node-version: '18'
- name: Run DeployReady
run: |
npx deployready@latest analyze . \
--no-ai \
--export \
--fail-on critical
- name: Upload Report
if: always()
uses: actions/upload-artifact@v3
with:
name: deployready-report
path: deployready-report.mdOffline & Privacy First
All static analysis runs locally. Optional AI analysis redacts secrets. With Ollama, nothing leaves your machine.
# Fully offline: no AI, no external calls
npx deployready@latest analyze . --no-ai --no-dynamic
✦ Parsing codebase... done
✦ Running static analysis... done
No data sent anywhere. Results stay local.
All findings are structured JSON you can integrate.
# With Claude (structured findings only)
npx deployready@latest analyze . --no-ai
🔒 Security & Privacy Model:
• No source code sent to Claude
• Only structured findings (JSON)
• All secrets redacted first
• You approve before sending
• API key stored locally (0600 perms)
• Config at ~/.deployready/config.json
# With Ollama (completely local)
npx deployready@latest init
> Select: Ollama
> Model: llama2
npx deployready@latest analyze .
✓ Running locally on your machine
✓ Nothing leaves your network
✓ Free & fully privateUse the AI you already pay for.
DeployReady works with your existing API keys. No new subscriptions. Runs fully offline with Ollama.
Claude API
Anthropic
claude-sonnet, claude-opus
Best analysis quality
OpenAI
OpenAI
GPT-4o, o3, and newer models
Fast & reliable
Ollama (Local)
Open Source
Llama 3, Mistral, Phi-3
No API key needed
Need a hand with security?
If DeployReady uncovers issues beyond automated fixes or you want human expertise validating your security posture, our team can help. Schedule a security check with our specialists.
Schedule a security checkPowered by Belsoft · Expert security reviews · No pressure, no commitments