a2

command module

v0.6.2 Latest Latest Go to latest Published: Mar 11, 2026 License: MIT Imports: 1 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/ipedrazas/a2

Links

Open Source Insights

README ¶

a2 — Validate and verify every repository change

Deterministic repository verification for teams, CI, and coding agents.

a2 checks whether a repository meets a defined baseline for build health, tests, coverage, security, formatting, and release readiness. It runs 80+ deterministic checks across multiple languages and returns a clear pass/fail result.

go install github.com/ipedrazas/a2@latest

a2 check
a2 check --profile=api
a2 check -f toon

Why use `a2`?

Teams use prompts, .cursorrules, and agent skills to describe intent. But prompts are not deterministic.

a2 turns repository intent into repeatable checks.

Verify repo readiness in one command
Standardize quality gates across projects
Feed machine-readable failures to coding agents for automatic fixes

Prompts guide implementation. a2 verifies the result.

What `a2` does

a2 runs deterministic checks for things like:

buildability
tests
coverage
formatting and linting
type checking
vulnerabilities
repo and delivery hygiene

It auto-detects supported languages or lets you choose them explicitly.

Example of running a2 against the a2 repo:

screenshot

Example

Check a repository:

a2 check --profile=api

Export agent-friendly output:

a2 check -f toon > a2.out

Use that output in Cursor, Claude Code, or another coding agent, apply fixes, and rerun until the repo passes.

When to use `a2`

Use a2 when you want to:

verify a pull request did not break the repo baseline
give coding agents an objective list of issues to fix
enforce different standards for PoC and production repos
standardize checks across polyglot repositories

How `a2` differs

Tool	Role
Prompts / `.cursorrules` / skills	Describe how code should be written
Linters / tests	Check one part of a repo
CI scripts	Run repo-specific automation
`a2`	Verify the repository baseline end-to-end

Features

8 supported languages: Go, Python, Node.js, TypeScript, Java, Rust, Swift
80+ built-in checks
Profiles: CLI, API, Library, Desktop
Targets: PoC or Production
Maturity scoring
JSON and TOON output
Custom checks via external binaries
GitHub Action, Docker, and pre-commit support

Common commands

a2 check
a2 check -v
a2 check --lang go,python
a2 check --profile=library
a2 check --target=poc
a2 check --skip="*:tests"
a2 list checks
a2 run rust:coverage agent
a2 explain go:race
a2 doctor

Configuration

Create a .a2.yaml file to set thresholds, disable checks, and add external checks:

language:
  go:
    coverage_threshold: 80

checks:
  disabled:
    - go:deps

external:
  - id: lint
    command: golangci-lint
    args: ["run", "./..."]
    severity: warn

More details:

CI/CD

GitHub Action

name: A2 Analysis
on: [push, pull_request]

jobs:
  a2:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - name: Run A2
        uses: ipedrazas/a2@v1
        with:
          format: "pretty"
          profile: "api"

Docker

docker run -v $(pwd):/workspace ipedrazas/a2 check

Exit codes

0 — all critical checks passed
1 — one or more critical checks failed

License

MIT — see LICENSE

Documentation ¶

There is no documentation for this package.

Source Files ¶

View all Source files

main.go

Directories ¶

Path	Synopsis
cmd
pkg
checker
checks
checks/common
checks/devops
checks/go
checks/java
checks/node Package nodecheck provides code quality checks for Node.js projects.	Package nodecheck provides code quality checks for Node.js projects.
checks/python
checks/rust
checks/security Package security provides safety/security checks for detecting potential malicious code patterns including shell injection, file system abuse, network exfiltration, and code obfuscation.	Package security provides safety/security checks for detecting potential malicious code patterns including shell injection, file system abuse, network exfiltration, and code obfuscation.
checks/swift
checks/typescript Package typescriptcheck provides code quality checks for TypeScript projects.	Package typescriptcheck provides code quality checks for TypeScript projects.
checkutil Package checkutil provides common utilities for check implementations.	Package checkutil provides common utilities for check implementations.
config
language Package language provides language detection for projects.	Package language provides language detection for projects.
maturity Package maturity provides project maturity estimation based on check results.	Package maturity provides project maturity estimation based on check results.
output
profiles Package profiles provides application type profiles for different project types.	Package profiles provides application type profiles for different project types.
runner
safepath Package safepath provides secure file path operations to prevent directory traversal attacks.	Package safepath provides secure file path operations to prevent directory traversal attacks.
server
targets Package targets provides maturity target definitions for different project stages.	Package targets provides maturity target definitions for different project stages.
tools
userconfig Package userconfig provides utilities for accessing user configuration directories.	Package userconfig provides utilities for accessing user configuration directories.
validation Package validation provides utilities for validating profiles and targets.	Package validation provides utilities for validating profiles and targets.
version

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL