StackLint
Analyze repo
Private beta · ingesting TypeScript, Python, Go

Clean your codebase.
Ship with confidence.

Point StackLint at a GitHub or GitLab repository. In a few minutes you get a prioritized remediation plan — code smells, risky dependencies, untested zones, and duplicated logic — ranked by blast radius, not alphabet.

/

Read-only access. We never write to your code.

No commit required SOC-scoped read tokens Delete anytime
stacklint·monorepo-kestrel
live

Files scanned

1,482

Findings

47

Hours saved

28.4

  • critical·DEP-014

    Unpatched CVE in [email protected]

    apps/api/package.json · L42 · Reachable from 3 public routes

  • high·DUP-203

    Duplicated auth flow across 4 files

    packages/auth/* · ~280 LOC drift

  • high·TEST-071

    Billing module has 11% branch coverage

    packages/billing/ · Handles 47.2% of revenue

  • medium·SMEL-332

    Cyclomatic complexity 34 in processOrder()

    src/orders/process.ts · L118 · Refactor candidate

  • low·UI-018

    Button variants drifted in 7 places

    web/components/* · Design-system consistency

Prioritized by blast radius
View fix plan
What StackLint looks for

Six lenses on one codebase. Each finding routed to an owner, with a fix path attached.

Remediation plan

A prioritized fix plan, not a 4,000-line report.

Findings ranked by blast radius across blast-radius, revenue paths, and recent churn. Week-one work is ten tickets, not a thousand.

Week 1 · ranked47 total → 5 to do
  • axios CVE-2024-3921
  • Auth flow duplicated x4
  • Billing branch coverage 11%
  • processOrder() complexity 34
  • Button variants drift x7
Smells

Code smells, with evidence

Cyclomatic spikes, god classes, leaky abstractions — each finding ships with a diff preview.

Dependencies

Risky dependencies

Deprecated, abandoned, or CVE-linked libraries with reachability from your public surface.

Coverage

Untested zones

Branch coverage overlaid with git churn — surfacing the places you change most and test least.

Duplication

Duplicate code

Token-level similarity across packages. Refactor candidates ranked by drift cost.

Design system

Inconsistent components

Button, input, and token variants drifting across apps — clustered with quick-fix codemods.

Button/Primary

web, admin, marketing

3

variants

Button/Ghost

web, checkout, admin, mobile

4

variants

Input/Text

checkout, admin

2

variants

Card/Surface

web, admin, mobile, docs, mkt

5

variants

How it works

Three minutes, three steps.

Drop in a repo, come back from a coffee. You'll have the shortlist of fixes worth a standup conversation.

  1. 01

    Connect the repository

    Paste a URL or install the GitHub app. We request read-only access and spin up a sandboxed clone.

  2. 02

    Scan across six lenses

    Static analysis, dependency graph walks, coverage overlays, and git-churn weighting run in parallel.

  3. 03

    Receive a ranked fix plan

    Findings are scored by blast radius and routed to owners. PR-ready codemods where we're confident.

Pricing

Free on your first repo.
Grow into it when it pays for itself.

Most teams recover the Pro price in a single week of unblocked refactor work. If not, cancel it — we keep the data you own and drop the rest.

Free

For solo devs and weekend audits

$0forever
  • 1 repository
  • Weekly re-scan
  • Top 20 prioritized findings
  • GitHub & GitLab
Start free

Pro

For teams shipping every week

Most popular
$29/ month
  • Unlimited repositories
  • Daily re-scan + PR bot
  • Full fix plan with codemods
  • Owner routing & Slack digests
  • Trend history & drift alerts
Try Pro free 14 days
Ready when you are

Point StackLint at your hardest repo.
See the top ten fixes in three minutes.

Analyze My RepoSee what it finds

No card. No Slack install. Read-only access tokens.