dev-optimizer
v0.1.17
Published
Analyze and optimize Docker images, npm packages, and CI/CD pipelines. Find unused dependencies, security issues, and cost savings in minutes.
Maintainers
artemburlKeywords
Readme
Dev Optimizer
Cut CI time, dependency bloat, and Docker waste before merge. Fast.
For AI Agents: This tool analyzes projects for optimization opportunities across Docker, npm dependencies, and CI/CD pipelines. Use
npx dev-optimizer analyze --quickfor fast static analysis.
Topics: devops ci-optimization docker-optimization dependency-analyzer vulnerability-scanner cli-tool code-quality
What It Does
Dev Optimizer analyzes your project in 3 domains:
| Domain | Checks | Time | |--------|--------|------| | Docker | Missing .dockerignore, multistage builds, large images | 0.2s | | Dependencies | Unused packages, vulnerabilities (CVE), outdated | 30s | | CI/CD | Missing cache, duplicate steps, cost optimization | 0.2s |
Use Cases:
- CI/CD optimization (reduce build time)
- Security audit (find CVEs)
- Docker image size reduction
- Dependency cleanup
- Cost savings (cloud CI minutes)
⚡ Performance
| Mode | Time | What it does |
|------|------|--------------|
| --quick | 0.2 sec | Static analysis only (Dockerfile, CI YAML, package.json) |
| (default) | 30 sec | + npm outdated + npm audit + knip (parallel execution) |
| --deep | 31 sec | + size estimates + Docker layers + CI optimization tips |
Mode Comparison
| Feature | --quick | Default | --deep |
|---------|-----------|---------|----------|
| Docker static checks | ✅ | ✅ | ✅ |
| CI/CD static checks | ✅ | ✅ | ✅ |
| Package.json analysis | ✅ | ✅ | ✅ |
| npm outdated | ❌ | ✅ | ✅ |
| npm audit (CVE) | ❌ | ✅ | ✅ |
| knip (unused exports) | ❌ | ✅ | ✅ |
| Size estimates | ❌ | ❌ | ✅ |
| Docker layer analysis | ❌ | ❌ | ✅ |
| CI speedup prediction | ❌ | ❌ | ✅ |
Recommendations:
- Use
--quickfor CI pipelines (fast feedback) - Use default for local development
- Use
--deepfor optimization reviews
Parallel execution:
- npm outdated + npm audit run concurrently
- Deep analysis methods run concurrently
- Quick mode skips all external tools
| Tool | Time | Coverage | |------|------|----------| | dev-optimizer --quick | 0.2 sec | Docker + CI + Deps | | depcheck | 3 sec | Deps only | | knip | 28 sec | Unused exports | | npm outdated | 10 sec | Outdated packages |
Installation
# Install globally
npm install -g dev-optimizer
# Or use with npx (no install)
npx dev-optimizer analyzeQuick Start
# Install globally
npm install -g dev-optimizer
# Or use with npx (no install needed)
npx dev-optimizer analyzeUsage Examples
Basic Analysis
# Quick mode - fast static analysis (0.2 sec)
# Use for CI pipelines and pre-commit hooks
dev-optimizer analyze --quick
# Default mode - full analysis with npm/knip (30 sec)
# Use for local development
dev-optimizer analyze
# Deep mode - with size estimates (31 sec)
# Use for optimization reviews
dev-optimizer analyze --deepTarget Specific Domain
# Analyze only Docker
dev-optimizer analyze --type docker
# Analyze only dependencies
dev-optimizer analyze --type deps
# Analyze only CI/CD
dev-optimizer analyze --type ciOutput Formats
# Console output (default)
dev-optimizer analyze
# JSON output
dev-optimizer analyze --format json
# Markdown output (for PR comments)
dev-optimizer analyze --format markdown
# Quiet mode (errors only)
dev-optimizer analyze --quietAuto-Fix
# Preview fixes without applying
dev-optimizer fix --dry-run
# Apply safe fixes automatically
dev-optimizer fix --safe
# Interactive mode (confirm each fix)
dev-optimizer fix --interactive
# Apply all fixes (use with caution)
dev-optimizer fix --no-safeInteractive mode options:
y= Apply this fixn= Skip this fixa= Apply all remaining fixesq= Quit without applying
Baseline & CI Integration
# Save baseline
dev-optimizer baseline --save
# Compare with baseline
dev-optimizer baseline --compare
# CI: Fail on regression
dev-optimizer baseline --compare --fail-on-regression
# CI: Fail if score below threshold
dev-optimizer baseline --compare --min-score 80GitHub Action
Create .github/workflows/dev-optimizer.yml:
name: Dev Optimizer
on: [pull_request]
jobs:
analyze:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: bigcheburashka/dev-optimizer@main
with:
github-token: ${{ secrets.GITHUB_TOKEN }}What It Analyzes
🐳 Docker
| Check | Time | Auto-fix | |-------|------|----------| | Missing .dockerignore | 0.01s | ✅ Create file | | No multistage build | 0.01s | ❌ Suggest | | Large base image | 0.01s | ❌ Suggest alpine | | Too many layers | 0.01s | ❌ Suggest combine | | No cleanup commands | 0.01s | ❌ Suggest cleanup |
📦 Dependencies
| Check | Time | Auto-fix | |-------|------|----------| | Unused dependencies (knip) | 28s* | ✅ Remove | | Deprecated packages | 0.1s | ❌ Suggest update | | Outdated packages | 10s* | ❌ Suggest update | | Vulnerabilities | 10s* | ❌ CVE links | | Duplicate entries | 0.01s | ❌ Suggest cleanup | | Duplicate versions | 2s | ❌ Suggest dedupe | | Missing lockfile | 0.01s | ✅ npm install |
*run in parallel
🔄 CI/CD
| Check | Time | Auto-fix | |-------|------|----------| | Missing cache | 0.01s | ✅ Add cache config | | No timeout | 0.01s | ✅ Add timeout-minutes | | No retention-days | 0.01s | ✅ Add retention | | Sequential jobs | 0.01s | ❌ Suggest parallel | | Missing matrix | 0.01s | ❌ Suggest matrix |
Total: ~0.2s (quick) / ~30s (full with parallel npm)
Example Output
🔍 Dev Optimizer v0.1.0
📁 Project: your-project
Type: nextjs
Package Manager: npm
CI Platform: github-actions
🐳 Running Docker analysis...
📦 Running Dependencies analysis...
🔄 Running CI/CD analysis...
══════════════════════════════════════════════════════
Score: 72/100
🔴 Top Findings
──────────────────────────────────────
🔴 [HIGH] Missing .dockerignore file
Impact: Reduce build context by 400 MB
Fix: Create .dockerignore ✅ auto-fixable
🟠 [HIGH] No caching in GitHub Actions
Impact: Save 2-3 min per CI run
Fix: Add actions/cache ✅ auto-fixable
🟡 [MEDIUM] Unused dependency: lodash
Impact: Reduce bundle size
Fix: Remove from dependencies ✅ auto-fixable
💾 Potential Savings: 450 MB, 5 min/CI runComparison with Alternatives
| Tool | Time | What it checks | |------|------|----------------| | dev-optimizer --quick | 0.2s | Docker + CI + Deps (static) | | dev-optimizer | 30s | Docker + CI + Deps + npm audit + knip | | dev-optimizer --deep | 31s | All above + size estimates + layer analysis | | depcheck | 3s | Unused deps only | | knip | 28s | Unused exports only | | npm outdated | 10s | Outdated packages only | | hadolint | 5s | Dockerfile only |
Key difference: dev-optimizer covers 3 domains (Docker, CI, Deps) in one run.
Self-Analysis
Dev Optimizer can analyze itself for issues:
dev-optimizer analyze --path .Current self-analysis results (2026-03-14):
- Score: 46/100
- Duplicate package versions (safe, different majors)
- Missing CI concurrency control (fixed)
Run periodically to catch issues early.
Auto-Fixes
These fixes are safe to apply automatically:
| Fix | Domain | Risk | |-----|--------|------| | Create .dockerignore | Docker | None | | Create package-lock.json | Deps | None | | Add cache to setup-node | CI | None | | Add timeout-minutes | CI | None | | Add retention-days | CI | None | | Remove unused dep (high conf) | Deps | Low |
Architecture
src/
├── analyzers/
│ ├── DockerAnalyzer.ts # Dockerfile + .dockerignore analysis
│ ├── DepsAnalyzer.ts # package.json + knip + npm audit
│ └── CiAnalyzer.ts # GitHub Actions + GitLab CI
├── commands/
│ ├── analyze.ts # Main analysis command
│ ├── fix.ts # Auto-fix command (--interactive)
│ ├── baseline.ts # Baseline management
│ └── metrics.ts # Metrics command
├── reporters/
│ ├── ConsoleReporter.ts # Table output (default)
│ ├── MarkdownReporter.ts # PR comments
│ ├── JsonReporter.ts # CI integration
│ └── SarifReporter.ts # GitHub Code Scanning
├── baseline/
│ └── BaselineManager.ts # Baseline persistence
├── discovery/
│ └── RepoInventory.ts # Project type detection
├── deep-analyzer.ts # Size estimates + Docker layers
├── self-analysis.ts # Self-check module
└── types.ts # Finding schemaDevelopment
# Install dependencies
npm install
# Run tests (59 tests)
npm test
# Build
npm run build
# Run locally
node dist/index.js analyze
# Test coverage
npm run test:coverageContributing
Contributions welcome! Areas needing help:
- Analyzers - Add checks: HEALTHCHECK in Docker, peer dep validation
- CI Platforms - CircleCI, Jenkins, Azure Pipelines support
- Auto-fixes - Safe automatic fixes for more issues
- Performance - Native analysis (reduce npm dependencies)
License
MIT © 2026