DiscordSign up
SKILLS.SH

django-verification

Comprehensive pre-deployment verification pipeline for Django projects covering migrations, linting, tests, security, and configuration. Runs 12 sequential phases: environment validation, code quality checks (mypy, ruff, black, isort), migration safety, test coverage analysis, security scanning (pip-audit, bandit, gitleaks), and Django-specific configuration verification Includes coverage targets by component (models 90%+, views 80%+, overall 80%+) and pre-deployment checklist covering DEBUG mode, SECRET_KEY, ALLOWED_HOSTS, HTTPS, and database integrity Provides GitHub Actions CI/CD workflow template for automated verification on push and pull requests with PostgreSQL service integration Generates structured verification report with per-phase status indicators and actionable recommendations before staging or production deployment

INSTALLATION
npx skills add https://github.com/affaan-m/everything-claude-code --skill django-verification
Run in your project or agent environment. Adjust flags if your CLI version differs.

SKILL.md

Django Verification Loop

Run before PRs, after major changes, and pre-deploy to ensure Django application quality and security.

When to Activate

  • Before opening a pull request for a Django project
  • After major model changes, migration updates, or dependency upgrades
  • Pre-deployment verification for staging or production
  • Running full environment → lint → test → security → deploy readiness pipeline
  • Validating migration safety and test coverage

Phase 1: Environment Check

# Verify Python version

python --version  # Should match project requirements

Check virtual environment

which python

pip list --outdated

Verify environment variables

python -c "import os; import environ; print('DJANGO_SECRET_KEY set' if os.environ.get('DJANGO_SECRET_KEY') else 'MISSING: DJANGO_SECRET_KEY')"

If environment is misconfigured, stop and fix.

## Phase 2: Code Quality & Formatting

Type checking

mypy . --config-file pyproject.toml

Linting with ruff

ruff check . --fix

Formatting with black

black . --check

black . # Auto-fix

Import sorting

isort . --check-only

isort . # Auto-fix

Django-specific checks

python manage.py check --deploy


Common issues:

- Missing type hints on public functions

- PEP 8 formatting violations

- Unsorted imports

- Debug settings left in production configuration

## Phase 3: Migrations

Check for unapplied migrations

python manage.py showmigrations

Create missing migrations

python manage.py makemigrations --check

Dry-run migration application

python manage.py migrate --plan

Apply migrations (test environment)

python manage.py migrate

Check for migration conflicts

python manage.py makemigrations --merge # Only if conflicts exist


Report:

- Number of pending migrations

- Any migration conflicts

- Model changes without migrations

## Phase 4: Tests + Coverage

Run all tests with pytest

pytest --cov=apps --cov-report=html --cov-report=term-missing --reuse-db

Run specific app tests

pytest apps/users/tests/

Run with markers

pytest -m "not slow" # Skip slow tests

pytest -m integration # Only integration tests

Coverage report

open htmlcov/index.html


Report:

- Total tests: X passed, Y failed, Z skipped

- Overall coverage: XX%

- Per-app coverage breakdown

Coverage targets:

Component
Target

Models
90%+

Serializers
85%+

Views
80%+

Services
90%+

Overall
80%+

## Phase 5: Security Scan

Dependency vulnerabilities

pip-audit

safety check --full-report

Django security checks

python manage.py check --deploy

Bandit security linter

bandit -r . -f json -o bandit-report.json

Secret scanning (if gitleaks is installed)

gitleaks detect --source . --verbose

Environment variable check

python -c "from django.core.exceptions import ImproperlyConfigured; from django.conf import settings; settings.DEBUG"


Report:

- Vulnerable dependencies found

- Security configuration issues

- Hardcoded secrets detected

- DEBUG mode status (should be False in production)

## Phase 6: Django Management Commands

Check for model issues

python manage.py check

Collect static files

python manage.py collectstatic --noinput --clear

Create superuser (if needed for tests)

echo "from apps.users.models import User; User.objects.create_superuser('admin@example.com', 'admin')" | python manage.py shell

Database integrity

python manage.py check --database default

Cache verification (if using Redis)

python -c "from django.core.cache import cache; cache.set('test', 'value', 10); print(cache.get('test'))"


## Phase 7: Performance Checks

Django Debug Toolbar output (check for N+1 queries)

Run in dev mode with DEBUG=True and access a page

Look for duplicate queries in SQL panel

Query count analysis

django-admin debugsqlshell # If django-debug-sqlshell installed

Check for missing indexes

python manage.py shell << EOF

from django.db import connection

with connection.cursor() as cursor:

cursor.execute("SELECT table_name, index_name FROM information_schema.statistics WHERE table_schema = 'public'")

print(cursor.fetchall())

EOF


Report:

- Number of queries per page (should be < 50 for typical pages)

- Missing database indexes

- Duplicate queries detected

## Phase 8: Static Assets

Check for npm dependencies (if using npm)

npm audit

npm audit fix

Build static files (if using webpack/vite)

npm run build

Verify static files

ls -la staticfiles/

python manage.py findstatic css/style.css


## Phase 9: Configuration Review

Run in Python shell to verify settings

python manage.py shell << EOF

from django.conf import settings

import os

Critical checks

checks = {

'DEBUG is False': not settings.DEBUG,

'SECRET_KEY set': bool(settings.SECRET_KEY and len(settings.SECRET_KEY) > 30),

'ALLOWED_HOSTS set': len(settings.ALLOWED_HOSTS) > 0,

'HTTPS enabled': getattr(settings, 'SECURE_SSL_REDIRECT', False),

'HSTS enabled': getattr(settings, 'SECURE_HSTS_SECONDS', 0) > 0,

'Database configured': settings.DATABASES['default']['ENGINE'] != 'django.db.backends.sqlite3',

}

for check, result in checks.items():

status = '✓' if result else '✗'

print(f"{status} {check}")

EOF


## Phase 10: Logging Configuration

Test logging output

python manage.py shell << EOF

import logging

logger = logging.getLogger('django')

logger.warning('Test warning message')

logger.error('Test error message')

EOF

Check log files (if configured)

tail -f /var/log/django/django.log


## Phase 11: API Documentation (if DRF)

Generate schema

python manage.py generateschema --format openapi-json > schema.json

Validate schema

Check if schema.json is valid JSON

python -c "import json; json.load(open('schema.json'))"

Access Swagger UI (if using drf-yasg)

Visit http://localhost:8000/swagger/ in browser


## Phase 12: Diff Review

Show diff statistics

git diff --stat

Show actual changes

git diff

Show changed files

git diff --name-only

Check for common issues

git diff | grep -i "todo\|fixme\|hack\|xxx"

git diff | grep "print(" # Debug statements

git diff | grep "DEBUG = True" # Debug mode

git diff | grep "import pdb" # Debugger


Checklist:

- No debugging statements (print, pdb, breakpoint())

- No TODO/FIXME comments in critical code

- No hardcoded secrets or credentials

- Database migrations included for model changes

- Configuration changes documented

- Error handling present for external calls

- Transaction management where needed

## Output Template

DJANGO VERIFICATION REPORT

==========================

Phase 1: Environment Check

✓ Python 3.11.5

✓ Virtual environment active

✓ All environment variables set

Phase 2: Code Quality

✓ mypy: No type errors

✗ ruff: 3 issues found (auto-fixed)

✓ black: No formatting issues

✓ isort: Imports properly sorted

✓ manage.py check: No issues

Phase 3: Migrations

✓ No unapplied migrations

✓ No migration conflicts

✓ All models have migrations

Phase 4: Tests + Coverage

Tests: 247 passed, 0 failed, 5 skipped

Coverage:

Overall: 87%

users: 92%

products: 89%

orders: 85%

payments: 91%

Phase 5: Security Scan

✗ pip-audit: 2 vulnerabilities found (fix required)

✓ safety check: No issues

✓ bandit: No security issues

✓ No secrets detected

✓ DEBUG = False

Phase 6: Django Commands

✓ collectstatic completed

✓ Database integrity OK

✓ Cache backend reachable

Phase 7: Performance

✓ No N+1 queries detected

✓ Database indexes configured

✓ Query count acceptable

Phase 8: Static Assets

✓ npm audit: No vulnerabilities

✓ Assets built successfully

✓ Static files collected

Phase 9: Configuration

✓ DEBUG = False

✓ SECRET_KEY configured

✓ ALLOWED_HOSTS set

✓ HTTPS enabled

✓ HSTS enabled

✓ Database configured

Phase 10: Logging

✓ Logging configured

✓ Log files writable

Phase 11: API Documentation

✓ Schema generated

✓ Swagger UI accessible

Phase 12: Diff Review

Files changed: 12

+450, -120 lines

✓ No debug statements

✓ No hardcoded secrets

✓ Migrations included

RECOMMENDATION: WARNING: Fix pip-audit vulnerabilities before deploying

NEXT STEPS:

  1. Update vulnerable dependencies
  1. Re-run security scan
  1. Deploy to staging for final testing
    2. 
## Pre-Deployment Checklist

-  All tests passing

-  Coverage ≥ 80%

-  No security vulnerabilities

-  No unapplied migrations

-  DEBUG = False in production settings

-  SECRET_KEY properly configured

-  ALLOWED_HOSTS set correctly

-  Database backups enabled

-  Static files collected and served

-  Logging configured and working

-  Error monitoring (Sentry, etc.) configured

-  CDN configured (if applicable)

-  Redis/cache backend configured

-  Celery workers running (if applicable)

-  HTTPS/SSL configured

-  Environment variables documented

## Continuous Integration

### GitHub Actions Example

.github/workflows/django-verification.yml

name: Django Verification

on: [push, pull_request]

jobs:

verify:

runs-on: ubuntu-latest

services:

postgres:

image: postgres:14

env:

POSTGRES_PASSWORD: postgres

options: >-

--health-cmd pg_isready

--health-interval 10s

--health-timeout 5s

--health-retries 5

steps:

- uses: actions/checkout@v3

- name: Set up Python

uses: actions/setup-python@v4

with:

python-version: '3.11'

- name: Cache pip

uses: actions/cache@v3

with:

path: ~/.cache/pip

key: ${{ runner.os }}-pip-${{ hashFiles('**/requirements.txt') }}

- name: Install dependencies

run: |

pip install -r requirements.txt

pip install ruff black mypy pytest pytest-django pytest-cov bandit safety pip-audit

- name: Code quality checks

run: |

ruff check .

black . --check

isort . --check-only

mypy .

- name: Security scan

run: |

bandit -r . -f json -o bandit-report.json

safety check --full-report

pip-audit

- name: Run tests

env:

DATABASE_URL: postgres://postgres:postgres@localhost:5432/test

DJANGO_SECRET_KEY: test-secret-key

run: |

pytest --cov=apps --cov-report=xml --cov-report=term-missing

- name: Upload coverage

uses: codecov/codecov-action@v3

BrowserAct

Let your agent run on any real-world website

Bypass CAPTCHA & anti-bot for free. Start local, scale to cloud.

Explore BrowserAct Skills →

Related skills

find-skills
2/3

Discover and install specialized agent skills from the open ecosystem when users need extended capabilities. Helps identify relevant skills by domain and task when users ask "how do I do X" or "find a skill for X" Integrates with the Skills CLI ( npx skills find , npx skills add ) to search, verify, and install packages from the skills.sh directory Recommends skills based on install count, source reputation, and GitHub stars to ensure quality before suggesting installation Presents skill options with install commands and links to skills.sh for user review and one-click installation

Verified authorvercel-labs
SKILLS.SH
1.5M19.6K
2026-05-22
vercel-react-best-practices
3/3

React and Next.js performance optimization guide with 64 prioritized rules across 8 categories. Organized by impact level, from critical waterfalls and bundle optimization down to advanced patterns, each rule includes incorrect/correct code examples and explanations Covers eight domains: async patterns, bundle size, server-side caching, client-side data fetching, re-render optimization, rendering performance, JavaScript efficiency, and advanced patterns Designed for use during component writing, code review, refactoring, and performance audits on React and Next.js applications Each rule has a prefix code (e.g., async-parallel , bundle-barrel-imports ) for easy reference in automated tooling and documentation

Verified authorvercel-labs
SKILLS.SH
389K26.9K
2026-05-22
azure-validate
2/3

Pre-deployment validation for Azure infrastructure, configuration, and permissions before deployment. Requires .azure/plan.md from a prior azure-prepare run; stops immediately if the plan is missing Executes recipe-specific validation commands (azd provision, bicep build, terraform validate) and records proof in the plan document Performs build verification, configuration checks, and permission validation; blocks deployment if any check fails Only authorized method to set plan status to Validated ; must be followed by azure-deploy skill to execute the actual deployment

Verified authormicrosoft
SKILLS.SH
324K1.1K
2026-05-22
appinsights-instrumentation
3/3

Guidance and reference material for instrumenting webapps with Azure Application Insights. Covers SDK setup, telemetry patterns, and configuration for ASP.NET Core and Node.js applications hosted in Azure Distinguishes between this skill (reference and guidance) and azure-prepare (actual implementation); invoke azure-prepare when the user wants to add instrumentation to their project Provides auto-instrumentation guidance for C# ASP.NET Core apps in Azure App Service, plus manual instrumentation paths for creating App Insights resources via Bicep templates or Azure CLI Includes language-specific code modification guides for ASP.NET Core, Node.js, and Python, plus quick references for OpenTelemetry SDKs and exporters

Verified authormicrosoft
SKILLS.SH
324K1.1K
2026-05-22

Stop writing automation&scrapers

Install the CLI. Run your first Skill in 30 seconds. Scale when you're ready.

Start free
free · no credit card