Documentation Index
Fetch the complete documentation index at: https://mintlify.com/DevDonzo/warden/llms.txt
Use this file to discover all available pages before exploring further.
The validate command runs Warden’s complete suite of pre-flight checks without performing a scan. It inspects your Node.js environment, required environment variables, system tool availability, the current Git repository, and your project manifest — then reports any blocking errors or non-critical warnings. Use it to confirm your environment is ready before running warden scan or committing a CI workflow.
Run warden validate immediately after installing Warden to confirm everything is configured correctly. It is also useful after rotating tokens, switching machines, or cloning a repository for the first time.
Synopsis
warden validate [options]
Flags
| Flag | Short | Description |
|---|
--verbose | -v | Enable verbose logging. Prints additional debug output alongside standard validation messages. |
What it checks
validate runs four independent validation groups and combines their results into a single pass/fail decision.
1. Environment variables
| Variable | Level | Reason |
|---|
GITHUB_TOKEN | Error | Required for Warden to create pull requests via the GitHub API. |
SNYK_TOKEN | Warning | Not set — Snyk may require authentication for some features. |
GITHUB_OWNER | Warning | Not set — Warden will attempt to detect the owner from the Git remote. |
GITHUB_REPO | Warning | Not set — Warden will attempt to detect the repo name from the Git remote. |
.env file is reported as a warning; Warden falls back to system environment variables.
2. System dependencies
| Tool | Level | Notes |
|---|
git | Error | Must be installed and on PATH. Required for branch management and PR creation. |
node | Error | Must be available on PATH. |
npm | Warning | Not strictly required but strongly recommended. |
python3 | Warning | Required only for Python project scanning. |
pip-audit | Warning | Required for Python dependency scanning. Install with python3 -m pip install pip-audit. |
snyk | Warning | Optional. If missing, Warden falls back to npm audit. Install with npm install -g snyk. |
gh (GitHub CLI) | Warning | Optional. Some convenience features may not be available without it. |
3. Git repository
Warden checks that the current working directory (or the path you are targeting) is a valid Git repository:
- A
.git directory must exist.
- If no remotes are configured, a warning is issued — PR creation may fail.
- Uncommitted changes produce a warning indicating they will not be included in automated fixes.
4. Project manifest
Warden detects your project type and validates the appropriate manifest:
| Project type | Manifest | Checks |
|---|
| Node.js | package.json | Must be valid JSON. Warns if no dependencies/devDependencies or no test script. |
| Python | requirements.txt or pyproject.toml | requirements.txt must not be empty. Warns if no tests/ directory. If only pyproject.toml is present, warns that auto-remediation currently requires requirements.txt. |
| Unknown | — | Error — no supported manifest found. |
Exit codes
| Code | Meaning |
|---|
0 | All validations passed. Environment is ready for Warden. |
1 | One or more validation errors were found. Review the output and fix the reported issues. |
Example output
Passing run
🔍 Validation Check
✓ All validations passed!
✓ Environment is ready for Warden!
--verbose, passing checks are also printed individually as debug lines before the summary.
Failing run
🔍 Validation Check
✗ Validation failed with the following errors:
✗ GITHUB_TOKEN is required for creating pull requests
✗ Not a git repository: /Users/you/my-project
⚠ Validation warnings:
⚠ .env file not found. Using system environment variables.
⚠ Snyk CLI is not installed. Install with: npm install -g snyk
⚠ Fallback to npm audit will be used if Snyk is unavailable.
✗ Environment validation failed. Please fix the errors above.
✗) is a blocking issue. Each warning (⚠) is informational and does not prevent a scan from running, though it may limit functionality.
Relationship to warden scan
By default, warden scan runs the same validation checks automatically before starting a scan. If validation fails, the scan is aborted. You can bypass this behaviour with warden scan --skip-validation, but it is not recommended for production use.
Running warden validate separately is useful when you want to diagnose environment issues without triggering a full scan, or when you want to validate a target path before passing it to warden scan:
# Validate the current directory
warden validate
# Validate with verbose output
warden validate --verbose
# Then scan once validated
warden scan --scanner npm-audit --severity high
Warnings do not cause validate to exit with a non-zero code, but they may indicate missing functionality. For example, if SNYK_TOKEN is not set and you later run warden scan --scanner snyk, the scan may fail to authenticate with the Snyk API.