Bootwright

Stop vibe coding. Start shipping.

The foundations are laid. You're the architect. AI builds.

The Problem

Sound familiar?

A week configuring Google & Apple auth before the first user can log in
Three days wiring DynamoDB to GraphQL, still debugging why real-time updates don't propagate
Rebuilding cache invalidation and optimistic delete logic for each screen because nothing is shared
No single billing system that works across web, iOS, and Android without three separate integrations
A user loses credits because a backend job failed and there's no automatic refund path
.env files on the repo because proper secret management was going to take another week
Push notifications broken in production because an APNs certificate expired at 2am
No Mac in the team but the iOS app needs to go to the App Store
Users landing on the wrong screen because cold start dropped the deep link
Calling an AI API once per item in real time, paying full rate, with no recovery when one fails midway
An async AI workflow failing silently at step 4: spinner on screen, error in CloudWatch, quota consumed

The Solution

Auth, payments, AI orchestration, push notifications, observability — solved. Clone. Configure your keys. Deploy. Code what matters.

Why Bootwright

AI-native

Bootwright ships a permission-check hook: every permission request is evaluated by Claude itself. Safe operations are auto-approved; dangerous ones (force push to main, rm -rf, credential exposure) are blocked with a reason. You leave. Claude works. CLAUDE.md gives Claude full project context from the first prompt: architecture, conventions, constraints, type rules. Four quality gate agents run automatically after every change — test creation, code review, security scan, lint — and Claude reviews every pull request in CI.

$0 if 0 users

AWS, PostHog, RevenueCat — all pay-as-you-go. AWS Free Tier: 1M auth requests/month, 25GB storage, Lambda free. No fixed costs. If the launch goes nowhere, you spent $0. If it takes off, costs scale with revenue, not with infrastructure choices made before you had a single user.

Opinionated

Every choice is made: framework, cloud, payments, AI providers. Fork and build. Zero analysis paralysis. Infrastructure choices that survive refactoring: CDK logical ID stabilization on every Lambda, IAM role, and log group means renaming a construct doesn't recreate the AWS resource in production.

Web + Mobile

One monorepo, one deploy pipeline. Next.js for web, Expo for iOS & Android. Shared business logic and types between web and mobile.

Production-grade backend

Not application-level try/catch. Structural guarantees.

Workflow engine with structural error chain

createStep / createMapStep / createMergeStep — each Lambda with 3× retry and FormatError catch. RefundQuota fires before WorkflowFailed. Refund is guaranteed before the job is marked failed.

Lambda factory — 3 runtimes

TypeScript, Python, and Rust on ARM64 Graviton. Pick the right tool: fast cold starts in TS, data science in Python, CPU-intensive work in Rust.

DLQ everywhere

Every async path has a Dead Letter Queue with a CloudWatch alarm. No silent failures. Failed messages surface immediately.

Dual-mode AI processing

Real-time single workflow for instant results. Vertex AI Batch (~50% cheaper) via SQS WAIT_FOR_TASK_TOKEN for cost-sensitive bulk jobs.

Observability from day 1

X-Ray tracing, CloudWatch alarms, SNS email alerts, Sentry for error tracking, PostHog and Mixpanel — wired up and ready.

Bedrock inference profiles

Cost attribution per feature. Every Bedrock call is tagged — no black-box AWS bills. Know exactly what each workflow step costs.

Stack

Frontend

•Web: Next.js 16 + Tailwind CSS + shadcn/ui
•Mobile: Expo (React Native), iOS & Android from a single codebase
•State: Zustand + TanStack Query
•Tooling: Biome (lint/format) + Vitest

Backend & Infra

•Cloud: AWS Amplify + CDK (Infrastructure as Code)
•Orchestration: Step Functions (parallel branches, generic merge)
•Lambdas: TypeScript, Python, Rust — ARM64/Graviton
•Database: DynamoDB
•Storage: S3

Authentication

•AWS Cognito
•Google & Apple Sign-in

Payments

•RevenueCat (iOS, Android, Web)
•Credits + subscriptions
•Trial management

AI

•AWS Bedrock (Claude, Nova…)
•Google Vertex AI (Gemini, Nano Banana…)
•OpenAI-compatible providers (Kimi, DeepSeek, Groq, Qwen…)
•Claude Code: describe a feature, AI codes it with the right patterns. Tests, review, lint run automatically.

Analytics

•PostHog
•Mixpanel
•Sentry (error tracking)

Tooling

•Biome (lint & format)
•Vitest (unit tests)
•TypeScript strict mode

Observability

•X-Ray tracing
•CloudWatch alarms
•SNS email alerts
•Sentry (error tracking)
•DLQ alarms

State & Data

•Zustand
•TanStack Query
•AppSync subscriptions
•DynamoDB

What's Included

Every feature to ship your SaaS, not just a stack to configure.

Authentication

Passwordless email OTP. Google and Apple OAuth on web and mobile. Unified sign-in/sign-up flow. Legal pages (Privacy Policy, ToS, Data Deletion) ready for App Store submission.

Data & Storage

GraphQL API with real-time subscriptions. Owner-based access control. S3 with identity-based permissions and lifecycle rules. TTL auto-deletion, Point-in-Time Recovery, deletion protection.

AI Orchestration

Multi-LLM Step Functions workflows (sequential + parallel branches). Bedrock + Vertex AI + any OpenAI-compatible provider. Workload Identity Federation: zero API keys in code. Dual-mode: real-time or batch (~50% cheaper).

Payments & Quotas

RevenueCat across iOS, Android, Web. Subscriptions and consumable credits. Automatic quota refund on processing failure. Configurable per plan in config.json.

Push Notifications

DynamoDB Streams → SQS FIFO → Lambda. Automatic receipt verification. Invalid token cleanup. Works on iOS and Android from a single implementation.

Developer Experience

CLAUDE.md with full project context. Permission-check hook for unattended autonomous sessions. 4 automated quality gate agents (test, review, security, lint). Claude PR review in CI. Auto-generated Conventional Commits.

Observability

Structured logging, X-Ray tracing, CloudWatch alarms, SNS email alerts, Sentry (crashes + session replay), PostHog or Mixpanel. All wired on day 1.

See it in action: PhotoCV

PhotoCV is the included demo app. It shows the full stack in action: upload, multi-model AI orchestration, push notifications, quotas, and billing. Fork it or replace it with your business logic.

How it works

1User uploads 1-3 photos + picks a style + writes free notes

2AWS Rekognition validates face presence and quality

3Claude Haiku analyzes and generates the optimal prompt (~$0.001)

4Google Gemini generates the professional HD photo

5A Rust worker creates the thumbnail

6User receives a push notification when it's ready

Complete auth (email + Google + Apple)
S3 upload with progress bar
Multi-LLM orchestration via Step Functions (Claude → Gemini → Rust)
Push notifications (Expo)
Quotas & credits system
Real-time updates (AppSync subscriptions)
i18n: 5 languages
Dark mode
Web + Mobile from the same monorepo

Explore PhotoCV

How Bootwright compares

	Bootwright	Other solutions
$0 at start	AWS Free Tier, fully pay-as-you-go. No fixed costs.	Hosting costs from day one
AWS Serverless	Serverless, scalable, affordable. Fast start with Amplify.	Locked to Vercel / Supabase / Firebase
Extensible infrastructure (CDK)	Full AWS power: SageMaker, dedicated infra, GPU… anything is possible.	Limited to provider's offerings
Multi-provider	Vertex/Google, OpenAI-compatible providers, other DBs. Connect wherever you want.	Locked into one ecosystem
Native Mobile	Expo React Native — iOS & Android	Web only
Claude Code integrated	permission-check hook + CLAUDE.md + agents + quality pipeline. No other SaaS boilerplate does this.	No AI dev integration

Early Access

Pricing

$349

One-time purchase. Full source code. Lifetime updates.

Complete monorepo (Next.js + Expo)
AWS CDK infrastructure
PhotoCV demo app source code
CLAUDE.md + AI agent configuration
GitHub