Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.coderabbit.ai/llms.txt

Use this file to discover all available pages before exploring further.

This reference is automatically generated from the CodeRabbit tools schema. Last updated: 2026-05-05
CodeRabbit supports integration with 51 static analysis tools, linters, and security scanners. Each tool can be configured individually within your .coderabbit.yaml file.

All tools

Browse all supported tools

Configuration guide

Learn configuration basics

​
Example configuration

.coderabbit.yaml
# yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json
reviews:
  tools:
    eslint:
      enabled: true
    gitleaks:
      enabled: true

​
All tools

actionlint is a static checker for GitHub Actions workflow files.Configuration options:
​
enabled
boolean
Enable actionlint | actionlint is a static checker for GitHub Actions workflow files. | v1.7.12Defaults to true.
Example configuration:
reviews:
  tools:
    actionlint:
      enabled: true
Enable ast-grep | ast-grep is a code analysis tool that helps you to find patterns in your codebase using abstract syntax trees patterns. | v0.42.1Configuration options:
​
rule_dirs
array of string
List of rules directories.Defaults to “.
​
util_dirs
array of string
List of utils directories.Defaults to “.
​
essential_rules
boolean
Use ast-grep essentials package.Defaults to true.
​
packages
array of string
Predefined packages to be used.Defaults to “.
Example configuration:
reviews:
  tools:
    ast-grep:
      enabled: true
Biome is a fast formatter, linter, and analyzer for web projects.Configuration options:
​
enabled
boolean
Enable Biome | Biome is a fast formatter, linter, and analyzer for web projects. | Enable Biome integration. | v2.4.14Defaults to true.
Example configuration:
reviews:
  tools:
    biome:
      enabled: true
Blinter is a linter for Windows batch files that provides comprehensive static analysis to identify syntax errors, security vulnerabilities, performance issues, and style problems.Configuration options:
​
enabled
boolean
Enable Blinter | Blinter is a linter for Windows batch files that provides comprehensive static analysis to identify syntax errors, security vulnerabilities, performance issues, and style problems. | v1.0.112Defaults to true.
Example configuration:
reviews:
  tools:
    blinter:
      enabled: true
Brakeman is a static analysis security vulnerability scanner for Ruby on Rails applications. | v8.0.3Configuration options:
​
enabled
boolean
Enable Brakeman | Brakeman is a static analysis security vulnerability scanner for Ruby on Rails applications. | v8.0.3Defaults to true.
Example configuration:
reviews:
  tools:
    brakeman:
      enabled: true
Buf offers linting for Protobuf files.Configuration options:
​
enabled
boolean
Enable Buf | Buf offers linting for Protobuf files. | v1.69.0Defaults to true.
Example configuration:
reviews:
  tools:
    buf:
      enabled: true
checkmake is a linter for Makefiles.Configuration options:
​
enabled
boolean
Enable checkmake | checkmake is a linter for Makefiles. | v0.3.2Defaults to true.
Example configuration:
reviews:
  tools:
    checkmake:
      enabled: true
Checkov is a static code analysis tool for infrastructure-as-code files.Configuration options:
​
enabled
boolean
Enable Checkov | Checkov is a static code analysis tool for infrastructure-as-code files. | v3.2.526Defaults to true.
Example configuration:
reviews:
  tools:
    checkov:
      enabled: true
CircleCI tool is a static checker for CircleCI config files.Configuration options:
​
enabled
boolean
Enable CircleCI | CircleCI tool is a static checker for CircleCI config files. | v0.1.36202Defaults to true.
Example configuration:
reviews:
  tools:
    circleci:
      enabled: true
Configuration for Clang to perform static analysis on C and C++ codeConfiguration options:
​
enabled
boolean
Enable Clang for C/C++ static analysis and code quality checks | v14.0.6Defaults to true.
Example configuration:
reviews:
  tools:
    clang:
      enabled: true
Clippy is a collection of lints to catch common mistakes and improve your Rust code.Configuration options:
​
enabled
boolean
Enable Clippy | Clippy is a collection of lints to catch common mistakes and improve your Rust code. | Enable Clippy integration.Defaults to true.
Example configuration:
reviews:
  tools:
    clippy:
      enabled: true
Cppcheck is a static code analysis tool for the C and C++ programming languages.Configuration options:
​
enabled
boolean
Enable Cppcheck | Cppcheck is a static code analysis tool for the C and C++ programming languages. | v2.20.0Defaults to true.
Example configuration:
reviews:
  tools:
    cppcheck:
      enabled: true
Detekt is a static code analysis tool for Kotlin files.Configuration options:
​
enabled
boolean
Enable detekt | detekt is a static code analysis tool for Kotlin files. | v1.23.8Defaults to true.
​
config_file
string
Optional path to the detekt configuration file relative to the repository.
Example configuration:
reviews:
  tools:
    detekt:
      enabled: true
      config_file: "detekt.yml"
dotenv-linter is a tool for checking and fixing .env files for problems and best practicesConfiguration options:
​
enabled
boolean
Enable dotenv-linter | dotenv-linter is a tool for checking and fixing .env files for problems and best practices | v4.0.0Defaults to true.
Example configuration:
reviews:
  tools:
    dotenvLint:
      enabled: true
ember-template-lint is a linter for Handlebars template files that checks for common issues such as accessibility violations, deprecated patterns, and template anti-patterns.Configuration options:
​
enabled
boolean
Enable ember-template-lint | ember-template-lint is a linter for Handlebars template files that checks for common issues such as accessibility violations, deprecated patterns, and template anti-patterns. | v7.9.3Defaults to true.
Example configuration:
reviews:
  tools:
    emberTemplateLint:
      enabled: true
ESLint is a static code analysis tool for JavaScript files.Configuration options:
​
enabled
boolean
Enable ESLint | ESLint is a static code analysis tool for JavaScript files.Defaults to true.
Example configuration:
reviews:
  tools:
    eslint:
      enabled: true
Flake8 is a Python linter that wraps PyFlakes, pycodestyle and Ned Batchelder’s McCabe script.Configuration options:
​
enabled
boolean
Enable Flake8 | Flake8 is a Python linter that wraps PyFlakes, pycodestyle and Ned Batchelder’s McCabe script. | v7.3.0Defaults to true.
Example configuration:
reviews:
  tools:
    flake8:
      enabled: true
Fortitude is a Fortran linter that checks for code quality and style issues.Configuration options:
​
enabled
boolean
Enable Fortitude | Fortitude is a Fortran linter that checks for code quality and style issues | v0.8.0Defaults to true.
Example configuration:
reviews:
  tools:
    fortitudeLint:
      enabled: true
GitHub Checks integration configuration.Configuration options:
​
enabled
boolean
Enable GitHub Checks | Enable integration, defaults to true | Enable GitHub Checks integration.Defaults to true.
​
timeout_ms
number
Time in milliseconds to wait for all GitHub Checks to conclude. Default 90 seconds, max 15 minutes (900000ms).Defaults to 90000.
Example configuration:
reviews:
  tools:
    github-checks:
      enabled: true
Betterleaks is a secret scanner (an improved version of Gitleaks).Configuration options:
​
enabled
boolean
Enable Betterleaks | Betterleaks is a secret scanner (an improved version of Gitleaks). | Enable Betterleaks integration. | v1.1.2Defaults to true.
Example configuration:
reviews:
  tools:
    gitleaks:
      enabled: true
golangci-lint is a fast linters runner for Go.Configuration options:
​
enabled
boolean
Enable golangci-lint | golangci-lint is a fast linters runner for Go. | Enable golangci-lint integration. | v2.12.1Defaults to true.
​
config_file
string
Optional path to the golangci-lint configuration file relative to the repository. Useful when the configuration file is named differently than the default ‘.golangci.yml’, ‘.golangci.yaml’, ‘.golangci.toml’, ‘.golangci.json’.
Example configuration:
reviews:
  tools:
    golangci-lint:
      enabled: true
      config_file: ".golangci.yml"
Hadolint is a Dockerfile linter.Configuration options:
​
enabled
boolean
Enable Hadolint | Hadolint is a Dockerfile linter. | Enable Hadolint integration. | v2.14.0Defaults to true.
Example configuration:
reviews:
  tools:
    hadolint:
      enabled: true
HTMLHint is a static code analysis tool for HTML files.Configuration options:
​
enabled
boolean
Enable HTMLHint | HTMLHint is a static code analysis tool for HTML files. | Enable HTMLHint integration. | v1.9.2Defaults to true.
Example configuration:
reviews:
  tools:
    htmlhint:
      enabled: true
LanguageTool is a style and grammar checker for 30+ languages.Configuration options:
​
enabled
boolean
Enable LanguageTool | Enable LanguageTool integration.Defaults to true.
​
enabled_rules
array of string
IDs of rules to be enabled. The rule won’t run unless ‘level’ is set to a level that activates the rule.Defaults to “.
​
disabled_rules
array of string
IDs of rules to be disabled. Note: EN_UNPAIRED_BRACKETS, and EN_UNPAIRED_QUOTES are always disabled.Defaults to “.
​
enabled_categories
array of string
IDs of categories to be enabled.Defaults to “.
​
disabled_categories
array of string
IDs of categories to be disabled. Note: TYPOS, TYPOGRAPHY, and CASING are always disabled.Defaults to “.
​
enabled_only
boolean
Only the rules and categories whose IDs are specified with ‘enabledRules’ or ‘enabledCategories’ are enabled.Defaults to false.
​
level
enum
If set to ‘picky’, additional rules will be activated, i.e. rules that you might only find useful when checking formal text.One of: default, pickyDefaults to default.
Example configuration:
reviews:
  tools:
    languagetool:
      enabled: true
      level: "default"
Configuration for Lua code linting to ensure code qualityConfiguration options:
​
enabled
boolean
Enable Lua code linting | Luacheck helps maintain consistent and error-free Lua code | v1.2.0Defaults to true.
Example configuration:
reviews:
  tools:
    luacheck:
      enabled: true
markdownlint-cli2 is a static analysis tool to enforce standards and consistency for Markdown files.Configuration options:
​
enabled
boolean
Enable markdownlint | markdownlint-cli2 is a static analysis tool to enforce standards and consistency for Markdown files. | Enable markdownlint integration. | v0.22.1Defaults to true.
Example configuration:
reviews:
  tools:
    markdownlint:
      enabled: true
OpenGrep is a high-performance static code analysis engine, compatible with Semgrep configurations.Configuration options:
​
enabled
boolean
Enable OpenGrep | OpenGrep is a high-performance static code analysis engine for finding security vulnerabilities and bugs across 17+ languages. | v1.20.0Defaults to true.
Example configuration:
reviews:
  tools:
    opengrep:
      enabled: true
OSV Scanner is a tool for vulnerability package scanning.Configuration options:
​
enabled
boolean
Enable OSV Scanner | OSV Scanner is a tool for vulnerability package scanning | v2.3.6Defaults to true.
Example configuration:
reviews:
  tools:
    osvScanner:
      enabled: true
Oxlint is a JavaScript/TypeScript linter for OXC written in Rust.Configuration options:
​
enabled
boolean
Enable Oxlint | Oxlint is a JavaScript/TypeScript linter for OXC written in Rust. | v1.62.0Defaults to true.
Example configuration:
reviews:
  tools:
    oxc:
      enabled: true
PHP CodeSniffer is a PHP linter and coding standard checker.Configuration options:
​
enabled
boolean
Enable PHP CodeSniffer | PHP CodeSniffer is a PHP linter and coding standard checker. | v3.7.2Defaults to true.
Example configuration:
reviews:
  tools:
    phpcs:
      enabled: true
PHPMD is a tool to find potential problems in PHP code.Configuration options:
​
enabled
boolean
Enable PHPMD | PHPMD is a tool to find potential problems in PHP code. | v2.15.0Defaults to true.
Example configuration:
reviews:
  tools:
    phpmd:
      enabled: true
PHPStan is a tool to analyze PHP code.Configuration options:
​
enabled
boolean
Enable PHPStan | PHPStan requires config file in your repository root. Please ensure that this file contains the paths: parameter. | v2.1.54Defaults to true.
​
level
enum
Level | Specify the rule level to run. When set to default, the level is determined by the review profile: chill uses level 3 (real bugs only — return/property type mismatches, array offset errors) and assertive uses level 8 (adds dead code detection, argument type checking, null safety, and typehint checks). This setting is ignored if your configuration file already has a level: parameter.One of: default, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, maxDefaults to default.
Example configuration:
reviews:
  tools:
    phpstan:
      enabled: true
      level: "default"
PMD is an extensible multilanguage static code analyzer. It’s mainly concerned with Java.Configuration options:
​
enabled
boolean
Enable PMD | PMD is an extensible multilanguage static code analyzer. It’s mainly concerned with Java. | v7.24.0Defaults to true.
​
config_file
string
Optional path to the PMD configuration file relative to the repository.
Example configuration:
reviews:
  tools:
    pmd:
      enabled: true
      config_file: "ruleset.xml"
Microsoft Presidio Analyzer 2.2.362 detects sensitive identifiers (including payment cards, US SSN, cryptocurrency wallets, and phone numbers) in changed files. Tune entities, thresholds, and languages in repository Presidio configuration (for example .presidiocli or AnalyzerEngineProvider YAML); the built-in scan uses fixed defaults and is skipped when that configuration is present.Configuration options:
​
enabled
boolean
Enable Microsoft Presidio Analyzer for high-signal PII in changed files | v2.2.362Defaults to true.
Example configuration:
reviews:
  tools:
    presidio:
      enabled: true
Configuration for Prisma Schema linting to ensure schema file qualityConfiguration options:
​
enabled
boolean
Enable Prisma Schema linting | Prisma Schema linting helps maintain consistent and error-free schema files | v0.13.1Defaults to true.
Example configuration:
reviews:
  tools:
    prismaLint:
      enabled: true
PSScriptAnalyzer is a static code checker for PowerShell scripts and modules.Configuration options:
​
enabled
boolean
Enable PSScriptAnalyzer | PSScriptAnalyzer is a static code checker for PowerShell scripts and modules. | v1.25.0Defaults to true.
Example configuration:
reviews:
  tools:
    psscriptanalyzer:
      enabled: true
Pylint is a Python static code analysis tool.Configuration options:
​
enabled
boolean
Enable Pylint | Pylint is a Python static code analysis tool. | v4.0.5Defaults to true.
Example configuration:
reviews:
  tools:
    pylint:
      enabled: true
Regal is a linter and language server for Rego.Configuration options:
​
enabled
boolean
Enable Regal | Regal is a linter and language server for Rego. | v0.40.0Defaults to true.
Example configuration:
reviews:
  tools:
    regal:
      enabled: true
RuboCop is a Ruby static code analyzer (a.k.a. linter ) and code formatter.Configuration options:
​
enabled
boolean
Enable RuboCop | RuboCop is a Ruby static code analyzer (a.k.a. linter ) and code formatter. | v1.86.1Defaults to true.
Example configuration:
reviews:
  tools:
    rubocop:
      enabled: true
Ruff is a Python linter and code formatter.Configuration options:
​
enabled
boolean
Enable Ruff | Ruff is a Python linter and code formatter. | Enable Ruff integration. | v0.15.12Defaults to true.
Example configuration:
reviews:
  tools:
    ruff:
      enabled: true
Semgrep is a static analysis tool designed to scan code for security vulnerabilities and code quality issues.Configuration options:
​
enabled
boolean
Enable Semgrep | Semgrep is a static analysis tool designed to scan code for security vulnerabilities and code quality issues. | Enable Semgrep integration. | v1.161.0Defaults to true.
​
config_file
string
Optional path to the Semgrep configuration file relative to the repository.
Example configuration:
reviews:
  tools:
    semgrep:
      enabled: true
      config_file: ".semgrep.yml"
ShellCheck is a static analysis tool that finds bugs in your shell scripts.Configuration options:
​
enabled
boolean
Enable ShellCheck | ShellCheck is a static analysis tool that finds bugs in your shell. | Enable ShellCheck integration. | v0.11.0Defaults to true.
Example configuration:
reviews:
  tools:
    shellcheck:
      enabled: true
Configuration for Shopify Theme Check to ensure theme quality and best practicesConfiguration options:
​
enabled
boolean
Enable Shopify Theme Check | A linter for Shopify themes that helps you follow Shopify theme & Liquid best practices | cli 3.90.0 | theme 3.58.2Defaults to true.
Example configuration:
reviews:
  tools:
    shopifyThemeCheck:
      enabled: true
smarty-lint is a linter for Smarty 3 template files that checks for common issues such as incorrect operator usage, naming conventions, empty blocks, and unquoted strings.Configuration options:
​
enabled
boolean
Enable smarty-lint | smarty-lint is a linter for Smarty 3 template files that checks for common issues such as incorrect operator usage, naming conventions, empty blocks, and unquoted strings. | v0.3.3Defaults to true.
Example configuration:
reviews:
  tools:
    smartyLint:
      enabled: true
SQLFluff is an open source, dialect-flexible and configurable SQL linter.Configuration options:
​
enabled
boolean
Enable SQLFluff | SQLFluff is an open source, dialect-flexible and configurable SQL linter. | v4.1.0Defaults to true.
​
config_file
string
Optional path to the SQLFluff configuration file relative to the repository. Use this when the config file is not named one of SQLFluff’s default filenames.
Example configuration:
reviews:
  tools:
    sqlfluff:
      enabled: true
      config_file: "custom/.sqlfluff"
Stylelint is a linter for stylesheets (CSS, SCSS, Sass, Less, SugarSS, Stylus) that helps avoid errors and enforce conventions.Configuration options:
​
enabled
boolean
Enable Stylelint | Stylelint is a linter for stylesheets (CSS, SCSS, Sass, Less, SugarSS, Stylus) that helps avoid errors and enforce conventions. | Enable Stylelint integration. | v17.10.0Defaults to true.
Example configuration:
reviews:
  tools:
    stylelint:
      enabled: true
SwiftLint integration configuration object.Configuration options:
​
enabled
boolean
Enable SwiftLint | SwiftLint is a Swift linter. | Enable SwiftLint integration. | v0.63.2Defaults to true.
​
config_file
string
Optional path to the SwiftLint configuration file relative to the repository. This is useful when the configuration file is named differently than the default ‘.swiftlint.yml’ or ‘.swiftlint.yaml’.
Example configuration:
reviews:
  tools:
    swiftlint:
      enabled: true
      config_file: ".swiftlint.yml"
TFLint is a Terraform linter for finding potential errors and enforcing best practices.Configuration options:
​
enabled
boolean
Enable TFLint | TFLint is a Terraform linter for finding potential errors. | v0.62.0Defaults to true.
Example configuration:
reviews:
  tools:
    tflint:
      enabled: true
Trivy is a comprehensive security scanner that detects misconfigurations and secrets in Infrastructure as Code filesConfiguration options:
​
enabled
boolean
Enable Trivy for security scanning of IaC files (Terraform, Kubernetes, Docker, etc.) | v0.69.3Defaults to true.
Example configuration:
reviews:
  tools:
    trivy:
      enabled: true
TruffleHog is a secret scanner with verification capabilities that can detect and verify secrets in code.Configuration options:
​
enabled
boolean
Enable TruffleHog | TruffleHog is a secret scanner with verification capabilities. | Enable TruffleHog integration. | v3.95.2Defaults to true.
Example configuration:
reviews:
  tools:
    trufflehog:
      enabled: true
YAMLlint is a linter for YAML files.Configuration options:
​
enabled
boolean
Enable YAMLlint | YAMLlint is a linter for YAML files. | Enable YAMLlint integration. | v1.38.0Defaults to true.
Example configuration:
reviews:
  tools:
    yamllint:
      enabled: true

Configuration reference

Complete configuration guide

Review commands

Control reviews with commands