|
| 1 | +# Configuration version for compatibility with the tool |
| 2 | +config_version = "0" |
| 3 | + |
| 4 | +# Glob patterns to exclude from analysis (e.g., build artifacts and dependencies) |
| 5 | +exclude_patterns = [ |
| 6 | + "**/node_modules/**", # Ignore node_modules directories |
| 7 | + "**/dist/**", # Ignore distribution/build output |
| 8 | + "**/coverage/**" # Ignore code coverage output |
| 9 | +] |
| 10 | + |
| 11 | +# Glob patterns to identify test files |
| 12 | +test_patterns = [ |
| 13 | + "**/*.test.ts" # Match TypeScript test files |
| 14 | +] |
| 15 | + |
| 16 | +# === Smells Configuration === |
| 17 | +# Controls how detected code smells are reported |
| 18 | +[smells] |
| 19 | +mode = "comment" # Adds comments in code or PRs to report smells |
| 20 | + |
| 21 | +# === Source Configuration === |
| 22 | +# Defines a code source for analysis |
| 23 | +[[source]] |
| 24 | +name = "default" # Name of the source |
| 25 | +default = true # Marks this as the default source to scan |
| 26 | + |
| 27 | +# === Individual Code Smell Toggles === |
| 28 | +# Enables or disables detection of specific code smells |
| 29 | + |
| 30 | +[smells.boolean_logic] |
| 31 | +enabled = true # Detects overly complex or nested boolean logic |
| 32 | + |
| 33 | +[smells.similar_code] |
| 34 | +enabled = true # Detects similar (but not identical) code blocks |
| 35 | + |
| 36 | +[smells.duplication] |
| 37 | +enabled = true # Detects duplication of code blocks |
| 38 | + |
| 39 | +[smells.identical_code] |
| 40 | +enabled = true # Detects exact duplicate code blocks |
| 41 | + |
| 42 | +[smells.function_parameters] |
| 43 | +enabled = false # Flags functions with too many parameters |
| 44 | + |
| 45 | +[smells.nested_control_flow] |
| 46 | +enabled = false # Would flag deeply nested control flow (e.g., many if/else) |
| 47 | + |
| 48 | +[smells.file_complexity] |
| 49 | +enabled = false # Would flag files with high overall complexity |
| 50 | + |
| 51 | +[smells.function_complexity] |
| 52 | +enabled = false # Would flag individual functions that are too complex |
| 53 | + |
| 54 | +[smells.return_statements] |
| 55 | +enabled = false # Would flag functions with multiple return paths |
| 56 | + |
| 57 | +# === Plugins Section === |
| 58 | +# Each plugin performs a specific type of analysis or linting |
| 59 | + |
| 60 | +[[plugin]] |
| 61 | +name = "actionlint" # Validates GitHub Actions workflows |
| 62 | + |
| 63 | +[[plugin]] |
| 64 | +name = "osv-scanner" # Scans for known vulnerabilities using OSV database |
| 65 | + |
| 66 | +[[plugin]] |
| 67 | +name = "ripgrep" # Fast searching for pattern matching in codebase |
| 68 | + |
| 69 | +[[plugin]] |
| 70 | +name = "trivy" # Scans for vulnerabilities in containers and dependencies |
| 71 | + |
| 72 | +[[plugin]] |
| 73 | +name = "trufflehog" # Detects secrets and sensitive data in code |
| 74 | + |
| 75 | +[[plugin]] |
| 76 | +name = "yamllint" # Lints YAML files for syntax and style |
| 77 | +enabled = false |
| 78 | + |
| 79 | +[[plugin]] |
| 80 | +name = "markdownlint" # Lints Markdown files |
| 81 | +enabled = false |
| 82 | + |
| 83 | +[[plugin]] |
| 84 | +name = "prettier" # Ensures consistent code formatting |
| 85 | +enabled = false |
| 86 | + |
| 87 | +[[plugin]] |
| 88 | +name = "checkov" # Performs security and compliance checks on IaC files |
| 89 | +enabled = false |
0 commit comments