| title | sidebar_label | description | sidebar_position |
|---|---|---|---|
Supported Tools |
Supported Tools |
Overview of CodeRabbit's supported linters and security analysis tools. |
1 |
import ProPlanNotice from '@site/src/components/ProPlanNotice.mdx';
<ProPlanNotice />
CodeRabbit supports various linters and security analysis tools to improve the code review process. The output of these tools is used to enhance the feedback provided by CodeRabbit, making it possible to provide 1-click fixes for common issues.
You can enable or disable tools by setting reviews.tools.<tool>.enabled in your project's .coderabbit.yaml file or setting the "Review → Tools → Tool → Enabled" field in CodeRabbit's settings page.
CodeRabbit supports customizing the strictness of tools by setting reviews.profile in your project's .coderabbit.yaml file or setting the "Review → Profile" field in CodeRabbit's settings page. The following profiles are available:
Chill- Yields less feedback, that may be considered lenient.Assertive- Yields more feedback, that may be considered nit-picky.
Apart from the overall profile, you can also configure each tool by providing a path to a configuration file (specific to the tool) in your project. This would allow you to further customize the tool's behavior, by enabling/disabling specific rules, setting rule severity, etc.
When a tool is enabled, CodeRabbit will run it on your change request and attach the output under "Review details" comment in the change request. The output will be displayed in a structured format, with information on the file, line number, and the issue detected. For example:
Ruff
fib.py
21-21: f-string without any placeholders
Remove extraneous f prefix
(F541)
| Technology | Tools | Category |
|---|---|---|
| All | Gitleaks, Pipeline Remediation | Code Security, CI/CD |
| Azure DevOps Pipelines | Pipeline Remediation | CI/CD Failure Remediation |
| CircleCI | CircleCI, Pipeline Remediation | Configuration Validation, CI/CD Failure Remediation |
| CloudFormation | Checkov | Code Security |
| Cppcheck | Cppcheck | Code Quality |
| CSS | Biome | Code Quality |
| Docker | Hadolint, Checkov | Code Quality, Code Security |
| GitHub Actions | actionlint, Pipeline Remediation | Code Quality, CI/CD Failure Remediation |
| GitLab Pipelines | Pipeline Remediation | CI/CD Failure Remediation |
| Go | golangci-lint | Code Quality |
| Helm | Checkov | Code Security |
| Javascript | Biome | Code Quality |
| JSON, JSONC | Biome | Code Quality |
| JSX | Biome | Code Quality |
| Kotlin | detekt | Code Quality |
| Kubernetes | Checkov | Code Security |
| Markdown | markdownlint, LanguageTool | Code Quality, Grammar Checking |
| PHP | PHPStan | Code Quality |
| Plaintext | LanguageTool | Grammar and Spell Checking |
| Java | PMD | Code Quality |
| Protobuf | Buf | Code Quality |
| Python | Ruff | Code Quality |
| Regal | Regal | Code Quality |
| Ruby | RuboCop | Code Quality |
| Semgrep | Semgrep | Code Security |
| Shell (sh, bash, ksh, dash) | ShellCheck | Code Quality |
| SQL | SQLFluff | Code Quality |
| Swift | SwiftLint | Code Quality |
| Terraform | Checkov | Code Security |
| TSX | Biome | Code Quality |
| Typescript | Biome | Code Quality |
| YAML | YAMLlint | Code Quality |