Skip to content

Code patterns#

By default, Codacy uses a subset of the patterns that exist for each tool to analyze your repositories. These default patterns result from community feedback or existing coding standards.

However, you can create a coding standard adapted to your scenario by configuring the tool patterns that Codacy uses to analyze each repository:

  1. Open your repository Code patterns page and select the tool to configure:

    Configuring code patterns

  2. Enable or disable the patterns using the checkbox for each pattern.

    To see a detailed explanation about the issues that a pattern can detect and how to fix them, click Details on the top right-hand corner of the pattern. Some patterns also allow you to configure the rules:

    Code pattern details

  3. Optionally, manually reanalyze your repository to immediately take the changes into account. Otherwise, Codacy will use the new configuration when it analyzes a new commit or pull request.

Pattern filters#

To make it easier to find relevant patterns, you can use the sidebar to filter the patterns by language (only for tools that support multiple languages), category, or status:

Filtering code patterns

Tip

To enable all patterns inside a category, use the filter to list all patterns inside that category and click Enable all.

As an example, if you want to enable all Security patterns of a tool, instead of filtering and then enabling all the patterns one by one, you can add the filter and click Enable all.

Issues detected by Codacy belong to one of the following categories:

  • Code Style: Code formatting and syntax problems, such as variable names style and enforcing the use of brackets and quotation marks
  • Error Prone: Code that may hide bugs and language keywords that should be used with caution, such as the operator == in JavaScript or Option.get in Scala
  • Code Complexity: High complexity methods and classes that should be refactored
  • Performance: Code that can have performance problems
  • Compatibility: Mainly for frontend code, compatibility problems across different browser versions
  • Unused Code: Unused variables and methods, code that can't be reached
  • Security: All security problems
  • Documentation: Methods and classes that don't have the correct comment annotations

Importing pattern configurations from another repository#

Importing tool and pattern configurations from another repository can help you bootstrap and standardize the coding standard across your repositories.

For example, when adding a new repository on Codacy you can copy the tool and pattern configurations from an existing repository that's already configured, and then tweak and adapt the settings for your new repository.

Tip

You can also copy the tool and pattern configurations from one repository to multiple target repositories.

Important

Consider the following when using this feature:

  • Tool matching: Codacy only copies settings for tools that are available on both the source and target repositories, and overwrites the existing settings for these tools on the target repository.
  • Toggle status: Codacy copies the enabled or disabled status of the matching tools from the source to the target repository.
  • Configuration files: Codacy copies the UI configuration of all matching tools, even those set to use configuration files. However, the import doesn't include the configuration mode itself.

The following example illustrates the points above:

Source repository Target repository Target repository after import
Source repository Target repository Target repository after import

To import the tool and pattern configurations from another repository:

  1. Open your repository Code patterns and click Import patterns.

    Importing code patterns from another repository

  2. Follow the instructions to select the source repository and complete the import.

  3. Review and adjust your tool and pattern configurations if necessary.

Codacy will use the updated configurations on the next analysis.

Setting a default configuration for new repositories#

If you're adding multiple repositories to Codacy that should reuse the same pattern configuration for a tool, you can define that configuration as the default. Codacy automatically applies that default configuration to new repositories.

To apply the same pattern configuration to multiple repositories:

  1. Add the first repository and configure the patterns on that repository for the relevant tools.

  2. Expand the menu at the top of the pattern list and select Set default.

    This option sets the current pattern configuration of all tools as the default for your account.

    Setting a default pattern configuration

After defining the default pattern configuration for your account, the tools in the new repositories that you add will automatically use those pattern configurations.

Alternatively, you can also manually apply the default pattern configuration for your account to all tools by expanding the menu at the top of the pattern list and selecting Reset.

Using your own tool configuration files#

Codacy supports configuration files for several tools. To use a configuration file for your static analysis tool:

  1. Push the configuration file to the root of your main branch.

  2. Open your repository Code patterns page, select the tool that will use a configuration file, and click Configuration file:

    Using a configuration file

The table below lists the configuration file names that Codacy detects and supports for each tool:

Tool name Language Files detected Other info
Ameba Crystal .ameba.yml
Bandit Python bandit.yml, .bandit To solve flagged valid Python "assert" statements, create a bandit.yml in the root of the repository containing: skips: \['B101'\]
Brakeman Ruby config/brakeman.yml
Checkstyle Java checkstyle.xml Supports configuration file in directories other than root and can search up to 5 directories into the repository.
CodeNarc Groovy .codenarcrc
Credo Elixir .credo.exs, config/.credo.exs
CSSLint CSS .csslintrc
Detekt Kotlin default-detekt-config.yml, detekt.yml Supports configuration file in directories other than root and can search up to 5 directories into the repository.
ESLint JavaScript, Typescript .eslintrc.js, .eslintrc.cjs, .eslintrc.yaml, .eslintrc.yml, .eslintrc.json, .eslintrc, .prettierrc, .prettierrc.yaml, .prettierrc.yml, .prettierrc.json, prettier.config.js, .prettierrc.js Plugins in the UI
Other Plugins
Hadolint Dockerfile .hadolint.yaml
JSHint JavaScript .jshintrc
markdownlint Markdown .markdownlint.yaml, .markdownlint.jsonc, .markdownlint.json
PHP_CodeSniffer PHP phpcs.xml, phpcs.xml.dist
PHP Mess Detector PHP codesize.xml, phpmd.xml, phpmd.xml.dist
PMD Apex, Java, JavaScript, JSP, PL/SQL, XML, Velocity and Visualforce ruleset.xml, apex-ruleset.xml Supports configuration file in directories other than root and can search up to 5 directories into the repository.
Prospector Python .prospector.yml, .prospector.yaml, prospector.yml, prospector.yaml, .landscape.yml, .landscape.yaml, landscape.yml, landscape.yaml
Pylint Python pylintrc, .pylintrc Plugins
RemarkLint Markdown .remarkrc, .remarkrc.json, .remarkrc.yaml, .remarkrc.yml, .remarkrc.js
Revive Go revive.toml
Rubocop Ruby .rubocop.yml
Scalastyle Scala scalastyle-config.xml, scalastyle_config.xml
Sonar C# C# SonarLint.xml
Sonar VB Visual Basic SonarLint.xml
SpotBugs Java, Scala findbugs.xml, findbugs-includes.xml, findbugs-excludes.xml, spotbugs.xml, spotbugs-includes.xml, spotbugs-excludes.xml Supports configuration file in directories other than root and can search up to 5 directories into the repository.
Stylelint CSS, LESS, SASS .stylelintrc, stylelint.config.js, .stylelintrc.json, .stylelintrc.yaml, .stylelintrc.yml, .stylelintrc.js Supports configuration file in directories other than root and can search up to 5 directories into the repository.
SwiftLint Swift .swiftlint.yml
Tailor Swift .tailor.yml
TSLint TypeScript tslint.json
TSQLLint Transact-SQL .tsqllintrc

Note

Codacy doesn't support configuration files for the following tools:

  • Cppcheck
  • Clang-Tidy
  • deadcode
  • Checkov
  • Staticcheck
  • ShellCheck
  • SQLint
  • BundlerAudit
  • JacksonLinter
  • Codacy ScalaMeta Pro
  • Coffeelint
  • aligncheck
  • Flawfinder
  • PSScriptAnalyzer
  • Faux Pas
  • Gosec

For performance reasons, if you make changes to pattern settings using configuration files, Codacy may display outdated messages for issues that have already been identified by those patterns.

See also#

Feedback

Did this page help you?

Thank you for the feedback!

We're sorry to hear that. Please let us know what we can improve.

If you have a question, please ask our community or contact support@codacy.com.

Last modified August 3, 2021