Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.codeant.ai/llms.txt

Use this file to discover all available pages before exploring further.

CodeAnt AI automatically detects bugs and security issues by default. However, you can extend CodeAnt’s review capabilities by defining custom rules that enforce company-specific coding practices, naming conventions, and standards.

Setup

1. Create Review Rules File

Create a review.json file in the same .codeant folder in your repository root: 
your-repo/
├── .git/
├── .codeant/
│   ├── instructions.json
│   └── review.json
├── src/
└── package.json

2. Define Custom Rules

The review.json file allows you to specify additional rules that CodeAnt will enforce during every code review.

Configuration Format

{
    "rules": [
        {
            "id": "unique-rule-id",
            "description": "Clear description of what this rule enforces",
            "files": ["glob-pattern-1", "glob-pattern-2"],
            "scope": ["ide", "pr"]  // Optional, defaults to ["ide"]
        }
    ]
}

Rule Categories

Code Quality Rules

No Console Logs in Production: 
{
    "id": "avoid-console-logs",
    "description": "Never use console.logs in production code",
    "files": ["**/*.js", "**/*.ts", "**/*.jsx", "**/*.tsx"],
    "scope": ["ide", "pr"]
}
Function Complexity: 
{
    "id": "max-function-length",
    "description": "Functions should not exceed 50 lines of code",
    "files": ["src/**/*.js", "src/**/*.ts"]
}

Naming Convention Rules

Variable Naming: 
{
    "id": "snake-case-variables",
    "description": "All local variable names inside functions should be in snake_case",
    "files": ["**/*.py"]
}
Component Naming: 
{
    "id": "pascal-case-components",
    "description": "React components must use PascalCase naming",
    "files": ["src/components/**/*.jsx", "src/components/**/*.tsx"],
    "scope": ["pr"]
}

API and Architecture Rules

REST API Conventions: 
{
    "id": "rest-api-endpoint-naming",
    "description": "Ensure REST API endpoints are named correctly. Names should be in kebab-case and follow the pattern: `/{resource}/{action}`",
    "files": ["**/*.py", "routes/**/*.js"]
}

Security and Performance Rules

Password Validation: 
{
    "id": "strong-password-regex",
    "description": "Password validation must include uppercase, lowercase, numbers, and special characters",
    "files": ["src/auth/**/*.js", "**/validation/**/*.ts"],
    "scope": ["ide", "pr"]
}
Database Query Optimization: 
{
    "id": "avoid-n-plus-one",
    "description": "Database queries should use proper joins to avoid N+1 query problems",
    "files": ["src/models/**/*.js", "**/repositories/**/*.ts"]
}

Sample review.json

{
    "rules": [
        {
            "id": "avoid-console-logs",
            "description": "Never use console.logs in production code.",
            "files": ["**/*.js", "**/*.ts", "**/*.jsx", "**/*.tsx"],
            "scope": ["ide", "pr"]
        },
        {
            "id": "rest-api-endpoint-naming",
            "description": "Ensure REST API endpoints are named correctly. Names should be in kebab-case and follow the pattern: `/{resource}/{action}`.",
            "files": ["**/*.py"]
        },
        {
            "id": "snake-case-local-variable-names",
            "description": "All local variable names inside functions should be in snake_case.",
            "files": ["**/*.py"],
            "scope": ["ide"]
        },
        {
            "id": "no-hardcoded-secrets",
            "description": "API keys, passwords, and secrets should never be hardcoded. Use environment variables instead.",
            "files": ["**/*.js", "**/*.ts", "**/*.py"],
            "scope": ["pr"]
        },
        {
            "id": "component-prop-types",
            "description": "All React components must define PropTypes or TypeScript interfaces for props.",
            "files": ["src/components/**/*.jsx", "src/components/**/*.tsx"]
        }
    ]
}

How It Works

  1. Rule Enforcement: These custom rules are applied on top of CodeAnt’s default bug and security detection
  2. Review Integration: Custom rules are checked during both automatic (on commit) and manual reviews
  3. File Targeting: Rules only apply to files matching the specified glob patterns
  4. Scope Control: The optional scope parameter determines where rules are enforced - “ide” for IDE integration only, “pr” for pull request reviews only, or both. If not specified, defaults to [“ide”]
  5. Priority: Custom rules complement, not replace, CodeAnt’s built-in detection capabilities

Best Practices

  • Team Alignment: Ensure all team members agree on the custom rules before implementing
  • Clear Descriptions: Write detailed descriptions explaining the reasoning behind each rule
  • Gradual Implementation: Start with a few critical rules and expand over time
  • Regular Review: Periodically review and update rules as your codebase evolves
  • Documentation: Keep a separate document explaining your team’s coding standards
Once configured, CodeAnt will enforce these custom rules alongside its default bug and security detection during every code review.