CodeAnt AI automatically detects bugs and security issues by default. However, you can extend CodeAnt’s review capabilities by defining custom rules that enforce company-specific coding practices, naming conventions, and standards.
Setup
1. Create Review Rules File
Create a review.json
file in the same .codeant
folder in your repository root:
your-repo/
├── .git/
├── .codeant/
│ ├── instructions.json
│ └── review.json
├── src/
└── package.json
2. Define Custom Rules
The review.json
file allows you to specify additional rules that CodeAnt will enforce during every code review.
{
"rules": [
{
"id": "unique-rule-id",
"description": "Clear description of what this rule enforces",
"files": ["glob-pattern-1", "glob-pattern-2"]
}
]
}
Rule Categories
Code Quality Rules
No Console Logs in Production:
{
"id": "avoid-console-logs",
"description": "Never use console.logs in production code",
"files": ["**/*.js", "**/*.ts", "**/*.jsx", "**/*.tsx"]
}
Function Complexity:
{
"id": "max-function-length",
"description": "Functions should not exceed 50 lines of code",
"files": ["src/**/*.js", "src/**/*.ts"]
}
Naming Convention Rules
Variable Naming:
{
"id": "snake-case-variables",
"description": "All local variable names inside functions should be in snake_case",
"files": ["**/*.py"]
}
Component Naming:
{
"id": "pascal-case-components",
"description": "React components must use PascalCase naming",
"files": ["src/components/**/*.jsx", "src/components/**/*.tsx"]
}
API and Architecture Rules
REST API Conventions:
{
"id": "rest-api-endpoint-naming",
"description": "Ensure REST API endpoints are named correctly. Names should be in kebab-case and follow the pattern: `/{resource}/{action}`",
"files": ["**/*.py", "routes/**/*.js"]
}
Password Validation:
{
"id": "strong-password-regex",
"description": "Password validation must include uppercase, lowercase, numbers, and special characters",
"files": ["src/auth/**/*.js", "**/validation/**/*.ts"]
}
Database Query Optimization:
{
"id": "avoid-n-plus-one",
"description": "Database queries should use proper joins to avoid N+1 query problems",
"files": ["src/models/**/*.js", "**/repositories/**/*.ts"]
}
Sample review.json
{
"rules": [
{
"id": "avoid-console-logs",
"description": "Never use console.logs in production code.",
"files": ["**/*.js", "**/*.ts", "**/*.jsx", "**/*.tsx"]
},
{
"id": "rest-api-endpoint-naming",
"description": "Ensure REST API endpoints are named correctly. Names should be in kebab-case and follow the pattern: `/{resource}/{action}`.",
"files": ["**/*.py"]
},
{
"id": "snake-case-local-variable-names",
"description": "All local variable names inside functions should be in snake_case.",
"files": ["**/*.py"]
},
{
"id": "no-hardcoded-secrets",
"description": "API keys, passwords, and secrets should never be hardcoded. Use environment variables instead.",
"files": ["**/*.js", "**/*.ts", "**/*.py"]
},
{
"id": "component-prop-types",
"description": "All React components must define PropTypes or TypeScript interfaces for props.",
"files": ["src/components/**/*.jsx", "src/components/**/*.tsx"]
}
]
}
How It Works
- Rule Enforcement: These custom rules are applied on top of CodeAnt’s default bug and security detection
- Review Integration: Custom rules are checked during both automatic (on commit) and manual reviews
- File Targeting: Rules only apply to files matching the specified glob patterns
- Priority: Custom rules complement, not replace, CodeAnt’s built-in detection capabilities
Best Practices
- Team Alignment: Ensure all team members agree on the custom rules before implementing
- Clear Descriptions: Write detailed descriptions explaining the reasoning behind each rule
- Gradual Implementation: Start with a few critical rules and expand over time
- Regular Review: Periodically review and update rules as your codebase evolves
- Documentation: Keep a separate document explaining your team’s coding standards
Once configured, CodeAnt will enforce these custom rules alongside its default bug and security detection during every code review.