> ## Documentation Index
> Fetch the complete documentation index at: https://docs.codeant.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Custom Review Rules

> Extend CodeAnt AI with custom review rules for company-specific practices

CodeAnt AI automatically detects bugs and security issues by default. However, you can extend CodeAnt's review capabilities by defining custom rules that enforce company-specific coding practices, naming conventions, and standards.

## Setup

### 1. **Create Review Rules File**

Create a `review.json` file in the same `.codeant` folder in your repository root:

```
your-repo/
├── .git/
├── .codeant/
│   ├── instructions.json
│   └── review.json
├── src/
└── package.json
```

### 2. **Define Custom Rules**

The `review.json` file allows you to specify additional rules that CodeAnt will enforce during every code review.

## Configuration Format

```json theme={null}
{
    "rules": [
        {
            "id": "unique-rule-id",
            "description": "Clear description of what this rule enforces",
            "files": ["glob-pattern-1", "glob-pattern-2"],
            "scope": ["ide", "pr"]  // Optional, defaults to ["ide"]
        }
    ]
}
```

## Rule Categories

### **Code Quality Rules**

**No Console Logs in Production:**

```json theme={null}
{
    "id": "avoid-console-logs",
    "description": "Never use console.logs in production code",
    "files": ["**/*.js", "**/*.ts", "**/*.jsx", "**/*.tsx"],
    "scope": ["ide", "pr"]
}
```

**Function Complexity:**

```json theme={null}
{
    "id": "max-function-length",
    "description": "Functions should not exceed 50 lines of code",
    "files": ["src/**/*.js", "src/**/*.ts"]
}
```

### **Naming Convention Rules**

**Variable Naming:**

```json theme={null}
{
    "id": "snake-case-variables",
    "description": "All local variable names inside functions should be in snake_case",
    "files": ["**/*.py"]
}
```

**Component Naming:**

```json theme={null}
{
    "id": "pascal-case-components",
    "description": "React components must use PascalCase naming",
    "files": ["src/components/**/*.jsx", "src/components/**/*.tsx"],
    "scope": ["pr"]
}
```

### **API and Architecture Rules**

**REST API Conventions:**

```json theme={null}
{
    "id": "rest-api-endpoint-naming",
    "description": "Ensure REST API endpoints are named correctly. Names should be in kebab-case and follow the pattern: `/{resource}/{action}`",
    "files": ["**/*.py", "routes/**/*.js"]
}
```

### **Security and Performance Rules**

**Password Validation:**

```json theme={null}
{
    "id": "strong-password-regex",
    "description": "Password validation must include uppercase, lowercase, numbers, and special characters",
    "files": ["src/auth/**/*.js", "**/validation/**/*.ts"],
    "scope": ["ide", "pr"]
}
```

**Database Query Optimization:**

```json theme={null}
{
    "id": "avoid-n-plus-one",
    "description": "Database queries should use proper joins to avoid N+1 query problems",
    "files": ["src/models/**/*.js", "**/repositories/**/*.ts"]
}
```

## Sample review\.json

```json theme={null}
{
    "rules": [
        {
            "id": "avoid-console-logs",
            "description": "Never use console.logs in production code.",
            "files": ["**/*.js", "**/*.ts", "**/*.jsx", "**/*.tsx"],
            "scope": ["ide", "pr"]
        },
        {
            "id": "rest-api-endpoint-naming",
            "description": "Ensure REST API endpoints are named correctly. Names should be in kebab-case and follow the pattern: `/{resource}/{action}`.",
            "files": ["**/*.py"]
        },
        {
            "id": "snake-case-local-variable-names",
            "description": "All local variable names inside functions should be in snake_case.",
            "files": ["**/*.py"],
            "scope": ["ide"]
        },
        {
            "id": "no-hardcoded-secrets",
            "description": "API keys, passwords, and secrets should never be hardcoded. Use environment variables instead.",
            "files": ["**/*.js", "**/*.ts", "**/*.py"],
            "scope": ["pr"]
        },
        {
            "id": "component-prop-types",
            "description": "All React components must define PropTypes or TypeScript interfaces for props.",
            "files": ["src/components/**/*.jsx", "src/components/**/*.tsx"]
        }
    ]
}
```

## How It Works

1. **Rule Enforcement**: These custom rules are applied on top of CodeAnt's default bug and security detection
2. **Review Integration**: Custom rules are checked during both automatic (on commit) and manual reviews
3. **File Targeting**: Rules only apply to files matching the specified glob patterns
4. **Scope Control**: The optional `scope` parameter determines where rules are enforced - "ide" for IDE integration only, "pr" for pull request reviews only, or both. If not specified, defaults to \["ide"]
5. **Priority**: Custom rules complement, not replace, CodeAnt's built-in detection capabilities

## Best Practices

* **Team Alignment**: Ensure all team members agree on the custom rules before implementing
* **Clear Descriptions**: Write detailed descriptions explaining the reasoning behind each rule
* **Gradual Implementation**: Start with a few critical rules and expand over time
* **Regular Review**: Periodically review and update rules as your codebase evolves
* **Documentation**: Keep a separate document explaining your team's coding standards

Once configured, CodeAnt will enforce these custom rules alongside its default bug and security detection during every code review.