> ## Documentation Index > Fetch the complete documentation index at: https://docs.coderabbit.ai/llms.txt > Use this file to discover all available pages before exploring further. # Tools configuration reference > Complete reference for all CodeRabbit supported tools and their configuration options. This reference is generated automatically. **Last updated: June 2, 2026** CodeRabbit supports integration with **53 static analysis tools**, linters, and security scanners. You can configure each tool individually via the web interface or your `.coderabbit.yaml` file, see the [configuration overview](/guides/configuration-overview) for details. ## All tools actionlint is a static checker for GitHub Actions workflow files. * [Configuration guide](/tools/actionlint) * [actionlint web page](https://github.com/rhysd/actionlint) **Configuration options:** Enable actionlint | actionlint is a static checker for GitHub Actions workflow files. | v1.7.12 Defaults to `true`. **Example configuration:** ```yaml .coderabbit.yaml lines theme={null} reviews: tools: actionlint: enabled: true ``` Enable ast-grep | ast-grep is a code analysis tool that helps you to find patterns in your codebase using abstract syntax trees patterns. | v0.43.0 * [Configuration guide](/tools/ast-grep) * [ast-grep web page](https://ast-grep.github.io) **Configuration options:** List of rules directories. Defaults to \`\`. List of utils directories. Defaults to \`\`. Use ast-grep essentials package. Defaults to `true`. Predefined packages to be used. Defaults to \`\`. **Example configuration:** ```yaml .coderabbit.yaml lines theme={null} reviews: tools: ast-grep: rule_dirs: util_dirs: essential_rules: true packages: ``` Biome is a fast formatter, linter, and analyzer for web projects. * [Configuration guide](/tools/biome) * [Biome web page](https://biomejs.dev) **Configuration options:** Enable Biome | Biome is a fast formatter, linter, and analyzer for web projects. | Enable Biome integration. | v2.4.16 Defaults to `true`. **Example configuration:** ```yaml .coderabbit.yaml lines theme={null} reviews: tools: biome: enabled: true ``` Blinter is a linter for Windows batch files that provides comprehensive static analysis to identify syntax errors, security vulnerabilities, performance issues, and style problems. * [Configuration guide](/tools/blinter) * [Blinter web page](https://github.com/tboy1337/Blinter) **Configuration options:** Enable Blinter | Blinter is a linter for Windows batch files that provides comprehensive static analysis to identify syntax errors, security vulnerabilities, performance issues, and style problems. | v1.0.112 Defaults to `true`. **Example configuration:** ```yaml .coderabbit.yaml lines theme={null} reviews: tools: blinter: enabled: true ``` Brakeman is a static analysis security vulnerability scanner for Ruby on Rails applications. | v8.0.3 * [Configuration guide](/tools/brakeman) * [Brakeman web page](https://brakemanscanner.org) **Configuration options:** Enable Brakeman | Brakeman is a static analysis security vulnerability scanner for Ruby on Rails applications. | v8.0.3 Defaults to `true`. **Example configuration:** ```yaml .coderabbit.yaml lines theme={null} reviews: tools: brakeman: enabled: true ``` Buf offers linting for Protobuf files. * [Configuration guide](/tools/buf) * [Buf web page](https://buf.build) **Configuration options:** Enable Buf | Buf offers linting for Protobuf files. | v1.70.0 Defaults to `true`. **Example configuration:** ```yaml .coderabbit.yaml lines theme={null} reviews: tools: buf: enabled: true ``` checkmake is a linter for Makefiles. * [Configuration guide](/tools/checkmake) * [checkmake web page](https://github.com/mrtazz/checkmake) **Configuration options:** Enable checkmake | checkmake is a linter for Makefiles. | v0.3.2 Defaults to `true`. **Example configuration:** ```yaml .coderabbit.yaml lines theme={null} reviews: tools: checkmake: enabled: true ``` Checkov is a static code analysis tool for infrastructure-as-code files. * [Configuration guide](/tools/checkov) * [Checkov web page](https://www.checkov.io) **Configuration options:** Enable Checkov | Checkov is a static code analysis tool for infrastructure-as-code files. | v3.2.530 Defaults to `true`. **Example configuration:** ```yaml .coderabbit.yaml lines theme={null} reviews: tools: checkov: enabled: true ``` CircleCI tool is a static checker for CircleCI config files. * [Configuration guide](/tools/circleci) * [CircleCI web page](https://circleci.com) **Configuration options:** Enable CircleCI | CircleCI tool is a static checker for CircleCI config files. | v0.1.36202 Defaults to `true`. **Example configuration:** ```yaml .coderabbit.yaml lines theme={null} reviews: tools: circleci: enabled: true ``` Configuration for Clang to perform static analysis on C and C++ code * [Configuration guide](/tools/clang-tidy) * [Clang web page](https://clang.llvm.org/extra/clang-tidy) **Configuration options:** Enable Clang for C/C++ static analysis and code quality checks | v14.0.6 Defaults to `true`. **Example configuration:** ```yaml .coderabbit.yaml lines theme={null} reviews: tools: clang: enabled: true ``` Clippy is a collection of lints to catch common mistakes and improve your Rust code. * [Configuration guide](/tools/clippy) * [Clippy web page](https://github.com/rust-lang/rust-clippy) **Configuration options:** Enable Clippy | Clippy is a collection of lints to catch common mistakes and improve your Rust code. | Enable Clippy integration. Defaults to `true`. **Example configuration:** ```yaml .coderabbit.yaml lines theme={null} reviews: tools: clippy: enabled: true ``` Cppcheck is a static code analysis tool for the C and C++ programming languages. * [Configuration guide](/tools/cppcheck) * [Cppcheck web page](https://cppcheck.sourceforge.io) **Configuration options:** Enable Cppcheck | Cppcheck is a static code analysis tool for the C and C++ programming languages. | v2.20.0 Defaults to `true`. **Example configuration:** ```yaml .coderabbit.yaml lines theme={null} reviews: tools: cppcheck: enabled: true ``` Detekt is a static code analysis tool for Kotlin files. * [Configuration guide](/tools/detekt) * [detekt web page](https://detekt.dev) **Configuration options:** Enable detekt | detekt is a static code analysis tool for Kotlin files. | v1.23.8 Defaults to `true`. Optional path to the detekt configuration file relative to the repository. **Example configuration:** ```yaml .coderabbit.yaml lines theme={null} reviews: tools: detekt: enabled: true config_file: "detekt.yml" ``` dotenv-linter is a tool for checking and fixing .env files for problems and best practices * [Configuration guide](/tools/dotenv) * [Dotenv Lint web page](https://github.com/dotenv-linter/dotenv-linter) **Configuration options:** Enable dotenv-linter | dotenv-linter is a tool for checking and fixing .env files for problems and best practices | v4.0.0 Defaults to `true`. **Example configuration:** ```yaml .coderabbit.yaml lines theme={null} reviews: tools: dotenvLint: enabled: true ``` ember-template-lint is a linter for Handlebars template files that checks for common issues such as accessibility violations, deprecated patterns, and template anti-patterns. * [Configuration guide](/tools/ember-template-lint) * [Ember Template Lint web page](https://github.com/ember-template-lint/ember-template-lint) **Configuration options:** Enable ember-template-lint | ember-template-lint is a linter for Handlebars template files that checks for common issues such as accessibility violations, deprecated patterns, and template anti-patterns. | v7.9.3 Defaults to `true`. **Example configuration:** ```yaml .coderabbit.yaml lines theme={null} reviews: tools: emberTemplateLint: enabled: true ``` ESLint is a static code analysis tool for JavaScript files. * [Configuration guide](/tools/eslint) * [ESLint web page](https://eslint.org) **Configuration options:** Enable ESLint | ESLint is a static code analysis tool for JavaScript files. Defaults to `true`. **Example configuration:** ```yaml .coderabbit.yaml lines theme={null} reviews: tools: eslint: enabled: true ``` Configuration for Infer to find bugs in Java and C/C++ code **Configuration options:** Enable Infer for static bug analysis in Java and C/C++ code | v1.2.0 Defaults to `true`. Enable Java analysis | Disabled by default because Java analysis may require compiling more than the changed files. Defaults to `false`. **Example configuration:** ```yaml .coderabbit.yaml lines theme={null} reviews: tools: fbinfer: enabled: true ``` Flake8 is a Python linter that wraps PyFlakes, pycodestyle and Ned Batchelder's McCabe script. * [Configuration guide](/tools/flake8) * [Flake8 web page](https://flake8.pycqa.org) **Configuration options:** Enable Flake8 | Flake8 is a Python linter that wraps PyFlakes, pycodestyle and Ned Batchelder's McCabe script. | v7.3.0 Defaults to `true`. **Example configuration:** ```yaml .coderabbit.yaml lines theme={null} reviews: tools: flake8: enabled: true ``` Fortitude is a Fortran linter that checks for code quality and style issues. * [Configuration guide](/tools/fortitude) * [Fortitude web page](https://github.com/PlasmaFAIR/fortitude) **Configuration options:** Enable Fortitude | Fortitude is a Fortran linter that checks for code quality and style issues | v0.9.0 Defaults to `true`. **Example configuration:** ```yaml .coderabbit.yaml lines theme={null} reviews: tools: fortitudeLint: enabled: true ``` GitHub Checks integration configuration. * [Configuration guide](/tools/github-checks) **Configuration options:** Enable GitHub Checks \| Enable integration, defaults to true \| Enable GitHub Checks integration. Defaults to `true`. Time in milliseconds to wait for all GitHub Checks to conclude. Default 90 seconds, max 15 minutes (900000ms). Defaults to `90000`. **Example configuration:** ```yaml .coderabbit.yaml lines theme={null} reviews: tools: github-checks: enabled: true timeout_ms: 90000 ``` Betterleaks is a secret scanner (an improved version of Gitleaks). * [Configuration guide](/tools/betterleaks) * [Gitleaks web page](https://github.com/betterleaks/betterleaks) **Configuration options:** Enable Betterleaks | Betterleaks is a secret scanner (an improved version of Gitleaks). | Enable Betterleaks integration. | v1.3.1 Defaults to `true`. **Example configuration:** ```yaml .coderabbit.yaml lines theme={null} reviews: tools: gitleaks: enabled: true ``` golangci-lint is a fast linters runner for Go. * [Configuration guide](/tools/golangci-lint) * [golangci-lint web page](https://golangci-lint.run) **Configuration options:** Enable golangci-lint | golangci-lint is a fast linters runner for Go. | Enable golangci-lint integration. | v2.12.2 Defaults to `true`. Optional path to the golangci-lint configuration file relative to the repository. Useful when the configuration file is named differently than the default '.golangci.yml', '.golangci.yaml', '.golangci.toml', '.golangci.json'. **Example configuration:** ```yaml .coderabbit.yaml lines theme={null} reviews: tools: golangci-lint: enabled: true config_file: ".golangci.yml" ``` Hadolint is a Dockerfile linter. * [Configuration guide](/tools/hadolint) * [Hadolint web page](https://github.com/hadolint/hadolint) **Configuration options:** Enable Hadolint | Hadolint is a Dockerfile linter. | Enable Hadolint integration. | v2.14.0 Defaults to `true`. **Example configuration:** ```yaml .coderabbit.yaml lines theme={null} reviews: tools: hadolint: enabled: true ``` HTMLHint is a static code analysis tool for HTML files. * [Configuration guide](/tools/htmlhint) * [HTMLHint web page](https://htmlhint.com) **Configuration options:** Enable HTMLHint | HTMLHint is a static code analysis tool for HTML files. | Enable HTMLHint integration. | v1.9.2 Defaults to `true`. **Example configuration:** ```yaml .coderabbit.yaml lines theme={null} reviews: tools: htmlhint: enabled: true ``` LanguageTool is a style and grammar checker for 30+ languages. * [Configuration guide](/tools/languagetool) * [LanguageTool web page](https://languagetool.org) **Configuration options:** Enable LanguageTool | Enable LanguageTool integration. Defaults to `true`. IDs of rules to be enabled. The rule won't run unless 'level' is set to a level that activates the rule. Defaults to \`\`. IDs of rules to be disabled. Note: EN\_UNPAIRED\_BRACKETS, and EN\_UNPAIRED\_QUOTES are always disabled. Defaults to \`\`. IDs of categories to be enabled. Defaults to \`\`. IDs of categories to be disabled. Note: TYPOS, TYPOGRAPHY, and CASING are always disabled. Defaults to \`\`. Only the rules and categories whose IDs are specified with 'enabledRules' or 'enabledCategories' are enabled. Defaults to `false`. If set to 'picky', additional rules will be activated, i.e. rules that you might only find useful when checking formal text. One of: `default`, `picky` Defaults to `default`. **Example configuration:** ```yaml .coderabbit.yaml lines theme={null} reviews: tools: languagetool: enabled: true enabled_rules: disabled_rules: enabled_categories: disabled_categories: level: "default" ``` Configuration for Lua code linting to ensure code quality * [Configuration guide](/tools/luacheck) * [Luacheck web page](https://github.com/mpeterv/luacheck) **Configuration options:** Enable Lua code linting | Luacheck helps maintain consistent and error-free Lua code | v1.2.0 Defaults to `true`. **Example configuration:** ```yaml .coderabbit.yaml lines theme={null} reviews: tools: luacheck: enabled: true ``` markdownlint-cli2 is a static analysis tool to enforce standards and consistency for Markdown files. * [Configuration guide](/tools/markdownlint) * [markdownlint web page](https://github.com/DavidAnson/markdownlint) **Configuration options:** Enable markdownlint | markdownlint-cli2 is a static analysis tool to enforce standards and consistency for Markdown files. | Enable markdownlint integration. | v0.22.1 Defaults to `true`. **Example configuration:** ```yaml .coderabbit.yaml lines theme={null} reviews: tools: markdownlint: enabled: true ``` OpenGrep is a high-performance static code analysis engine, compatible with Semgrep configurations. * [Configuration guide](/tools/opengrep) * [OpenGrep web page](https://github.com/opengrep/opengrep) **Configuration options:** Enable OpenGrep | OpenGrep is a high-performance static code analysis engine for finding security vulnerabilities and bugs across 17+ languages. | v1.22.0 Defaults to `true`. **Example configuration:** ```yaml .coderabbit.yaml lines theme={null} reviews: tools: opengrep: enabled: true ``` OSV Scanner is a tool for vulnerability package scanning. * [Configuration guide](/tools/osv-scanner) * [OSV Scanner web page](https://google.github.io/osv-scanner) **Configuration options:** Enable OSV Scanner | OSV Scanner is a tool for vulnerability package scanning | v2.3.8 Defaults to `true`. **Example configuration:** ```yaml .coderabbit.yaml lines theme={null} reviews: tools: osvScanner: enabled: true ``` Oxlint is a JavaScript/TypeScript linter for OXC written in Rust. * [Configuration guide](/tools/oxlint) * [Oxlint web page](https://oxc.rs/docs/guide/usage/linter) **Configuration options:** Enable Oxlint | Oxlint is a JavaScript/TypeScript linter for OXC written in Rust. | v1.67.0 Defaults to `true`. **Example configuration:** ```yaml .coderabbit.yaml lines theme={null} reviews: tools: oxc: enabled: true ``` PHP CodeSniffer is a PHP linter and coding standard checker. * [Configuration guide](/tools/phpcs) * [PHP CodeSniffer web page](https://github.com/squizlabs/PHP_CodeSniffer) **Configuration options:** Enable PHP CodeSniffer | PHP CodeSniffer is a PHP linter and coding standard checker. | v3.7.2 Defaults to `true`. **Example configuration:** ```yaml .coderabbit.yaml lines theme={null} reviews: tools: phpcs: enabled: true ``` PHPMD is a tool to find potential problems in PHP code. * [Configuration guide](/tools/phpmd) * [PHPMD web page](https://phpmd.org) **Configuration options:** Enable PHPMD | PHPMD is a tool to find potential problems in PHP code. | v2.15.0 Defaults to `true`. **Example configuration:** ```yaml .coderabbit.yaml lines theme={null} reviews: tools: phpmd: enabled: true ``` PHPStan is a tool to analyze PHP code. * [Configuration guide](/tools/phpstan) * [PHPStan web page](https://phpstan.org) **Configuration options:** Enable PHPStan | PHPStan requires [config file](https://phpstan.org/config-reference#config-file) in your repository root. Please ensure that this file contains the `paths:` parameter. | v2.2.1 Defaults to `true`. Level | Specify the [rule level](https://phpstan.org/user-guide/rule-levels) to run. When set to `default`, the level is determined by the review profile: `chill` uses level 3 (real bugs only — return/property type mismatches, array offset errors) and `assertive` uses level 8 (adds dead code detection, argument type checking, null safety, and typehint checks). This setting is ignored if your configuration file already has a `level:` parameter. One of: `0`, `1`, `2`, `3`, `4`, `5`, `6`, `7`, `8`, `9`, `default`, `max` Defaults to `default`. **Example configuration:** ```yaml .coderabbit.yaml lines theme={null} reviews: tools: phpstan: enabled: true level: "default" ``` PMD is an extensible multilanguage static code analyzer. It’s mainly concerned with Java. * [Configuration guide](/tools/pmd) * [PMD web page](https://pmd.github.io) **Configuration options:** Enable PMD | PMD is an extensible multilanguage static code analyzer. It’s mainly concerned with Java. | v7.25.0 Defaults to `true`. Optional path to the PMD configuration file relative to the repository. **Example configuration:** ```yaml .coderabbit.yaml lines theme={null} reviews: tools: pmd: enabled: true config_file: "ruleset.xml" ``` Microsoft Presidio Analyzer 2.2.362 detects sensitive identifiers (including payment cards, US SSN, cryptocurrency wallets, and phone numbers) in changed files. Tune entities, thresholds, and languages in repository Presidio configuration (for example .presidiocli or AnalyzerEngineProvider YAML); the built-in scan uses fixed defaults and is skipped when that configuration is present. * [Configuration guide](/tools/presidio) * [Presidio web page](https://microsoft.github.io/presidio) **Configuration options:** Enable Microsoft Presidio Analyzer for high-signal PII in changed files | v2.2.362 Defaults to `false`. Configuration for Prisma Schema linting to ensure schema file quality * [Configuration guide](/tools/prisma-lint) * [Prisma Lint web page](https://github.com/loop-payments/prisma-lint) **Configuration options:** Enable Prisma Schema linting | Prisma Schema linting helps maintain consistent and error-free schema files | v0.13.1 Defaults to `true`. **Example configuration:** ```yaml .coderabbit.yaml lines theme={null} reviews: tools: prismaLint: enabled: true ``` PSScriptAnalyzer is a static code checker for PowerShell scripts and modules. * [Configuration guide](/tools/psscriptanalyzer) * [PSScriptAnalyzer web page](https://github.com/PowerShell/PSScriptAnalyzer) **Configuration options:** Enable PSScriptAnalyzer | PSScriptAnalyzer is a static code checker for PowerShell scripts and modules. | v1.25.0 Defaults to `true`. **Example configuration:** ```yaml .coderabbit.yaml lines theme={null} reviews: tools: psscriptanalyzer: enabled: true ``` Pylint is a Python static code analysis tool. * [Configuration guide](/tools/pylint) * [Pylint web page](https://pylint.pycqa.org) **Configuration options:** Enable Pylint | Pylint is a Python static code analysis tool. | v4.0.5 Defaults to `true`. **Example configuration:** ```yaml .coderabbit.yaml lines theme={null} reviews: tools: pylint: enabled: true ``` Regal is a linter and language server for Rego. * [Configuration guide](/tools/regal) * [Regal web page](https://www.openpolicyagent.org/projects/regal) **Configuration options:** Enable Regal | Regal is a linter and language server for Rego. | v0.40.0 Defaults to `true`. **Example configuration:** ```yaml .coderabbit.yaml lines theme={null} reviews: tools: regal: enabled: true ``` RuboCop is a Ruby static code analyzer (a.k.a. linter ) and code formatter. * [Configuration guide](/tools/rubocop) * [RuboCop web page](https://rubocop.org) **Configuration options:** Enable RuboCop | RuboCop is a Ruby static code analyzer (a.k.a. linter ) and code formatter. | v1.87.0 Defaults to `true`. **Example configuration:** ```yaml .coderabbit.yaml lines theme={null} reviews: tools: rubocop: enabled: true ``` Ruff is a Python linter and code formatter. * [Configuration guide](/tools/ruff) * [Ruff web page](https://docs.astral.sh/ruff) **Configuration options:** Enable Ruff | Ruff is a Python linter and code formatter. | Enable Ruff integration. | v0.15.15 Defaults to `true`. **Example configuration:** ```yaml .coderabbit.yaml lines theme={null} reviews: tools: ruff: enabled: true ``` Semgrep is a static analysis tool designed to scan code for security vulnerabilities and code quality issues. * [Configuration guide](/tools/semgrep) * [Semgrep web page](https://semgrep.dev) **Configuration options:** Enable Semgrep | Semgrep is a static analysis tool designed to scan code for security vulnerabilities and code quality issues. | Enable Semgrep integration. | v1.164.0 Defaults to `true`. Optional path to the Semgrep configuration file relative to the repository. **Example configuration:** ```yaml .coderabbit.yaml lines theme={null} reviews: tools: semgrep: enabled: true config_file: ".semgrep.yml" ``` ShellCheck is a static analysis tool that finds bugs in your shell scripts. * [Configuration guide](/tools/shellcheck) * [ShellCheck web page](https://www.shellcheck.net) **Configuration options:** Enable ShellCheck | ShellCheck is a static analysis tool that finds bugs in your shell. | Enable ShellCheck integration. | v0.11.0 Defaults to `true`. **Example configuration:** ```yaml .coderabbit.yaml lines theme={null} reviews: tools: shellcheck: enabled: true ``` Configuration for Shopify Theme Check to ensure theme quality and best practices * [Configuration guide](/tools/shopify-cli) * [Shopify Theme Check web page](https://shopify.dev/docs/themes/tools/theme-check) **Configuration options:** Enable Shopify Theme Check | A linter for Shopify themes that helps you follow Shopify theme & Liquid best practices | cli 3.90.0 | theme 3.58.2 Defaults to `true`. **Example configuration:** ```yaml .coderabbit.yaml lines theme={null} reviews: tools: shopifyThemeCheck: enabled: true ``` smarty-lint is a linter for Smarty 3 template files that checks for common issues such as incorrect operator usage, naming conventions, empty blocks, and unquoted strings. * [Configuration guide](/tools/smarty-lint) * [Smarty Lint web page](https://github.com/modix/smarty-lint) **Configuration options:** Enable smarty-lint | smarty-lint is a linter for Smarty 3 template files that checks for common issues such as incorrect operator usage, naming conventions, empty blocks, and unquoted strings. | v0.3.3 Defaults to `true`. **Example configuration:** ```yaml .coderabbit.yaml lines theme={null} reviews: tools: smartyLint: enabled: true ``` SQLFluff is an open source, dialect-flexible and configurable SQL linter. * [Configuration guide](/tools/sqlfluff) * [SQLFluff web page](https://sqlfluff.com) **Configuration options:** Enable SQLFluff | SQLFluff is an open source, dialect-flexible and configurable SQL linter. | v4.2.1 Defaults to `true`. Optional path to the SQLFluff configuration file relative to the repository. Use this when the config file is not named one of SQLFluff's default filenames. **Example configuration:** ```yaml .coderabbit.yaml lines theme={null} reviews: tools: sqlfluff: enabled: true config_file: "custom/.sqlfluff" ``` Stylelint is a linter for stylesheets (CSS, SCSS, Sass, Less, SugarSS, Stylus) that helps avoid errors and enforce conventions. * [Configuration guide](/tools/stylelint) * [Stylelint web page](https://stylelint.io) **Configuration options:** Enable Stylelint | Stylelint is a linter for stylesheets (CSS, SCSS, Sass, Less, SugarSS, Stylus) that helps avoid errors and enforce conventions. | Enable Stylelint integration. | v17.12.0 Defaults to `true`. **Example configuration:** ```yaml .coderabbit.yaml lines theme={null} reviews: tools: stylelint: enabled: true ``` SwiftLint integration configuration object. * [Configuration guide](/tools/swiftlint) * [SwiftLint web page](https://realm.github.io/SwiftLint) **Configuration options:** Enable SwiftLint | SwiftLint is a Swift linter. | Enable SwiftLint integration. | v0.63.3 Defaults to `true`. Optional path to the SwiftLint configuration file relative to the repository. This is useful when the configuration file is named differently than the default '.swiftlint.yml' or '.swiftlint.yaml'. **Example configuration:** ```yaml .coderabbit.yaml lines theme={null} reviews: tools: swiftlint: enabled: true config_file: ".swiftlint.yml" ``` TFLint is a Terraform linter for finding potential errors and enforcing best practices. * [Configuration guide](/tools/tflint) * [TFLint web page](https://github.com/terraform-linters/tflint) **Configuration options:** Enable TFLint | TFLint is a Terraform linter for finding potential errors. | v0.62.1 Defaults to `true`. **Example configuration:** ```yaml .coderabbit.yaml lines theme={null} reviews: tools: tflint: enabled: true ``` Trivy is a comprehensive security scanner that detects misconfigurations and secrets in Infrastructure as Code files * [Configuration guide](/tools/trivy) * [Trivy web page](https://trivy.dev) **Configuration options:** Enable Trivy for security scanning of IaC files (Terraform, Kubernetes, Docker, etc.) | v0.69.3 Defaults to `true`. **Example configuration:** ```yaml .coderabbit.yaml lines theme={null} reviews: tools: trivy: enabled: true ``` TruffleHog is a secret scanner with verification capabilities that can detect and verify secrets in code. * [Configuration guide](/tools/trufflehog) * [TruffleHog web page](https://github.com/trufflesecurity/trufflehog) **Configuration options:** Enable TruffleHog | TruffleHog is a secret scanner with verification capabilities. | Enable TruffleHog integration. | v3.95.3 Defaults to `true`. **Example configuration:** ```yaml .coderabbit.yaml lines theme={null} reviews: tools: trufflehog: enabled: true ``` YAMLlint is a linter for YAML files. * [Configuration guide](/tools/yamllint) * [YAMLlint web page](https://yamllint.readthedocs.io) **Configuration options:** Enable YAMLlint | YAMLlint is a linter for YAML files. | Enable YAMLlint integration. | v1.38.0 Defaults to `true`. **Example configuration:** ```yaml .coderabbit.yaml lines theme={null} reviews: tools: yamllint: enabled: true ``` zizmor is a static security analyzer for GitHub Actions workflow files. * [Configuration guide](/tools/zizmor) * [zizmor web page](https://docs.zizmor.sh) **Configuration options:** Enable zizmor | zizmor is a static security analyzer for GitHub Actions workflow files. | v1.25.2 Defaults to `true`. **Example configuration:** ```yaml .coderabbit.yaml lines theme={null} reviews: tools: zizmor: enabled: true ``` ## What's next View the complete reference for all CodeRabbit configuration options and settings. Learn how to control and customize code reviews using @coderabbitai commands.