AppMap Analysis is configured in a YAML document. It’s primary job is to specify which scanner rules will check the code. Each check specifies a rule id, and may include additional properties that customized and tune the behavior of the rule.
AppMap Analysis ships with a default configuration file located in node_modules/@appland/scanner/built/sampleConfig/default.yml
.
Without specifying the --config
command line option, AppMap will attempt to load appmap-scanner.yml
, the default configuration for analysis rules. If that file does not exist, AppMap will fail back to loading the configuration in the node_modules
path.
To use a non-default configuration, specify the path to the configuration file via the -c
or --config
option:
$ npx @appland/scanner \
--appmap-dir tmp/appmap \
--config appmap-scanner.yml \
ci
To use a custom configuration create a file named appmap-scanner.yml
in the root of your project directory, you can copy the default.yml in the AppMap source code as a starting point. Refer to the Rules Reference for additional configuration options per scanner rule.
checks:
- rule: authzBeforeAuthn
- rule: http500
- rule: illegalPackageDependency
properties:
callerPackages:
- equal: actionpack
calleePackage:
equal: app/controllers
- rule: insecureCompare
- rule: missingAuthentication
- rule: missingContentType
- rule: nPlusOneQuery
- rule: secretInLog
- rule: slowFunctionCall
properties:
timeAllowed: 0.2
functions:
- match: Controller#create$
- rule: slowHttpServerRequest
properties:
timeAllowed: 0.5
- rule: slowQuery
properties:
timeAllowed: 0.05
- rule: tooManyJoins
- rule: tooManyUpdates
- rule: unbatchedMaterializedQuery
- rule: updateInGetRequest
AppMap Analysis comes with a comprehensive set of rules that are categorized by their impact on applications: Performance
, Reliability
, Maintainability
, Stability
, and Security
.
Visit the rules reference for information on specific rules.