AppMap Analysis is configured in a YAML document. It’s primary job is to specify which scanner rules will check the code. Each check specifies a rule id, and may include additional properties that customized and tune the behavior of the rule.
AppMap Analysis ships with a default configuration file located in
Without specifying the
--config command line option, the default configuration will automatically be loaded.
To use a non-default configuration, specify the path to the configuration file via the
$ npx @appland/scanner \ --appmap-dir tmp/appmap \ --config appmap-analysis-config.yml \ ci
checks: - rule: authzBeforeAuthn - rule: http500 - rule: illegalPackageDependency properties: callerPackages: - equal: actionpack calleePackage: equal: app/controllers - rule: insecureCompare - rule: missingAuthentication - rule: missingContentType - rule: nPlusOneQuery - rule: secretInLog - rule: slowFunctionCall properties: timeAllowed: 0.2 functions: - match: Controller#create$ - rule: slowHttpServerRequest properties: timeAllowed: 0.5 - rule: slowQuery properties: timeAllowed: 0.05 - rule: tooManyJoins - rule: tooManyUpdates - rule: unbatchedMaterializedQuery - rule: updateInGetRequest
AppMap Analysis comes with a comprehensive set of rules that are categorized by their impact on applications:
Visit the rules reference for information on specific rules.