AppMap Analysis is configured in a YAML document. It’s primary job is to specify which scanner rules will check the code. Each check specifies a rule id, and may include additional properties that customized and tune the behavior of the rule.
AppMap Analysis ships with a default configuration file located in node_modules/@appland/scanner/built/sampleConfig/default.yml
.
Without specifying the --config
command line option, the default configuration will automatically be loaded.
To use a non-default configuration, specify the path to the configuration file via the -c
or --config
option:
$ npx @appland/scanner \
--appmap-dir tmp/appmap \
--config appmap-analysis-config.yml \
ci
checks:
- rule: authzBeforeAuthn
- rule: http500
- rule: illegalPackageDependency
properties:
callerPackages:
- equal: actionpack
calleePackage:
equal: app/controllers
- rule: insecureCompare
- rule: missingAuthentication
- rule: missingContentType
- rule: nPlusOneQuery
- rule: secretInLog
- rule: slowFunctionCall
properties:
timeAllowed: 0.2
functions:
- match: Controller#create$
- rule: slowHttpServerRequest
properties:
timeAllowed: 0.5
- rule: slowQuery
properties:
timeAllowed: 0.05
- rule: tooManyJoins
- rule: tooManyUpdates
- rule: unbatchedMaterializedQuery
- rule: updateInGetRequest
AppMap Analysis comes with a comprehensive set of rules that are categorized by their impact on applications: Performance
, Reliability
, Maintainability
, Stability
, and Security
.
Visit the rules reference for information on specific rules.