How to use Kody Rules

You can use Kody Rules in two ways:

Create Custom Rules

Define rules based on your team’s exact needs. Kody Rules can be applied at two different levels:

File-Level Rules

Analyze individual files to catch issues within specific code files. Available Context:
  • File diff: The specific changes made to the individual file being analyzed
How to Configure:
  • Rule name: Clearly define the rule purpose
  • File Paths: Limit rules to specific files or directories using glob patterns
  • Severity: Set to Critical, High, Medium, or Low
  • Detailed Instructions: Clearly state what’s expected and why
Configuration Example: 📋 Rule: “Avoid equality operators (==, !=) in loop termination conditions.” 📁 Path: src/**/*.ts ⚠️ Severity: Critical 📝 Instructions: “Using equality operators (== or !=) can cause infinite loops if exact values aren’t matched.” ❌ Bad Example:
// Risk of infinite loop if increment is not exactly 1
for (let i = 0; i != 10; i += 2) {
  console.log(i); // Will print 0, 2, 4, 6, 8, 10, 12, 14... forever
}

// Risk if array is modified during iteration
let items = [1, 2, 3, 4, 5];
for (let i = 0; i != items.length; i++) {
  if (items[i] === 3) {
    items.push(6); // Modifies length, can cause infinite loop
  }
}
✅ Good Example:
// Safe: loop will always terminate
for (let i = 0; i < 10; i += 2) {
  console.log(i); // Will print 0, 2, 4, 6, 8 and stop
}

// Safe even if array is modified
let items = [1, 2, 3, 4, 5];
for (let i = 0; i < items.length; i++) {
  if (items[i] === 3) {
    items.push(6); // Loop will still terminate safely
  }
}

Pull Request-Level Rules

Analyze the entire Pull Request for cross-file validation and PR-specific requirements. Available Context:
  • PR diff: Complete diff of all changes across the entire Pull Request
  • PR title: The title of the Pull Request
  • PR description: The description/body of the Pull Request
  • PR statistics: Comprehensive metrics including total additions, deletions, files changed, and total lines modified
How to Configure: The creation process is identical to file-level rules, but you must select the “Pull-request” scope. This broader context enables analysis of cross-file dependencies and overall PR quality. Examples:
  • Every service file must have a corresponding test file
  • PR description must be complete, clearly stating what was added or removed
  • When a new route is created in a controller, it must be registered in routes.json

Import from Rules Library

Leverage proven best practices instantly:
  • Navigate to Discovery Rules in your Kodus dashboard.
  • Filter rules by severity, language, or tags.
  • Import and activate rules with a single click.
Examples:
  • Security: “Disallow use of insecure MD5 hashing.”
  • Maintainability: “Limit React components to less than 150 lines.”

Next Steps