> ## Documentation Index
> Fetch the complete documentation index at: https://docs.qlty.sh/llms.txt
> Use this file to discover all available pages before exploring further.

# Analysis Configuration

Qlty's static analysis is highly configurable to maximize the relevancy of your results. Project configuration is through a `qlty.toml` file which is committed into your Git repository as `.qlty/qlty.toml`.

<Note>
  If your repository does not have a `.qlty/qlty.toml` file, Qlty Cloud will automatically
  generate a basic configuration before analysis. However, we strongly recommend checking in a
  `.qlty/qlty.toml` to enable customization.
</Note>

If you have the Qlty CLI installed, you can generate an initial configuration by running `qlty init`. This will look at the file types and configuration files in your repository to generate a baseline configuration.

```bash Generate a Qlty config for the current repository lines theme={"system"}
qlty init
```

Alternatively, you can write your `.qlty/qlty.toml` file by hand. Here is a minimal starting point that you can check in:

```toml .qlty/qlty.toml lines theme={"system"}
config_version = "0"

exclude_patterns = ["**/node_modules/**"]
test_patterns = ["**/test/**"]

[[source]]
name = "default"
default = true
```

This configuration will analyze all [supported languages](/languages) for maintainability using the default thresholds.

## Excluding files and paths

Qlty is Git-aware and honors `.gitignore` files. Additional exclude patterns can be specified using glob syntax:

```toml .qlty/qlty.toml lines theme={"system"}
# ...
exclude_patterns = [
    "path/to/file.py",  # Ignore a specific file
    "**/generated/**",  # Ignore generated files
    "**/*.css"          # Ignore all CSS files
]
# ...
```

## Maintainability checks and thresholds

Qlty evaluates code maintainability using a set of static analysis checks implemented for all supported programming languages.

These checks have reasonable defaults, and can be customized further. For example:

```toml .qlty/qlty.toml lines theme={"system"}
# Disable the "too many return statements" check
[smells.return_statements]
enabled = false

# Allow functions with 6 params (all languages)
[smells.function_parameters]
threshold = 6

# For Python, allow 7 params
[language.python.checks]
function_parameters.threshold = 7
```

## Linting and SAST plugins

Plugins extend Qlty with thousands of checks from linters and security scanning tools. Plugin definitions are stored in a Git repository called a Source.

Qlty provides a default source which should be included in your `.qlty/qlty.toml` as follows. (This is automatically generated if you used `qlty init`.)

```toml .qlty/qlty.toml lines theme={"system"}
# ...

[[source]]
name = "default"
default = true

# ...
```

With your Source specified, you can list available plugins:

```bash List all available plugins with the CLI lines theme={"system"}
qlty plugins list
```

Then, you can activate any [available plugin](/plugins) as follows.

<CodeGroup>
  ```shell Qlty CLI lines theme={"system"}
  qlty plugins enable rubocop
  ```

  ```toml qlty.toml lines theme={"system"}
  [[plugin]]
  name = "rubocop"
  version = "1.64.1" # Optionally, lock to a version

  ```
</CodeGroup>

## Plugin configurations

When running Qlty, plugins are configured using their own analysis configuration files (e.g. `.eslintrc`).

Plugin configuration files can be stored in the `.qlty/configs/` directory in order to keep the root of the repository tidy. Qlty will automatically make them available to plugins when it runs analysis.

## Check modes

Qlty's maintinability analysis, linters, and security scanning plugins run Checks which emit findings called Issues.

By configuring the *Mode*, you keep developer workflows streamlined while preserving issues for later review. Qlty Cloud uses the Mode to determine the behavior for handling issues.

The Mode can be configured at a Plugin level to one of four options:

| Mode       | Behavior                                                              |
| ---------- | --------------------------------------------------------------------- |
| `disabled` | This plugin will not be run.                                          |
| `monitor`  | Issues are browseable on Qlty.sh, but not annotated on GitHub         |
| `comment`  | Issues generate code review comments but do not fail the Quality Gate |
| `block`    | This issue may cause the Quality Gate to fail.                        |

```toml .qlty/qlty.toml lines theme={"system"}
[[plugin]]
name = "osv-scanner"
mode = "monitor"
```

## Complete example

```toml .qlty/qlty.toml lines theme={"system"}
config_version = "0"

exclude_patterns = ["**/fixtures/**", "**/generated/**", "*.css"]

# Code maintainability (structure and duplication) issues
# are posted as comments but do not fail Quality Gates
[checks]
mode = "comment"

[[source]]
name = "default"
default = true

[[plugin]]
name = "rubocop"
version = "1.64.1"

[[plugin]]
name = "hadolint"

[[plugin]]
name = "shellcheck"

[[plugin]]
name = "osv-scanner"
mode = "monitor"
```

## More information

* [Available Plugins](/plugins)
* [Supported Languages](/languages)
* [Project Configuration (`qlty.toml`) reference](/qlty-toml)