Skip to main content
ast-grep is an open-source static analysis tool that uses abstract syntax trees (AST) to find patterns in your codebase, helping identify security vulnerabilities and enforce code quality standards. CodeRabbit runs ast-grep version 0.44.0.

Configuration Options

You can configure ast-grep in your .coderabbit.yaml file or through CodeRabbit’s settings page under “Reviews → Tools → ast-grep”. The following options are available:
  • rule_dirs: List of directories containing your custom ast-grep rules (relative to repository root)
  • util_dirs: List of directories containing utility configs to support rule management (relative to repository root)
  • essential_rules: Enable the ast-grep essentials package (default: true)
  • packages: List of GitHub packages to use (format: owner/repo)

Example Configuration

CodeRabbit will only run ast-grep if you have configured at least one of the following:
  • Custom rule directories (rule_dirs)
  • Essential rules enabled (essential_rules: true)
  • Custom packages (packages)
util_dirs can be used to support shared utility configs, but by itself it does not cause ast-grep to run.

Files

ast-grep will run on the following file types:
  • Bash (.bash, .bats, .command, .env, .ksh, .sh, .sh.in, .tmux, .tool, .zsh)
  • Bicep (.bicep)
  • C (.c, .h)
  • C++ (.c++, .cc, .cpp, .cu, .cxx, .hh, .hpp, .ino)
  • C# (.cs)
  • CSS (.css)
  • Dart (.dart)
  • Elixir (.ex, .exs)
  • Glimmer JavaScript (.gjs)
  • Glimmer TypeScript (.gts)
  • Go (.go)
  • Haskell (.hs)
  • HTML (.htm, .html, .xhtml)
  • Java (.java)
  • JavaScript (.cjs, .js, .jsx, .mjs)
  • JSON (.json)
  • Kotlin (.kt, .ktm, .kts)
  • Lua (.lua)
  • Markdown (.md)
  • PHP (.php)
  • Python (.py, .py3, .pyi)
  • Ruby (.gemspec, .rb, .rbw)
  • Rust (.rs)
  • Scala (.sc, .scala)
  • SQL (.sql)
  • Swift (.swift)
  • TOML (.toml)
  • TSX (.tsx)
  • TypeScript (.cts, .mts, .ts)
  • YAML (.yaml, .yml)