Rules in Vibrant can be configured individually to control their severity level and behavior. This allows you to customize which issues are treated as errors, warnings, or disabled entirely.
Severity levels
Each rule can be set to one of four severity levels:
The rule violation is treated as an error. Vibrant will exit with code 1 if any errors are found.
The rule violation is treated as a warning. Warnings are reported but don’t cause Vibrant to fail.
The rule violation is informational only. Useful for tracking patterns without enforcing them.
The rule is completely disabled and won’t be checked.
rules object of vibrant.config.js:
The simplest way to configure a rule is with a string:
module.exports = {
rules: {
'no-explicit-any': 'error',
'console-log-debugging': 'warn',
'magic-numbers': 'off',
},
};
module.exports = {
rules: {
'no-explicit-any': ['error'],
'console-log-debugging': ['warn'],
},
};
Rule categories
Vibrant’s rules are organized into categories based on what they detect:
Type safety
Detect unsafe type usage in TypeScript:
rules: {
'no-explicit-any': 'error', // Disallow explicit 'any' type
}
Incomplete code
Find unfinished implementations:
rules: {
'unimplemented-error': 'error', // Throws "not implemented"
'empty-function-body': 'error', // Empty function bodies
}
Error handling
Catch poor error handling patterns:
rules: {
'empty-catch-block': 'error', // Empty catch blocks that ignore errors
}
Security
Identify security vulnerabilities:
rules: {
'hardcoded-credentials': 'error', // Hardcoded API keys, passwords
'no-sql-injection': 'error', // SQL injection risks
'no-unsafe-inner-html': 'error', // XSS vulnerabilities
}
rules: {
'no-await-in-loop': 'error', // Await in loops (use Promise.all)
}
Possible bugs
Find logic errors:
rules: {
'no-unreachable': 'error', // Unreachable code
'use-isnan': 'error', // Incorrect NaN comparisons
}
Code quality
Detect debugging artifacts:
rules: {
'console-log-debugging': 'warn', // Debug console statements
}
AI telltales
Identify AI-generated code patterns:
rules: {
'ai-comment-emojis': 'warn', // Emojis in comments
'ai-todo-comments': 'warn', // Excessive TODOs
}
Best practices
Enforce code quality standards:
rules: {
'magic-numbers': 'warn', // Unnamed numeric constants
}
Default configuration
When no configuration file is present, Vibrant uses these defaults:
{
rules: {
// Type safety - CRITICAL
'no-explicit-any': 'error',
// Incomplete code - CRITICAL
'unimplemented-error': 'error',
'empty-function-body': 'error',
// Error handling - CRITICAL
'empty-catch-block': 'error',
// Security - CRITICAL
'hardcoded-credentials': 'error',
// Debug code - WARNING
'console-log-debugging': 'warn',
}
}
Only 6 rules are enabled by default. The remaining 9 rules are available but must be explicitly enabled in your configuration file. Use vibrant rules to see all available rules.
Examples
Strict configuration
Treat everything as an error:
module.exports = {
rules: {
'no-explicit-any': 'error',
'unimplemented-error': 'error',
'empty-function-body': 'error',
'empty-catch-block': 'error',
'hardcoded-credentials': 'error',
'no-sql-injection': 'error',
'no-unsafe-inner-html': 'error',
'no-await-in-loop': 'error',
'no-unreachable': 'error',
'use-isnan': 'error',
'console-log-debugging': 'error',
'ai-comment-emojis': 'error',
'ai-todo-comments': 'error',
'magic-numbers': 'error',
},
};
Relaxed configuration
More warnings, fewer errors (good for prototyping):
module.exports = {
rules: {
'no-explicit-any': 'warn',
'unimplemented-error': 'warn',
'empty-function-body': 'warn',
'empty-catch-block': 'warn',
'hardcoded-credentials': 'error', // Security always error
'no-sql-injection': 'error', // Security always error
'no-unsafe-inner-html': 'error', // Security always error
'no-await-in-loop': 'warn',
'no-unreachable': 'warn',
'use-isnan': 'error',
'console-log-debugging': 'warn',
'ai-comment-emojis': 'off',
'ai-todo-comments': 'off',
'magic-numbers': 'off',
},
};
Minimal configuration
Only critical bugs:
module.exports = {
rules: {
'no-explicit-any': 'off',
'unimplemented-error': 'error',
'empty-function-body': 'off',
'empty-catch-block': 'warn',
'hardcoded-credentials': 'error',
'no-sql-injection': 'error',
'no-unsafe-inner-html': 'error',
'no-await-in-loop': 'off',
'no-unreachable': 'error',
'use-isnan': 'error',
'console-log-debugging': 'off',
'ai-comment-emojis': 'off',
'ai-todo-comments': 'off',
'magic-numbers': 'off',
},
};
Security-focused configuration
Prioritize security issues:
module.exports = {
rules: {
// Security rules as errors
'hardcoded-credentials': 'error',
'no-sql-injection': 'error',
'no-unsafe-inner-html': 'error',
// Everything else as warnings or off
'no-explicit-any': 'warn',
'unimplemented-error': 'warn',
'empty-function-body': 'off',
'empty-catch-block': 'warn',
'no-await-in-loop': 'off',
'no-unreachable': 'warn',
'use-isnan': 'warn',
'console-log-debugging': 'off',
},
};
Overriding default rules
You only need to specify rules you want to change from the defaults:
module.exports = {
rules: {
// Keep all defaults, but...
'console-log-debugging': 'off', // Allow console.log
'magic-numbers': 'warn', // Enable magic number warnings
},
};
Disabling rules inline
You can disable rules for specific lines or files using comments:
Disable for next line
// vibrant-disable-next-line no-explicit-any
const data: any = fetchData();
Disable for entire file
/* vibrant-disable no-explicit-any */
// Rest of file...
Disable multiple rules
// vibrant-disable-next-line no-explicit-any, console-log-debugging
const data: any = fetchData();
console.log(data);
See also