When Octokraft analyzes your code, it automatically detects which languages are present and runs the appropriate analyzers. No configuration is required — detection is automatic.
Supported Languages
| Language | Analyzer | What It Checks |
|---|
| Python | Ruff | Linting, style, common bugs, import sorting |
| Python | Bandit | Security vulnerabilities (injection, hardcoded passwords, etc.) |
| JavaScript / TypeScript | Biome | Linting, formatting, correctness, style |
| Go | golangci-lint | Comprehensive analysis (vet, staticcheck, and more) |
| Rust | Cargo Clippy | Idiomatic Rust issues, common mistakes |
| Java / Kotlin | Checkstyle | Style and formatting standards |
| Java / Kotlin | PMD | Bug patterns, dead code, complexity |
| C# | dotnet-format | Formatting and style enforcement |
| Ruby | RuboCop | Style, correctness, performance |
| PHP | PHPStan | Type safety, dead code, logic errors |
What Gets Ignored
Standard build artifacts and dependency directories are automatically excluded from analysis:
| Language / Framework | Ignored Directories |
|---|
| Node.js | node_modules/, dist/, .next/, coverage/ |
| Python | __pycache__/, .venv/, .mypy_cache/, dist/ |
| Go | vendor/, testdata/ |
| Rust | target/ |
| Java / Kotlin | build/, target/, .gradle/ |
| C# | bin/, obj/ |
| Ruby | vendor/, tmp/ |
| PHP | vendor/, cache/ |
How Results Are Used
Analyzer findings are normalized to a unified severity scale: critical, high, medium, low, and info. These findings are merged with results from other sources (AI analysis, code graph, convention checks) and deduplicated so the same issue is never reported twice from different sources.
All findings feed into your project’s Code Health score and appear in PR Analysis results.
Analyzer Configuration
Analyzers respect your project’s existing configuration files. If your repository contains a ruff.toml, biome.json, golangci.yml, .rubocop.yml, or equivalent config, Octokraft uses those settings. Your team’s existing rules are honored automatically.
You do not need to configure analyzers in Octokraft. If your repository already has linter configuration, it is picked up and used as-is.
