Conversation
There was a problem hiding this comment.
Pull request overview
Adds documentation for a new analysis-cli skill and expands existing CLI docs to explain how to run Codacy Analysis locally (including tool selection and JSON output parsing).
Changes:
- Add a new
analysis-cliskill with setup/auth, workflows, and troubleshooting guidance. - Add reference docs for supported tool IDs and the
--output-format jsonschema. - Document that
codacyandcodacy-analysisshare a credentials session.
Reviewed changes
Copilot reviewed 6 out of 6 changed files in this pull request and generated 5 comments.
Show a summary per file
| File | Description |
|---|---|
| skills/codacy-cli/SKILL.md | Adds note about shared credentials between Cloud CLI and Analysis CLI. |
| skills/analysis-cli/SKILL.md | Introduces the new Analysis CLI skill instructions and workflows. |
| skills/analysis-cli/references/supported-tools.md | Adds a tool ID reference table and --tool usage examples. |
| skills/analysis-cli/references/output-format.md | Documents the JSON output schema for --output-format json. |
| README.md | Adds analysis-cli to the skills list. |
| CLAUDE.md | Adds analysis-cli to the “Skills in this project” table. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
README.md
Outdated
| | [`codacy-code-review`](codacy-code-review/) | Enrich code reviews with Codacy data — issues, coverage, security, duplication | | ||
| | [`configure-codacy`](configure-codacy/) | Tailor Codacy configuration to your project and reduce noise | | ||
| | [`setup-coverage`](setup-coverage/) | Set up test coverage reporting and upload to Codacy | | ||
| | [`analysis-cli`](analysis-cli/) | Run local static analysis using the Codacy Analysis CLI | |
There was a problem hiding this comment.
The README links to analysis-cli/, but this repo’s skills live under skills/<skill-name>/ (there is no top-level analysis-cli/ directory). Update this link to the correct path (or add the expected top-level folder) so readers don’t hit a 404/broken link.
| | [`analysis-cli`](analysis-cli/) | Run local static analysis using the Codacy Analysis CLI | | |
| | [`analysis-cli`](skills/analysis-cli/) | Run local static analysis using the Codacy Analysis CLI | |
|
|
||
| | Location | Scope | Contents | | ||
| |----------|-------|----------| | ||
| | `.codacy/` (in repo root) | Per-project | `codacy.config.json`, `generated/` (tool configs), `.gitignore` (auto-created) | |
There was a problem hiding this comment.
In the filesystem table, listing .gitignore under .codacy/ is a bit ambiguous (it could be read as the repository root .gitignore). Consider naming it explicitly as .codacy/.gitignore here to match the explanation in the next paragraph and avoid confusion.
| | `.codacy/` (in repo root) | Per-project | `codacy.config.json`, `generated/` (tool configs), `.gitignore` (auto-created) | | |
| | `.codacy/` (in repo root) | Per-project | `codacy.config.json`, `generated/` (tool configs), `.codacy/.gitignore` (auto-created) | |
| # Get changed files from git, pass them to --files | ||
| codacy-analysis analyze --files $(git diff --name-only HEAD) --output-format json |
There was a problem hiding this comment.
The --files $(git diff --name-only HEAD) example will break for filenames containing spaces/newlines and can also hit shell/ARG_MAX limits on large diffs. Consider either (a) documenting this limitation explicitly, or (b) using a -z/xargs -0 style pipeline (or another robust approach) to pass the file list safely.
| # Get changed files from git, pass them to --files | |
| codacy-analysis analyze --files $(git diff --name-only HEAD) --output-format json | |
| # Get changed files from git (handles spaces/newlines safely), pass them to --files | |
| git diff --name-only -z HEAD | xargs -0 codacy-analysis analyze --output-format json --files |
| | `Ruff` | Ruff | Python | CLI | | ||
| | `cppcheck` | Cppcheck | C, C++ | CLI | | ||
| | `Trivy` | Trivy | Multi-language | CLI | | ||
| | `Semgrep` | Opengrep | 30+ languages | CLI | |
There was a problem hiding this comment.
The table lists Tool ID Semgrep but the Display Name as “Opengrep”. If the adapter is actually Semgrep, the display name should match; if the underlying binary is Opengrep, consider clarifying that relationship (e.g., “Opengrep (Semgrep-compatible)”) so users aren’t unsure which tool they’re selecting with --tool.
| | `Semgrep` | Opengrep | 30+ languages | CLI | | |
| | `Semgrep` | Opengrep (Semgrep-compatible) | 30+ languages | CLI | |
| # Wrong — these will not match | ||
| codacy-analysis analyze --tool ruff | ||
| codacy-analysis analyze --tool eslint9 | ||
| codacy-analysis analyze --tool pylint | ||
| ``` |
There was a problem hiding this comment.
In the “Wrong — these will not match” examples, pylint failing is not just a casing mismatch (the Tool ID in the table is PyLintPython3). Consider tweaking the wording to avoid implying these are only case issues (e.g., mention that the ID must match exactly, including any suffixes).
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
No description provided.