Knowledge Base

  • Import repository

    After you’ve signed up, you can import your first repository:

    1. In the upper-right corner of any page, click plus icon.
    2. Select one or more repositories to import.
    3. Click Import.

    For now we support GitHub or Bitbucket as repository source.

  • Ignoring issues and patterns

    If you would like to ignore a specific Issue or entire issue pattern across repository, you can have CodeFactor.io ignore it as follows:

    1. Go to any page containing issues.
    2. Click Ignore icon (shown as eye) on upper right corner of issue header.
      1. Click Ignore Issue to exclude selected issue only.
      2. Click Ignore Issues like this to exclude selected issue pattern for entire repository.
      3. Click Ignore File to exclude related file with all it's issues.

    If you later decide that some issues should no longer be ignored, go to Issues page and click Ignored filter button on upper right corner. Here you

  • Resolve reduced feature mode

     Occasionally you may see a notification that the repository is running in Reduced Feature Mode:

     

    This is because there is no webhook between external provider and CodeFactor for the repository in question, meaning that:

    • repository is analyzed on-demand only;
    • there is no status for GitHub or Bitbucket pull requests;
    • repository changes (e.g. new branches, renaming branches, etc.) are not synchronized.

    Only GitHub or Bitbucket Admin can create a webhook to CodeFactor. If you are the Admin, you can simply build the webhook by clicking on "FIX IT".

    For best experience, we highly recommend to have your repositories running in

  • As a public repository admin on GitHub I'm unable to Fix reduced feature mode

    Prerequisites:

    Must be an a GitHub Admin for organization that owns Public repository. 

     

    Explanation:

    By default GitHub restricts third-party applications to access Company Owned applications - see https://help.github.com/articles/about-third-party-application-restrictions.

     

    Resolution:

    Verify if your organization has granted access to 3rd party applications to access your repositories:

    1. Go to https://github.com/settings/connections/applications/4194d7d196308e89f706
    2. Click 'Grant Access' under Organization access (if button is not visible then org admin must do this step)

     

    You will now able be able to create Webhooks between CodeFactor and GitHub via FIX IT button in CodeFactor.io. 

  • Track quality changes

    After you’ve imported your first repository, CodeFactor will automatically inspect any changes coming to Default branch. This includes:

    1. Any Commits. You can check the latest list on Overview page.
    2. Any Pull Requests. CodeFactor will push status notification for commits in pull request.

    You can inspect how each commits affect repository branch quality-wise on Overview page. Problematic areas on your code can be quickly viewed on Hotspots panel.

    We currently support packages.config, PackageReference (NuGet), package.json (npm, Yarn) and build.gradle (Gradle) for detecting Libraries in your repositories.

  • Ignoring code files

    If you see that a specific file should not be included for inspection you can ignore it:

    1. Go to code file page.
    2. Click Ignore this file button on upper right.

    If you have a folder or a global file pattern that should not be included you can ignore it as well:

    1. Go to repository Settings
    2. Click Ignore Files.
    3. Enter patterns and click Save changes.

    Note: Case sensitive patterns, one per line. (e.g. src/blob/* to exclude all files in blob folder).

    Note: some files are ignored automatically. E.g. files created by Visual Studio designer or containing auto-generated marker.

  • Take action

    Once CodeFactor has identified some issues for repository you can learn up on them by clicking Read Up icon.

    Click Create Issue icon to review and submit new issue request to repository provider (e.g. GitHub). Create Comment icon is used to review and submit new comment request.

    Click Ignore icon to exclude specific issue, similar issues or source file from analysis.

  • Setting default branch

    The default branch is considered the "base" branch in your repository, against which all pull requests and code commits are made.

    CodeFactor will try to identify default branch when importing new repository. If you have admin rights over a repository, you can set new default branch:

    1. Go to repository Settings
    2. Change the default branch using the dropdown.
  • As organization admin on GitHub I don't see org repository in Add Repository page

    Prerequisites:

    Must be an a GitHub Admin for organization that owns Private or Public repository. 

    Explanation:

    By default GitHub restricts third-party applications to access Company Owned applications - see https://help.github.com/articles/about-third-party-application-restrictions.

    Resolution:

    Verify if your organization has granted access to 3rd party applications to access your repositories:

    1. Go to https://github.com/settings/connections/applications/4194d7d196308e89f706
    2. Click 'Grant Access' under Organization access (if button is not visible then org admin must do this step)

    You will now be able to see organization repos on Add Repository page.

  • Analysis Tools (Open Source)

    CodeFactor.io uses a variety of software code analysis tools and algorithms. In addition to proprietary tools CodeFactor.io also takes advantage of several Open Source code analysis tools. Here is the list of Open Source analysis engines that we use:

    If engine is not provided with custom configuration it will use default rule-set. We reserve the right to disable selected rules without notice if necessary.

  • Toggling active branches

    By default CodeFactor will inspect default branch only for new repositories. However, you can freely enable other branches as well:

    1. Go to repository Branches
    2. Click On/Off toggle to start or stop code quality inspection.
  • My GitHub repository is not being reviewed anymore

    1. Make sure you have Admin permissions for your GitHub repository. CodeFactor requires this in order to create or update webhook to receive notifications from GitHub. Here is how.
    2. Go to repository Settings page and click Refresh button.
    3. Next time you push commit to Pull Request or Branch you should see it being reviewed by CodeFactor.

    Please send us an email if the steps above did not resolve the issue.

    Further reading

    Resolve reduced feature mode

    GitHub - Managing team access to an organization repository

    GitHub - Repository permission levels for an organization

    GitHub - About Webhooks

  • Using branch Badges

    CodeFactor is very excited to support branch badges that developers can integrate into their repositories on GitHub and Bitbucket. Make code quality visible!

    Here is How

    Go to the repository Overview page and click badge icon to see available options:

    The dialog contains links that are related to currently selected branch:

    Feel free to choose from available styles:

    - https://www.codefactor.io/repository/github/signalr/signalr/badge?style=plastic

    - https://www.codefactor.io/repository/github/signalr/signalr/badge?style=flat-square

    - https://www.codefactor.io/repository/github/signalr/signalr/badge?style=for-the-badge

    - https://www.codefactor.io/repository/github/signalr/signalr/badge?style=social

  • Glossary

    Below are a list of some Git and CodeFactor specific terms we use across our site.

    GPA

    A grade point average (or GPA) is a standard metric used in the United States to indicate overall academic performance. It is designed to be a single number that captures how well a student performed during a portion of their academic career.

    CodeFactor uses a modified metric that used letter indicators combined with 1-10 numeric range:

    Default Branch

    The default branch is considered the "base" branch in your repository, against which all pull requests and code commits are made. CodeFactor needs to identify it in order

  • My Bitbucket repository is not being reviewed anymore

    1. Make sure you have Admin permissions for your Bitbucket repository. CodeFactor requires this in order to create or update webhook to receive notifications from Bitbucket.
    2. Go to repository Settings page and click Refresh button.
    3. Next time you push commit to Pull Request or Branch you should see it being reviewed by CodeFactor.

    Please send us an email if the steps above did not resolve the issue.

    Further reading

    Resolve reduced feature mode

    Bitbucket Cloud - Creating webhooks

  • Auto-Fix

    CodeFactor can fix certain reported issues. This can be done on-demand or automatically. We currently support:

    - ESLInt

    - PHP_CodeSniffer

    - Stylelint

    - TSLint

    - RuboCop

    - SwiftLint

    On-demand fixes

    When visiting a page with fixable issues, you can create new PR or commit manually:

    If you do not see this button it means CodeFactor did not find any issues that can be fixed.

    We recommend using it to test this feature or when you need to resolve fixable issues by file, category or whole branch.

    Automatic fixes

    Disabled by default. To enable it, go to repository Settings page:

    We recommend

  • Removed user still visible on repository Members page

    1. Make sure you have Admin permissions for your GitHub or Bitbucket repository. CodeFactor requires this in order to receive full member list for a repository.
    2. Go to repository Members page and click 'Refresh repository members' icon
    3. Alternatively go to repository Settings page and click 'Reset access' button

    Further details:

    GitHub: If repository is fully integrated, it should receive all collaborator and added team events. Any other team changes are not received (not available) via webhook.

    Bitbucket: repository member changes are not available via webhook.

  • Some of my repository files are not being reviewed

    There are few major problems with repositories having large number of files:

    • it may take hours to review
    • review may generate very high number of issues making it counter-productive to resolve

    To provide consistent feedback loop we are actively limiting reviewed file count to 5K. Files are selected based on update date, number of changes (churn) and line count - this is to make sure that important files are included.

    Also, these files do not count towards limit:

    • with unrecognized language
    • ignored by user
    • ignored by CodeFactor (auto-generated, library, etc.)
  • Responsible Disclosure of Security Vulnerabilities

    We want to keep CodeFactor safe for everyone. If you've discovered a security vulnerability, we appreciate your help in disclosing it to us in a responsible manner.

    Please email us at security@codefactor.io. We'll work with you to make sure we understand the issue and address it. We consider security correspondence and vulnerabilities our highest priorities and will work to address any issues that arise ASAP.

    Please act in good faith towards our users' privacy and data during this process. White hat researchers are always appreciated and we won't take legal action against you if act accordingly.