Skip to content

Releases: codacy/codacy-cloud-cli

v1.5.0

Choose a tag to compare

@github-actions github-actions released this 10 Jul 13:14
Immutable release. Only release title and notes can be modified.
97942fc

Minor Changes

  • #26 bf903e4 Thanks @alerizzo! - Add ls and directories commands to browse a repository's tree with quality
    metrics. ls lists the directories and files at a path — showing Grade, Issues,
    Complexity, Duplication, and Coverage per row — and directories (alias dirs)
    lists folders only, with --plus-children to also show one level of
    sub-directories as a └─ tree. Both auto-detect the provider/organization/repository
    from the git remote and the path from your current directory (relative to the
    repo root); override with positional args, --path, and --branch. Sort with
    --sort <field> (name, issues, grade, duplication, complexity,
    coverage) and --direction asc|desc. codacy ls --search <term> finds files
    at any depth under the path. Folders and files are marked with and · (no
    emojis). Both commands fetch every page of results, so nothing is truncated.

  • #24 bf527ad Thanks @alerizzo! - Add an npm-style "update available" notice. When a newer version is published, the
    CLI prints a one-time upgrade hint to stderr — it never auto-updates. The notice
    only shows with the default --output table in an interactive terminal; it is
    suppressed for --output json, when piped, in CI, and under npx/npm scripts, so
    machine-readable stdout stays byte-clean. The version lookup runs in a non-blocking
    background process (at most once a day) and never affects timing or exit codes. Opt
    out via CODACY_DISABLE_UPDATE_CHECK, NO_UPDATE_NOTIFIER, or --no-update-notifier.
    A package.json overrides entry pins update-notifier's transitive got/package-json
    to patched, still-CommonJS versions to avoid CVE-2022-33987.

Patch Changes

  • #27 c5c9af5 Thanks @alerizzo! - Stop issues --overview from suggesting noise reduction on repositories that aren't
    actually noisy. The "Suggested actions to reduce noise" section now requires two absolute
    floors before anything is suggested: the repository must have at least 200 issues in total,
    and an individual pattern must produce at least 100 issues on its own. The per-pattern floor
    matters because a repository with a long tail of tiny patterns pulls the median issues-per-
    pattern very low, which previously made a pattern with only a handful of issues look
    disproportionate — now a rule has to genuinely flood the repo before it's flagged. On top of
    those floors, a pattern must still show a relative signal: the "dominant share" rule (≥10% of
    all issues) only applies when there are at least 11 distinct patterns (an even split of N
    patterns only drops below 10% once N is above 10, so 8-10 balanced patterns would otherwise
    all be flagged), and the "disproportionate count" rule now compares each
    pattern against the median issues-per-pattern instead of the mean, so a single huge
    pattern can no longer inflate the baseline and hide smaller-but-still-disproportionate ones.

v1.4.0

Choose a tag to compare

@github-actions github-actions released this 25 Jun 19:49
Immutable release. Only release title and notes can be modified.
4fcf85d

Minor Changes

  • #20 cbf62d5 Thanks @alerizzo! - codacy findings and codacy finding now show the vulnerable dependency's import chain for SCA findings that carry the new dependencyChains field. Each finding is labelled Direct (Update <pkg> to <fixedVersion>) or Transitive (<pkg> → … → <pkg> (Fixed in <fixedVersion>)), and chains with 4+ packages collapse their middle to <first> → ... N more ... → <last>. The list shows the first chain plus ... and X more; the detail lists every chain aligned under a single label. dependencyChains is also included in --output json.

v1.3.1

Choose a tag to compare

@github-actions github-actions released this 19 Jun 12:52
Immutable release. Only release title and notes can be modified.
f11cf1a

Patch Changes

  • #18 7b09b5b Thanks @manufacturist! - Fix --version flag reporting hardcoded 1.0.0 instead of the actual package version. The CLI now reads the version dynamically from package.json at runtime via require, so the reported version stays in sync with every release automatically.

v1.3.0

Choose a tag to compare

@github-actions github-actions released this 18 Jun 13:27
Immutable release. Only release title and notes can be modified.
32a2203

Minor Changes

  • #16 8f86866 Thanks @manufacturist! - codacy repo --output json now includes a fileCount field on the repository object, plucked from coverage.numberTotalFiles on the existing getRepositoryWithAnalysis response. The field is present even on repos without coverage data, so no extra API call is needed. Lets consumers (e.g. the configure-codacy-cloud skill) read repo size without a separate roundtrip.

v1.2.1

Choose a tag to compare

@github-actions github-actions released this 17 Jun 14:18
Immutable release. Only release title and notes can be modified.
157fe90

Patch Changes

v1.2.0

Choose a tag to compare

@github-actions github-actions released this 03 Jun 10:01
Immutable release. Only release title and notes can be modified.
8068e31

Minor Changes

  • #11 12ad8a3 Thanks @alerizzo! - Auto-detect provider, organization, and repository from the git remote origin URL. All repository-scoped commands now work without explicitly passing <provider> <organization> <repository> — just run them inside a git repo with an origin remote pointing at GitHub, GitLab, or Bitbucket.

  • #13 f039b39 Thanks @alerizzo! - Improve issues --overview. The False Positives table now uses human-friendly labels ("Not a False Positive" / "Potential False Positive") instead of the raw belowThreshold / equalOrAboveThreshold API bucket names. The overview also adds a "Suggested actions to reduce noise" section that flags noisy patterns — those accounting for at least 10% of all issues, or at least 3× the average issues-per-pattern — and prints a ready-to-run codacy pattern <tool> <patternId> --disable command for each (the owning tool is resolved automatically; suggestions whose tool can't be resolved are omitted). --output json output is unchanged.

  • #13 f039b39 Thanks @alerizzo! - Make the pattern commands aware of local configuration files and coding standards.

    • pattern <tool> <patternId> with no action flag now shows the pattern's information (same card as the patterns command, with --output json support). Since there's no single-pattern endpoint, it searches by ID and keeps the exact match.
    • When a tool is driven by a local configuration file, patterns (list) and pattern (info) print <tool> is using a local configuration file. and skip fetching patterns; patterns --enable-all/--disable-all and pattern --enable/--disable/--parameter refuse with Tool uses a local configuration file, can't be updated.
    • pattern --enable/--disable/--parameter also refuses patterns enforced by a coding standard with Pattern enforced by <standard> coding standard, can't be modified.
    • issues --overview noise suggestions now adapt per pattern: a runnable codacy pattern … --disable command when possible, otherwise a manual step — Update your local <tool> configuration file to disable the pattern or Update <coding standard> to disable the pattern.
  • #13 f039b39 Thanks @alerizzo! - Add a --reanalyze-and-wait (-w) variant to the repository and pull-request commands. Unlike --reanalyze (which triggers analysis and exits), this blocking variant captures a baseline of the current issues, triggers the reanalysis, polls until it finishes (every 10s, up to 20 minutes), and then prints how long the analysis took and what changed — issue deltas by pattern, severity, and category. Supports --output json.

v1.1.1

Choose a tag to compare

@github-actions github-actions released this 27 May 19:45
Immutable release. Only release title and notes can be modified.
0ec90aa

Patch Changes

  • #9 a973363 Thanks @alerizzo! - Fix tools import to preserve cloud-only tools (only disable tools the local CLI supports), handle config-file mode correctly (skip pattern reset when useLocalConfigurationFile is set), and surface structured API error details on import failures.

v1.1.0

Choose a tag to compare

@github-actions github-actions released this 18 May 09:13
Immutable release. Only release title and notes can be modified.
5362f44

Minor Changes

  • #6 0280af1 Thanks @alerizzo! - ### Changes since v1.0.5

    • --tools filter for issues command (#4): Added --tools option to filter issues by the tool/pattern that detected them. Includes new formatting utilities for tool name display.

    • Filter and bulk-ignore for false positives (#5): Added --category and --severity filters to the issues command. Introduced bulk-ignore functionality to ignore multiple issues matching filter criteria, streamlining false-positive triage workflows.

    • Pin GitHub Actions to SHA hashes (#2): Pinned all GitHub Actions workflow dependencies to commit SHAs for improved supply-chain security.

    • Adopt changesets for automated versioning and publishing (#6): Replaced the manual publish workflow with a changesets-based release pipeline. PRs now require a changeset file, and merging to main triggers automated version bumps and npm publishing with provenance.

v1.0.5

Choose a tag to compare

@alerizzo alerizzo released this 26 Mar 16:09
Immutable release. Only release title and notes can be modified.
03d2f5f

Import tool configuration from file

New --import flag on the tools command lets you configure all repository tools and patterns from a codacy.config.json file in a single operation. The CLI showsva detailed preview of what will change (tools to enable, disable, reconfigure, and pattern counts), asks for confirmation, then applies everything — including optionally unlinking coding standards with --force.

  codacy tools gh my-org my-repo --import
  codacy tools gh my-org my-repo --import ./custom-config.json --force -y

Also in this release

  • --limit option for issues and findings — fetch up to 1,000 results with automatic pagination (default remains 100)
  • --link-standard / --unlink-standard on the repository command to manage coding standards
  • patternInfo.id now included in JSON output for issues
  • Node engine requirement bumped to >=20

v1.0.4

Choose a tag to compare

@alerizzo alerizzo released this 19 Mar 10:46
Immutable release. Only release title and notes can be modified.