Inspection profiles

Inspection profiles define inspections, the file scopes that these inspections analyze, and inspection severities. This section explains how you can use existing Qodana profiles, create your own profiles, and set up profiles for analyzing your projects using Qodana.

Existing Qodana profiles

Out of the box, you can use the following Qodana profiles:

Profile name	Description
`qodana.starter`	The subset of the `qodana.recommended` profile, enabled in Qodana by default
`qodana.recommended`	Implements default profiles of JetBrains IDEs like IntelliJ IDEA with the following exceptions: By default, Qodana provides analysis only for specific languages and frameworks. This means that, for example, Groovy or JavaScript inspections are available but disabled by default. Inspections of the `INFORMATION` severity in the IDE are also disabled. Several inspections that affect code highlighting in IDEs and global inspections were removed from Qodana linters. Flaky inspections that are still available in IDEs were removed from Qodana linters.
`qodana.sanity`	This profile is enabled by default to analyze whether a project is configured properly. If `qodana.sanity` inspections detect problems, this means that all other Qodana inspections may work improperly and the project should be reconfigured. To learn how disable inspections of this profile, see the Disable sanity checks and Profile sections.

Profile name

Description

qodana.starter

The subset of the qodana.recommended profile, enabled in Qodana by default

qodana.recommended

Implements default profiles of JetBrains IDEs like IntelliJ IDEA with the following exceptions:

By default, Qodana provides analysis only for specific languages and frameworks. This means that, for example, Groovy or JavaScript inspections are available but disabled by default. Inspections of the INFORMATION severity in the IDE are also disabled.
Several inspections that affect code highlighting in IDEs and global inspections were removed from Qodana linters.
Flaky inspections that are still available in IDEs were removed from Qodana linters.

qodana.sanity

This profile is enabled by default to analyze whether a project is configured properly. If qodana.sanity inspections detect problems, this means that all other Qodana inspections may work improperly and the project should be reconfigured.

To learn how disable inspections of this profile, see the Disable sanity checks and Profile sections.

All profiles are hosted on GitHub, so you can learn them in detail.

To learn how to set up existing Qodana profiles, see the Set up a profile section.

Custom profiles

You can create custom profiles using the following formats:

YAML is the preferred format,
XML can be used as an alternative to YAML.

Custom profiles can either override existing profiles or be created from scratch. Since profile configurations should be contained in dedicated files, we recommend saving them in the .qodana directory of your project.

For example, to use the existing qodana.recommended profile and additionally enable the Java/Java language level migration aids inspection category, save this YAML configuration in the profile file:

name: "Configuring Qodana" 
baseProfile: qodana.recommended

inspections:
   - group: "category:Java/Java language level migration aids" # Specify the inspection category
     enabled: true # Enable the inspection category

After you create your own profile, save the file in the .qodana directory of your project so that Qodana can ignore this file during code analysis.

To learn how to set up a custom profile, see the Set up a profile section.

Set up a profile

YAML configuration

A YAML file serves as a universal Qodana configuration. This means that you can configure Qodana using the qodana.yaml file once and then reuse it for running Qodana with Docker, GitHub, JetBrains IDEs or any other software currently supported by Qodana. The settings will remain consistent across all these platforms.

To set up the qodana.recommended profile, in the project root save the qodana.yaml file containing the following configuration:

            profile:
                name: qodana.recommended
            

To set up your custom profile, in the qodana.yaml file save this configuration containing the relative path to the profile file, for example:

            profile:
                path: .qodana/<custom-profile.yaml>
            

JetBrains IDE

In your IDE, navigate to Tools | Qodana | Try Code Analysis with Qodana.
On the profile section of the Run Qodana dialog, paste the profile configuration:
profile: name: qodana.recommended
This is an example of how the result will look:
profile: path: .qodana/<custom-profile.yaml>
This is an example of how the result will look:
On the Run Qodana dialog, check the Save qodana.yaml in project root option.
Click Run to start analyzing your code.

GitHub Actions

On the Settings tab of the GitHub UI, create the QODANA_TOKEN encrypted secret and save the project token as its value.
On the Actions tab of the GitHub UI, set up a new workflow and create the .github/workflows/code_quality.yml file.
To inspect the main branch, release branches and the pull requests coming to your repository, save the workflow configuration to the .github/workflows/code_quality.yml file:
name: Qodana on: workflow_dispatch: pull_request: push: branches: # Specify your branches here - main # The 'main' branch - 'releases/*' # The release branches jobs: qodana: runs-on: ubuntu-latest permissions: contents: write pull-requests: write checks: write steps: - uses: actions/checkout@v3 with: ref: ${{ github.event.pull_request.head.sha }} # to check out the actual pull request commit, not the merge commit fetch-depth: 0 # a full history is required for pull request analysis - name: 'Qodana Scan' uses: JetBrains/qodana-action@v2024.2 with: args: --profile-name,qodana.recommended env: QODANA_TOKEN: ${{ secrets.QODANA_TOKEN }}
Here, the --profile-name option specifies the qodana.recommended profile.
name: Qodana on: workflow_dispatch: pull_request: push: branches: # Specify your branches here - main # The 'main' branch - 'releases/*' # The release branches jobs: qodana: runs-on: ubuntu-latest permissions: contents: write pull-requests: write checks: write steps: - uses: actions/checkout@v3 with: ref: ${{ github.event.pull_request.head.sha }} # to check out the actual pull request commit, not the merge commit fetch-depth: 0 # a full history is required for pull request analysis - name: 'Qodana Scan' uses: JetBrains/qodana-action@v2024.2 with: args: --profile-path,.qodana/<custom-profile.yaml> env: QODANA_TOKEN: ${{ secrets.QODANA_TOKEN }}
Here, the --profile-path option specifies the relative path to the file containing a custom profile.

Command line

You can set up the qodana.recommended profile using the --profile-name option:

            docker run \
               -v $(pwd):/data/project/ \
               -e QODANA_TOKEN="<cloud-project-token>" \
               jetbrains/qodana-<linter> \
               --profile-name qodana.recommended
        

            qodana scan \
               -e QODANA_TOKEN="<cloud-project-token>" \
               --profile-name qodana.recommended
        

You can set up your custom profile using the --profile-path option:

            docker run \
               -v $(pwd):/data/project/ \
               -v $(pwd)/.qodana/<custom-profile.yaml>:/data/project/myprofiles/<custom-profile.yaml> \
               -e QODANA_TOKEN="<cloud-project-token>" \
               jetbrains/qodana-<linter> \
               --profile-path /data/project/myprofiles/<custom-profile.yaml>
        

            qodana scan \
               -v .qodana/<custom-profile.yaml>:/data/project/myprofiles/<custom-profile.yaml> \
               -e QODANA_TOKEN="<cloud-project-token>" \
               --profile-path .qodana/<custom-profile.yaml>
        

Last modified: 16 September 2024