Qlty CLI is a multi-language code quality tool for linting, auto-formatting, maintainability, and security with support for 70+ static analysis tools for 40+ languages and technologies.
With Qlty CLI, polyglot team can take advantage of the best code quality static analysis with fast, consistent, and unified results through a single tool. Configuration is done through a simple .qlty/qlty.toml file in your repository, which can be auto-generated based on the languages you use.
The Qlty CLI is completely free for all use, including for commercial projects, with no limits on contributors.
- β¨ Key Features
- π Quick Start
- π§Ή Available Linters
- π Code Quality Metrics
- π₯οΈ System Requirements
- π Help or Feedback
- π§βπ» Contributing
- βοΈ License
| Feature | Advantage | |
|---|---|---|
| π | Linting | Comprehensive language support in one tool |
| ποΈ | Auto-formatting | Consistent code style everywhere |
| π© | Maintainability | Code smells like copy-paste detection and complexity |
| π¨ | Security scanning | SAST, SCA, secret detection, IaC analysis, and more |
| π¦ | Code coverage | Total coverage and diff coverage |
| π | Quality metrics | Complexity, duplication, LOC, etc. |
| Feature | Advantage | |
|---|---|---|
| π² | Git-aware | Focus on newly introduced quality issues |
| β‘ | Auto-initialization | Get up and running in two minutes |
| β | Autofixes | Including tool-generated and AI-generated fixes |
| βοΈ | Config as code | Version controlled with maximum flexibility |
| ποΈ | Caching and concurrency | The absolute fastest way to run static analysis |
| πͺ | Git hooks | Integrate with pre-commit and pre-push hooks |
| π€ | Pull request reviews | Automated feedback in comments and statuses |
| π | Runs anywhere | Mac, Linux, and Windows with no dependency on Docker |
| π¦ | Written in Rust | Fast execution and easy to contribute |
| π | 100% free | Including for commercial projects, with no contributor limits |
| βοΈ | Fair Source | Public on GitHub with delayed open source publication (DOSP). PRs accepted! |
π‘ Learn more in the Documentation.
Qlty CLI is part of Qlty Software's comprehensive platform for code quality. Bring code quality into every step of your software development workflow with:
- Qlty CLI -- Polyglot code quality CLI written in Rust
- Qlty Cloud -- Automated code review and quality trends
- Visual Studio Code Extension -- Linting and auto-formatting in your IDE
- GitHub Action -- Run Qlty CLI within your CI workflows
- Chrome and Firefox Extension -- Adds code coverage data to GitHub.com
The fastest way to install Qlty CLI is using our installer scripts which install our native binaries:
# Install on MacOS or Linux
curl https://qlty.sh | bash
# Install on Windows
powershell -c "iwr https://qlty.sh | iex"We also package the CLI as a Docker image on GitHub Container Registry (GHCR).
Note
The Qlty CLI does not use Docker to run linters. By running linters natively, we achieve maximum performance. The Docker image is provided for situations where running the CLI as a containers is preferred over running it as a native binary.
Setup Qlty within a Git repository:
cd my_repo/
qlty init| Example Command | Description |
|---|---|
qlty init |
Setup Qlty within a Git repository |
qlty check --sample=5 |
View a sample of lint issues |
qlty fmt --all |
Auto-format the codebase |
qlty smells --all |
Scan for code smells like duplication |
qlty metrics --max-depth=2 --sort complexity --all |
Review a summary of code quality metrics |
Qlty CLI is configured using a .qlty/qlty.toml file in your Git repository. You can generate a default configuration with qlty init and then customize it.
Read our documentation about configuration for more information.
Over 20,000 code quality rules are available via the Qlty CLI through its 60+ linter plugins.
To enable new plugins by adding them to your .qlty/qlty.toml file run:
qlty plugins enable <NAME>The full list of plugins is available on GitHub.
The Qlty CLI calculates a variety of code quality metrics which are available through the qlty metrics subcommand and as trends on Qlty Cloud.
| Duplication | |
|---|---|
| Duplication Density | Duplicated Lines divided by Code Lines |
| Duplicated Lines | The number of lines that are duplicated |
| Duplicated Blocks | The number of contiguous spans of duplicated lines |
| Complexity | |
| Complexity Density | Complexity divided by Code Lines |
| Total Complexity | The count of Cognitive Complexity |
| Cyclomatic Complexity | The count of Cyclomatic (McCabe's) Complexity |
| Maintainability | |
| Smells | The number of duplication and structure issues |
| Technical Debt | The estimated amount of time needed to resolve the code smells |
| Technical Debt Ratio | Technical Debt divided by estimated implementation time |
| Maintainability Rating | Technical Debt Ratio expressed as a letter rating |
| LCOM | Lack of cohehsion in methods (LCOM4) |
| Security | |
| Security Issues by Level | Count of security issues by high, medium, and low level |
| Security Issues | Count of security issues |
| Security Rating | A letter rating based on security issues and their severity level |
| Coverage | |
| Covered Lines | Count of lines covered by automated tests |
| Uncovered Lines | Count of lines that could be covered but are not |
| Line Coverage | Covered Lines divided by Coverd Lines plus Uncovered Lines |
| Diff Coverage | The Line Coverage of the new and changes lines of a Git diff |
| Coverage Rating | Line Coverage expressed as a letter rating |
| Size | |
| Classes | Count of classes |
| Fields | Count of unique fields |
| Functions | Count of functions or methods |
| Code Files | Count of programming language files |
| Lines | Count of all lines including blanks and comments |
| Lines of Code | Count of lines that are not blank or comments |
| Comment Lines | Count of comment lines |
| Comments Density | Comment Lines divided by Lines |
| Issues | |
| Issues Count | Count of static analysis issues |
| Issues Count by Level | Count of static analysis issues by high, medium, and low level |
Quality metrics are available for C#, Go, Java, JavaScript, Kotlin, PHP, Python, Ruby, Rust, and TypeScript.
Qlty CLI is available for MacOS, Linux, and Windows on x86 and ARM platforms.
Certain PHP linters require a working installation of PHP available in your $PATH. To install PHP, use Homebrew or an alternative method.
- Read the documentation
- Join our Discord chat
- Community support via GitHub Discussions
- Feature requests via GitHub Discussions
- Bug reports via GitHub Issues
- Plugin request via GitHub Issues
Creating a plugin can be as easy as writing a small plugin definition TOML file. If the tool has a custom output format (instead of a standard like SARIF), then writing a simple output parser in Rust is also needed.
We also happily accept requests for new plugins via GitHub issues.
Developing on Qlty CLI requires a working Rust toolchain and adheres to the standard Rust development process:
git clone https://github.com/qltysh/qlty.git
cd qlty
cargo build
cargo testMore information about how to contribute can be found in CONTRIBUTING.md.
Reports of security vulnerabilities should be handled with the process outlined in SECURITY.md.
Qlty CLI is published under a Fair Source license. As Fair Source, the Qlty CLI is free to use (including in commercial contexts), modify, and distribute in accordance with its license.
This code is made available under the Business Source License 1.1 (BSL) and transitions into Open Source via a Delayed Open Source Publication (DOSP). More details are available in LICENSE.md.
We would like to thank all of the developers of code quality tooling like linters and meta-linters as well as everyone who has contributed to the field of open source static analysis. Qlty CLI stands on the shoulders of decades of this excellent work.
Licenses for code incorporated into Qlty CLI can be found in the docs/licenses folder.