Angular-aware static analysis for architecture, performance, SSR, security, and code quality.
ngcompass is a command-line static analysis tool built for Angular projects. It reads TypeScript, Angular templates, styles, and project configuration without running the application, then reports issues that generic TypeScript linters often miss.
It is designed for teams that want a clearer view of Angular-specific risks: component architecture, rendering performance, SSR compatibility, Signals and RxJS patterns, template safety, and modern Angular API adoption.
| Area | What ngcompass helps find |
|---|---|
| Architecture | Circular dependencies, boundary violations, and fragile component relationships |
| Performance | Missing OnPush, expensive template expressions, missing trackBy, and inefficient bindings |
| SSR | Browser-only APIs in universal code, hydration risks, and render lifecycle pitfalls |
| Security | Unsafe template bindings and sanitizer bypasses |
| Reactivity | RxJS subscription issues, Signals misuse, and migration opportunities |
| Code quality | Deprecated patterns, focused tests, and modern Angular API improvements |
Install the beta CLI globally:
npm install -g ngcompass@betaOr add it to a project:
npm install --save-dev ngcompass@betaUsing pnpm:
pnpm add -D ngcompass@betangcompass is currently in beta. Install with
@betato opt in to the prerelease channel.
cd my-angular-app
ngcompass init
ngcompass analyzeGenerate a self-contained visual report:
ngcompass analyze --format uiRun through a project-local install:
npx ngcompass analyze
pnpm exec ngcompass analyze| Command | Output |
|---|---|
ngcompass analyze |
Default terminal report |
ngcompass analyze --format console --compact |
Compact one-line issue output |
ngcompass analyze --format html --output report.html |
Self-contained HTML report |
ngcompass analyze --format ui |
Interactive HTML report alias |
ngcompass analyze --format json > results.json |
Machine-readable JSON |
ngcompass analyze --format sarif > results.sarif |
SARIF for GitHub Code Scanning |
Create a configuration file:
ngcompass initThis generates ngcompass.config.ts:
import { defineConfig } from '@ngcompass/config';
export default defineConfig({
extends: 'ngcompass:recommended',
include: ['src/**/*.ts', 'src/**/*.html'],
exclude: [
'node_modules/**',
'dist/**',
'build/**',
'coverage/**',
'**/*.d.ts',
'**/*.spec.ts',
'**/*.test.ts',
],
profiles: {
ci: {
outputFormat: 'json',
maxWarnings: 0,
},
},
});| Preset | Purpose |
|---|---|
ngcompass:recommended |
Balanced default for most Angular projects |
ngcompass:strict |
Stronger enforcement for mature codebases |
ngcompass:performance |
Rendering and change-detection checks |
ngcompass:reactivity |
Signals and RxJS correctness |
ngcompass:security |
Security-focused Angular checks |
ngcompass:ssr |
Server rendering and hydration safety |
ngcompass:all |
Every built-in rule at its default severity |
Override individual rules in the same config:
export default defineConfig({
extends: ['ngcompass:recommended', 'ngcompass:performance'],
rules: {
'prefer-on-push-component-change-detection': 'error',
'no-document-access': 'warn',
},
});| Command | Description |
|---|---|
ngcompass init |
Create ngcompass.config.ts |
ngcompass analyze |
Run analysis |
ngcompass rules |
List available rules |
ngcompass rules <name> |
Inspect one rule |
ngcompass config health |
Validate configuration |
ngcompass cache info |
Show cache status |
ngcompass cache clear |
Clear cached analysis data |
ngcompass cache path |
Print the cache directory |
| Option | Description |
|---|---|
--format <fmt> |
console, json, sarif, html, or ui |
--output <path> |
Output path for HTML/UI reports |
--compact |
Use compact issue output |
-q, --quiet |
Show summary counts only |
--no-recommendation |
Hide fix recommendations |
--rule <id> |
Run one rule in isolation |
--force |
Ignore cached results |
-p, --profile <name> |
Run a named config profile |
--mode <mode> |
Performance mode: eco, balanced, or turbo |
--max-workers <n> |
Limit worker threads |
--skip-type-check |
Skip rules that require TypeScript type checking |
ngcompass exits with code 0 when analysis passes and a non-zero code when configured violations are found.
- name: Run ngcompass
run: ngcompass analyze --format sarif > results.sarif
- name: Upload SARIF
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: results.sarifngcompass caches file discovery, execution plans, AST work, rule results, and full analysis output. Warm runs can reuse unchanged work instead of parsing and analyzing the entire project again.
ngcompass cache info
ngcompass cache clear
ngcompass analyze --force| Package | Responsibility |
|---|---|
ngcompass |
CLI entry point |
@ngcompass/config |
Config loading, validation, profiles, and health checks |
@ngcompass/scanner |
File discovery and filtering |
@ngcompass/rules |
Built-in rules, presets, and rule registry |
@ngcompass/planner |
Incremental execution planning |
@ngcompass/engine |
Rule execution and analysis orchestration |
@ngcompass/ast |
TypeScript, template, and style parsing helpers |
@ngcompass/cache |
Memory and disk cache services |
@ngcompass/reporters |
Console, JSON, SARIF, and HTML reporters |
@ngcompass/common |
Shared types and utilities |
@ngcompass/site |
Documentation site |
pnpm install
pnpm build
pnpm test
pnpm typecheckAdditional workspace checks:
pnpm smoke
pnpm validate:packages
pnpm prerelease:check- Node.js
^20.19.0or>=22.12.0 - Angular v15 or later
- pnpm for repository development
- Rule names, messages, and report layout may change before
1.0. - Template analysis is best-effort for highly dynamic templates.
- Validate ngcompass against your project before making it a required CI gate.