Critiq Docs
Get started
Guide

Get started with the Critiq CLI

Install the Critiq CLI and public rules package, run a first repository scan, then scope a scan to a diff.

#Prerequisites

  • Node.js 20 or newer.
  • npm 10 or newer.
  • A repository with source files you want to scan.

#Install

bash
npm install -D @critiq/cli @critiq/rules

Install both packages as dev dependencies so local scripts and CI jobs use the same command surface.

#First scan

bash
npx critiq check .

The target argument defaults to ., so npx critiq check and npx critiq check . target the current working tree.

The first scan is the fastest way to verify that the CLI can load the catalog, resolve your repository root, and parse the supported source files in the target path. Start broad with the repository root, then narrow to a subdirectory when you are investigating a focused area.

#Scan behavior

  • If .critiq/config.yaml exists, the scan uses it. If it does not exist, Critiq falls back to the default OSS catalog and recommended preset.
  • Built-in ignores skip dependency output and generated folders before your own ignorePaths are applied.
  • Test files are excluded by default so the first run focuses on production paths. Enable includeTests: true when you want rules to inspect test code as well.
  • Findings should be treated as deterministic rule results. The rule ID, category, severity, and evidence are stable enough to use in scripts and CI checks.

#Diff-scoped scan

bash
npx critiq check . --base origin/main --head HEAD

Use diff mode when a pull request or local branch only needs findings for changed files and changed ranges. Both --base and --head are required.

#Output formats

  • --format pretty is the default for terminal output.
  • --format json is available for scripts, checks, and CI parsing.
bash
npx critiq check . --format pretty
npx critiq check . --format json

#Exit codes

CodeMeaning
0Success.
1Findings, user/input errors, invalid configuration, or validation diagnostics.
2Internal/runtime errors.

#Package scripts

For local repeatability, add Critiq to the same script surface your team already uses for tests and linting.

json
{
  "scripts": {
    "critiq": "critiq check .",
    "critiq:json": "critiq check . --format json"
  }
}

#Common failures

  • Unknown option usually means the command does not support that flag yet. Check the CLI reference for the exact command surface.
  • The check command no longer accepts a rules glob means rule selection should move into .critiq/config.yaml.
  • If a scan exits with 1, inspect whether the cause is a finding, invalid input, or a config diagnostic before treating it as a runtime failure.

#Language support

Tests are excluded by default unless includeTests: true is set in .critiq/config.yaml. TypeScript and JavaScript have the deepest support today. Go, Java, PHP, Python, Ruby, and Rust have narrower phase-one adapter coverage.

#Next links

Configure CritiqInspect rulesCLI reference