Skip to main content

How to Configure

To manage the reviewer configuration, customer admins can go to the Company Settings page in the Zenable Management Console. All configuration changes are applied immediately to your organization and affect all future code reviews.

Configuration Options

Exclude Files

List of additional filenames or glob patterns to skip. This field accepts a list (array) of patterns and works like gitignore, including support for negation patterns.
A standard list of lock files will automatically be added to the beginning of your configuration.
Supports:
  • Exact filename matches (e.g., "package-lock.json")
  • Glob patterns (e.g., "**/*.rbi", "foo/**/*.pyc")
  • Negation patterns with ! prefix (e.g., "!keep-this.json")
  • *.log - Skip all log files in any directory
  • **/*.tmp - Skip all .tmp files in any directory (recursive)
  • src/**/*.test.js - Skip all .test.js files under src/ directory
  • docs/*.md - Skip markdown files directly in docs/ directory
  • build/* - Skip all files directly in build/ directory
  • **/node_modules/** - Skip all files in any node_modules directory
  • example.py - Skip files named example.py in any directory
  • **/example.tmp - Skip files named example.tmp in any directory (i.e. the same as example.tmp)
  • /example.py - Skip example.py only in the root directory
Negation patterns start with ! and allow you to include files that would otherwise be skipped. Order matters - the last matching pattern wins.Skip all log files except important.log
  • Add *.log to skip all log files
  • Add !important.log to include important.log
Skip all files in build/ except those in build/keep/
  • Add build/**/* to skip all files in build/
  • Add !build/keep/**/* to include files in build/keep/
Escaping files that literally start with !
To skip files that literally start with ! (fairly rare), escape the exclamation mark with a backslash: \!filename.txt

Preflight Checks

Preflight lets you optionally skip reviews based on static analysis findings.
  • enabled: Whether to enable preflight. (default: false)
  • max_changed_lines: Maximum total changed lines allowed before skipping the review. (default: 2500)

PR Quality Filter

PR Quality Filter lets you optionally skip reviews based on the quality of the PR. We measure the PR quality based on analysis of the whole PR and the generated review. We measure multiple dimensions of quality, such as code quality, architecture quality, testing quality, documentation quality, security quality, and maintainability. This generates a final overall quality score for the PR, which is used to determine if the PR review will be sent or not. Skip reviews with quality score below the threshold can be a useful way to skip reviews on pr that are not fully done, and reduce the noise in your PRs.
  • enabled: Whether to enable pr_quality_filter. (default: false)
  • quality_threshold: The minimum quality score required to post a review. Valid values are between 0 and 1. (default: 0.5)

Exclude Branches

List of branches to skip. You can use python regex to match the branch names. We will check all the patterns in the list, if any pattern match, the PR opened in that branch will be skipped.

Reactions

Configuration section for controlling which reactions are added during reviews. This allows you to enable or disable specific reactions that the reviewer generates.

Taking a Look Reaction

Controls the “eyes” emoji reaction (👀) that is added at the start of a review. The reaction is automatically removed once the review is complete. Default: true (👀 reaction is added)

Comments

Configuration section for controlling which comments are posted during reviews. This allows you to enable or disable specific informational comments that the reviewer generates.

No Findings Comment

When set to true, posts the “Nice work! 😎” comment when no issues are found in the PR. Set to false to disable this comment - when disabled and there are no findings, no review comment will be posted at all. Default: true (comment is posted)
These settings only affect informational comments. Reviews with actual findings or suggestions will always be posted regardless of these settings.

Finding Types

Control the behavior for each comment in the PR review based on different labels. Each review comment is classified into one of the following labels:
  • Bug
  • Readability
  • Performance
  • Complexity
  • Security
  • Inconsistency
  • Accessibility
  • Mistake
  • Other

Finding Label Configuration

For each label you can configure the behavior of the comment.

Hide Finding Type

Set to true to hide all the comments with the specified label, false to show it. Default: false (comment is posted)

Default Configuration

Reactions and Comments

By default, all review reactions and comments are enabled:
  • taking_a_look: true (👀 reaction shown during review)
  • no_findings: true (“Nice work” comment when no issues found)

Finding Types

All finding types are shown by default:
  • Bug
  • Readability
  • Performance
  • Complexity
  • Security
  • Inconsistency
  • Accessibility
  • Mistake
  • Other

Preflight

  • enabled: true
  • max_changed_lines: 2500

PR Quality Filter

  • enabled: true
  • quality_threshold: 0.5

Files Excluded by Default

The following files are automatically skipped by default: 
conda-lock.yml
bun.lock
go.mod
requirements.txt
uv.lock
.terraform.lock.hcl
Gemfile.lock
package-lock.json
pnpm-lock.yaml
yarn.lock
composer.lock
poetry.lock
pdm.lock
Cargo.lock
go.sum
Package.resolved
Podfile.lock
mix.lock
*.ico
*.jpeg
*.jpg
*.png
*.svg
By default, no branches are skipped.

Troubleshooting

If you’re having issues with the GitHub or GitLab reviewers, try the following:
  • Verify your configuration in Company Settings → Configurations is correct.
  • The skip_branches option uses python regex to match the branch names. Ensure your regex patterns are valid.
  • If any of these solutions don’t work, contact our support team at [email protected].