BetaViberTest is in active development — expect breaking changes.
VIBERTEST
Overview
DocsCI Integration

CI Integration

ViberTest exits with code 1 when issues are found, making it easy to integrate into any CI pipeline as a quality gate.

Exit Codes#

CodeMeaningCI Behavior
0No issues foundPipeline passes
1Issues foundPipeline fails (blocks merge)
2Scan errorPipeline fails (error)

GitHub Actions#

.github/workflows/vibertest.ymlyaml
name: ViberTest

on:
  pull_request:
    branches: [main]
  push:
    branches: [main]

jobs:
  scan:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4

      - uses: actions/setup-node@v4
        with:
          node-version: 20

      - name: Install ViberTest
        run: npx vibertest@latest --version

      - name: Run scan
        run: npx vibertest scan . --format json --output vibertest-report.json

      - name: Upload report artifact
        if: always()
        uses: actions/upload-artifact@v4
        with:
          name: vibertest-report
          path: vibertest-report.json

GitLab CI#

.gitlab-ci.ymlyaml
vibertest:
  stage: test
  image: node:20
  script:
    - npx vibertest@latest scan . --format json --output vibertest-report.json
  artifacts:
    when: always
    paths:
      - vibertest-report.json
    expire_in: 30 days
  allow_failure: false

Generic CI Script#

For any CI system, the pattern is the same:

ci-script.shbash
#!/bin/bash
set -e

# Scan — exits 1 if issues found, 0 if clean
npx vibertest@latest scan .

# Or: scan and save report regardless of exit code
npx vibertest@latest scan . --format json --output report.json || true

Running Specific Rules#

You can run only critical rules in CI to avoid blocking on low-severity issues:

Critical rules onlybash
$ npx vibertest scan . --rules hardcoded-secrets,security-antipatterns,missing-tests

JSON Output for Automation#

Use JSON output to parse results programmatically:

Terminalbash
$ npx vibertest scan . --format json --silent --output report.json

The JSON report includes the full score, grade, all issues with file paths, and metadata about the scan.

PR Comment (Advanced)#

You can post ViberTest results as a PR comment using the JSON output:

GitHub Actions — PR commentyaml
- name: Run ViberTest
  run: npx vibertest scan . --format json --output report.json
  continue-on-error: true

- name: Comment on PR
  if: github.event_name == 'pull_request'
  uses: actions/github-script@v7
  with:
    script: |
      const fs = require('fs');
      const report = JSON.parse(fs.readFileSync('report.json', 'utf8'));
      const body = [
        '## ViberTest Report',
        '',
        `**Score:** ${report.score.score}/100 — Grade ${report.score.grade}`,
        `**Issues:** ${report.summary.totalIssues}`,
        '',
        '| Severity | Count |',
        '|----------|-------|',
        ...Object.entries(report.summary.issuesBySeverity || {})
          .map(([sev, count]) => `| ${sev} | ${count} |`),
      ].join('\n');

      github.rest.issues.createComment({
        issue_number: context.issue.number,
        owner: context.repo.owner,
        repo: context.repo.repo,
        body,
      });