Documentation
All analyses
Every analysis Vipr ships, grouped by the analyzer that owns it. The content is generated directly from the analyzer source code and stays in lockstep with the actual detection logic.
37 analyses across 5 analyzers
Core
7 analyses · v1.0.0Cyclomatic Complexity
Counts McCabe's decision points to estimate how many independent execution paths a file has.
Halstead Metrics
Estimates code complexity from operator/operand distribution: volume, difficulty, effort, and bug count.
Maintainability Index
Composite 0-100 score (Oman & Hagemeister) combining cyclomatic complexity, Halstead volume, and lines of code.
Function-Level Analysis
Per-function complexity, length, and parameter-count diagnostics.
Cognitive Complexity
SonarSource's cognitive complexity metric — penalizes deeply nested control flow more than cyclomatic complexity does.
Dead Code Detection
Detects unreachable code, dead branches, unused private members, and unused exports.
JSDoc Documentation Coverage
Flags exported and internal symbols that lack a JSDoc description.
React
13 analyses · v1.0.0React Anti-Patterns
Detects React-specific anti-patterns: stale closures, prop drilling, conditional hooks, unstable dependencies, mutation in render.
React Dataflow
Tracks how data flows through component trees: derived state, lifted state, prop chains.
React Structural Complexity
Measures component structural complexity: JSX nesting depth, conditional rendering branches, early returns, prop spreading.
React Security
Detects React-specific security issues: dangerouslySetInnerHTML, href javascript:, target=_blank without noopener.
React Hooks
Audits hook usage: rules of hooks, custom hook patterns, dependency arrays, hook ordering.
React Temporal Patterns
Detects temporal coupling issues: effects ordering, setState in render, useEffect dependency timing.
React Coupling
Measures coupling between components: prop count, deep prop drilling, context usage, ref forwarding chains.
React Identity Stability
Tracks reference stability of props and dependencies — unmemoized objects/arrays/functions passed across render boundaries.
React Accessibility
Detects accessibility issues in React components: missing alt text, ARIA misuse, keyboard navigation, semantic HTML violations.
React Performance
Detects render-cost issues: missing memoization, inline functions in lists, expensive computations in render.
React Reliability
Detects reliability issues: missing error boundaries, unhandled promise rejections in components, key warnings, race conditions.
React Technical Debt
Tracks technical-debt signals specific to React: deprecated patterns, dead components, untyped props, missing default exports.
React Migration
Detects legacy React patterns and surfaces migration opportunities to modern equivalents.
Next.js
7 analyses · v1.0.0Next.js Server / Client Boundaries
Verifies the placement of `use client` / `use server` directives, async client components, and server actions used outside server contexts.
Next.js Data Fetching
Audits server/client data-fetching patterns: fetch usage, cache directives, parallel/sequential calls, error handling.
Next.js Pages → App Router Migration
Detects legacy Pages Router patterns and surfaces App Router migration opportunities.
Next.js Security
Detects Next.js-specific security anti-patterns: middleware bypass, header misuse, environment-variable leaks, XSS vectors.
Next.js Configuration
Audits next.config.js / next.config.ts for deprecated options, performance settings, and security headers.
Next.js Route Structure
Audits the App Router file/directory structure: route groups, parallel routes, intercepting routes, layouts.
Next.js Rendering Strategy
Audits the chosen rendering strategy (SSG, SSR, ISR, client) for fit with the file role and data dependencies.
TypeScript
9 analyses · v1.0.0TypeScript Type Complexity
Flags recursive types, complex interfaces, deep generic nesting, conditional types, and large unions.
TypeScript Type Safety
Detects type-system escape hatches: @ts-nocheck, @ts-ignore, any usage, double assertions, implicit any catch clauses.
TypeScript Declaration Shape
Flags interface/class/namespace shape problems: empty interfaces, oversized definitions, deep inheritance, declaration merging, and missing return types.
TypeScript Generics Usage
Flags generic-type arity, unused type parameters, broad constraints, and missing constraints.
TypeScript Utility Types Usage
Detects custom mapped types that duplicate built-in utility types, and reports utility-type leverage.
TypeScript Import Discipline
Surfaces import-statement hygiene: type-only annotations, namespace imports, barrel files, and import-style consistency.
TypeScript Type Guards
Surfaces union-type usage and the presence (or absence) of type predicates and discriminated-union patterns.
TypeScript Module Augmentation
Surfaces declare-global, module augmentations, ambient module declarations, and global namespace pollution.
TypeScript Structural Quality
Detects singleton patterns, empty catches, untyped throws, concrete-class imports, global state, and good patterns (factories, constructor injection).
Linting
1 analysis · v1.0.0All analyses
| Title | Analyzer | Summary |
|---|---|---|
| Cyclomatic Complexity core-cyclomatic | core | Counts McCabe's decision points to estimate how many independent execution paths a file has. |
| Halstead Metrics core-halstead | core | Estimates code complexity from operator/operand distribution: volume, difficulty, effort, and bug count. |
| Maintainability Index core-maintainability | core | Composite 0-100 score (Oman & Hagemeister) combining cyclomatic complexity, Halstead volume, and lines of code. |
| Function-Level Analysis core-functions | core | Per-function complexity, length, and parameter-count diagnostics. |
| Cognitive Complexity core-cognitive | core | SonarSource's cognitive complexity metric — penalizes deeply nested control flow more than cyclomatic complexity does. |
| Dead Code Detection core-dead-code | core | Detects unreachable code, dead branches, unused private members, and unused exports. |
| JSDoc Documentation Coverage core-documentation | core | Flags exported and internal symbols that lack a JSDoc description. |
| React Anti-Patterns react-anti-patterns | react | Detects React-specific anti-patterns: stale closures, prop drilling, conditional hooks, unstable dependencies, mutation in render. |
| React Dataflow react-dataflow | react | Tracks how data flows through component trees: derived state, lifted state, prop chains. |
| React Structural Complexity react-structural | react | Measures component structural complexity: JSX nesting depth, conditional rendering branches, early returns, prop spreading. |
| React Security react-security | react | Detects React-specific security issues: dangerouslySetInnerHTML, href javascript:, target=_blank without noopener. |
| React Hooks react-hooks | react | Audits hook usage: rules of hooks, custom hook patterns, dependency arrays, hook ordering. |
| React Temporal Patterns react-temporal | react | Detects temporal coupling issues: effects ordering, setState in render, useEffect dependency timing. |
| React Coupling react-coupling | react | Measures coupling between components: prop count, deep prop drilling, context usage, ref forwarding chains. |
| React Identity Stability react-identity | react | Tracks reference stability of props and dependencies — unmemoized objects/arrays/functions passed across render boundaries. |
| React Accessibility react-accessibility | react | Detects accessibility issues in React components: missing alt text, ARIA misuse, keyboard navigation, semantic HTML violations. |
| React Performance react-performance | react | Detects render-cost issues: missing memoization, inline functions in lists, expensive computations in render. |
| React Reliability react-reliability | react | Detects reliability issues: missing error boundaries, unhandled promise rejections in components, key warnings, race conditions. |
| React Technical Debt react-technical-debt | react | Tracks technical-debt signals specific to React: deprecated patterns, dead components, untyped props, missing default exports. |
| React Migration react-migration | react | Detects legacy React patterns and surfaces migration opportunities to modern equivalents. |
| Next.js Server / Client Boundaries nextjs-server-client | nextjs | Verifies the placement of `use client` / `use server` directives, async client components, and server actions used outside server contexts. |
| Next.js Data Fetching nextjs-data-fetching | nextjs | Audits server/client data-fetching patterns: fetch usage, cache directives, parallel/sequential calls, error handling. |
| Next.js Pages → App Router Migration nextjs-migration | nextjs | Detects legacy Pages Router patterns and surfaces App Router migration opportunities. |
| Next.js Security nextjs-security | nextjs | Detects Next.js-specific security anti-patterns: middleware bypass, header misuse, environment-variable leaks, XSS vectors. |
| Next.js Configuration nextjs-config | nextjs | Audits next.config.js / next.config.ts for deprecated options, performance settings, and security headers. |
| Next.js Route Structure nextjs-route-structure | nextjs | Audits the App Router file/directory structure: route groups, parallel routes, intercepting routes, layouts. |
| Next.js Rendering Strategy nextjs-rendering | nextjs | Audits the chosen rendering strategy (SSG, SSR, ISR, client) for fit with the file role and data dependencies. |
| TypeScript Type Complexity ts-type-complexity | typescript | Flags recursive types, complex interfaces, deep generic nesting, conditional types, and large unions. |
| TypeScript Type Safety ts-type-safety | typescript | Detects type-system escape hatches: @ts-nocheck, @ts-ignore, any usage, double assertions, implicit any catch clauses. |
| TypeScript Declaration Shape ts-declaration-shape | typescript | Flags interface/class/namespace shape problems: empty interfaces, oversized definitions, deep inheritance, declaration merging, and missing return types. |
| TypeScript Generics Usage ts-generics | typescript | Flags generic-type arity, unused type parameters, broad constraints, and missing constraints. |
| TypeScript Utility Types Usage ts-utility-types | typescript | Detects custom mapped types that duplicate built-in utility types, and reports utility-type leverage. |
| TypeScript Import Discipline ts-import-discipline | typescript | Surfaces import-statement hygiene: type-only annotations, namespace imports, barrel files, and import-style consistency. |
| TypeScript Type Guards ts-type-guards | typescript | Surfaces union-type usage and the presence (or absence) of type predicates and discriminated-union patterns. |
| TypeScript Module Augmentation ts-module-augmentation | typescript | Surfaces declare-global, module augmentations, ambient module declarations, and global namespace pollution. |
| TypeScript Structural Quality ts-structural-quality | typescript | Detects singleton patterns, empty catches, untyped throws, concrete-class imports, global state, and good patterns (factories, constructor injection). |
| Linting Violations linting | linting | Reports rule violations from configured ESLint and Biome backends. Each finding links to the upstream rule documentation for context-specific guidance. |