The Ballerina scan tool is a static code analysis tool that performs analysis on Ballerina projects and identifies potential code smells, bugs, and vulnerabilities without executing them.

Note: Ballerina scan is an experimental feature that supports only a limited set of rules.

Install the tool

Execute the command below to pull the scan tool from Ballerina Central.

$ bal tool pull scan

Usage Guide for Ballerina scan tool

The Ballerina scan tool helps you analyze your Ballerina project for potential issues, enforce coding standards, and generate detailed reports. Below are various ways you can use the tool to fit your development workflow.

Scan a Ballerina project

To run a full analysis across all Ballerina files in your project, use the following command:

$ bal scan --scan-report

This will produce the HTML report and scan results inside the target/report directory.

List all available analysis rules

If you’d like to explore the full set of rules the tool can apply, run:

$ bal scan --list-rules

This will display a comprehensive list of available rules for your project, which you can include or exclude in future scans.

Run analysis for specific rules

If you want to apply a specific set of rules, list them as a comma-separated string by specifying the rule ID:

$ bal scan --include-rules="ballerina:1, ballerina/io:2"

To ignore a specific set of rules during the analysis, use the following command:

$ bal scan --exclude-rules="ballerina:1, ballerina/io:2"