Skip to content

Managing profiles

How to create profiles, add rules and drafts, publish versions, archive and unarchive, and use profiles in CI.

A profile groups a set of rules into a versioned unit. Instead of copying individual rule files into your CI pipeline, you reference a profile at a specific version and CodeCharter resolves all included rules and delivers them as a signed bundle.

What a profile is

Every profile has an immutable slug, an optional display name, and a description. You reference the profile by its slug in .codecharter/config.yml. The slug cannot be changed after creation, so choose one that describes the profile's purpose clearly (for example backend-standards or api-security).

Profile versions are immutable: once published, a version is byte-frozen. Your CI pipelines therefore produce reproducible results even when you evolve the profile later.

Creating a profile

Click New profile in the top-right corner of the profiles page. You supply a slug (3–64 characters, lowercase letters, digits, and hyphens), an optional display name, and a description. The profile starts with no published version and no draft.

Adding rules and drafts

In the profile list, choose Edit from the row's kebab menu (⋮), or open the profile and click Edit. This opens the profile editor, where you select rules from your rule library.

For each included rule you define:

  • Version — every included rule is pinned to an exact published version. A new rule release therefore never changes your profile until you update the pin yourself, either per rule or with Bump all to latest (see below).
  • Severity override — optionally override the rule's default severity. This is useful when a rule is more critical (or less critical) in your context than its default. You can also choose Disable to switch a rule off within the profile.

Click Save to store your changes as a draft; drafts do not affect published versions. Discard deletes the draft after a confirmation.

Bulk-bumping to the latest version

When you want to move all pinned rules to their respective latest published versions, click Bump all to latest next to the In profile heading in the profile editor. The editor shows the current and new version for each rule before you confirm.

Publishing a version

To publish a draft, click Publish in the profile editor. You assign a SemVer version number (must be greater than the last published version) and optional release notes.

The publish dialog lists all rules included in the new version under Included rules. After publishing, you can compare any two published versions on the profile's Version history tab: the diff shows which rules were added, which were removed, and which changed in version or severity.

Once published, versions are byte-frozen and can never be modified.

Downloading a bundle

From the kebab menu (⋮) in the profile list you can download the latest published version as a signed .cgbundle file. Older published versions are available via Download bundle on the profile's detail page. The bundle contains:

  • All referenced rule files (.cgr) at their pinned versions
  • A manifest file with metadata and a content hash
  • An Ed25519 signature

You can verify this bundle manually or use it directly in offline setups where your CI has no internet access. For regular CI use with internet access we recommend the direct API integration — see Using platform rules.

Archiving

Archive a profile when it is no longer actively maintained. Archived profiles are hidden from the active list and are intended to be left unchanged. Your CI can still resolve previously published versions; lockfiles continue to work.

Open the profile and click Archive. A confirmation dialog explains the consequences before the profile is archived.

Unarchiving

Archiving is fully reversible as a self-service action. Open the Archive tab in the profile list, find the archived profile, and choose Unarchive from its kebab menu. The profile immediately returns to the active list and can be edited again. No support contact is needed.

Using profiles in CI

Add the profile slug and version to your .codecharter/config.yml:

# .codecharter/config.yml
version: 1
profiles:
  - "[email protected]"

After adding or changing a profile reference, run codecharter update locally to re-resolve and write the lockfile. The command requires your portal URL and an API key with the read:rules scope, which you create on the portal's API keys page:

codecharter update --portal-url https://portal.example.com --api-key <your-api-key>

Note that API keys are read-only with respect to profiles: a key cannot create or edit drafts, publish versions, or archive profiles. Those actions are only available in a logged-in browser session in the portal.

Commit .codecharter/config.yml and .codecharter/codecharter.lock.json together. In CI, codecharter restore downloads the bundle based on the lockfile without making resolution calls to the portal. See Configuration file for the full set of sections.

Further reading