Skip to content

flaglint validate

flaglint validate checks whether source files comply with migration policy.

OptionDescription
--no-direct-launchdarklyFail if any direct LaunchDarkly Node server SDK evaluation calls are found.
--bootstrap-exclude <glob>Glob pattern for files allowed to use the LaunchDarkly SDK directly (repeatable).
--format textOutput as human-readable text (default).
--format sarifOutput as SARIF for GitHub Code Scanning.
--output <file>Write report to a file instead of stdout.
--config <path>Use an explicit config file.
--baseline <file>Baseline file for comparing against known debt.
--fail-on-newExit 1 if any findings are not in the baseline.
Terminal window
npx flaglint validate ./src --no-direct-launchdarkly

Fail output from the enterprise demo migration-in-progress state:

✗ validate --no-direct-launchdarkly: 20 direct LaunchDarkly evaluation call(s) found.
checkout.ts:40:9 — boolVariation("checkout-v2")
pricing.ts:46:9 — numberVariation("discount-percentage")
These files must migrate to OpenFeature before this rule passes.
Run `flaglint migrate --dry-run` to review the migration plan.

Pass output from the completed demo state:

✓ validate --no-direct-launchdarkly: no direct LaunchDarkly evaluation calls found.
Scanned 5 file(s).

Use --baseline with --fail-on-new to adopt validate in CI before all existing debt is resolved. Only findings whose fingerprints are absent from the baseline file cause a failure:

Terminal window
# Write current findings as the accepted baseline
npx flaglint audit ./src --write-baseline .flaglint-baseline.json
# In CI: fail only on findings not in the baseline
npx flaglint validate ./src \
--no-direct-launchdarkly \
--baseline .flaglint-baseline.json \
--fail-on-new

Commit .flaglint-baseline.json to source control. Re-run --write-baseline when you accept new debt or after a migrate --apply run resolves findings. See the JSON Output Reference for the baseline file format.

Terminal window
npx flaglint validate ./src \
--no-direct-launchdarkly \
--format sarif \
--output flaglint-validation.sarif

SARIF findings use rule id flaglint.direct-launchdarkly.

Use --bootstrap-exclude for files that are allowed to wire the provider:

Terminal window
npx flaglint validate ./src \
--no-direct-launchdarkly \
--bootstrap-exclude "src/provider/setup.ts"
CodeMeaning
0No policy violations found.
1Direct LaunchDarkly calls found (with --no-direct-launchdarkly); or new findings beyond baseline (with --fail-on-new).
2Invalid --format value; missing or malformed baseline file.