Configuration

Name: Vigil
Author: Vigil

Complete .vigil.yml reference. Drop this file in your repo root to customize Vigil.

💡

Configuration is optional. Vigil works zero-config on any PR. The options below let you fine-tune notifications, auto-approval, and coverage analysis.

Minimal Configuration

The simplest valid configuration file just declares the version:

.vigil.yml

version: 1

Full Reference

Here is every available option with example values:

.vigil.yml

version: 1

notifications:
  on: failure            # failure | always
  urls:
    - "https://hooks.slack.com/services/T.../B.../..."
    - "https://discord.com/api/webhooks/..."

auto_approve:
  enabled: true
  min_score: 90          # minimum confidence score to auto-approve

coverage:
  exclude:
    - "docs/**"
    - "*.config.*"
    - "migrations/**"

Fields Reference

Notifications

Send webhook notifications to Slack, Discord, or any HTTPS endpoint when Vigil finishes analyzing a PR.

Field	Type	Default	Description
`notifications.on`	string	`failure`	When to notify: `failure` (score below 80) or `always`
`notifications.urls`	string[]	`[]`	Webhook URLs (max 5, must be https://)

Auto Approve

Automatically approve PRs that meet a minimum confidence score. When enabled, Vigil submits an approving review on PRs that score at or above the threshold.

Field	Type	Default	Description
`auto_approve.enabled`	boolean	`false`	Enable automatic PR approval
`auto_approve.min_score`	number	`90`	Minimum score to trigger approval (1-100)

Coverage Exclusions

Exclude files from coverage analysis. Files matching these glob patterns will not be penalized for missing test coverage.

Field	Type	Default	Description
`coverage.exclude`	string[]	`[]`	Glob patterns for files to exclude from coverage analysis

Vigil already excludes common non-code files (config files, lockfiles, documentation) by default. Use this option for project-specific exclusions like generated code or migration files.

Validation

Vigil validates your configuration file on every PR run. Invalid or out-of-range values are silently dropped and replaced with defaults. The configuration file will never cause Vigil to crash or skip a run.

When values are rejected, Vigil generates warnings that appear in the PR comment inside a collapsible “Applied Configuration” section. This lets you know something was off without blocking your workflow.

Fork PRs

🔒

Trust boundary

For security, fork PRs read .vigil.yml from the repository's default branch (usually main), not from the PR head. This prevents untrusted forks from injecting malicious configuration.

← PreviousHow It Works Next →Signals