# General Configuration ## Overview Once installed, Nullify immediately starts assessing pull requests and creating findings for new risks. The defaults get most teams moving quickly, but you can tailor behaviour through configuration files. ## Global Configuration Create a `.nullify.yml` in your organisation-level configuration repository to define shared policy. Depending on your platform this repository is: * GitHub: `.github-private` * Bitbucket: `.bitbucket-private` * Azure DevOps: `.azure-private` The repository should remain private and accessible to the Nullify app. GitHub uses the same mechanism for organisation-wide issue and pull-request templates, so existing practices apply. ## Repository Configuration Add a `.nullify.yml` to individual repositories when you need to override the global defaults. Settings cascade as follows: built-in defaults → organisation file → repository file. The merge logic lives in [`config-file-parser`](https://github.com/Nullify-Platform/config-file-parser/blob/main/pkg/merger/merger.go) if you want to review precedence rules. ### Fail Builds Control whether Nullify can fail CI when a new finding exceeds your policy: ```yaml enable_fail_builds: true ``` ### Severity Threshold Limit surfaced findings by severity (`critical`, `high`, `medium`, `low`): ```yaml severity_threshold: high ``` ### Priority Threshold Filter findings by Nullify’s priority classification (`urgent`, `important`, `informational`): ```yaml priority_threshold: urgent ``` ### Ignore Directories Exclude directories from assessment: ```yaml ignore_dirs: ["data"] ``` ### Ignore Paths Use glob patterns to skip specific files: ```yaml ignore_paths: ["tests/**", "**/*.py"] ``` --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.nullify.ai/configuration/configuration-general.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.