AI-Powered Code Review & Documentation Bot

An intelligent code review bot that combines static analysis tools with Large Language Models (LLMs) to provide automated, contextual code reviews for GitHub pull requests.

Features

• Automated Code Review: Analyzes pull requests and provides actionable feedback
• Static Analysis Integration: Uses Pylint, Bandit, and other tools for code quality and security scanning
• AI-Powered Insights: Leverages OpenAI GPT models for contextual code review
• GitHub Integration: Seamlessly integrates with GitHub via webhooks
• Multi-Language Support: Currently supports Python (extensible to other languages)

Architecture

See ARCHITECTURE.md for detailed system architecture and design decisions.

Prerequisites

• Python 3.11+
• PostgreSQL 15+
• Redis 7+
• GitHub App (for GitHub integration)
• OpenAI API key (for LLM functionality)

Quick Start

1. Clone the Repository

git clone <repository-url>
cd "Code Review and Documentation Bot"

2. Set Up Environment Variables

Copy the example environment file and fill in your values:

cp .env.example .env

Edit .env and configure:

• GITHUB_APP_ID: Your GitHub App ID
• GITHUB_APP_PRIVATE_KEY_PATH: Path to your GitHub App private key
• GITHUB_WEBHOOK_SECRET: Webhook secret from GitHub App settings
• OPENAI_API_KEY: Your OpenAI API key
• DATABASE_URL: PostgreSQL connection string
• REDIS_URL: Redis connection string

3. Set Up GitHub App

1. Go to GitHub Settings → Developer settings → GitHub Apps
2. Create a new GitHub App with the following permissions:
   • Repository permissions:
     • Pull requests: Read & Write
     • Contents: Read
     • Metadata: Read
3. Set up webhook URL: https://your-domain.com/webhook/pr
4. Download the private key and save it as github_app_private_key.pem
5. Note your App ID and webhook secret

4. Install Dependencies

pip install -r requirements.txt

5. Set Up Database

Using Docker Compose (recommended):

docker-compose up -d postgres redis

Or manually:

• Start PostgreSQL and Redis services
• Create database: CREATE DATABASE code_review_bot;

6. Run Database Migrations

alembic upgrade head

7. Run the Application

Development mode:

uvicorn app.main:app --reload --host 0.0.0.0 --port 8000

Using Docker Compose:

docker-compose up

The API will be available at http://localhost:8000

API Endpoints

Health Check

GET /health

GitHub Webhook

POST /webhook/pr

Configure this URL in your GitHub App webhook settings.

Get Review Status

GET /api/v1/reviews/{review_id}

Get Review Comments

GET /api/v1/reviews/{review_id}/comments

API Documentation

• Swagger UI: http://localhost:8000/docs
• ReDoc: http://localhost:8000/redoc

Usage

1. Configure GitHub Webhook

In your GitHub App settings, set the webhook URL to:

https://your-domain.com/webhook/pr

2. Install the GitHub App

Install your GitHub App on the repositories where you want code reviews.

3. Create a Pull Request

When you create or update a pull request, the bot will:

1. Receive the webhook event
2. Fetch the PR diff
3. Run static analysis on changed files
4. Generate AI-powered review comments
5. Post comments to the PR

4. Review Comments

The bot will post inline comments on the PR with:

• Code quality issues
• Security vulnerabilities
• Best practice suggestions
• Actionable feedback

Development

Project Structure

.
├── app/
│   ├── api/              # API routes
│   ├── core/             # Core components (database, etc.)
│   ├── models/           # Database models
│   ├── services/         # Business logic services
│   └── main.py           # FastAPI application
├── alembic/              # Database migrations
├── config.py             # Configuration management
├── requirements.txt      # Python dependencies
└── docker-compose.yml    # Docker setup

Running Tests

pytest

Code Formatting

black .
ruff check .

Database Migrations

Create a new migration:

alembic revision --autogenerate -m "Description"

Apply migrations:

alembic upgrade head

Configuration

Environment Variables

Variable	Description	Default
GITHUB_APP_ID	GitHub App ID	Required
GITHUB_APP_PRIVATE_KEY_PATH	Path to private key	./github_app_private_key.pem
GITHUB_WEBHOOK_SECRET	Webhook secret	Required
DATABASE_URL	PostgreSQL connection string	Required
REDIS_URL	Redis connection string	redis://localhost:6379/0
OPENAI_API_KEY	OpenAI API key	Required
OPENAI_MODEL	OpenAI model to use	gpt-4-turbo-preview
LOG_LEVEL	Logging level	INFO

Static Analysis Tools

The bot currently supports:

• Pylint: Python code quality
• Bandit: Python security scanning

Additional tools can be added by extending StaticAnalyzer service.

Limitations & Known Issues

• Currently processes reviews synchronously (async queue coming in Phase 2)
• Limited to Python files (other languages coming in Phase 4)
• No RAG integration yet (coming in Phase 3)
• Single-agent workflow (multi-agent LangGraph coming in Phase 2)

Roadmap

See ARCHITECTURE.md for the detailed implementation roadmap:

• Phase 1 (MVP): ✅ Current - Basic review with single agent
• Phase 2: Multi-agent LangGraph workflow
• Phase 3: RAG integration for context-aware reviews
• Phase 4: Multi-language support and documentation generation
• Phase 5: Production hardening and scaling

Contributing

1. Fork the repository
2. Create a feature branch
3. Make your changes
4. Add tests
5. Submit a pull request

License

[Add your license here]

Support

For issues and questions, please open an issue on GitHub.

Acknowledgments

• Built with FastAPI, LangGraph (planned), OpenAI, and PostgreSQL
• Uses Pylint, Bandit, and other open-source static analysis tools