โ† Back to Git & GitHub
Git & GitHub by @briancolinger

pr-reviewer

Automated GitHub PR code review with diff analysis, lint

0
Source Code

PR Reviewer

Automated code review for GitHub pull requests. Analyzes diffs for security issues, error handling gaps, style problems, and test coverage.

Prerequisites

  • gh CLI installed and authenticated (gh auth status)
  • Repository access (read at minimum, write for posting comments)
  • Optional: golangci-lint for Go linting, ruff for Python linting

Quick Start

# Review all open PRs in current repo
scripts/github/pr-reviewer.sh check

# Review a specific PR
scripts/github/pr-reviewer.sh review 42

# Post review as GitHub comment
scripts/github/pr-reviewer.sh post 42

# Check status of all open PRs
scripts/github/pr-reviewer.sh status

# List unreviewed PRs (useful for heartbeat/cron integration)
scripts/github/pr-reviewer.sh list-unreviewed

Configuration

Set these environment variables or the script auto-detects from the current git repo:

  • PR_REVIEW_REPO โ€” GitHub repo in owner/repo format (default: detected from gh repo view)
  • PR_REVIEW_DIR โ€” Local checkout path for lint (default: git root of cwd)
  • PR_REVIEW_STATE โ€” State file path (default: ./data/pr-reviews.json)
  • PR_REVIEW_OUTDIR โ€” Report output directory (default: ./data/pr-reviews/)

Directories Written

  • PR_REVIEW_STATE (default: ./data/pr-reviews.json) โ€” Tracks reviewed PRs and their HEAD SHAs
  • PR_REVIEW_OUTDIR (default: ./data/pr-reviews/) โ€” Markdown review reports

What It Checks

Category Icon Examples
Security ๐Ÿ”ด Hardcoded credentials, AWS keys, secrets in code
Error Handling ๐ŸŸก Discarded errors (Go _ :=), bare except: (Python), unchecked Close()
Risk ๐ŸŸ  panic() calls, process.exit()
Style ๐Ÿ”ต fmt.Print/print()/console.log in prod, very long lines
TODOs ๐Ÿ“ TODO, FIXME, HACK, XXX markers
Test Coverage ๐Ÿ“Š Source files changed without corresponding test changes

Smart Re-Review

Tracks HEAD SHA per PR. Only re-reviews when new commits are pushed. Use review <PR#> to force re-review.

Report Format

Reports are saved as markdown files in the output directory. Each report includes:

  • PR metadata (author, branch, changes)
  • Commit list
  • Changed file categorization by language/type
  • Automated diff findings with file, line, category, and context
  • Test coverage analysis
  • Local lint results (when repo is checked out locally)
  • Summary verdict: ๐Ÿ”ด SECURITY / ๐ŸŸก NEEDS ATTENTION / ๐Ÿ”ต MINOR NOTES / โœ… LOOKS GOOD

Heartbeat/Cron Integration

Add to a periodic check (heartbeat, cron job, or CI):

UNREVIEWED=$(scripts/github/pr-reviewer.sh list-unreviewed)
if [ -n "$UNREVIEWED" ]; then
  scripts/github/pr-reviewer.sh check
fi

Extending

The analysis patterns in the script are organized by language. Add new patterns by appending to the relevant pattern list in the analyze_diff() function:

# Add a new Go pattern
go_patterns.append((r'^\+.*os\.Exit\(', 'RISK', 'Direct os.Exit() โ€” consider returning error'))