dnysus/ai-pr-reviewer is a fork of wisteria30/ai-pr-reviewer that modifies CodeRabbit ai-pr-reviewer for use with Azure OpenAI, delivering a more comprehensive and customizable code review experience. This fork enhances the original tool by incorporating:
-
Enhanced AI Review Prompts:
Custom prompt templates instruct the AI to provide detailed feedback across key areas such as code quality, best practices, performance optimization, security, and maintainability. This ensures a deeper analysis tailored for modern stacks including TypeScript, NodeJS, React, GraphQL Apollo, and AWS Serverless. -
Improved Configuration Flexibility:
New options for managing token limits and concurrency allow for smoother operation and more stable reviews, even for large diffs. Additionally, customizable system messages and review parameters let you fine-tune AI behavior to suit your team's preferences. -
Incremental and Contextual Reviews:
The tool now supports continuous reviews on every pull request update, delivering both overall summaries and file-specific insights. This incremental approach helps developers quickly identify high-impact changes while reducing review noise. -
Enhanced Security and Reliability:
By leveraging your own Azure OpenAI deployment, the tool ensures better security and control over your data. The improved error handling and robust diff parsing further contribute to a reliable, production-ready experience.
These modifications empower developers with actionable insights, streamlining the code review process and ultimately improving code quality across your projects.
wisteria30/ai-pr-reviewer modifies CodeRabbit ai-pr-reviewer for
use with Azure OpenAI and is more secure since it accesses models you deploy yourself.
CodeRabbit ai-pr-reviewer is an AI-based code reviewer and summarizer for
GitHub pull requests using OpenAI's gpt-3.5-turbo and gpt-4 models. It is
designed to be used as a GitHub Action and can be configured to run on every
pull request and review comments
- PR Summarization: It generates a summary and release notes of the changes in the pull request.
- Line-by-line code change suggestions: Reviews the changes line by line and provides code change suggestions.
- Continuous, incremental reviews: Reviews are performed on each commit within a pull request, rather than a one-time review on the entire pull request.
- Cost-effective and reduced noise: Incremental reviews save on OpenAI costs and reduce noise by tracking changed files between commits and the base of the pull request.
- "Light" model for summary: Designed to be used with a "light"
summarization model (e.g.
gpt-3.5-turbo) and a "heavy" review model (e.g.gpt-4). For best results, usegpt-4as the "heavy" model, as thorough code review needs strong reasoning abilities. - Chat with bot: Supports conversation with the bot in the context of lines of code or entire files, useful for providing context, generating test cases, and reducing code complexity.
- Smart review skipping: By default, skips in-depth review for simple
changes (e.g. typo fixes) and when changes look good for the most part. It can
be disabled by setting
review_simple_changesandreview_comment_lgtmtotrue. - Customizable prompts: Tailor the
system_message,summarize, andsummarize_release_notesprompts to focus on specific aspects of the review process or even change the review objective.
To use this tool, you need to add the provided YAML file to your repository and
configure the required environment variables, such as GITHUB_TOKEN and
OPENAI_API_KEY. For more information on usage, examples, contributing, and
FAQs, you can refer to the sections below.
- Overview
- Professional Version of CodeRabbit
- Reviewer Features
- Install instructions
- Conversation with CodeRabbit
- Examples
- Contribute
- FAQs
ai-pr-reviewer runs as a GitHub Action. Add the below file to your repository
at .github/workflows/ai-pr-reviewer.yml
name: Code Review
permissions:
contents: read
pull-requests: write
on:
pull_request:
pull_request_review_comment:
types: [created]
concurrency:
group:
${{ github.repository }}-${{ github.event.number || github.head_ref ||
github.sha }}-${{ github.workflow }}-${{ github.event_name ==
'pull_request_review_comment' && 'pr_comment' || 'pr' }}
cancel-in-progress: ${{ github.event_name != 'pull_request_review_comment' }}
jobs:
review:
if: github.actor != 'dependabot[bot]'
runs-on: ubuntu-latest
steps:
- uses: dnysus/ai-pr-reviewer@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
AZURE_OPENAI_API_KEY: ${{ Secrets.AZURE_OPENAI_API_KEY }}
AZURE_OPENAI_API_INSTANCE_NAME: ${{ Secrets.AZURE_OPENAI_API_INSTANCE_NAME }}
AZURE_OPENAI_API_DEPLOYMENT_NAME: ${{ Secrets.AZURE_OPENAI_API_DEPLOYMENT_NAME }}
AZURE_OPENAI_API_VERSION: '2024-12-01-preview'
with:
debug: true
review_comment_lgtm: false
openai_light_model: o3-mini
openai_heavy_model: o3-miniGITHUB_TOKEN: This should already be available to the GitHub Action environment. This is used to add comments to the pull request.AZURE_OPENAI_API_KEY: use this to authenticate with Azure OpenAI API. Please add key to your GitHub Action secrets.AZURE_OPENAI_API_INSTANCE_NAME: use this to access your Azure OpenAI API instance. Please add instance name to your GitHub Action secrets.AZURE_OPENAI_API_DEPLOYMENT_NAME: use this to inferencing your Azure OpenAI API model. Please add deployment name to your GitHub Action secrets.AZURE_OPENAI_API_VERSION: use this to access your Azure OpenAI API version.
See Langchain settings for specific values. https://js.langchain.com/docs/integrations/text_embedding/azure_openai
We recommend using gpt-3.5-turbo or the lightweight o3-mini for simpler tasks (such as summarizing changes via the openai_light_model configuration) and reserving gpt-4 for more complex review and commenting tasks (via the openai_heavy_model configuration).
Costs: Both gpt-3.5-turbo and o3-mini are cost-effective options, while gpt-4 is more expensive but delivers superior results. For example, in our deployments we typically spend around $20 a day for a 20-developer team when using gpt-4 for detailed reviews.
When using the lightweight o3-mini model for either light summarization or heavy review tasks, the configured temperature value is automatically omitted. This is because the o3-mini model does not support the temperature parameter. Consequently, any value you set for openai_model_temperature will have no effect when using o3-mini. Please keep this in mind when choosing your model configuration.
See: action.yml
Tip: You can change the bot personality by configuring the system_message
value. For example, to review docs/blog posts, you can use the following prompt:
Blog Reviewer Prompt
system_message: |
You are `@coderabbitai` (aka `github-actions[bot]`), a language model
trained by OpenAI. Your purpose is to act as a highly experienced
DevRel (developer relations) professional with focus on cloud-native
infrastructure.
Company context -
CodeRabbit is an AI-powered Code reviewer.It boosts code quality and cuts manual effort. Offers context-aware, line-by-line feedback, highlights critical changes,
enables bot interaction, and lets you commit suggestions directly from GitHub.
When reviewing or generating content focus on key areas such as -
- Accuracy
- Relevance
- Clarity
- Technical depth
- Call-to-action
- SEO optimization
- Brand consistency
- Grammar and prose
- Typos
- Hyperlink suggestions
- Graphics or images (suggest Dall-E image prompts if needed)
- Empathy
- EngagementYou can reply to a review comment made by this action and get a response based
on the diff context. Additionally, you can invite the bot to a conversation by
tagging it in the comment (@coderabbitai).
Example:
@coderabbitai Please generate a test plan for this file.
Note: A review comment is a comment made on a diff or a file in the pull request.
Sometimes it is useful to ignore a PR. For example, if you are using this action to review documentation, you can ignore PRs that only change the documentation. To ignore a PR, add the following keyword in the PR description:
@coderabbitai: ignore
Some of the reviews done by ai-pr-reviewer
Any suggestions or pull requests for improving the prompts are highly appreciated.
First, you'll need to have a reasonably modern version of
nodehandy, tested with node 17+.
Install the dependencies
$ npm installBuild the typescript and package it for distribution
$ npm run build && npm run packageGitHub Actions limits the access of secrets from forked repositories. To enable
this feature, you need to use the pull_request_target event instead of
pull_request in your workflow file. Note that with pull_request_target, you
need extra configuration to ensure checking out the right commit:
name: Code Review
permissions:
contents: read
pull-requests: write
on:
pull_request_target:
types: [opened, synchronize, reopened]
pull_request_review_comment:
types: [created]
concurrency:
group:
${{ github.repository }}-${{ github.event.number || github.head_ref ||
github.sha }}-${{ github.workflow }}-${{ github.event_name ==
'pull_request_review_comment' && 'pr_comment' || 'pr' }}
cancel-in-progress: ${{ github.event_name != 'pull_request_review_comment' }}
jobs:
review:
runs-on: ubuntu-latest
steps:
- uses: coderabbitai/ai-pr-reviewer@latest
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }}
with:
debug: false
review_simple_changes: false
review_comment_lgtm: falseSee also: https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#pull_request_target
Set debug: true in the workflow file to enable debug mode, which will show the
messages
- Your code (files, diff, PR title/description) will be sent to OpenAI's servers for processing. Please check with your compliance team before using this on your private code repositories.
- OpenAI's API is used instead of ChatGPT session on their portal. OpenAI API has a more conservative data usage policy compared to their ChatGPT offering.
- This action is not affiliated with OpenAI.