just why not
All checks were successful
AI Codebase Quality Review / ai-codebase-review (push) Successful in 39s
All checks were successful
AI Codebase Quality Review / ai-codebase-review (push) Successful in 39s
This commit is contained in:
116
README.md
116
README.md
@@ -1,6 +1,6 @@
|
||||
# OpenRabbit
|
||||
|
||||
Enterprise-grade AI code review system for **Gitea** with automated PR review, issue triage, interactive chat, and codebase analysis.
|
||||
Enterprise-grade AI code review system for **Gitea** and **GitHub** with automated PR review, issue triage, interactive chat, and codebase analysis.
|
||||
|
||||
---
|
||||
|
||||
@@ -14,9 +14,15 @@ Enterprise-grade AI code review system for **Gitea** with automated PR review, i
|
||||
| **Chat** | Interactive AI chat with codebase search and web search tools |
|
||||
| **@codebot Commands** | `@codebot summarize`, `changelog`, `explain-diff`, `explain`, `suggest`, `triage`, `review-again` in comments |
|
||||
| **Codebase Analysis** | Health scores, tech debt tracking, weekly reports |
|
||||
| **Security Scanner** | 17 OWASP-aligned rules for vulnerability detection |
|
||||
| **Security Scanner** | 17 OWASP-aligned rules + SAST integration (Bandit, Semgrep) |
|
||||
| **Dependency Scanning** | Vulnerability detection for Python, JavaScript dependencies |
|
||||
| **Test Coverage** | AI-powered test suggestions for untested code |
|
||||
| **Architecture Compliance** | Layer separation enforcement, circular dependency detection |
|
||||
| **Notifications** | Slack/Discord alerts for security findings and reviews |
|
||||
| **Compliance** | Audit trail, CODEOWNERS enforcement, regulatory support |
|
||||
| **Multi-Provider LLM** | OpenAI, Anthropic Claude, Azure OpenAI, Google Gemini, Ollama |
|
||||
| **Enterprise Ready** | Audit logging, metrics, Prometheus export |
|
||||
| **Gitea Native** | Built for Gitea workflows and API |
|
||||
| **Gitea Native** | Built for Gitea workflows and API (also works with GitHub) |
|
||||
|
||||
---
|
||||
|
||||
@@ -116,12 +122,28 @@ tools/ai-review/
|
||||
│ ├── issue_agent.py # Issue triage & @codebot commands
|
||||
│ ├── pr_agent.py # PR review with security scan
|
||||
│ ├── codebase_agent.py # Codebase health analysis
|
||||
│ └── chat_agent.py # Interactive chat with tool calling
|
||||
│ ├── chat_agent.py # Interactive chat with tool calling
|
||||
│ ├── dependency_agent.py # Dependency vulnerability scanning
|
||||
│ ├── test_coverage_agent.py # Test coverage analysis
|
||||
│ └── architecture_agent.py # Architecture compliance checking
|
||||
├── clients/ # API clients
|
||||
│ ├── gitea_client.py # Gitea REST API wrapper
|
||||
│ └── llm_client.py # Multi-provider LLM client with tool support
|
||||
│ ├── llm_client.py # Multi-provider LLM client with tool support
|
||||
│ └── providers/ # Additional LLM providers
|
||||
│ ├── anthropic_provider.py # Direct Anthropic Claude API
|
||||
│ ├── azure_provider.py # Azure OpenAI Service
|
||||
│ └── gemini_provider.py # Google Gemini API
|
||||
├── security/ # Security scanning
|
||||
│ └── security_scanner.py # 17 OWASP-aligned rules
|
||||
│ ├── security_scanner.py # 17 OWASP-aligned rules
|
||||
│ └── sast_scanner.py # Bandit, Semgrep, Trivy integration
|
||||
├── notifications/ # Alerting system
|
||||
│ └── notifier.py # Slack, Discord, webhook notifications
|
||||
├── compliance/ # Compliance & audit
|
||||
│ ├── audit_trail.py # Audit logging with integrity verification
|
||||
│ └── codeowners.py # CODEOWNERS enforcement
|
||||
├── utils/ # Utility functions
|
||||
│ ├── ignore_patterns.py # .ai-reviewignore support
|
||||
│ └── webhook_sanitizer.py # Input validation
|
||||
├── enterprise/ # Enterprise features
|
||||
│ ├── audit_logger.py # JSONL audit logging
|
||||
│ └── metrics.py # Prometheus-compatible metrics
|
||||
@@ -182,6 +204,10 @@ In any issue comment:
|
||||
| `@codebot summarize` | Summarize the issue in 2-3 sentences |
|
||||
| `@codebot explain` | Explain what the issue is about |
|
||||
| `@codebot suggest` | Suggest solutions or next steps |
|
||||
| `@codebot check-deps` | Scan dependencies for security vulnerabilities |
|
||||
| `@codebot suggest-tests` | Suggest test cases for changed code |
|
||||
| `@codebot refactor-suggest` | Suggest refactoring opportunities |
|
||||
| `@codebot architecture` | Check architecture compliance (alias: `arch-check`) |
|
||||
| `@codebot` (any question) | Chat with AI using codebase/web search tools |
|
||||
|
||||
### Pull Request Commands
|
||||
@@ -522,19 +548,91 @@ Replace `'Bartender'` with your bot's Gitea username. This prevents the bot from
|
||||
|
||||
| Provider | Model | Use Case |
|
||||
|----------|-------|----------|
|
||||
| OpenAI | gpt-4.1-mini | Fast, reliable |
|
||||
| OpenAI | gpt-4.1-mini | Fast, reliable, default |
|
||||
| Anthropic | claude-3.5-sonnet | Direct Claude API access |
|
||||
| Azure OpenAI | gpt-4 (deployment) | Enterprise Azure deployments |
|
||||
| Google Gemini | gemini-1.5-pro | GCP customers, Vertex AI |
|
||||
| OpenRouter | claude-3.5-sonnet | Multi-provider access |
|
||||
| Ollama | codellama:13b | Self-hosted, private |
|
||||
|
||||
### Provider Configuration
|
||||
|
||||
```yaml
|
||||
# In config.yml
|
||||
provider: anthropic # openai | anthropic | azure | gemini | openrouter | ollama
|
||||
|
||||
# Azure OpenAI
|
||||
azure:
|
||||
endpoint: "" # Set via AZURE_OPENAI_ENDPOINT env var
|
||||
deployment: "gpt-4"
|
||||
api_version: "2024-02-15-preview"
|
||||
|
||||
# Google Gemini (Vertex AI)
|
||||
gemini:
|
||||
project: "" # Set via GOOGLE_CLOUD_PROJECT env var
|
||||
region: "us-central1"
|
||||
```
|
||||
|
||||
### Environment Variables
|
||||
|
||||
| Variable | Provider | Description |
|
||||
|----------|----------|-------------|
|
||||
| `OPENAI_API_KEY` | OpenAI | API key |
|
||||
| `ANTHROPIC_API_KEY` | Anthropic | API key |
|
||||
| `AZURE_OPENAI_ENDPOINT` | Azure | Service endpoint URL |
|
||||
| `AZURE_OPENAI_API_KEY` | Azure | API key |
|
||||
| `AZURE_OPENAI_DEPLOYMENT` | Azure | Deployment name |
|
||||
| `GOOGLE_API_KEY` | Gemini | API key (public API) |
|
||||
| `GOOGLE_CLOUD_PROJECT` | Vertex AI | GCP project ID |
|
||||
| `OPENROUTER_API_KEY` | OpenRouter | API key |
|
||||
| `OLLAMA_HOST` | Ollama | Server URL (default: localhost:11434) |
|
||||
|
||||
---
|
||||
|
||||
## Enterprise Features
|
||||
|
||||
- **Audit Logging**: JSONL logs with daily rotation
|
||||
- **Audit Logging**: JSONL logs with integrity checksums and daily rotation
|
||||
- **Compliance**: HIPAA, SOC2, PCI-DSS, GDPR support with configurable rules
|
||||
- **CODEOWNERS Enforcement**: Validate approvals against CODEOWNERS file
|
||||
- **Notifications**: Slack/Discord webhooks for critical findings
|
||||
- **SAST Integration**: Bandit, Semgrep, Trivy for advanced security scanning
|
||||
- **Metrics**: Prometheus-compatible export
|
||||
- **Rate Limiting**: Configurable request limits
|
||||
- **Rate Limiting**: Configurable request limits and timeouts
|
||||
- **Custom Security Rules**: Define your own patterns via YAML
|
||||
- **Tool Calling**: LLM function calling for interactive chat
|
||||
- **Ignore Patterns**: `.ai-reviewignore` for excluding files from review
|
||||
|
||||
### Notifications Configuration
|
||||
|
||||
```yaml
|
||||
# In config.yml
|
||||
notifications:
|
||||
enabled: true
|
||||
threshold: "warning" # info | warning | error | critical
|
||||
|
||||
slack:
|
||||
enabled: true
|
||||
webhook_url: "" # Set via SLACK_WEBHOOK_URL env var
|
||||
channel: "#code-review"
|
||||
|
||||
discord:
|
||||
enabled: true
|
||||
webhook_url: "" # Set via DISCORD_WEBHOOK_URL env var
|
||||
```
|
||||
|
||||
### Compliance Configuration
|
||||
|
||||
```yaml
|
||||
compliance:
|
||||
enabled: true
|
||||
audit:
|
||||
enabled: true
|
||||
log_file: "audit.log"
|
||||
retention_days: 90
|
||||
codeowners:
|
||||
enabled: true
|
||||
require_approval: true
|
||||
```
|
||||
|
||||
---
|
||||
|
||||
|
||||
Reference in New Issue
Block a user