# OpenRabbit AI Code Review Configuration # ========================================= # LLM Provider Configuration # -------------------------- # Available providers: openai | openrouter | ollama | anthropic | azure | gemini provider: openai model: openai: gpt-4.1-mini openrouter: anthropic/claude-3.5-sonnet ollama: codellama:13b anthropic: claude-3-5-sonnet-20241022 azure: gpt-4 # Deployment name gemini: gemini-1.5-pro temperature: 0 max_tokens: 4096 # Azure OpenAI specific settings (when provider: azure) azure: endpoint: "" # Set via AZURE_OPENAI_ENDPOINT env var deployment: "" # Set via AZURE_OPENAI_DEPLOYMENT env var api_version: "2024-02-15-preview" # Google Gemini specific settings (when provider: gemini) gemini: project: "" # For Vertex AI, set via GOOGLE_CLOUD_PROJECT env var region: "us-central1" # Rate Limits and Timeouts # ------------------------ rate_limits: min_interval: 1.0 # Minimum seconds between API requests timeouts: llm: 120 # LLM API timeout in seconds (OpenAI, OpenRouter, Anthropic, etc.) ollama: 300 # Ollama timeout (longer for local models) gitea: 30 # Gitea/GitHub API timeout # Review settings # --------------- review: fail_on_severity: HIGH max_diff_lines: 800 inline_comments: true security_scan: true # File Ignore Patterns # -------------------- # Similar to .gitignore, controls which files are excluded from review ignore: use_defaults: true # Include default patterns (node_modules, .git, etc.) file: ".ai-reviewignore" # Custom ignore file name patterns: [] # Additional patterns to ignore # Agent Configuration # ------------------- agents: issue: enabled: true auto_label: true auto_triage: true duplicate_threshold: 0.85 events: - opened - labeled pr: enabled: true inline_comments: true security_scan: true events: - opened - synchronize auto_summary: enabled: true post_as_comment: true codebase: enabled: true schedule: "0 0 * * 0" # Weekly on Sunday chat: enabled: true name: "Bartender" max_iterations: 5 tools: - search_codebase - read_file - search_web searxng_url: "" # Set via SEARXNG_URL env var # Dependency Security Agent dependency: enabled: true scan_on_pr: true # Auto-scan PRs that modify dependency files vulnerability_threshold: "medium" # low | medium | high | critical update_suggestions: true # Suggest version updates # Test Coverage Agent test_coverage: enabled: true suggest_tests: true min_coverage_percent: 80 # Warn if coverage below this # Architecture Compliance Agent architecture: enabled: true layers: api: can_import_from: [utils, models, services] cannot_import_from: [db, repositories] services: can_import_from: [utils, models, repositories] cannot_import_from: [api] repositories: can_import_from: [utils, models, db] cannot_import_from: [api, services] # Interaction Settings # -------------------- # CUSTOMIZE YOUR BOT NAME HERE! interaction: respond_to_mentions: true mention_prefix: "@codebot" commands: - help - explain - suggest - security - summarize - changelog - explain-diff - triage - review-again # New commands - check-deps # Check dependencies for vulnerabilities - suggest-tests # Suggest test cases - refactor-suggest # Suggest refactoring opportunities - architecture # Check architecture compliance - arch-check # Alias for architecture # Security Scanning # ----------------- security: enabled: true fail_on_high: true rules_file: "security/security_rules.yml" # SAST Integration sast: enabled: true bandit: true # Python AST-based security scanner semgrep: true # Polyglot security scanner with custom rules trivy: false # Container/filesystem scanner (requires trivy installed) # Notifications # ------------- notifications: enabled: false threshold: "warning" # info | warning | error | critical slack: enabled: false webhook_url: "" # Set via SLACK_WEBHOOK_URL env var channel: "" # Override channel (optional) username: "OpenRabbit" discord: enabled: false webhook_url: "" # Set via DISCORD_WEBHOOK_URL env var username: "OpenRabbit" avatar_url: "" # Custom webhooks for other integrations webhooks: [] # Example: # - url: "https://your-webhook.example.com/notify" # enabled: true # headers: # Authorization: "Bearer your-token" # Compliance & Audit # ------------------ compliance: enabled: false # Audit Trail audit: enabled: false log_file: "audit.log" log_to_stdout: false retention_days: 90 # CODEOWNERS Enforcement codeowners: enabled: false require_approval: true # Require approval from code owners # Regulatory Compliance regulations: hipaa: false soc2: false pci_dss: false gdpr: false # Enterprise Settings # ------------------- enterprise: audit_log: true audit_path: "/var/log/ai-review/" metrics_enabled: true rate_limit: requests_per_minute: 30 max_concurrent: 4 # Label Mappings # -------------- # Each label has: # name: The label name to use/create # aliases: Alternative names for auto-detection # color: Hex color code without # # description: Label description labels: priority: critical: name: "priority: critical" color: "b60205" description: "Critical priority - immediate attention required" aliases: ["Priority - Critical", "P0", "critical", "Priority/Critical"] high: name: "priority: high" color: "d73a4a" description: "High priority issue" aliases: ["Priority - High", "P1", "high", "Priority/High"] medium: name: "priority: medium" color: "fbca04" description: "Medium priority issue" aliases: ["Priority - Medium", "P2", "medium", "Priority/Medium"] low: name: "priority: low" color: "28a745" description: "Low priority issue" aliases: ["Priority - Low", "P3", "low", "Priority/Low"] type: bug: name: "type: bug" color: "d73a4a" description: "Something isn't working" aliases: ["Kind/Bug", "bug", "Type: Bug", "Type/Bug", "Kind - Bug"] feature: name: "type: feature" color: "1d76db" description: "New feature request" aliases: [ "Kind/Feature", "feature", "enhancement", "Kind/Enhancement", "Type: Feature", "Type/Feature", "Kind - Feature", ] question: name: "type: question" color: "cc317c" description: "Further information is requested" aliases: [ "Kind/Question", "question", "Type: Question", "Type/Question", "Kind - Question", ] docs: name: "type: documentation" color: "0075ca" description: "Documentation improvements" aliases: [ "Kind/Documentation", "documentation", "docs", "Type: Documentation", "Type/Documentation", "Kind - Documentation", ] security: name: "type: security" color: "b60205" description: "Security vulnerability or concern" aliases: [ "Kind/Security", "security", "Type: Security", "Type/Security", "Kind - Security", ] testing: name: "type: testing" color: "0e8a16" description: "Related to testing" aliases: [ "Kind/Testing", "testing", "tests", "Type: Testing", "Type/Testing", "Kind - Testing", ] status: ai_approved: name: "ai-approved" color: "28a745" description: "AI review approved this PR" aliases: [ "Status - Approved", "approved", "Status/Approved", "Status - AI Approved", ] ai_changes_required: name: "ai-changes-required" color: "d73a4a" description: "AI review found issues requiring changes" aliases: [ "Status - Changes Required", "changes-required", "Status/Changes Required", "Status - AI Changes Required", ] ai_reviewed: name: "ai-reviewed" color: "1d76db" description: "This issue/PR has been reviewed by AI" aliases: [ "Reviewed - Confirmed", "reviewed", "Status/Reviewed", "Reviewed/Confirmed", "Status - Reviewed", ] # Label Pattern Detection # ----------------------- label_patterns: prefix_slash: "^(Kind|Type|Category)/(.+)$" prefix_dash: "^(Priority|Status|Reviewed) - (.+)$" colon: "^(type|priority|status): (.+)$"