A code reviewer github action powered by AI, ready to be used in your workflow.

• Standardize your code review process
• Get feedback faster
• Recognize patterns which result in bad code
• Detection of common issues
• Identify security vulnerabilities
• Second opinion
• For humans to focus on more complex tasks

Create a workflow file inside .github/workflows folder (create if it doesn't exist) of your repository with the following content:

name: Code Review
on:
    pull_request:
        types: [opened, reopened, synchronize, ready_for_review]
        branches:
            - main # change this to your target branch
    workflow_dispatch: # Allows you to run the workflow manually from the Actions tab

permissions: # necessary permissions
    pull-requests: write
    contents: read

jobs:
    your-job-name:
        runs-on: ubuntu-latest
        name: your-job-name
        steps:
            - name: step-name
              id: step-id
              uses: murtuzaalisurti/better@v2 # this is the ref of the github action - https://docs.github.com/en/actions/writing-workflows/workflow-syntax-for-github-actions#jobsjob_iduses
              with:
                repo-token: ${{ secrets.GITHUB_TOKEN }} # this is auto generated
                ai-model-api-key: ${{ secrets.MODEL_API_KEY }} # make sure to set this in your repository secrets - /settings/secrets/actions (Settings > Secrets and Variables > Actions > Secrets Tab)
                platform: 'openai'
                delete-existing-review-by-bot: true #default is true
                filesToIgnore: '**/*.env; .husky/**; .cache/**' # uses glob patterns (micromatch - https://github.com/micromatch/micromatch)
                rules: |- # Rules to consider for code review
                    -- It must follow industry standard best practices
                    -- It should be idiomatic
                    -- It should be readable
                    -- It should not contain any security related vulnerabilities
                    -- It should not contain any sensitive data
                    -- It should be well structured
                    -- It should not contain bad patterns

Go to your repository settings, Settings > Secrets and Variables > Actions > Secrets Tab and add your platform API key. For example, add OPEN_AI_KEY as a secret with your OpenAI API key as a value. You can refer to it in the workflow file using ${{ secrets.OPEN_AI_KEY }} against the ai-model-api-key field.

• Go to your repository settings, Settings > Actions > General > Actions Permissions Tab and select Allow all actions and reusable workflows.

Run the workflow by raising a pull request to the target branch mentioned in the on section in the workflow.

The repo-token is the authorization token of your repository. It is auto generated by GitHub on every workflow run.

The platform is the name of the AI platform you want to use. It can be either openai or anthropic.

This action only supports OpenAI and Anthropic models for now.

The ai-model-api-key is your platform's API key which you have set in your repository secrets.

Example:

• OPEN_AI_KEY as a secret with your OpenAI API key as a value.
• ANTHROPIC_KEY as a secret with your Anthropic API key as a value.

They can be accessed in the workflow file using ${{ secrets.YOUR_KEY_NAME }}.

Specify the name of the model you want to use to generate suggestions. Fallbacks to gpt-4o-2024-08-06 for OpenAI and claude-3-5-sonnet-20240620 for Anthropic if not specified. Here's a list of supported models:

For OpenAI:

• gpt-4o-mini-2024-07-18 and later
• gpt-4o-2024-08-06 and later

This project uses Structured Outputs and that's why only the above listed models are supported. More info here.

For Anthropic:

• claude-3-5-sonnet-20240620
• claude-3-opus-20240229
• claude-3-sonnet-20240229
• claude-3-haiku-20240307

By default, the action will delete any existing review(s) by the bot before creating a new one on every PR push. If you want to keep them, set this option to false.

The rules to consider for code review. It is a multiline text field. Each rule should be on a new line and should start with --.

List of files to ignore. It is a semicolon(;) separated list of glob patterns. The default list of ignored files is:

**/node_modules/**
**/package-lock.json
**/yarn.lock
.cache/**
**/*.{jpg,jpeg,png,svg,webp,avif,gif,ico,woff,woff2,ttf,otf}

Glob patterns are resolved using micromatch. Check out their documentation for more info.

• The more the pull request changes are in number, higher will be the tokens sent to the AI model and once you reach the token limit either for the model or for the API (rate limiting), the action will throw an error. So, make sure to upgrade your model or the token limit if you encounter an issue which states too many tokens or token limit reached. Visit OpenAI's or Anthropic's API documentation for more details.
• The system prompt is common across all supported AI models.

Made with ❤️ by @murtuzaalisurti. Learn more at https://syntackle.com/blog/ai-powered-code-review-tool-better/.