{"id":51042198,"url":"https://github.com/denyherianto/gitlab-ai-code-review","last_synced_at":"2026-06-22T11:32:56.834Z","repository":{"id":338428803,"uuid":"1157852043","full_name":"denyherianto/gitlab-ai-code-review","owner":"denyherianto","description":"Analyzes code changes via the Gemini API with a structured review prompt, then posts severity-classified findings as GitLab MR notes.","archived":false,"fork":false,"pushed_at":"2026-02-16T06:55:01.000Z","size":164,"stargazers_count":18,"open_issues_count":0,"forks_count":5,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-06-10T22:22:34.684Z","etag":null,"topics":["ai","ai-agents","code-review","gemini","gitlab"],"latest_commit_sha":null,"homepage":"","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/denyherianto.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-02-14T11:59:57.000Z","updated_at":"2026-05-25T09:49:54.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/denyherianto/gitlab-ai-code-review","commit_stats":null,"previous_names":["denyherianto/niteni"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/denyherianto/gitlab-ai-code-review","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/denyherianto%2Fgitlab-ai-code-review","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/denyherianto%2Fgitlab-ai-code-review/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/denyherianto%2Fgitlab-ai-code-review/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/denyherianto%2Fgitlab-ai-code-review/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/denyherianto","download_url":"https://codeload.github.com/denyherianto/gitlab-ai-code-review/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/denyherianto%2Fgitlab-ai-code-review/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":34647748,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-06-22T02:00:06.391Z","response_time":106,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ai","ai-agents","code-review","gemini","gitlab"],"created_at":"2026-06-22T11:32:55.666Z","updated_at":"2026-06-22T11:32:56.826Z","avatar_url":"https://github.com/denyherianto.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Niteni\n\n\u003e *Niteni* (Javanese: to observe carefully, to pay close attention)\n\nAI-powered code review for GitLab CI pipelines, powered by the [Gemini REST API](https://ai.google.dev/gemini-api).\n\nAnalyzes code changes via the Gemini API with [structured output](https://ai.google.dev/gemini-api/docs/structured-output), then posts severity-classified findings as GitLab MR notes.\n\n## How It Works\n\nNiteni calls the **Gemini REST API** with structured output (`responseSchema` + `responseMimeType: \"application/json\"`) to get typed JSON findings directly — no regex parsing needed. Each finding includes severity, file, line, description, suggestion, and rationale, which Niteni posts as inline comments on the merge request.\n\n## Features\n\n- **Inline diff comments** — Findings are posted directly on the changed lines in the MR diff\n- **Severity-based emojis** — :rotating_light: CRITICAL, :warning: HIGH, :large_blue_circle: MEDIUM, :information_source: LOW\n- **GitLab suggestion blocks** — One-click \"Apply suggestion\" for each code fix\n- **Rationale explanations** — Each suggestion includes why the change is recommended\n- Automatic cleanup of previous review comments on re-review\n- Configurable file filtering (include/exclude patterns)\n- Diff size limits to manage token usage\n- Optional pipeline failure on CRITICAL findings\n\n## Quick Start\n\n### 1. Set up CI/CD Variables\n\nIn your GitLab project, go to **Settings \u003e CI/CD \u003e Variables** and add:\n\n| Variable | Description | Required |\n|----------|-------------|----------|\n| `GEMINI_API_KEY` | Google Gemini API key | Yes |\n| `GITLAB_TOKEN` | GitLab access token with `api` scope | Yes |\n\n### 2. Add to your `.gitlab-ci.yml`\n\n```yaml\nniteni-code-review:\n  stage: review\n  image: node:20-alpine\n  rules:\n    - if: $CI_PIPELINE_SOURCE == \"merge_request_event\"\n  before_script:\n    - apk add --no-cache git curl bash\n    # Clone and build Niteni\n    - git clone https://github.com/denyherianto/niteni.git /tmp/niteni\n    - cd /tmp/niteni \u0026\u0026 npm ci \u0026\u0026 npm run build \u0026\u0026 npm link\n    - cd $CI_PROJECT_DIR\n  script:\n    - niteni --mode mr\n  allow_failure: true\n```\n\n\u003e **Note:** Do NOT re-declare `GEMINI_API_KEY` or `GITLAB_TOKEN` in the job `variables:` section — this causes a circular reference. Project-level CI/CD variables are automatically available in all jobs.\n\n## Configuration\n\nAll configuration is via environment variables:\n\n| Variable | Default | Description |\n|----------|---------|-------------|\n| `GEMINI_API_KEY` | - | Gemini API key |\n| `GITLAB_TOKEN` | `$CI_JOB_TOKEN` | GitLab access token |\n| `CI_PROJECT_ID` | - | GitLab project ID (auto-set in CI) |\n| `CI_MERGE_REQUEST_IID` | - | MR IID (auto-set in CI) |\n| `GEMINI_MODEL` | `gemini-3-pro-preview` | Gemini model for review |\n| `REVIEW_MAX_FILES` | `50` | Max files to review |\n| `REVIEW_MAX_DIFF_SIZE` | `100000` | Max diff size (characters) |\n| `REVIEW_INCLUDE_PATTERNS` | - | File patterns to include (comma-separated) |\n| `REVIEW_EXCLUDE_PATTERNS` | `package-lock.json,yarn.lock,*.min.js,*.min.css` | File patterns to exclude |\n| `REVIEW_POST_AS_NOTE` | `true` | Post review as MR note |\n| `REVIEW_FAIL_ON_CRITICAL` | `false` | Fail pipeline on CRITICAL findings |\n\n## Review Output\n\nFindings are posted as **inline diff comments** directly on the changed lines. Each comment includes:\n\n- Severity badge with emoji\n- Issue description\n- Suggestion with rationale explanation\n- GitLab \"Apply suggestion\" button for one-click fixes\n\n### Severity Levels\n\n- :rotating_light: **CRITICAL** — Security vulnerabilities, data loss, logic failures\n- :warning: **HIGH** — Performance bottlenecks, architectural violations, functional bugs\n- :large_blue_circle: **MEDIUM** — Input validation gaps, error handling issues\n- :information_source: **LOW** — Documentation, minor readability issues\n\n### Example Inline Comment\n\n\u003e #### :warning: HIGH — `src/auth.js:42`\n\u003e\n\u003e **Issue:** Missing token expiration check allows indefinite session reuse.\n\u003e\n\u003e **Suggestion:** Adding an expiration check prevents stolen tokens from being used indefinitely.\n\u003e ```suggestion\n\u003e if (decoded.exp \u003c Date.now() / 1000) {\n\u003e   throw new AuthError('Token expired');\n\u003e }\n\u003e ```\n\n## Publishing to GitLab NPM Registry\n\nThe package auto-publishes on version tags:\n\n```bash\ngit tag v1.0.0\ngit push origin v1.0.0\n```\n\nThe `publish-package` CI job will publish to your project's NPM registry.\n\n### Manual publishing\n\n```bash\n# Configure registry\nnpm config set registry https://gitlab.com/api/v4/projects/YOUR_PROJECT_ID/packages/npm/\nnpm config set -- '//gitlab.com/api/v4/projects/YOUR_PROJECT_ID/packages/npm/:_authToken' \"YOUR_TOKEN\"\n\n# Publish\nnpm publish\n```\n\n## Project Structure\n\n```\nniteni/\n├── src/\n│   ├── types/\n│   │   ├── index.ts          # Barrel export for all types\n│   │   ├── config.ts         # AppConfig, GitLabConfig, GeminiConfig, ReviewConfig\n│   │   ├── gitlab.ts         # MergeRequest, MergeRequestNote, DiffPosition, etc.\n│   │   └── reviewer.ts       # Severity, Finding, StructuredReviewResponse, ReviewResult\n│   ├── index.ts              # Main module \u0026 orchestration\n│   ├── cli.ts                # CLI entry point\n│   ├── simulate.ts           # Simulation mode with mock data\n│   ├── reviewer.ts           # Gemini structured output review logic\n│   ├── gitlab-api.ts         # GitLab API client\n│   └── config.ts             # Configuration values\n├── dist/                     # Compiled output (generated)\n├── scripts/\n│   └── ci-review.sh          # CI helper script\n├── .gitlab-ci.yml            # GitLab CI pipeline\n├── tsconfig.json             # TypeScript configuration\n├── .npmrc                    # NPM registry config\n├── package.json\n└── README.md\n```\n\n## Vibecoding Prompt\n\nCopy the prompt below into your AI coding tool (Claude Code, Cursor, GitHub Copilot, Windsurf, etc.) to integrate Niteni into your GitLab repository:\n\n```\nIntegrate \"Niteni\" — an AI-powered code review tool — into this GitLab repository. Niteni uses the Gemini REST API with structured output to automatically review merge request diffs and post findings as MR notes.\n\n## Steps\n\n1. Add a `niteni` job to `.gitlab-ci.yml` that runs on merge request events:\n\n   niteni-code-review:\n     stage: review\n     image: node:20-alpine\n     rules:\n       - if: $CI_PIPELINE_SOURCE == \"merge_request_event\"\n     before_script:\n       - apk add --no-cache git curl bash\n       - git clone https://github.com/denyherianto/niteni.git /tmp/niteni\n       - cd /tmp/niteni \u0026\u0026 npm ci \u0026\u0026 npm run build \u0026\u0026 npm link\n       - cd $CI_PROJECT_DIR\n     script:\n       - niteni --mode mr\n     allow_failure: true\n\n   IMPORTANT: Do NOT re-declare GEMINI_API_KEY or GITLAB_TOKEN in the job `variables:` section.\n   Project-level CI/CD variables are automatically available in all jobs. Re-declaring them\n   causes a circular reference where the variable expands to a literal string instead of its value.\n\n2. Ensure the following CI/CD variables are configured in GitLab (Settings \u003e CI/CD \u003e Variables).\n   Set them as type \"Variable\" (not \"File\"), check \"Mask variable\", and UNCHECK \"Protect variable\":\n   - GEMINI_API_KEY — Google Gemini API key\n   - GITLAB_TOKEN — GitLab Personal Access Token with `api` scope\n\n3. Optional environment variables (these CAN be added to the job `variables:` section since they are plain values, not references):\n   - GEMINI_MODEL (default: gemini-3-pro-preview) — Gemini model for review\n   - REVIEW_MAX_FILES (default: 50) — Max files to include in the review\n   - REVIEW_MAX_DIFF_SIZE (default: 100000) — Max diff size in characters\n   - REVIEW_INCLUDE_PATTERNS — Comma-separated glob patterns to include (e.g. \"src/**,lib/**\")\n   - REVIEW_EXCLUDE_PATTERNS — Comma-separated glob patterns to exclude\n   - REVIEW_POST_AS_NOTE (default: true) — Post review as MR note\n   - REVIEW_FAIL_ON_CRITICAL (default: false) — Fail the pipeline when CRITICAL findings are found\n\n4. If the existing `.gitlab-ci.yml` does not have a `review` stage, add it to the `stages` list.\n\n5. Test the integration by opening a merge request. Niteni will automatically review the diff and post a comment with severity-classified findings (CRITICAL, HIGH, MEDIUM, LOW) and suggested code fixes.\n```\n\n## License\n\nMIT\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdenyherianto%2Fgitlab-ai-code-review","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdenyherianto%2Fgitlab-ai-code-review","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdenyherianto%2Fgitlab-ai-code-review/lists"}