{"id":31895534,"url":"https://github.com/haasonsaas/codex-code-reviewer","last_synced_at":"2026-05-17T06:31:43.212Z","repository":{"id":318363368,"uuid":"1070953547","full_name":"haasonsaas/codex-code-reviewer","owner":"haasonsaas","description":"AI-powered code review CLI tool built with OpenAI Codex SDK. Automatically analyze code for bugs, security issues, and performance problems with structured JSON output.","archived":false,"fork":false,"pushed_at":"2025-10-06T18:29:36.000Z","size":34,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2025-10-06T19:36:55.916Z","etag":null,"topics":["ai","automation","cli","code-review","codex","developer-tools","openai","typescript"],"latest_commit_sha":null,"homepage":null,"language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/haasonsaas.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2025-10-06T16:58:18.000Z","updated_at":"2025-10-06T19:07:57.000Z","dependencies_parsed_at":"2025-10-06T19:36:59.704Z","dependency_job_id":null,"html_url":"https://github.com/haasonsaas/codex-code-reviewer","commit_stats":null,"previous_names":["haasonsaas/codex-code-reviewer"],"tags_count":null,"template":false,"template_full_name":null,"purl":"pkg:github/haasonsaas/codex-code-reviewer","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/haasonsaas%2Fcodex-code-reviewer","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/haasonsaas%2Fcodex-code-reviewer/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/haasonsaas%2Fcodex-code-reviewer/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/haasonsaas%2Fcodex-code-reviewer/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/haasonsaas","download_url":"https://codeload.github.com/haasonsaas/codex-code-reviewer/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/haasonsaas%2Fcodex-code-reviewer/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":279014647,"owners_count":26085555,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-13T02:00:06.723Z","response_time":61,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ai","automation","cli","code-review","codex","developer-tools","openai","typescript"],"created_at":"2025-10-13T10:41:30.127Z","updated_at":"2025-10-13T10:41:32.169Z","avatar_url":"https://github.com/haasonsaas.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Codex Code Reviewer\n\nAI-powered code review CLI tool built with the OpenAI Codex SDK. Automatically analyze code for bugs, security issues, performance problems, and style violations.\n\n## Features\n\n✨ **Automated Code Reviews** - Review entire codebases or specific files with AI-powered analysis  \n🔍 **Git Diff Analysis** - Analyze pull requests and commits before merging  \n💬 **PR Comment Generation** - Generate actionable inline review comments for GitHub PRs  \n🚨 **CI Quality Gates** - Fail builds on critical issues with configurable severity thresholds  \n📊 **Multiple Output Formats** - JSON, SARIF (GitHub Code Scanning), Markdown summaries  \n🎯 **Baseline Support** - Only fail on new issues, track technical debt over time  \n⚡ **Optimized Performance** - Thread caching, diff minimization, timeout controls  \n🎯 **Critical Issue Focus** - Detects dead code, async bugs, type errors, security vulnerabilities  \n🚀 **Powered by Codex** - Uses the latest OpenAI Codex agent for intelligent code analysis\n\n## Prerequisites\n\n- Node.js 18 or higher\n- OpenAI Codex CLI installed globally:\n  ```bash\n  npm install -g @openai/codex\n  ```\n\n## Installation\n\n```bash\nnpm install\nnpm run build\n```\n\nOr install globally:\n\n```bash\nnpm install -g .\n```\n\n## Usage\n\n### Review Code\n\nReview files or directories for issues:\n\n```bash\ncodex-review review [paths...]\n```\n\n**Options:**\n- `-o, --output \u003cfile\u003e` - Output file for results (default: `review-results.json`)\n- `--focus \u003careas\u003e` - Comma-separated focus areas (default: `security,performance,bugs,style`)\n\n**Examples:**\n\n```bash\n# Review current directory\ncodex-review review\n\n# Review specific files\ncodex-review review src/auth.ts src/api.ts\n\n# Focus on security and performance\ncodex-review review --focus security,performance\n\n# Save to custom output file\ncodex-review review -o my-review.json\n```\n\n**Output:**\n\n```json\n{\n  \"summary\": \"Overall code review summary...\",\n  \"issues\": [\n    {\n      \"file\": \"src/auth.ts\",\n      \"line\": 45,\n      \"severity\": \"critical\",\n      \"category\": \"security\",\n      \"title\": \"SQL Injection Vulnerability\",\n      \"description\": \"User input is directly interpolated into SQL query...\",\n      \"suggestion\": \"Use parameterized queries or an ORM...\"\n    }\n  ],\n  \"stats\": {\n    \"total_issues\": 12,\n    \"critical\": 1,\n    \"high\": 3,\n    \"medium\": 5,\n    \"low\": 2,\n    \"info\": 1\n  }\n}\n```\n\n### Generate PR Review Comments\n\nGenerate inline review comments for critical issues (GitHub PR format):\n\n```bash\ncodex-review pr-comments\n```\n\n**Options:**\n- `-b, --branch \u003cbranch\u003e` - Compare against branch (default: `main`)\n- `-c, --commit \u003csha\u003e` - Analyze specific commit\n- `-o, --output \u003cfile\u003e` - Output file for comments (default: `pr-comments.json`)\n\n**Examples:**\n\n```bash\n# Generate comments for changes vs main\ncodex-review pr-comments\n\n# Generate comments for specific commit\ncodex-review pr-comments --commit abc123\n\n# Save to custom output file\ncodex-review pr-comments -o review-comments.json\n```\n\n**Output:**\n\n```json\n[\n  {\n    \"path\": \"src/auth.ts\",\n    \"line\": 45,\n    \"body\": \"This code block is unreachable due to the if (false) condition.\\n\\nWhy: This will never execute and indicates dead code.\\n\\nFix: Remove this entire if block.\"\n  }\n]\n```\n\n**Focus Areas:**\n- Dead/unreachable code\n- Broken control flow (missing break, fallthrough)\n- Async/await mistakes\n- React mutation bugs\n- UseEffect dependency issues\n- Operator errors (==, \u0026\u0026, assignment in conditions)\n- Off-by-one errors\n- Type coercion bugs\n- Null/undefined dereferences\n- Resource leaks\n- SQL/XSS injection\n- Race conditions\n- Missing error handling\n\n### Analyze Git Diff\n\nGet a comprehensive analysis with merge recommendation:\n\n```bash\ncodex-review diff\n```\n\n**Options:**\n- `-b, --branch \u003cbranch\u003e` - Compare against branch (default: `main`)\n- `-c, --commit \u003csha\u003e` - Analyze specific commit\n- `-o, --output \u003cfile\u003e` - Output file for results (default: `diff-analysis.json`)\n\n**Examples:**\n\n```bash\n# Analyze diff against main branch\ncodex-review diff\n\n# Analyze diff against develop branch\ncodex-review diff --branch develop\n\n# Analyze specific commit\ncodex-review diff --commit abc123\n\n# Save to custom output file\ncodex-review diff -o pr-analysis.json\n```\n\n**Output:**\n\n```json\n{\n  \"overall_assessment\": \"Changes introduce new authentication features with good test coverage...\",\n  \"should_merge\": true,\n  \"issues\": [\n    {\n      \"file\": \"src/api.ts\",\n      \"line_range\": \"45-52\",\n      \"type\": \"security\",\n      \"severity\": \"major\",\n      \"message\": \"API endpoint lacks rate limiting\",\n      \"recommendation\": \"Implement rate limiting middleware\"\n    }\n  ],\n  \"positive_notes\": [\n    \"Comprehensive test coverage for new features\",\n    \"Good error handling practices\"\n  ],\n  \"test_coverage_notes\": \"All new functions have corresponding unit tests\"\n}\n```\n\n## CI/CD Integration\n\nUse in your CI pipeline to automatically review PRs:\n\n### GitHub Actions - Post Review Comments\n\n```yaml\nname: Automated Code Review\n\non: [pull_request]\n\npermissions:\n  contents: read\n  pull-requests: write\n\njobs:\n  review:\n    runs-on: ubuntu-latest\n    steps:\n      - uses: actions/checkout@v3\n        with:\n          fetch-depth: 0\n      \n      - uses: actions/setup-node@v3\n        with:\n          node-version: '18'\n      \n      - name: Install Codex CLI\n        run: npm install -g @openai/codex\n      \n      - name: Install Code Reviewer\n        run: npm install -g codex-code-reviewer\n      \n      - name: Generate Review Comments\n        run: codex-review pr-comments --branch ${{ github.base_ref }}\n        env:\n          OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }}\n      \n      - name: Post Review Comments\n        if: always()\n        env:\n          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}\n        run: |\n          if [ -f pr-comments.json ]; then\n            # Post each comment using GitHub CLI\n            jq -c '.[]' pr-comments.json | while read comment; do\n              path=$(echo $comment | jq -r '.path')\n              line=$(echo $comment | jq -r '.line')\n              body=$(echo $comment | jq -r '.body')\n              \n              gh pr comment ${{ github.event.pull_request.number }} \\\n                --body \"**${path}:${line}**\\n\\n${body}\"\n            done\n          fi\n      \n      - name: Upload Results\n        uses: actions/upload-artifact@v3\n        with:\n          name: code-review-comments\n          path: pr-comments.json\n```\n\n### GitHub Actions - Analysis Only\n\n```yaml\nname: Code Review Analysis\n\non: [pull_request]\n\njobs:\n  review:\n    runs-on: ubuntu-latest\n    steps:\n      - uses: actions/checkout@v3\n      - uses: actions/setup-node@v3\n        with:\n          node-version: '18'\n      \n      - name: Install Dependencies\n        run: |\n          npm install -g @openai/codex\n          npm install -g codex-code-reviewer\n      \n      - name: Run Code Review\n        run: codex-review diff --branch ${{ github.base_ref }}\n        env:\n          OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }}\n      \n      - name: Upload Results\n        uses: actions/upload-artifact@v3\n        with:\n          name: code-review-results\n          path: diff-analysis.json\n```\n\n### GitLab CI\n\n```yaml\ncode_review:\n  image: node:18\n  script:\n    - npm install -g @openai/codex\n    - npm install -g codex-code-reviewer\n    - codex-review diff --branch main\n  artifacts:\n    paths:\n      - diff-analysis.json\n  only:\n    - merge_requests\n```\n\n## Configuration\n\nThe tool respects the following environment variables:\n\n- `OPENAI_API_KEY` - Your OpenAI API key\n- `CODEX_API_KEY` - Alternative to OPENAI_API_KEY\n- `OPENAI_BASE_URL` - Custom API endpoint (optional)\n\n## How It Works\n\nThis tool uses the OpenAI Codex SDK to:\n\n1. Start a Codex agent thread\n2. Provide your code as context\n3. Request structured analysis using JSON schemas (via Zod)\n4. Parse and format the results\n\nThe Codex agent has access to:\n- File reading and analysis tools\n- Git operations\n- Code search capabilities\n- Web search for best practices\n\n## Development\n\n```bash\n# Install dependencies\nnpm install\n\n# Build\nnpm run build\n\n# Run locally\nnpm run dev -- review src/\n\n# Test\nnpm test\n```\n\n## License\n\nMIT\n\n## Author\n\nJonathan Haas\n\n## Links\n\n- [OpenAI Codex](https://openai.com/codex/)\n- [Codex CLI Documentation](https://developers.openai.com/codex/cli/)\n- [GitHub Repository](https://github.com/yourusername/codex-code-reviewer)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fhaasonsaas%2Fcodex-code-reviewer","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fhaasonsaas%2Fcodex-code-reviewer","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fhaasonsaas%2Fcodex-code-reviewer/lists"}