{"id":27900576,"url":"https://github.com/qiniu/reviewbot","last_synced_at":"2025-05-05T20:17:38.093Z","repository":{"id":214266215,"uuid":"735333154","full_name":"qiniu/reviewbot","owner":"qiniu","description":"Empower Your Code Quality with Self-Hosted Automated Analysis and Review","archived":false,"fork":false,"pushed_at":"2025-04-29T02:08:28.000Z","size":4981,"stargazers_count":75,"open_issues_count":76,"forks_count":20,"subscribers_count":6,"default_branch":"master","last_synced_at":"2025-05-05T20:17:12.602Z","etag":null,"topics":["code-quality","code-review","codereview","linter","static-code-analysis"],"latest_commit_sha":null,"homepage":"https://reviewbot-x.netlify.app","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/qiniu.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-12-24T14:27:50.000Z","updated_at":"2025-04-29T14:25:43.000Z","dependencies_parsed_at":"2024-04-08T07:47:20.284Z","dependency_job_id":"2a73a1a6-5007-4ecf-b35b-2da46383dd30","html_url":"https://github.com/qiniu/reviewbot","commit_stats":null,"previous_names":["qiniu/cr-bot","qiniu/reviewbot"],"tags_count":21,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/qiniu%2Freviewbot","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/qiniu%2Freviewbot/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/qiniu%2Freviewbot/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/qiniu%2Freviewbot/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/qiniu","download_url":"https://codeload.github.com/qiniu/reviewbot/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":252569641,"owners_count":21769517,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["code-quality","code-review","codereview","linter","static-code-analysis"],"created_at":"2025-05-05T20:17:36.963Z","updated_at":"2025-05-05T20:17:38.078Z","avatar_url":"https://github.com/qiniu.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Reviewbot - Empower Your Code Quality with Self-Hosted Automated Analysis and Review\n\n[![Build Status](https://github.com/qiniu/reviewbot/actions/workflows/go.yml/badge.svg)](https://github.com/qiniu/reviewbot/actions/workflows/go.yml)\n[![Go Report Card](https://goreportcard.com/badge/github.com/qiniu/reviewbot)](https://goreportcard.com/report/github.com/qiniu/reviewbot)\n[![GitHub release](https://img.shields.io/github/v/tag/qiniu/reviewbot.svg?label=release)](https://github.com/qiniu/reviewbot/releases)\n\n[中文](./README_zh.md)\n\nReviewbot assists you in rapidly establishing a self-hosted code analysis and review service, supporting multiple languages and coding standards. Its main features include:\n\n- **Universal Compatibility** - Provides a universal way to integrate and execute Linters without coding\n- **Multi-Platform Support** - Currently supports both GitHub and GitLab\n- **AI-Powered** - Detected issues are analyzed by AI to provide detailed explanations and improvement suggestions\n- **Precise Feedback** - All issues are reported during the Pull/Merge Request stage as comments, precisely pinpointing the relevant code lines\n- **Self-Hosted Deployment** - Recommended self-hosting for better data security and control\n\nSee practical examples:\n\n\u003cdiv style=\"display: flex; justify-content: flex-start; gap: 10px;\"\u003e\n  \u003cimg src=\"./docs/static/issue-comment.png\" alt=\"Issue Comment\" width=\"567\"/\u003e\n  \u003cimg src=\"./docs/static/ci-status.png\" alt=\"CI Status\" width=\"567\"/\u003e\n\u003c/div\u003e\n\n## Table of Contents\n\n- [Why Reviewbot](#why-reviewbot)\n- [Installation](#installation)\n- [Linter Integration Guide](#linter-integration-guide)\n  - [Universal Integration (No Coding Required)](#universal-linter-integration-no-coding-required)\n  - [Custom Integration](#custom-integration)\n- [Supported Linters](#supported-linters)\n  - [Go](#go)\n  - [Python](#python)\n  - [C/C++](#cc)\n  - [Lua](#lua)\n  - [Java](#java)\n  - [Shell](#shell)\n  - [Git Workflow Standards](#git-workflow-standards)\n  - [Documentation Standards](#documentation-standards)\n- [Configuration](#configuration)\n  - [Adjusting Execution Commands](#adjusting-execution-commands)\n  - [Disabling a Linter](#disabling-a-linter)\n  - [Cloning multiple repositories](#cloning-multiple-repositories)\n  - [Executing Linters via Docker](#executing-linters-via-docker)\n  - [Executing Linters via Kubernetes](#executing-linters-via-kubernetes)\n- [AI Enhancement](#ai-enhancement)\n- [Reviewbot Operational Flow](#reviewbot-operational-flow)\n- [Monitoring Detection Results](#monitoring-detection-results)\n- [Talks](#talks)\n- [Contributing](#contributing)\n- [License](#license)\n\n## Why Reviewbot\n\nReviewbot is a self-hosted code analysis and review service with the following features:\n\n- **Universal Compatibility** - Provides a universal way to integrate new code checking tools without modifying source code\n- **Multi-Platform Support** - Currently supports both GitHub and GitLab platforms\n- **AI-Powered** - Issues detected are analyzed by AI to provide detailed context and fix suggestions\n- **Security** - Recommended self-hosting for data security and control\n- **Improvement-Oriented** - Detected issues are primarily reported as comments precise to code lines, facilitating efficient problem resolution\n- **Flexibility** - Supports multiple languages and coding standards with flexible configuration\n- **Observability** - Supports alert notifications for timely awareness of detected issues\n\n## Installation\n\nPlease refer to the [getting started guide](https://reviewbot-x.netlify.app/getting-started/installation).\n\nThe following are internal usage practices at Qiniu, which may provide you with more inspiration:\n\n- Deployed in a [Kubernetes cluster](https://github.com/qiniu/reviewbot/tree/master/deploy/reviewbot.yaml)\n- Using this [Dockerfile](https://github.com/qiniu/reviewbot/tree/master/Dockerfile) to build the Reviewbot image\n\n## Linter Integration Guide\n\n### Universal Linter Integration (No Coding Required)\n\nReviewbot provides a universal way to integrate new code checking tools without modifying the source code.\n\nFor example:\n\n```yaml\ncustomLinters:\n  pylint:\n    languages: [\".py\"] # Specify supported languages\n    command: [\"/bin/sh\", \"-c\", \"--\"] # Specify execution command\n    args: # Specify execution arguments\n      - |\n        pylint --disable=line-too-long --output-format=text --msg-template='{path}:{line}:{column}: {msg} ({symbol})' --reports=n --score=n --recursive=y ./\n```\n\nAfter this configuration, when there are changes to Python code in PR/MR, `pylint` will be used to perform checks, and the results will be reported to the corresponding code lines.\n\nNote that the above configuration uses `pylint` from the default execution environment. If you need to use a specific version of `pylint` or want to use other execution environments, you can specify them through `dockerAsRunner` or `kubernetesAsRunner`, or even choose to check and install `pylint` in the above command before execution.\n\nSee the full configuration:\n\n```yaml\ncustomLinters:\n  \u003clinter-name\u003e:\n    languages: \u003clanguage-list\u003e # optional, specify supported languages\n    enable: \u003ctrue|false\u003e # optional, enable/disable this linter\n    workDir: \u003cwork-dir\u003e # optional, specify working directory\n    command: \u003ccommand-list\u003e # optional, specify execution command\n    args: \u003cargs-list\u003e # optional, specify execution arguments\n    env: \u003cenv-list\u003e # optional, specify environment variables\n    dockerAsRunner: # optional, use Docker image to execute linter\n      image: \u003cdocker-image\u003e\n    kubernetesAsRunner: # optional, use Kubernetes to execute linter\n      namespace: \u003ckubernetes-namespace\u003e\n      image: \u003ckubernetes-image\u003e\n    reportType: \u003creport-type\u003e # optional, specify report type\n    configPath: \u003cconfig-path\u003e # optional, specify linter config file path\n```\n\n### Custom Integration\n\nFor more complex scenarios, you can also consider code integration:\n\n- For self-implemented linters or standards, refer to [commit msg check](/internal/linters/git-flow/commit/), [go mod check](/internal/linters/go/gomodcheck/), etc.\n- For customizing linter execution logic in complex scenarios, refer to [golangci-lint](/internal/linters/go/golangci_lint/), [gofmt](/internal/linters/go/gofmt/), etc.\n\n## Supported Linters\n\nThe following are the linters currently supported by Reviewbot:\n\n### Go\n\n- [golangci-lint](/internal/linters/go/golangci_lint/)\n- [gofmt](/internal/linters/go/gofmt/)\n- [gomodcheck](/internal/linters/go/gomodcheck/)\n\n### Python\n\n- pylint\n\n### C/C++\n\n- [cppcheck](/internal/linters/c/cppcheck/)\n\n### Lua\n\n- [luacheck](/internal/linters/lua/luacheck/)\n\n### Java\n\n- [pmdcheck](/internal/linters/java/pmdcheck/)\n- [stylecheck](/internal/linters/java/stylecheck/)\n\n### Shell\n\n- [shellcheck](/internal/linters/shell/shellcheck/)\n\n### Git Workflow Standards\n\n- [commit msg check](/internal/linters/git-flow/commit/)\n\n### Documentation Standards\n\n- [note check](/internal/linters/doc/note-check/)\n\n## Configuration\n\nReviewbot adheres to a **zero-configuration principle** whenever possible, but also provides flexible configuration capabilities for special requirements. All configurable items are defined in the `config/config.go` file.\n\nThe following are some common configuration scenarios:\n\n### Adjusting Execution Commands\n\nLinters are generally executed using default commands, but we can adjust these commands. For example:\n\n```yaml\nqbox/kodo:\n  linters:\n    staticcheck:\n      workDir: \"src/qiniu.com/kodo\"\n```\n\nThis configuration means that for the `staticcheck` inspection of the `qbox/kodo` repository code, execution should occur in the `src/qiniu.com/kodo` directory.\n\nWe can even configure more complex commands, such as:\n\n```yaml\nqbox/kodo:\n  linters:\n    golangci-lint:\n      command:\n        - \"/bin/sh\"\n        - \"-c\"\n        - \"--\"\n      args:\n        - |\n          source env.sh\n          cp .golangci.yml src/qiniu.com/kodo/.golangci.yml\n          cd src/qiniu.com/kodo\n          export GO111MODULE=auto\n          go mod tidy\n          golangci-lint run --timeout=10m0s --allow-parallel-runners=true --print-issued-lines=false --out-format=line-number \u003e\u003e $ARTIFACT/lint.log 2\u003e\u00261\n```\n\nThis configuration indicates that for the `golangci-lint` inspection of the `qbox/kodo` repository code, execution occurs through custom commands and arguments.\n\nThe usage of command and args here is similar to that of Kubernetes Pod command and args. You can refer to [Kubernetes Pod](https://kubernetes.io/docs/concepts/workloads/pods/) for more information.\n\nThe **$ARTIFACT** environment variable is noteworthy. This is a built-in variable in Reviewbot used to specify the output directory, facilitating the exclusion of irrelevant interference. Since Reviewbot ultimately only cares about the linters' output, and in this complex scenario, the shell script will output a lot of irrelevant information, we can use this environment variable to specify the output directory. This allows Reviewbot to parse only the files in this directory, resulting in more precise detection results.\n\n### Disabling a Linter\n\nWe can also disable a specific linter check for a particular repository through configuration. For example:\n\n```yaml\nqbox/net-gslb:\n  linters:\n    golangci-lint:\n      enable: false\n```\n\nThis configuration means that the `golangci-lint` check is disabled for the `qbox/net-gslb` repository.\n\nWe can also globally disable a linter, like this:\n\n```yaml\ncustomLinters:\n  golangci-lint:\n    enable: false\n```\n\n### Cloning multiple repositories\n\nBy default, Reviewbot clones the repository where the event occurs. However, in some scenarios, we might want to clone multiple repositories, and customizing the cloning path.\n\nFor example:\n\n```yaml\nqbox/net-gslb:\n  refs:\n    - org: \"qbox\"\n      repo: \"net-gslb\"\n      pathAlias: \"src/qiniu.com/net-gslb\"\n    - org: \"qbox\"\n      repo: \"kodo\"\n```\n\n### Executing Linters via Docker\n\nBy default, Reviewbot uses locally installed linters for checks. However, in some scenarios, we might want to use Docker images to execute linters, such as:\n\n- When the relevant linter is not installed locally\n- When the target repository requires different versions of linters or dependencies\n- When the target repository depends on many third-party libraries, which would be cumbersome to install locally\n\nIn these scenarios, we can configure Docker images to execute the linters. For example:\n\n```yaml\nqbox/net-gslb:\n  linters:\n    golangci-lint:\n      dockerAsRunner:\n        image: \"golangci/golangci-lint:v1.54.2\" # specify the Docker image to use\n```\n\nThis configuration means that for the `golangci-lint` check of the `qbox/net-gslb` repository code, the `golangci/golangci-lint:v1.54.2` Docker image is used for execution.\n\n### Executing Linters in Kubernetes Cluster\n\nReviewbot also supports executing linters in a Kubernetes cluster. This is particularly useful in scenarios where multiple tasks are running concurrently, and local resources are insufficient.\n\nExample configuration:\n\n```yaml\nqiniu/reviewbot:\n  linters:\n    golangci-lint:\n      enable: true\n      kubernetesAsRunner:\n        image: \"golangci/golangci-lint:v1.61.0\" # specify the Docker image to use\n        namespace: \"reviewbot\" # specify the Kubernetes namespace to use\n```\n\n## AI Enhancement\n\nReviewbot integrates AI analysis capabilities to provide more detailed explanations and improvement suggestions for detected issues:\n\n![AI Enhancement](./docs/static/ai-details.png)\n\n## Reviewbot Operational Flow\n\nReviewbot primarily operates as a Webhook service, accepting GitHub or GitLab Events, executing various checks, and providing precise feedback on the corresponding code if issues are detected.\n\n```\nWebhook Event -\u003e Reviewbot -\u003e Execute Linter -\u003e Provide Feedback\n```\n\n## Monitoring Detection Results\n\nReviewbot supports notification of detection results through WeWork (企业微信) alerts. For specific implementation details, refer to [here](https://github.com/qiniu/reviewbot/blob/8bfb122a2e4292f1cc74aedab8f51d1a0c149d55/internal/metric/metrics.go#L17).\n\nTo enable this feature, simply set the environment variable `WEWORK_WEBHOOK` when starting Reviewbot. This environment variable should point to the WeWork chat group's bot URL. When valid issues are detected, notifications will be sent automatically. For example:\n\n\u003cdiv style=\"display: flex; justify-content: flex-start;\"\u003e\n  \u003cimg src=\"./docs/static/found-valid-issue.png\" alt=\"Found valid issue\" width=\"467\"/\u003e\n\u003c/div\u003e\n\nIf unexpected output is encountered, notifications will also be sent, like this:\n\n\u003cdiv style=\"display: flex; justify-content: flex-start;\"\u003e\n  \u003cimg src=\"./docs/static/found-unexpected-issue.png\" alt=\"Found unexpected issue\" width=\"467\"/\u003e\n\u003c/div\u003e\n\nFor unexpected outputs, **it usually means that the default execution configuration of the relevant linter does not support the current repository**. In such cases, you need to explicitly specify the configuration through a configuration file based on the actual situation.\n\n## Talks\n\n- [Reviewbot 开源 | 为什么我们要打造自己的代码审查服务？](https://mp.weixin.qq.com/s/MJjzOCjnqIc2X885yRsMRA)\n\n## Give it a Star! ⭐\n\nIf you like this project or are using it to learn or start your own solution, please give it a star to receive updates about new versions. Your support matters!\n\n## Contributing\n\nYour contributions to Reviewbot are essential for its long-term maintenance and improvement. Thanks for supporting Reviewbot!\n\nIf you find a bug while working with the Reviewbot, please open an issue on GitHub and let us know what went wrong. We will try to fix it as quickly as we can.\n\n## License\n\nReviewbot is released under the Apache 2.0 license. See the [LICENSE](/LICENSE) file for details.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fqiniu%2Freviewbot","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fqiniu%2Freviewbot","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fqiniu%2Freviewbot/lists"}