Build a GitHub PR review bot that uses LLMs to analyze code changes, detect issues, and post review comments automatically.
## Task GitHub App that automatically reviews pull requests using LLMs. ## Requirements - Platform: GitHub App (webhook-based) - Runtime: Node.js serverless function or container - LLM: Claude or GPT-4 for analysis ## Workflow ``` 1. PR opened/updated → webhook fires 2. Fetch diff via GitHub API 3. For each changed file: a. Get full file content (not just diff) b. Analyze with LLM: security, bugs, performance, style c. Generate inline comments at specific lines 4. Post review via GitHub API (REQUEST_CHANGES or APPROVE) 5. Post summary comment with overview ``` ## LLM Prompt Strategy ``` System: You are a senior code reviewer. Analyze this diff for: - Security vulnerabilities (injection, auth bypass, secret exposure) - Logic errors and potential bugs - Performance issues (N+1 queries, memory leaks, unnecessary computation) - Best practice violations For each issue, respond with JSON: { "path": "src/api/users.ts", "line": 42, "severity": "critical|warning|suggestion", "message": "SQL injection risk: user input passed directly to query", "suggestion": "Use parameterized query: db.query($1, [userId])" } ``` ## Implementation Notes 1. Chunk large diffs — don't exceed context window 2. Filter: skip lock files, generated code, images 3. Rate limit: max 50 comments per review 4. Deduplicate: don't comment on the same pattern twice 5. Include a /reviewbot ignore comment to skip files 6. Store review history to avoid re-reviewing unchanged files
No gallery images yet.