AI-Powered Code Review Assistant for GitHub Pull Requests
Automate code reviews with AI - catch bugs, improve quality, and maintain best practices effortlessly.
Features β’ Architecture β’ Quick Start β’ Documentation
CodeSage is a production-ready AI code review automation platform that integrates with GitHub to provide instant, intelligent feedback on Pull Requests.
The Problem:
- Manual code reviews are time-consuming and inconsistent
- Junior developers don't get timely feedback
- Security vulnerabilities slip through during busy periods
- Best practices aren't enforced uniformly
The Solution:
- β Instant Reviews - AI analysis within seconds of PR creation
- β Consistent Quality - Every PR gets the same thorough review
- β Learning Tool - Developers improve from AI suggestions
- β Focus on What Matters - Seniors review architecture, AI handles syntax
- Multi-Provider Support: OpenAI GPT-4 with Claude fallback
- Comprehensive Checks: Security, performance, bugs, code quality, documentation
- Structured Feedback: Categorized by severity (Critical β Info)
- Actionable Suggestions: Specific recommendations for fixes
- Automatic Webhooks: Triggers on PR creation/update
- GitHub App Authentication: Secure JWT-based auth
- Direct PR Comments: AI posts formatted reviews as comments
- Repository Flexibility: Works across multiple repos
- Real-time Metrics: Quality scores, issue counts, active PRs
- Historical Tracking: Review history and trends
- Issue Breakdown: By type and severity
- Live Updates: Auto-refresh every 30 seconds
- RabbitMQ Queue: Non-blocking webhook responses
- Scalable Architecture: Handles high PR volumes
- Retry Logic: Exponential backoff for resilience
- Error Recovery: Graceful failure handling
graph TB
subgraph "External Services"
A[GitHub]
B[OpenAI/Claude API]
end
subgraph "CodeSage Backend"
C[Webhook Controller<br/>:8080/api/webhook/github]
D[RabbitMQ Producer]
E[Analysis Queue]
F[RabbitMQ Consumer]
G[AI Service]
H[GitHub Service]
I[Review Repository]
end
subgraph "Infrastructure"
J[(PostgreSQL<br/>Database)]
K[RabbitMQ<br/>Message Broker]
end
subgraph "Frontend"
L[React Dashboard<br/>:5173]
end
A -->|Webhook POST| C
C -->|Enqueue| D
D -->|Publish| E
E -->|Consume| F
F -->|Analyze| G
G -->|API Call| B
B -->|AI Response| G
F -->|Fetch Diff| H
H -->|API Call| A
G -->|Post Comment| H
H -->|Comment| A
F -->|Save| I
I -->|Store| J
L -->|Fetch Data| I
style A fill:#f9f,stroke:#333,stroke-width:2px
style G fill:#9cf,stroke:#333,stroke-width:2px
style J fill:#fcf,stroke:#333,stroke-width:2px
style K fill:#ffc,stroke:#333,stroke-width:2px
| Component | Technology | Purpose |
|---|---|---|
| Backend | Spring Boot 3.2 + WebFlux | RESTful API, async HTTP calls |
| Frontend | React 18 + Vite | Modern dashboard UI |
| Database | PostgreSQL 15 | Persistent data storage |
| Message Queue | RabbitMQ 3 | Asynchronous event processing |
| AI Engine | OpenAI GPT-4 / Claude | Code analysis |
| Authentication | JWT (jjwt) | GitHub App authentication |
| Containerization | Docker + Docker Compose | Deployment |
| CI/CD | GitHub Actions | Automated testing & builds |
- Java 17+
- Node.js 18+
- Docker & Docker Compose
- OpenAI or Claude API key
git clone https://github.com/albonidrizi/CodeSage.git
cd CodeSage
# Copy environment template
cp .env.example .env
# Edit .env with your API keys
nano .env# Start all services (PostgreSQL, RabbitMQ, Backend, Frontend)
docker-compose up -d
# View logs
docker-compose logs -f- Dashboard: http://localhost:80
- Backend API: http://localhost:8080/api/reviews/health
- RabbitMQ Management: http://localhost:15672 (guest/guest)
π‘ Development Mode: The frontend automatically displays demo data when the backend is not available. This allows you to preview the UI without setting up the full infrastructure. To connect to the real backend, ensure PostgreSQL and RabbitMQ are running.
# Send test webhook
Invoke-WebRequest -Uri "http://localhost:8080/api/webhook/github" `
-Method POST `
-Headers @{"X-GitHub-Event"="pull_request"} `
-ContentType "application/json" `
-Body '{"action":"opened","pull_request":{"number":1,"title":"Test PR"}}'- GitHub Integration - Set up GitHub App for real PR reviews
- Deployment Guide - Deploy to Railway, Render, or VPS
GET /api/reviews # List all reviews (paginated)
GET /api/reviews/{id} # Get specific review
GET /api/reviews/repo/{owner}/{name} # Reviews for repository
GET /api/reviews/recent # Last 7 days
GET /api/reviews/stats # Dashboard statistics
GET /api/reviews/health # Health check{
"id": 1,
"repositoryOwner": "yourusername",
"repositoryName": "your-repo",
"prNumber": 42,
"prTitle": "Add new feature",
"qualityScore": 8.5,
"status": "COMPLETED",
"issues": [
{
"type": "SECURITY",
"severity": "HIGH",
"title": "Potential SQL Injection",
"description": "User input concatenated in SQL query",
"suggestion": "Use PreparedStatement with parameterized queries",
"filePath": "src/main/java/Example.java",
"lineNumber": 42
}
]
}CodeSage/
βββ backend/ # Spring Boot application
β βββ src/main/java/com/codesage/
β β βββ controller/ # REST controllers
β β βββ service/ # Business logic (AI, GitHub)
β β βββ model/ # JPA entities
β β βββ repository/ # Data access
β β βββ queue/ # RabbitMQ consumers
β β βββ exception/ # Error handling
β βββ Dockerfile
βββ frontend/ # React application
β βββ src/
β β βββ services/ # API client
β β βββ App.jsx # Main dashboard
β β βββ App.css # Styles
β βββ Dockerfile
β βββ nginx.conf
βββ docs/ # Documentation
βββ .github/workflows/ # CI/CD pipeline
βββ docker-compose.yml # Multi-service setup
# Backend (without Docker)
cd backend
mvn spring-boot:run
# Frontend (without Docker)
cd frontend
npm install
npm run dev# Backend tests
cd backend
mvn test
# Generate coverage report
mvn jacoco:reportProduction-Ready Features:
- β Real AI integration (OpenAI GPT-4 + Claude fallback)
- β GitHub App authentication with JWT
- β Webhook processing with signature verification
- β Asynchronous analysis with RabbitMQ
- β PostgreSQL persistence with analytics
- β Real-time dashboard with auto-refresh
- β CI/CD pipeline with GitHub Actions
- β Docker deployment configuration
- β Comprehensive error handling
- β Health checks and monitoring
Planned Enhancements:
- π Comprehensive test suite (unit + integration)
- π Live deployment (Railway/Render)
- π Custom review rules configuration
- π Multi-repository dashboard
- π Slack/Discord notifications
- Webhook Signature Verification: HMAC-SHA256 validation
- JWT Authentication: Secure GitHub App integration
- Environment Variables: All secrets externalized
- Non-root Docker Containers: Security best practices
- Input Validation: Spring Boot validation framework
- CORS Configuration: Restricted origins in production
- Webhook Response: < 100ms (async processing)
- AI Analysis: 5-15 seconds (depends on code size)
- Dashboard Load: < 2 seconds
- Database Queries: < 50ms (indexed)
- Concurrent PRs: Scales horizontally with RabbitMQ
Contributions are welcome! Please:
- Fork the repository
- Create a feature branch (
git checkout -b feature/amazing-feature) - Commit your changes (
git commit -m 'Add amazing feature') - Push to the branch (
git push origin feature/amazing-feature) - Open a Pull Request
- Java: Google Java Style Guide
- JavaScript: ESLint with Airbnb config
- Commits: Conventional Commits
This project is licensed under the MIT License - see the LICENSE file for details.
Albon Idrizi
- GitHub: @albonidrizi
- LinkedIn: Albon Idrizi
- Email: [email protected]
- Spring Boot - Excellent Java framework
- OpenAI & Anthropic - AI capabilities
- React & Vite - Modern frontend tooling
- RabbitMQ - Reliable message queuing
β Star this repository if you find it helpful!
Made with β€οΈ by Albon Idrizi
Empowering developers with AI-driven code reviews