Run reviewbot before git push. Get a streaming AI review of your diff in the terminal — bugs, warnings, suggestions — before your teammates see it. Works with OpenAI, Anthropic, Grok, Gemini, or local Ollama.
$ reviewbot
────────────────────────────────────────────────────────────
reviewbot · openai · gpt-4o
────────────────────────────────────────────────────────────
## Summary
Adds user authentication middleware and updates route handlers.
### CRITICAL
**src/middleware/auth.js:14** — JWT secret falls back to a hardcoded string
when `process.env.JWT_SECRET` is undefined. This will silently pass in
production if the env var is missing.
// current
const secret = process.env.JWT_SECRET || 'supersecret';
// fix
if (!process.env.JWT_SECRET) throw new Error('JWT_SECRET is required');
const secret = process.env.JWT_SECRET;
### WARNING
**src/routes/user.js:38** — No error handling on `await db.findUser()`.
An unhandled rejection here will crash the process.
### SUGGESTION
**src/middleware/auth.js:22** — `req.user = decoded` mutates the request
object without a type definition. Consider a typed wrapper or JSDoc.
## What's good
Error responses use consistent status codes throughout.
────────────────────────────────────────────────────────────npm install -g reviewbot-cliOr use without installing:
npx reviewbot-cliRun the interactive setup:
reviewbot config set-key? Set up an AI provider API key? › Yes
? Which provider?
❯ OpenAI (gpt-4o)
Anthropic (claude-3-5-haiku)
Grok (grok-beta)
Gemini (gemini-1.5-flash)
Ollama (local, no key needed)
? Enter your openai API key (starts with sk-...): ****
Saved. Run: reviewbot
Or set via environment variable:
export OPENAI_API_KEY=sk-...
export ANTHROPIC_API_KEY=sk-ant-...
export GROK_API_KEY=xai-...
export GEMINI_API_KEY=AIza...# Review current diff vs main
reviewbot
# Review only staged changes
reviewbot --staged
# Review against a different branch
reviewbot --base develop
# Review only certain files
reviewbot --files "src/**/*.ts"
# Use a specific provider for this run
reviewbot --provider grok
reviewbot --provider gemini
reviewbot --provider ollama --model llama3
# Override the model
reviewbot --model gpt-4-turbo
reviewbot --model gemini-1.5-pro
reviewbot --model claude-3-5-sonnet-20241022
# Review a GitHub pull request
reviewbot --pr https://github.com/owner/repo/pull/42
# Disable streaming (wait for full response)
reviewbot --no-streamreviewbot config show # show current config
reviewbot config set-key # change provider / API key
reviewbot config set provider gemini # switch default provider
reviewbot config set model gpt-4-turbo # set default model
reviewbot config clear # wipe everythingConfig is stored at:
- macOS:
~/Library/Preferences/reviewbot-cli-nodejs/ - Linux:
~/.config/reviewbot-cli-nodejs/ - Windows:
%APPDATA%\reviewbot-cli-nodejs\
| Provider | Default model | Key required | Get key |
|---|---|---|---|
openai |
gpt-4o | Yes | platform.openai.com |
anthropic |
claude-3-5-haiku-20241022 | Yes | console.anthropic.com |
grok |
grok-beta | Yes | console.x.ai |
gemini |
gemini-1.5-flash | Yes | aistudio.google.com |
ollama |
llama3 | No — runs locally | ollama.com |
Add reviewbot as an automated PR check:
# .github/workflows/reviewbot.yml
name: AI Review
on:
pull_request:
types: [opened, synchronize]
jobs:
review:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- run: npx reviewbot-cli --base ${{ github.base_ref }} --no-stream
env:
OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }}git diff (or PR diff via GitHub API)
│
▼
diff parser + glob filter + truncation (fits in context window)
│
▼
prompt builder (CRITICAL / WARNING / SUGGESTION / NITPICK)
│
▼
AI provider (OpenAI / Anthropic / Grok / Gemini / Ollama) — streaming
│
▼
markdown renderer (CRITICAL in red, WARNING in yellow, terminal-friendly)
Issues and PRs welcome. Before opening a PR:
npm testSee CONTRIBUTING.md.
MIT © Dipanshu Singh