-
Notifications
You must be signed in to change notification settings - Fork 2
Expand file tree
/
Copy pathaction.yml
More file actions
281 lines (228 loc) · 12.3 KB
/
action.yml
File metadata and controls
281 lines (228 loc) · 12.3 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
name: 'DiffGuard AI PR Review'
description: 'Intelligent code review automation using AI to analyze PR diffs, suggest improvements, and scan for vulnerabilities'
author: 'joao'
inputs:
github_token:
description: 'GitHub token for API access'
required: true
default: '${{ github.token }}'
open_router_key:
description: 'Your OpenRouter API key'
required: true
model_id:
description: 'The model ID to use for analysis (e.g., anthropic/claude-2, openai/gpt-4)'
required: true
default: 'deepseek/deepseek-r1'
review_label:
description: 'Label that triggers the review. If not set, reviews all PRs.'
required: false
exclude_files:
description: 'Files or patterns to exclude from analysis (e.g., "yarn.lock", "package-lock.json", "*.lock", "dist/**"). Supports filename and simple glob patterns.'
required: false
default: 'yarn.lock,package-lock.json,package.lock,pnpm-lock.yaml,*.lock'
custom_prompt:
description: 'Custom prompt for the AI analysis. If not provided, a default prompt focusing on code review aspects will be used.'
required: false
default: |
### **AI PR Review Instructions**
**Objective:**
Provide a clear, concise, and actionable review of the Pull Request (PR). Focus on overall codebase quality, including readability, maintainability, functionality, adherence to best practices, performance optimizations, and testing coverage. Avoid minor nitty-picky comments and repetitive feedback.
**Focus Areas:**
1. **Code Quality:** Assess the readability, organization, and maintainability of the code.
2. **Functionality:** Ensure the PR meets its intended purpose and functions as expected.
3. **Best Practices:** Evaluate adherence to coding standards, design patterns, and project guidelines.
4. **Performance:** Identify any potential performance improvements or optimizations.
5. **Testing:** Review the comprehensiveness and effectiveness of the test coverage.
6. **Security:** Identify any potential security vulnerabilities or concerns.
7. **Bugs Found:** List any bugs identified in the PR.
8. **Issues Found:** Consolidate performance and testing issues into a unified section.
** Critical Instructions:**
- If you have nothing to say about a particular section, you can omit it from the review.
- If you think there are no issues and the PR is good to go, mention it in the conclusion. No need to add unnecessary feedback. Don't be redundant.
**Scoring Criteria:**
- 90-100: Exceptional quality
• Clean, efficient, and well-documented code
• Comprehensive test coverage (>90%)
• Follows all best practices and design patterns
• No security vulnerabilities
• Optimal performance considerations
• Clear documentation and comments
- 75-89: High quality
• Well-structured and maintainable code
• Good test coverage (70-90%)
• Minor optimization opportunities
• No critical security issues
• Few non-critical issues
• Adequate documentation
- 60-74: Average quality
• Functional but needs improvement
• Basic test coverage (40-70%)
• Some code duplication
• Multiple minor issues
• Basic security considerations
• Limited documentation
- 40-59: Below average
• Significant structural issues
• Poor test coverage (<40%)
• Multiple security concerns
• Performance bottlenecks
• Inadequate error handling
• Missing or unclear documentation
- 0-39: Poor quality
• Major architectural problems
• Missing or broken tests
• Critical security vulnerabilities
• Severe performance issues
• No error handling
• No documentation
• Breaking changes without justification
**Review Structure Example:**
1. **Overall Summary**
- **Score:** Provide a score from 0-100.
- **Summary:** Brief overview of the PR, highlighting its purpose and main changes.
2. **Key Strengths**
- Highlight 2-3 major strengths related to code quality and overall implementation.
3. **Areas for Improvement**
- Identify 2-3 significant areas that need enhancement, if any.
- Provide actionable suggestions for each identified issue.
4. **Bugs Found** (if any)
- Present any bugs identified in the PR in a table format.
- **Table Columns:**
- **Bug Name**
- **Affected Files**
- **Description**
- **Confidence** (High 🟢, Medium 🟡, Low 🔴)
- **Formatting Instructions:**
- The **Bug Name** should be a clickable link that navigates to the corresponding bug details in the **Bug Details** section.
- Use Markdown anchor links for navigation.
5. **Bug Details** (if bugs found)
- For each bug listed in the **Bugs Found** table, provide a detailed description.
- **Formatting Instructions:**
- Use Markdown headers with IDs corresponding to the links in the **Bugs Found** table.
- Example:
```markdown
### Bug: [Null Pointer](#null-pointer)
```
- Ensure each bug detail starts with a unique header that matches the anchor link.
6. **Issues Found** (if any)
- Consolidate performance and testing issues into a single table.
- **Table Columns:**
- **Issue Type** (Performance/Testing)
- **Issue Name**
- **Affected Components/Tests**
- **Description**
- **Impact/Severity** (High 🟢, Medium 🟡, Low 🔴)
- **Formatting Instructions:**
- The **Issue Name** should be a clickable link that navigates to the corresponding issue details in the **Issue Details** section.
- Use Markdown anchor links for navigation.
7. **Issue Details** (if issues found)
- Provide detailed descriptions for each issue listed in the **Issues Found** table.
- **Formatting Instructions:**
- Use Markdown headers with IDs corresponding to the links in the **Issues Found** table.
- Example:
```markdown
### Issue: [Memory Leak](#memory-leak)
```
- Clearly specify whether it's a Performance or Testing issue.
8. **Performance Considerations** (if any)
- Mention any high-level performance optimizations or concerns.
- Provide actionable suggestions for improvements.
9. **Best Practices** (if any)
- Recommendations on adhering to coding standards, design patterns, or other best practices relevant to the project.
10. **Testing** (if any)
- Evaluate the adequacy of test coverage and suggest areas for additional tests if necessary.
- Provide actionable suggestions to improve testing.
11. **Conclusion**
- A short closing statement summarizing the overall quality of the PR and its readiness for merging.
**Formatting Guidelines:**
- Use clear and concise language.
- Limit each section to the most critical points (2-3 items per section).
- Avoid repetitive phrases or focusing on minor code style issues unless they impact overall quality.
- Use bullet points and clear headings for readability.
- For the **Bugs Found** and **Issues Found** sections, render the items in Markdown tables with the specified columns.
- In the respective **Details** sections, ensure each item has a corresponding detailed explanation.
**Example Output:**
---
### **AI Review Summary**
**🏆 Overall Score:** [RATE IT HERE USING SCORING CRITERIA ABOVE. Make sure it follows the scale 0-100).
*The PR successfully implements XYZ with clean and well-structured code. A brief summary of potential improvements are:
- (Critical/Relevant/Minor) issues:
- List them briefly here
---
**✅ Key Strengths**
- **Feature Implementation:** Effectively adds the new feature, enhancing the application's functionality.
- **Code Structure:** Well-organized code with logical separation of concerns.
- **Documentation:** Comprehensive comments and documentation facilitate easier maintenance.
---
**⚠️ Areas for Improvement**
- **Error Handling:**
*Suggestion:* Implement more robust error handling to cover edge cases and unexpected inputs.
- **Code Reusability:**
*Suggestion:* Refactor repetitive code into reusable functions or components to improve maintainability.
---
**🐛 Bugs Found**
| Bug Name | Affected Files | Description | Confidence |
|--------------------------|---------------------------|-------------------------------------------------|------------|
| [Null Pointer](#null-pointer) | `src/utils.js` | Potential null reference in `calculate()` | High 🟢 |
---
### Bug Details
#### Bug: [Null Pointer](#null-pointer)
- **Affected Files:** `src/utils.js`
- **Description:** Potential null reference in the `calculate()` function could lead to runtime errors if not properly handled.
- **Confidence:** High 🟢
---
**⚡ Issues Found**
| Issue Type | Issue Name | Affected Components/Tests | Description | Impact/Severity |
|-------------|---------------------------|---------------------------|-------------------------------------------------|------------------|
| Performance | [Memory Leak](#memory-leak) | `src/processor.js` | Unreleased memory in loop handling could degrade performance over time. | Medium 🟡 |
| Testing | [Insufficient Coverage](#insufficient-coverage) | `tests/utils.test.js` | Missing tests for edge cases in utility functions. | High 🟢 |
---
### Issue Details
#### Issue: [Memory Leak](#memory-leak)
- **Type:** Performance
- **Affected Components:** `src/processor.js`
- **Description:** Unreleased memory in the loop handling could degrade performance over time.
- **Impact:** Medium 🟡
#### Issue: [Insufficient Coverage](#insufficient-coverage)
- **Type:** Testing
- **Affected Tests:** `tests/utils.test.js`
- **Description:** Missing tests for edge cases in utility functions.
- **Severity:** High 🟢
---
**⚡ Performance Considerations**
- **Optimizing Loops:**
*Suggestion:* Review and optimize nested loops to reduce computational complexity and improve performance.
---
**🧪 Testing**
- **Comprehensive Test Cases:**
*Suggestion:* Include test cases for edge scenarios to ensure robustness and reliability.
---
**🔚 Conclusion**
*The PR is well-executed with clear benefits to the project. Addressing the highlighted issues will further strengthen the codebase and ensure seamless integration.*
---
**End of Review**
max_tokens:
description: 'Maximum number of tokens in the response'
required: false
default: '4096'
reasoning_effort:
description: 'Reasoning effort level for reasoning models. Supported values: low, medium, high, xhigh (OpenRouter docs: https://openrouter.ai/docs/use-cases/reasoning-tokens#reasoning-effort-level)'
required: false
minimum_score:
description: 'Minimum AI review score (0-100) required to pass the check and allow merging. PRs with a lower score will be blocked. Default: 75.'
required: false
default: '75'
max_pr_reviews:
description: 'Maximum number of AI reviews per PR. Once this limit is reached, no more reviews will be posted. Default: 10 (effectively unlimited for most use cases).'
required: false
default: '10'
cooldown_period:
description: 'Cooldown period between reviews in minutes. If another review was posted within this time, the review will be skipped. Default: 0 (no cooldown).'
required: false
default: '0'
runs:
using: 'node20'
main: 'dist/index.js'
branding:
icon: 'shield'
color: 'purple'