Skip to content

Code for a service that automatically provides feedback on pull requests to help developers, be they AI or human more proactivley address security issues that could be introduced in source code.

Notifications You must be signed in to change notification settings

ericksoa/GuardiAI

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

31 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

GuardiAI

GuardiAI is an automated code review bot that checks submitted pull requests for potential security vulnerabilities. It utilizes a webhook to receive notifications when pull requests are created, and provides feedback on the code changes to help maintain a secure codebase.

Features

  • Listens for pull request events using a webhook.
  • Analyzes the code changes in a pull request for potential security vulnerabilities.
  • Provides feedback on detected issues, such as SQL injections, insecure file access, or the use of eval().

Setup

To set up GuardiAI, follow these steps:

  1. Clone this repository and install the dependencies:

  2. Create a .env.local file in the root folder and add your GitHub App ID and Open API Key:

    • GITHUB_APP_ID=your_github_app_id
    • OPENAI_API_KEY=your_openapi_key
  3. Deploy the application to Vercel or a similar platform.

  4. In your GitHub repository settings, set up a webhook with the following configuration:

  5. Once the webhook is set up, GuardiAI will listen for pull request events and provide feedback on code changes.

Usage

To test GuardiAI, create a new branch in your repository, make changes to the code, and create a pull request. GuardiAI will automatically analyze the code changes and provide feedback on potential security vulnerabilities.

Contributing

Contributions are welcome! Feel free to submit issues, feature requests, or pull requests to help improve GuardiAI.

License

This project is licensed under the MIT License. See the LICENSE file for details.

About

Code for a service that automatically provides feedback on pull requests to help developers, be they AI or human more proactivley address security issues that could be introduced in source code.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published