Automated Python code review system powered by AST analysis and Claude AI. Automatically analyzes pull requests and provides detailed feedback on code quality, bugs, and security issues.
Code Review AI analyzes Python code to find common bugs, security issues, and code quality problems. The system uses Abstract Syntax Tree (AST) parsing to understand code structure, then applies Claude AI for semantic analysis. When issues are found, the system automatically posts them as comments on GitHub Pull Requests.
- AST-based code analysis - Deep understanding of code structure
- Automatic bug detection:
- Unused variables and imports
- Missing type hints
- Missing docstrings
- Security vulnerabilities (eval, exec usage)
- Long functions (complexity detection)
- AI-powered analysis with Claude 3.5 Haiku
- Automatic fix generation with detailed diffs
- GitHub webhook integration - Auto-reviews on PR creation/update
- FastAPI REST API - Easy integration with your workflow
- Docker deployment ready - One-command deployment
- Comprehensive test suite - 58% test coverage (1,158 lines of tests)
- Total Lines: ~2,400 lines (Python + config)
- Source Code: 514 lines
- Tests: 1,158 lines (2.25:1 test-to-code ratio)
- Test Coverage: 58%
- Files: 21 Python files
- Language: Python 3.11+
- AI: Claude API (Anthropic)
- Web Framework: FastAPI
- GitHub Integration: PyGithub
- Containerization: Docker & Docker Compose
- Testing: pytest
- Python 3.11+
- Docker (optional)
- GitHub account
- Anthropic API key
git clone https://github.com/saadyaq/code_review_ai.git
cd code_review_ai# Create virtual environment
python -m venv .venv
source .venv/bin/activate # On Windows: .venv\Scripts\activate
# Install dependencies
pip install -r requirements.txtCreate a .env file in the root directory:
ANTHROPIC_API_KEY=your_claude_api_key_here
GITHUB_TOKEN=your_github_token_hereGet your API keys:
- Claude API: https://console.anthropic.com
- GitHub Token: https://github.com/settings/tokens (needs
reposcope)
from src.analyzer import analyze_code_quality
code = """
def calculate(x, y):
unused_var = 10
return x + y
"""
result = analyze_code_quality(code=code)
print(f"Found {result['total_issues']} issues:")
for issue in result['issues']:
print(f" - {issue['message']}")# Start the API
uvicorn api.main:app --reloadServer runs on http://localhost:8000
Interactive API docs: http://localhost:8000/docs
# Using docker-compose (recommended)
docker-compose up
# Or build and run manually
docker build -t code-review-ai .
docker run -p 8000:8000 --env-file .env code-review-aiAnalyze Python code and optionally generate fixes.
Request:
{
"code": "def test():\n x = 5\n return 10",
"auto_fix": false
}Response:
{
"issues": [
{
"type": "unused_variable",
"severity": "warning",
"variable": "x",
"message": "Variable 'x' is assigned but never used"
}
],
"fixed_code": null,
"diff": null
}GitHub webhook endpoint for automatic PR reviews.
Headers:
X-GitHub-Event: pull_request
Health check endpoint.
Response:
{"status": "ok"}-
Deploy your API (Railway, Render, or use ngrok for testing)
-
Get your webhook URL:
- Production:
https://your-api.com/webhook/github - Testing (ngrok):
https://abc123.ngrok.io/webhook/github
- Production:
-
Configure GitHub webhook:
- Go to:
https://github.com/YOUR_USERNAME/YOUR_REPO/settings/hooks - Click "Add webhook"
- Payload URL: Your webhook URL
- Content type:
application/json - Events: Select "Pull requests"
- Active: β Checked
- Click "Add webhook"
- Go to:
-
Test it:
- Create a Pull Request
- The bot will automatically analyze Python files and post a review
When you create a PR, the bot posts:
## π€ Code Review AI Analysis
**Issues Found:** 12
### Details:
β οΈ **src/example.py:15** - Function 'calculate' is missing return type hint
β οΈ **src/example.py:23** - Variable 'unused_var' is assigned but never used
π΄ **src/example.py:42** - Usage dangereux de eval()
βΉοΈ **src/example.py:10** - FunctionDef 'helper' sans docstringβββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β GitHub Webhook β
β (Pull Request Created/Updated) β
ββββββββββββββββββββ¬βββββββββββββββββββββββββββββββββββ
β
βΌ
βββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β FastAPI Application β
β βββββββββββββββββββββββββββββββββββββββββββββββ β
β β api/main.py - API Routes β β
β β api/webhook.py - GitHub Webhook Handler β β
β βββββββββββββββββββββββββββββββββββββββββββββββ β
ββββββββββββββββββββ¬βββββββββββββββββββββββββββββββββββ
β
βΌ
βββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β Core Analysis Engine β
β βββββββββββββββββββββββββββββββββββββββββββββββ β
β β src/analyzer.py - AST Analysis β β
β β src/llm_client.py - Claude AI β β
β β src/github_integration.py - GitHub API β β
β βββββββββββββββββββββββββββββββββββββββββββββββ β
ββββββββββββββββββββ¬βββββββββββββββββββββββββββββββββββ
β
βΌ
βββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β GitHub Pull Request β
β (Automated Review Posted) β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββ
Run the test suite:
# Run all tests
pytest
# Run with coverage
pytest --cov=src --cov=api
# Run specific test file
pytest tests/test_analyzer.py -v# Build image
docker-compose build
# Start services
docker-compose up
# Start in background
docker-compose up -d
# View logs
docker-compose logs -f
# Stop services
docker-compose down
# Rebuild and restart
docker-compose up --buildcode_review_ai/
βββ api/
β βββ __init__.py
β βββ main.py # FastAPI app & routes
β βββ webhook.py # GitHub webhook handler
βββ src/
β βββ __init__.py
β βββ analyzer.py # Code quality analysis
β βββ llm_client.py # Claude AI integration
β βββ github_integration.py # GitHub API client
β βββ parser.py # AST parsing utilities
βββ tests/
β βββ test_analyzer.py
β βββ test_llm_client.py
β βββ test_api_main.py
β βββ test_api_webhook.py
βββ Dockerfile
βββ docker-compose.yml
βββ requirements.txt
βββ README.md
The analyzer detects the following issues:
| Rule | Severity | Description |
|---|---|---|
| Unused Variables | Warning | Variables assigned but never used |
| Unused Imports | Warning | Imported modules not referenced |
| Missing Type Hints | Warning | Function parameters/returns without types |
| Missing Docstrings | Info | Functions/classes without documentation |
| Security Issues | High | Dangerous functions (eval, exec) |
| Long Functions | Warning | Functions exceeding 50 lines |
Status: β LIVE IN PRODUCTION
Production URL: https://codereviewai-production.up.railway.app
The Code Review AI is successfully deployed and actively reviewing Python pull requests!
- AST-based code analysis
- FastAPI REST API
- GitHub webhook integration
- Docker deployment
- Automated PR reviews
- Claude AI integration
- Production deployment on Railway
- Empty file handling and error recovery
- Multi-repository support
- Support for JavaScript/TypeScript
- Custom rule configuration
- Code quality scoring system
- Web dashboard for analytics
- Integration with CI/CD pipelines
- Support for other git platforms (GitLab, Bitbucket)
- Caching system for API cost optimization
- Advanced complexity metrics
Contributions are welcome! This is a learning project, but PRs for improvements are appreciated.
- Fork the repository
- Create a feature branch (
git checkout -b feature/amazing-feature) - Commit your changes (
git commit -m 'Add amazing feature') - Push to the branch (
git push origin feature/amazing-feature) - Open a Pull Request
MIT License - see LICENSE file for details
Yaqine Saad
- GitHub: @saadyaq
Questions or feedback? Open an issue on GitHub Issues
This project successfully demonstrates:
- β Full-stack development: Python backend with FastAPI
- β AI integration: Claude API for intelligent code analysis
- β DevOps: Docker containerization and Railway deployment
- β GitHub integration: Automated webhook-based PR reviews
- β Production-ready: Error handling, logging, and reliability
- β Clean architecture: Modular design with separation of concerns
- β Well-tested: 58% test coverage with comprehensive test suite
Status: Project completed and deployed successfully!
Version 1.0.0 - November 2024