From d167a6e37cc8dc79ca7261ff3ede374aac2fd97b Mon Sep 17 00:00:00 2001 From: Hasit Mistry Date: Mon, 21 Oct 2024 09:02:32 -0700 Subject: [PATCH 01/12] Add Changelog page (#112) * Refactor code to enable editing of pages and remove old blog * Refactor code to enable editing of pages and remove old blog --- docs/changelog.md | 208 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 208 insertions(+) create mode 100644 docs/changelog.md diff --git a/docs/changelog.md b/docs/changelog.md new file mode 100644 index 00000000..e4a6b472 --- /dev/null +++ b/docs/changelog.md @@ -0,0 +1,208 @@ +--- +title: Changelog +sidebar_label: Changelog +description: The latest updates and changes to CodeRabbit. +sidebar_position: 9 +--- + +## Sep 9, 2024 - Related PRs and Label suggestions + +- Possibly related PRs: The walkthrough comment now includes a list of potentially related PRs to help you recall the past context. +- Suggested labels: CodeRabbit can now suggest labels by learning from your past PRs in the walkthrough comment. You can also provide custom labeling instructions in the UI or configuration file. + +:::note +Possibly related PRs, automatic label suggestions based on past PRs, learnings, and possibly related issues require data opt-in (enabled by default). +::: + +## Aug 15, 2024 - New Dashboard + +We’re excited to share our updated dashboard, designed to give you better insights into CodeRabbit review metrics. + +What's new: + +- Flexible Time Selector: Choose different periods to analyze your data. +- Useful Context: See how learnings, tools, and path instructions are used in reviews. +- New Visuals: Check out the bar, line, and stats charts for a better understanding. +- Custom Filters: Easily filter data by user, repository, pull request, and review profile. +- Tools Overview: See tool usage based on severity and total incidents reported. + +These updates are here to help you get more from the dashboard. Take a look today! + +## Jul 31, 2024 - Promote members to admin + +You can now promote members in your organization to admins within CodeRabbit. Admins will be able to manage the subscription and the seats for that organization + +## Jul 16, 2024 - New Features and Improvements + +#### Learnings Page + +We're thrilled to announce the new "Learnings" page! Users can now interact with learnings captured in PR comments, enhancing future reviews. Log into CodeRabbit to see the page, where you can filter learnings by Repository, File Path, and User. You can also edit or delete learnings that are no longer relevant to your project. + +#### Reports (Beta) Page + +Introducing the beta release of "Reports"! Generate recurring summaries of team performance and PR reviews with features like: + +- Scheduling regular report generation +- Specifying parameters such as repository, team, user, or label +- Selecting report types (Daily Stand-Up, Sprint Report, Release Notes, Custom) +- Enabling delivery channels like Email, Slack, and Discord + +#### Sequence Diagrams Configuration + +You can now choose whether to auto-generate sequence diagrams in PR Walkthroughs. Configure this via the CodeRabbit settings page or by setting reviews.sequence_diagrams in the .coderabbit.yaml file. + +#### Enhanced Tool Settings & New Analysis Tools + +We've refined the default settings to be less noisy and more actionable. Additionally, we've added new static analysis and security tools: + +- Yamllint A linter for YAML files +- Gitleaks A lightweight, open-source secret scanner to prevent security breaches +- Checkov Scans infrastructure as code for misconfigurations before they become security issues + +#### GitLab Integration Update + +The GitLab integration now offers more flexibility and security. Users can use Personal Access Tokens (PATs) from within their organization to post reviews. This enhancement ensures reviews are posted with appropriate organizational context and permissions, improving traceability and security. + +## May 28, 2024 - New Features and Improvements + +Sequence Diagrams +CodeRabbit now generates sequence diagrams of code changes, enhancing reviewers' ability to understand the flow of control. +Auto-Generate PR Titles +Users will now find a new option called auto_title_placeholder and will default to `@coderabbitai` title. This option allows users to put a placeholder title and have CodeRabbit auto-generate one for them when the review process kicks in. +New Commands +We have introduced new commands for interacting with CodeRabbit, detailed under the "Tips" section of a review walkthrough: + +- `@coderabbitai full review`: Conducts a full review from scratch, covering all files again. +- `@coderabbitai summary`: Regenerates the summary of the PR. +- `@coderabbitai configuration`: Displays the current CodeRabbit configuration for the repository. +Improved Handling of Closed PRs +We have been observing that many PRs get closed quickly and CodeRabbit continues to review them. PRs get closed quickly for various reasons - changes are too small, the author is confident (perhaps, overly?), or the changes were unnecessary. With this improvement, we now stop the review process midway if we detect that the PR has been closed. + +## May 23, 2024 - New Features and Improvements + +Review Settings Introduced new personality profiles for code reviews +Users can now select between "Chill" and "Assertive" review tones to tailor feedback styles according to their preferences. The "Assertive" profile posts more comments and nitpicks the code more aggressively, while the "Chill" profile is more relaxed and posts fewer comments. +More Static Analysis Support +We are continually expanding our support for static analysis tools. We have added support for biome, hadolint, and ast-grep. Update the settings in your .coderabbit.yaml file or head over to the settings page to enable or disable the tools you want to use. +Tone Settings +Users can now customize CodeRabbit to review code in the style of their favorite characters or personalities. Here are some of our favorite examples: + +- Mr. T: "You must talk like Mr. T in all your code reviews. I pity the fool who doesn't!" +- Pirate: "Arr, matey! Ye must talk like a pirate in all yer code reviews. Yarrr!" +- Snarky Ex-Girlfriend: "You must talk like a snarky ex-girlfriend in all your code reviews. You're welcome." +Revamped Settings Page +We have redesigned the settings page for a more intuitive layout, enabling users to find and adjust settings quickly. This change was long-time coming; it not only improves the user experience but also allows our development team to add more settings in the future with ease. Going forward, the changes to .coderabbit.yaml will be reflected in the settings page, and vice versa. + +## Apr 18, 2024 - CodeRabbit now runs Static Analyzers and Linters as part of the pull request review + +CodeRabbit now runs static analyzers, linters and provides one-click fixes for the issues identified. AI helps reduce the false positives and focus on the critical findings. CodeRabbit will respect the existing configuration files of these tools if they already exist in the project. For example, if your project already uses ruff and has a ruff.toml file at the root of the project, that will be used. In cases where project configurations are not found, CodeRabbit defaults will be used. Currently, CodeRabbit runs markdownlint, shellcheck, ruff, and languagetool. We will continue to add more tools. The default configuration can be changed through the .coderabbit.yaml file. +Are there any specific tools you'd like us to add? Let us know. We'd love to hear your suggestions! + +## Apr 1, 2024 - CodeRabbit is GDPR compliant + +Excited to announce that CodeRabbit is now GDPR compliant in accordance with EU regulations! + +## Mar 12, 2024 - CodeRabbit now offers fixes for GitHub Check failures on pull requests + +CodeRabbit now offers fixes for GitHub Check failures on pull requests. With this change, Check Runs on GitHub that add Annotations to Pull Requests will be used. For example, popular GitHub Actions published by reviewdog (action-golangci-lint, action-staticcheck, action-eslint) and super-linter among many others have the ability to report issues on Pull Requests as annotations. Checks that output logs will be supported shortly. CodeRabbit GitHub App requires permission to read Checks for this feature to work. To enable this, please grant the necessary permissions by visiting the CodeRabbit GitHub app settings under [installation](https://github.com/settings/installations). Support for GitLab will follow. + +## Mar 11, 2024 - CodeRabbit is now SOC 2 Type II compliant + +Excited to announce that CodeRabbit is now GDPR compliant in accordance with EU regulations! + +## Mar 2, 2024 - Enhanced review of the markdown changes + +CodeRabbit now offers a more comprehensive review of the markdown changes. In addition to the AI suggestions, we do a thorough check for spelling, grammar, word choice, language style, as well as improvements in paraphrasing and punctuation. + +## Jan 17, 2024 - Integration with self-hosted GitLab is now available + +CodeRabbit now offers integration for self-hosted GitLab. Refer to the [setup instructions](https://docs.coderabbit.ai/integrations/self-hosted-gitlab). + +## Jan 2, 2024 - Deep Insights feature is out of beta + +Working as recursive autonomous agent, CodeRabbit uses shell scripts to perform complex operations on the entire codebase, verifying changes and providing deeper insights. +Here are some uses cases : + +- Want to defer implementing the CodeRabbit suggestion to a later time? Ask the bot the create an issue. +- Generate unit tests - comment `@coderabbitai generate unit tests` for the src/utils.ts +- In PR comments, ask the bot to gather insights on your repository including latest commits, frequently changed files, recent contributors etc +- When the CodeRabbit review comment is addressed, let the bot know and it can validate with the latest commit. +Really excited to see how this feature gets used, especially with access to the CLI commands. There are some suggestions in the pull request tips but we are looking forward to seeing additional use cases of how developers use this feature. Please consider sharing your experiences. + +## Dec 18, 2023 - Request Changes Workflow + +Enable Request Changes review workflow for CodeRabbit reviews via .coderabbit.yaml Yaml field request_changes_workflow (default: false). When enabled, review comments are posted as request changes and CodeRabbit review will be marked approved once all the review comments are resolved. + +## Dec 5, 2023 - Learnings + +CodeRabbit can now learn from your conversations to fine-tune your reviews. If you encounter inaccurate feedback or something not relevant to your codebase, just let the bot know, and it will remember the context for the future. We understand that coding practices and standards evolve over time. Using the chat, you can inform the bot, and it will remove any existing learnings that are no longer relevant. This feature does not work, if you have opted out of data storage. + +## Dec 5, 2023 - Codebase Verification + +Verifies the reference of the changes on the overall codebase and identifies missing changes. + +## Dec 5, 2023 - Jira and Linear Integrations + +You can now integrate Jira and Linear into CodeRabbit. This would be used for additional context while reviewing pull requests. If you use any of these systems, we recommend you integrate CodeRabbit. We will be adding more integrations over time. + +## Dec 5, 2023 - Related Issues + +Identifies all issues affected by the code changes. This helps understand the impact on the overall product. It also assists in identifying duplicate issues or the impact on any other existing issues. This feature does not work, if you have opted out of data. + +## Nov 5, 2023 - Issue Validation + +CodeRabbit review can now assess the pull request changes against the linked GitHub or GitLab issue. Integration with other workflow systems including Jira and Linear is under development. + +## Nov 1, 2023 - Committable suggestions + +Review comments can now post committable suggestions that can be committed within the pull request with a single click. + +## Oct 28, 2023 - Resolve Command + +Use `@coderabbitai resolve` to mark all the CodeRabbit review comments as resolved all at once. + +## Oct 23, 2023 - CodeRabbit Commands + +Introducing additional CodeRabbit commands for managing code reviews. + +- Pause Reviews: Use `@coderabbitai pause` in a PR comment to halt ongoing reviews. +- Resume Reviews: Enter `@coderabbitai resume` in a PR comment to continue paused reviews. +- On-Demand Reviews: Disable automatic reviews for your repository to switch to on-demand reviews. Use `@coderabbitai review` in a PR comment. This command will override all review filters that might be set up in the repository settings and will initiate a one-time review. +- Help Command: You can at any time post `@coderabbitai help` in a PR comment to get the list of all valid commands. + +## Oct 12, 2023 - Customization CodeRabbit with YML File + +CodeRabbit customizations made easy! You can now customize CodeRabbit using a YML file from your repository. To learn more, refer to our comprehensive documentation on customizing CodeRabbit. + +## Sep 21, 2023 - Path-Based Review Instructions in CodeRabbit + +#### Path based instructions + +This section explains how to add custom code review instructions for the entire project or specific file paths in your project using glob patterns. Developers can provide tailored review guidelines based on the file paths. These instructions are needed only if you want the reviewer to follow specific instructions besides the standard review. + +Adding file path prompts allows developers to specify custom instructions for different parts of the codebase. For example, you may want to enforce style guide by file types or directories. + +Sample Usage + +``` +path: **/*.js +instructions: Review the javascript code against the google javascript style guide and point out any mismatches +``` + +``` +path: tests/**.* +instructions: Review the following unit test code written using the Mocha test library. Ensure that: The code adheres to best practices associated with Mocha. Descriptive test names are used to clearly convey the intent of each test. + +``` + +:::note + +- Paths accept glob patterns. +- Instructions generally work well for specific additional instructions. However, they are not that effective if you are instructing AI not to do something. +- Test the review feedback on pull requests and tailor as necessary. + +::: + +## Sep 19, 2023 - Introducing CodeRabbit for GitLab Integration + +CodeRabbit is now available for GitLab! We know many of you have been waiting for this integration. Thank you for your patience. Sign up for the free trial! From 0f4ed2bde8936f798a907e2d46a33827bf6b45e4 Mon Sep 17 00:00:00 2001 From: Ankur Tyagi Date: Mon, 21 Oct 2024 18:32:29 +0200 Subject: [PATCH 02/12] docs: removed duplicate content from review-instructions.md (#113) --- docs/guides/review-instructions.md | 20 +++----------------- 1 file changed, 3 insertions(+), 17 deletions(-) diff --git a/docs/guides/review-instructions.md b/docs/guides/review-instructions.md index 10554177..8ffa2cb4 100644 --- a/docs/guides/review-instructions.md +++ b/docs/guides/review-instructions.md @@ -17,8 +17,9 @@ This section explains how to add custom code review instructions for the entire project or specific file paths in your project using glob patterns. Developers can provide tailored review guidelines based on the file paths. These instructions are needed only if you want CodeRabbit to follow specific -instructions besides the standard review. For example, you may want to enforce a -style guide by file types or directories. +instructions besides the standard review. + +>For example, you may want to enforce a style guide by file types or directories. ### Sample Usage @@ -72,21 +73,6 @@ learning curve involved. ::: -CodeRabbit offers review instructions based on Abstract Syntax Tree (AST) -patterns. Under the hood, CodeRabbit uses -[`ast-grep`](https://ast-grep.github.io) to power this feature. `ast-grep` is -written in Rust and uses the tree-sitter parser to generate the AST for popular -languages. `ast-grep` is written and maintained by -[Herrington Darkholme](https://twitter.com/hd_nvim). - -:::tip - -`ast-grep` Playground is quite effective in designing and testing AST rules on -source code snippets. You can access the playground -[here](https://ast-grep.github.io/playground.html). - -::: - :::note **Deep dive into AST patterns and `ast-grep` rules** From 8c145095a3858911c4e905e2b95ef586ce734058 Mon Sep 17 00:00:00 2001 From: Hasit Mistry Date: Mon, 21 Oct 2024 09:40:39 -0700 Subject: [PATCH 03/12] Add self-hosted section and update category positions (#110) * add self-hosted section and update category positions * Refactor Docker image pull command to use a placeholder for the Docker registry * Refactor webhook URLs in self-hosted documentation * Refactor webhook URLs in self-hosted documentation --- docs/configure-coderabbit.md | 4 +- docs/faq.md | 2 +- docs/guides/_category_.yml | 2 +- docs/integrations/_category_.yml | 2 +- docs/platforms/_category_.yaml | 2 +- docs/self-hosted/_category_.yaml | 4 + docs/self-hosted/azure-devops.md | 118 +++++++++++++++++++++++++ docs/self-hosted/github.md | 143 +++++++++++++++++++++++++++++++ docs/self-hosted/gitlab.md | 124 +++++++++++++++++++++++++++ docs/tools/_category_.yml | 2 +- 10 files changed, 396 insertions(+), 7 deletions(-) create mode 100644 docs/self-hosted/_category_.yaml create mode 100644 docs/self-hosted/azure-devops.md create mode 100644 docs/self-hosted/github.md create mode 100644 docs/self-hosted/gitlab.md diff --git a/docs/configure-coderabbit.md b/docs/configure-coderabbit.md index a4cec308..39ae2442 100644 --- a/docs/configure-coderabbit.md +++ b/docs/configure-coderabbit.md @@ -5,7 +5,7 @@ description: CodeRabbit offers various configuration options to tailor the reviews to your specific requirements. Configuration can be made using one of the below options. -sidebar_position: 3 +sidebar_position: 4 --- ```mdx-code-block @@ -47,7 +47,7 @@ Write your configuration file in the below editor to validate: :::note -`.coderabit.yaml` configuration file should exist in the feature branch for CodeRabbit review. +`.coderabit.yaml` configuration file should exist in the feature branch for CodeRabbit review. ::: diff --git a/docs/faq.md b/docs/faq.md index f71f14f6..279ab45f 100644 --- a/docs/faq.md +++ b/docs/faq.md @@ -2,7 +2,7 @@ title: FAQs sidebar_label: FAQs description: Frequently asked questions about CodeRabbit. -sidebar_position: 8 +sidebar_position: 9 --- ### General diff --git a/docs/guides/_category_.yml b/docs/guides/_category_.yml index 674b49ba..6f708227 100644 --- a/docs/guides/_category_.yml +++ b/docs/guides/_category_.yml @@ -1,4 +1,4 @@ label: Guides -position: 6 +position: 7 collapsible: true collapsed: true diff --git a/docs/integrations/_category_.yml b/docs/integrations/_category_.yml index 1b85855e..54e65b06 100644 --- a/docs/integrations/_category_.yml +++ b/docs/integrations/_category_.yml @@ -1,4 +1,4 @@ label: Integrations -position: 7 +position: 8 collapsible: true collapsed: true diff --git a/docs/platforms/_category_.yaml b/docs/platforms/_category_.yaml index 32fe7bb9..31e215f7 100644 --- a/docs/platforms/_category_.yaml +++ b/docs/platforms/_category_.yaml @@ -1,4 +1,4 @@ label: Supported Git Platforms -position: 5 +position: 6 collapsible: true collapsed: true diff --git a/docs/self-hosted/_category_.yaml b/docs/self-hosted/_category_.yaml new file mode 100644 index 00000000..f965af15 --- /dev/null +++ b/docs/self-hosted/_category_.yaml @@ -0,0 +1,4 @@ +label: Self-Hosted CodeRabbit +position: 3 +collapsible: true +collapsed: true diff --git a/docs/self-hosted/azure-devops.md b/docs/self-hosted/azure-devops.md new file mode 100644 index 00000000..2e229ec4 --- /dev/null +++ b/docs/self-hosted/azure-devops.md @@ -0,0 +1,118 @@ +--- +title: Use Self-Hosted CodeRabbit With Azure DevOps +sidebar_label: Azure DevOps +description: Instructions to self-host CodeRabbit and integrate it with Azure DevOps. +sidebar_position: 3 +--- + +## Create a Azure DevOps User + +* **Username**: Set the username to "CodeRabbit" for easier identification (optional). +* **Profile Image**: Use the CodeRabbitAI logo for the user image (optional). + +## Add User to Projects + +Add the CodeRabbit user to each project where you want CodeRabbit to post reviews, with rights to post reviews & open PRs. + +## Create a Personal Access Token for CodeRabbit user + +Generate a personal access token for the CodeRabbit user to be added in the `.env` file as `AZURE_DEVOPS_BOT_TOKEN`. + +**Necessary Scopes**: + +* `Code` - Full +* `Work Items` - Read, write, and manage + +Consult official CodeRabbitAI documentation for a detailed [guide](https://docs.coderabbit.ai/platforms/azure-devops#generating-a-personal-access-token) on creating personal access tokens. + +## Add the necessary webhooks to each project + +1. **Navigate to project's Service Hooks Page**: Go to the service hooks configuration page in the desired Azure DevOps project. + +2. **Add the following webhooks:** + 1. Pull request created + 2. Pull request updated + 3. Pull request commented on + +3. **Add Webhook URL**: Enter the URL pointing to the CodeRabbit service, followed by `/azure_webhooks` (e.g., `http://127.0.0.1:8080/azure_webhooks`) for each webhook. + +## Prepare an `.env` file + +Create an `.env` file with the following content: + +```bash +# if using OpenAI +LLM_PROVIDER=openai +LLM_TIMEOUT=360000 +OPENAI_API_KEYS= +OPENAI_BASE_URL=[] +OPENAI_ORG_ID=[] +OPENAI_PROJECT_ID=[] + +# if using Azure OpenAI +LLM_PROVIDER=azure-openai +LLM_TIMEOUT=360000 +AZURE_OPENAI_ENDPOINT= +AZURE_OPENAI_API_KEY= +AZURE_GPT4OMINI_DEPLOYMENT_NAME= +AZURE_GPT4O_DEPLOYMENT_NAME= +## o1-mini is optional +AZURE_O1_MINI_DEPLOYMENT_NAME=[] +## o1-preview is optional: it’s very expensive but provides best reviews +AZURE_O1_DEPLOYMENT_NAME=[] +## gpt-4-turbo is optional: it’s expensive but provides better reviews than gpt-4o +AZURE_GPT4TURBO_DEPLOYMENT_NAME=[] + +TEMP_PATH=/cache + +AST_GREP_RULES_PATH=/home/jailuser/ast-grep-rules +AST_GREP_ESSENTIALS=ast-grep-essentials + +SELF_HOSTED=azure-devops + +AZURE_DEVOPS_BOT_TOKEN= +AZURE_DEVOPS_BOT_USERNAME= +CODERABBIT_LICENSE_KEY= + +CODERABBIT_API_KEY=[] +ENABLE_LEARNINGS=[true] +ENABLE_METRICS=[true] + +JIRA_HOST=[] +JIRA_PAT=[] + +LINEAR_PAT=[] +``` + +:::note + +* If you are using Azure OpenAI, verify that the model deployment names are in the .env file. +* Values marked with [] are not optional to provide. +* You can generate `CODERABBIT_API_KEY` from CodeRabbit UI -> Organizations Settings -> API Keys. + +::: + +## Pull the CodeRabbit Docker image + +Authenticate and pull the Docker image using the provided credentials file: + +```bash +cat coderabbit.json | docker login -u _json_key --password-stdin us-docker.pkg.dev +docker pull /coderabbit-agent:latest +``` + +### Verify the image is up + +You can query `/health` endpoint to verify that the coderabbit-agent service is up and running. + +```bash +curl 127.0.0.1:8080/health +``` + +## Host the image + +You can host the image on a server, serverless function, or container environment and expose port `8080`. Run the Docker image with the equivalent command on your chosen platform, ensuring you replace the `.env` file path with the path to your actual `.env` file: + +```bash +docker run --env-file .env --publish 127.0.0.1:8080:8080 /coderabbit-agent:latest +``` diff --git a/docs/self-hosted/github.md b/docs/self-hosted/github.md new file mode 100644 index 00000000..2afcf984 --- /dev/null +++ b/docs/self-hosted/github.md @@ -0,0 +1,143 @@ +--- +title: Use Self-Hosted CodeRabbit With GitHub +sidebar_label: GitHub +description: Instructions to self-host CodeRabbit and integrate it with GitHub. +sidebar_position: 1 +--- + +## Create a GitHub App + +Set the following Repository permissions: + +* Checks: Read-only +* Contents: Read and write +* Commit statuses: Read and write +* Discussions: Read-only +* Issues: Read & write +* Metadata: Read-only +* Pull requests: Read & write + +Set the following Organization permissions: + +* Members: Read-only + +Set the following events: + +* Meta +* Issue comment +* Issues +* Label +* Public +* Pull request +* Pull request review +* Pull request review comment +* Pull request review thread +* Push +* Release + +## Gather information from the GitHub App + +* App ID +* Client ID +* Client Secret +* Webhook Secret + +## Prepare an `.env` file + +```bash +# if using OpenAI +LLM_PROVIDER=openai +LLM_TIMEOUT=360000 +OPENAI_API_KEYS= +OPENAI_BASE_URL=[] +OPENAI_ORG_ID=[] +OPENAI_PROJECT_ID=[] + +# if using Azure OpenAI +LLM_PROVIDER=azure-openai +LLM_TIMEOUT=360000 +AZURE_OPENAI_ENDPOINT= +AZURE_OPENAI_API_KEY= +AZURE_GPT4OMINI_DEPLOYMENT_NAME= +AZURE_GPT4O_DEPLOYMENT_NAME= +## o1-mini is optional +AZURE_O1_MINI_DEPLOYMENT_NAME=[] +## o1-preview is optional: it’s very expensive but provides best reviews +AZURE_O1_DEPLOYMENT_NAME=[] +## gpt-4-turbo is optional: it’s expensive but provides better reviews than gpt-4o +AZURE_GPT4TURBO_DEPLOYMENT_NAME=[] + +# if using Anthropic +LLM_PROVIDER=anthropic +LLM_TIMEOUT=360000 +ANTHROPIC_API_KEYS= +ANTHROPIC_BASE_URL=[] + +TEMP_PATH=/cache + +AST_GREP_RULES_PATH=/home/jailuser/ast-grep-rules +AST_GREP_ESSENTIALS=ast-grep-essentials + +SELF_HOSTED=github + +GH_WEBHOOK_SECRET= +GITHUB_HOSTNAME=[] +GITHUB_APP_CLIENT_ID= +GITHUB_APP_CLIENT_SECRET= +GITHUB_APP_ID= +GITHUB_APP_PEM_FILE= + +CODERABBIT_LICENSE_KEY= + +CODERABBIT_API_KEY=[] +ENABLE_LEARNINGS=[true] +ENABLE_METRICS=[true] + +JIRA_HOST=[] +JIRA_PAT=[] + +LINEAR_PAT=[] + +OAUTH2_ENDPOINT=[] +OAUTH2_CLIENT_ID=[] +OAUTH2_CLIENT_SECRET=[] +``` + +:::note + +* If you are using Azure OpenAI, verify that the model deployment names are in the .env file. +* Values marked with [] are optional to provide. +* For `GITHUB_APP_PEM_FILE`, flatten the PEM file by replacing newlines with `\n`. +* For `GITHUB_HOSTNAME`, use GitHub Enterprise server's hostname, for example, “github.acme-inc.com” +* You can generate `CODERABBIT_API_KEY` from CodeRabbit UI -> Organizations Settings -> API Keys. + +::: + +## Pull the CodeRabbit Docker image + +Using the credentials file shared with you, first authenticate and then pull the image. + +```bash +cat coderabbit.json | docker login -u _json_key --password-stdin us-docker.pkg.dev +docker pull /coderabbit-agent:latest +``` + +## Host the image + +You can choose to host it on a server, serverless function, or a container environment and expose the port “8080”. Run the Docker image with the equivalent of the following command on the platform of your choice, replacing the “.env” file with the path to your “.env” file: + +```bash +docker run --env-file .env --publish 127.0.0.1:8080:8080 /coderabbit-agent:latest +``` + +### Verify the image is up + +You can query `/health` endpoint to verify that the coderabbit-agent service is up and running. + +```bash +curl 127.0.0.1:8080/health +``` + +## Install the GitHub App + +You can install the GitHub App on your GitHub organization or user account and point the Webhook URL to the hosted CodeRabbit instance, for example, `http://127.0.0.1:8080/github_webhooks`. GitHub will send events to the CodeRabbit instance. diff --git a/docs/self-hosted/gitlab.md b/docs/self-hosted/gitlab.md new file mode 100644 index 00000000..dc738721 --- /dev/null +++ b/docs/self-hosted/gitlab.md @@ -0,0 +1,124 @@ +--- +title: Use Self-Hosted CodeRabbit With GitLab +sidebar_label: GitLab +description: Instructions to self-host CodeRabbit and integrate it with GitLab. +sidebar_position: 2 +--- + +## Create a GitLab User + +* **Username**: Set the username to "CodeRabbit" for easier identification (optional). +* **Profile Image**: Use the CodeRabbitAI logo for the user image (optional). + +## Add User to Projects + +Add the CodeRabbit user to each project where you want CodeRabbit to post reviews, with at least `Developer` access. + +## Create a Personal Access Token for CodeRabbit user + +Generate a personal access token for the CodeRabbit user to be added in the `.env` file as `GITLAB_BOT_TOKEN`. + +**Necessary Scopes**: + +* `api` + +Consult official CodeRabbitAI documentation for a detailed [guide](https://docs.coderabbit.ai/integrations/self-hosted-gitlab#generating-personal-access-token) on creating personal access tokens. + +## Add a webhook to each project + +1. **Navigate to Add Webhook Page**: Go to the webhook configuration page in the desired GitLab project. +2. **Add Webhook URL**: Enter the URL pointing to the CodeRabbit service, followed by `/gitlab_webhooks` (e.g., `http://127.0.0.1:8080/gitlab_webhooks`). +3. **Generate and Save Secret Token**: Generate a secret token, add it to the webhook, and store it securely. This will be needed for the `.env` file as `GITLAB_WEBHOOK_SECRET` (you can use a single secret token for all projects). +4. Select triggers: + + * Push events + * Comments + * Issues events + * Merge request events + +## Prepare an `.env` file + +Create an `.env` file with the following content: + +```bash +# if using OpenAI +LLM_PROVIDER=openai +LLM_TIMEOUT=360000 +OPENAI_API_KEYS= +OPENAI_BASE_URL=[] +OPENAI_ORG_ID=[] +OPENAI_PROJECT_ID=[] + +# if using Azure OpenAI +LLM_PROVIDER=azure-openai +LLM_TIMEOUT=360000 +AZURE_OPENAI_ENDPOINT= +AZURE_OPENAI_API_KEY= +AZURE_GPT4OMINI_DEPLOYMENT_NAME= +AZURE_GPT4O_DEPLOYMENT_NAME= +## o1-mini is optional +AZURE_O1_MINI_DEPLOYMENT_NAME= +## o1-preview is optional: it’s very expensive but provides best reviews +AZURE_O1_DEPLOYMENT_NAME= +## gpt-4-turbo is optional: it’s expensive but provides better reviews +AZURE_GPT4TURBO_DEPLOYMENT_NAME=[] + +# if using Anthropic +LLM_PROVIDER=anthropic +LLM_TIMEOUT=360000 +ANTHROPIC_API_KEYS= +ANTHROPIC_BASE_URL=[] + +TEMP_PATH=/cache + +AST_GREP_RULES_PATH=/home/jailuser/ast-grep-rules +AST_GREP_ESSENTIALS=ast-grep-essentials + +SELF_HOSTED=gitlab + +GITLAB_BOT_TOKEN= +GITLAB_WEBHOOK_SECRET= +CODERABBIT_LICENSE_KEY= + +CODERABBIT_API_KEY=[] +ENABLE_LEARNINGS=[true] +ENABLE_METRICS=[true] + +JIRA_HOST=[] +JIRA_PAT=[] + +LINEAR_PAT=[] +``` + +:::note + +* If you are using Azure OpenAI, verify that the model deployment names are in the .env file. +* Values marked with [] are not optional to provide. +* You can generate `CODERABBIT_API_KEY` from CodeRabbit UI -> Organizations Settings -> API Keys. + +::: + +## Pull the CodeRabbit Docker image + +Authenticate and pull the Docker image using the provided credentials file: + +```bash +cat coderabbit.json | docker login -u _json_key --password-stdin us-docker.pkg.dev +docker pull /coderabbit-agent:latest +``` + +### Verify the image is up + +You can query `/health` endpoint to verify that the coderabbit-agent service is up and running. + +```bash +curl 127.0.0.1:8080/health +``` + +## Host the image + +You can host the image on a server, serverless function, or container environment and expose port `8080`. Run the Docker image with the equivalent command on your chosen platform, ensuring you replace the `.env` file path with the path to your actual `.env` file: + +```bash +docker run --env-file .env --publish 127.0.0.1:8080:8080 /coderabbit-agent:latest +``` diff --git a/docs/tools/_category_.yml b/docs/tools/_category_.yml index 0ea58591..ede457e0 100644 --- a/docs/tools/_category_.yml +++ b/docs/tools/_category_.yml @@ -1,4 +1,4 @@ label: Supported Tools -position: 4 +position: 5 collapsible: true collapsed: true From e03eda4d8711a974ed635371f62b9298001ea883 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Mon, 21 Oct 2024 23:10:51 +0000 Subject: [PATCH 04/12] Update schema.v2.json --- static/schema/schema.v2.json | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/static/schema/schema.v2.json b/static/schema/schema.v2.json index 229d2b94..83496d82 100644 --- a/static/schema/schema.v2.json +++ b/static/schema/schema.v2.json @@ -146,6 +146,11 @@ "default": true, "description": "Post review details on each review. Additionally, post a review status when a review is skipped in certain cases." }, + "commit_status": { + "type": "boolean", + "default": true, + "description": "Set the commit status to 'pending' when the review is in progress and 'success' when it is complete." + }, "poem": { "type": "boolean", "default": true, From c14b66f258af00f16d3876078b0f2a9841ba3271 Mon Sep 17 00:00:00 2001 From: Gur singh <11731008+guritfaq@users.noreply.github.com> Date: Mon, 21 Oct 2024 20:35:10 -0700 Subject: [PATCH 05/12] Update changelog.md --- docs/changelog.md | 91 +++++++++++++++++++++++++---------------------- 1 file changed, 48 insertions(+), 43 deletions(-) diff --git a/docs/changelog.md b/docs/changelog.md index e4a6b472..62740558 100644 --- a/docs/changelog.md +++ b/docs/changelog.md @@ -5,8 +5,8 @@ description: The latest updates and changes to CodeRabbit. sidebar_position: 9 --- -## Sep 9, 2024 - Related PRs and Label suggestions - +## Related PRs and Label suggestions +#### Sep 9, 2024 - Possibly related PRs: The walkthrough comment now includes a list of potentially related PRs to help you recall the past context. - Suggested labels: CodeRabbit can now suggest labels by learning from your past PRs in the walkthrough comment. You can also provide custom labeling instructions in the UI or configuration file. @@ -14,7 +14,8 @@ sidebar_position: 9 Possibly related PRs, automatic label suggestions based on past PRs, learnings, and possibly related issues require data opt-in (enabled by default). ::: -## Aug 15, 2024 - New Dashboard +## New Dashboard +#### Aug 15, 2024 We’re excited to share our updated dashboard, designed to give you better insights into CodeRabbit review metrics. @@ -28,11 +29,12 @@ What's new: These updates are here to help you get more from the dashboard. Take a look today! -## Jul 31, 2024 - Promote members to admin - +## Promote members to admin +#### Jul 31, 2024 You can now promote members in your organization to admins within CodeRabbit. Admins will be able to manage the subscription and the seats for that organization -## Jul 16, 2024 - New Features and Improvements +## New Features and Improvements +#### Jul 16, 2024 #### Learnings Page @@ -63,8 +65,8 @@ We've refined the default settings to be less noisy and more actionable. Additio The GitLab integration now offers more flexibility and security. Users can use Personal Access Tokens (PATs) from within their organization to post reviews. This enhancement ensures reviews are posted with appropriate organizational context and permissions, improving traceability and security. -## May 28, 2024 - New Features and Improvements - +## New Features and Improvements +#### May 28, 2024 Sequence Diagrams CodeRabbit now generates sequence diagrams of code changes, enhancing reviewers' ability to understand the flow of control. Auto-Generate PR Titles @@ -78,7 +80,8 @@ We have introduced new commands for interacting with CodeRabbit, detailed under Improved Handling of Closed PRs We have been observing that many PRs get closed quickly and CodeRabbit continues to review them. PRs get closed quickly for various reasons - changes are too small, the author is confident (perhaps, overly?), or the changes were unnecessary. With this improvement, we now stop the review process midway if we detect that the PR has been closed. -## May 23, 2024 - New Features and Improvements +## New Features and Improvements +#### May 23, 2024 Review Settings Introduced new personality profiles for code reviews Users can now select between "Chill" and "Assertive" review tones to tailor feedback styles according to their preferences. The "Assertive" profile posts more comments and nitpicks the code more aggressively, while the "Chill" profile is more relaxed and posts fewer comments. @@ -93,33 +96,34 @@ Users can now customize CodeRabbit to review code in the style of their favorite Revamped Settings Page We have redesigned the settings page for a more intuitive layout, enabling users to find and adjust settings quickly. This change was long-time coming; it not only improves the user experience but also allows our development team to add more settings in the future with ease. Going forward, the changes to .coderabbit.yaml will be reflected in the settings page, and vice versa. -## Apr 18, 2024 - CodeRabbit now runs Static Analyzers and Linters as part of the pull request review - +## CodeRabbit now runs Static Analyzers and Linters as part of the pull request review +#### Apr 18, 2024 CodeRabbit now runs static analyzers, linters and provides one-click fixes for the issues identified. AI helps reduce the false positives and focus on the critical findings. CodeRabbit will respect the existing configuration files of these tools if they already exist in the project. For example, if your project already uses ruff and has a ruff.toml file at the root of the project, that will be used. In cases where project configurations are not found, CodeRabbit defaults will be used. Currently, CodeRabbit runs markdownlint, shellcheck, ruff, and languagetool. We will continue to add more tools. The default configuration can be changed through the .coderabbit.yaml file. Are there any specific tools you'd like us to add? Let us know. We'd love to hear your suggestions! -## Apr 1, 2024 - CodeRabbit is GDPR compliant - +## CodeRabbit is GDPR compliant +#### Apr 1, 2024 Excited to announce that CodeRabbit is now GDPR compliant in accordance with EU regulations! -## Mar 12, 2024 - CodeRabbit now offers fixes for GitHub Check failures on pull requests - +## CodeRabbit now offers fixes for GitHub Check failures on pull requests +#### Mar 12, 2024 CodeRabbit now offers fixes for GitHub Check failures on pull requests. With this change, Check Runs on GitHub that add Annotations to Pull Requests will be used. For example, popular GitHub Actions published by reviewdog (action-golangci-lint, action-staticcheck, action-eslint) and super-linter among many others have the ability to report issues on Pull Requests as annotations. Checks that output logs will be supported shortly. CodeRabbit GitHub App requires permission to read Checks for this feature to work. To enable this, please grant the necessary permissions by visiting the CodeRabbit GitHub app settings under [installation](https://github.com/settings/installations). Support for GitLab will follow. -## Mar 11, 2024 - CodeRabbit is now SOC 2 Type II compliant - +## CodeRabbit is now SOC 2 Type II compliant +#### Mar 11, 2024 Excited to announce that CodeRabbit is now GDPR compliant in accordance with EU regulations! -## Mar 2, 2024 - Enhanced review of the markdown changes +## Enhanced review of the markdown changes +#### Mar 2, 2024 CodeRabbit now offers a more comprehensive review of the markdown changes. In addition to the AI suggestions, we do a thorough check for spelling, grammar, word choice, language style, as well as improvements in paraphrasing and punctuation. -## Jan 17, 2024 - Integration with self-hosted GitLab is now available - +## Integration with self-hosted GitLab is now available +#### Jan 17, 2024 CodeRabbit now offers integration for self-hosted GitLab. Refer to the [setup instructions](https://docs.coderabbit.ai/integrations/self-hosted-gitlab). -## Jan 2, 2024 - Deep Insights feature is out of beta - +## Deep Insights feature is out of beta +#### Jan 2, 2024 Working as recursive autonomous agent, CodeRabbit uses shell scripts to perform complex operations on the entire codebase, verifying changes and providing deeper insights. Here are some uses cases : @@ -129,40 +133,41 @@ Here are some uses cases : - When the CodeRabbit review comment is addressed, let the bot know and it can validate with the latest commit. Really excited to see how this feature gets used, especially with access to the CLI commands. There are some suggestions in the pull request tips but we are looking forward to seeing additional use cases of how developers use this feature. Please consider sharing your experiences. -## Dec 18, 2023 - Request Changes Workflow - +## Request Changes Workflow +#### Dec 18, 2023 Enable Request Changes review workflow for CodeRabbit reviews via .coderabbit.yaml Yaml field request_changes_workflow (default: false). When enabled, review comments are posted as request changes and CodeRabbit review will be marked approved once all the review comments are resolved. -## Dec 5, 2023 - Learnings - +## Learnings +#### Dec 5, 2023 CodeRabbit can now learn from your conversations to fine-tune your reviews. If you encounter inaccurate feedback or something not relevant to your codebase, just let the bot know, and it will remember the context for the future. We understand that coding practices and standards evolve over time. Using the chat, you can inform the bot, and it will remove any existing learnings that are no longer relevant. This feature does not work, if you have opted out of data storage. -## Dec 5, 2023 - Codebase Verification - +## Codebase Verification +#### Dec 5, 2023 Verifies the reference of the changes on the overall codebase and identifies missing changes. -## Dec 5, 2023 - Jira and Linear Integrations - +## Jira and Linear Integrations +#### Dec 5, 2023 You can now integrate Jira and Linear into CodeRabbit. This would be used for additional context while reviewing pull requests. If you use any of these systems, we recommend you integrate CodeRabbit. We will be adding more integrations over time. -## Dec 5, 2023 - Related Issues +## Related Issues +#### Dec 5, 20233 Identifies all issues affected by the code changes. This helps understand the impact on the overall product. It also assists in identifying duplicate issues or the impact on any other existing issues. This feature does not work, if you have opted out of data. -## Nov 5, 2023 - Issue Validation - +## Issue Validation +#### Nov 5, 2023 CodeRabbit review can now assess the pull request changes against the linked GitHub or GitLab issue. Integration with other workflow systems including Jira and Linear is under development. -## Nov 1, 2023 - Committable suggestions - +## Committable suggestions +#### Nov 1, 2023 Review comments can now post committable suggestions that can be committed within the pull request with a single click. -## Oct 28, 2023 - Resolve Command - +## Resolve Command +#### Oct 28, 2023 Use `@coderabbitai resolve` to mark all the CodeRabbit review comments as resolved all at once. -## Oct 23, 2023 - CodeRabbit Commands - +## CodeRabbit Commands +#### Oct 23, 2023 Introducing additional CodeRabbit commands for managing code reviews. - Pause Reviews: Use `@coderabbitai pause` in a PR comment to halt ongoing reviews. @@ -170,12 +175,12 @@ Introducing additional CodeRabbit commands for managing code reviews. - On-Demand Reviews: Disable automatic reviews for your repository to switch to on-demand reviews. Use `@coderabbitai review` in a PR comment. This command will override all review filters that might be set up in the repository settings and will initiate a one-time review. - Help Command: You can at any time post `@coderabbitai help` in a PR comment to get the list of all valid commands. -## Oct 12, 2023 - Customization CodeRabbit with YML File - +## Customization CodeRabbit with YML File +#### Oct 12, 2023 CodeRabbit customizations made easy! You can now customize CodeRabbit using a YML file from your repository. To learn more, refer to our comprehensive documentation on customizing CodeRabbit. -## Sep 21, 2023 - Path-Based Review Instructions in CodeRabbit - +## Path-Based Review Instructions in CodeRabbit +#### Sep 21, 2023 #### Path based instructions This section explains how to add custom code review instructions for the entire project or specific file paths in your project using glob patterns. Developers can provide tailored review guidelines based on the file paths. These instructions are needed only if you want the reviewer to follow specific instructions besides the standard review. From 23270f0e74dc632eb815d2f4a601d4216a6122c9 Mon Sep 17 00:00:00 2001 From: Harjot Gill Date: Mon, 21 Oct 2024 23:07:39 -0700 Subject: [PATCH 06/12] update whitelist IP list --- docs/platforms/github-enterprise-server.md | 4 +- docs/platforms/self-hosted-gitlab.md | 45 ++++++++++++++-------- 2 files changed, 31 insertions(+), 18 deletions(-) diff --git a/docs/platforms/github-enterprise-server.md b/docs/platforms/github-enterprise-server.md index b38b6e9d..fae1a587 100644 --- a/docs/platforms/github-enterprise-server.md +++ b/docs/platforms/github-enterprise-server.md @@ -8,7 +8,7 @@ sidebar_position: 3 :::info This page is for GitHub Enterprise Server (Self-Hosted) users only. -If you're using github.com, [log in to CodeRabbit](https://app.coderabbit.ai) +If you're using `github.com`, [log in to CodeRabbit](https://app.coderabbit.ai) and add your repositories from there ::: @@ -163,7 +163,7 @@ Navigate to the **Advanced** tab in the GitHub App and click on the ### **Step 6: Whitelist CodeRabbit IP address** Use this CodeRabbit IP if your instance requires IP whitelisting -`35.222.179.152/32` +`35.222.179.152/32` and `34.170.211.100/32`. VPN tunneling is available as an add-on package. Please reach out to us at [contact@coderabbit.ai](mailto:contact@coderabbit.ai) if you are interested. diff --git a/docs/platforms/self-hosted-gitlab.md b/docs/platforms/self-hosted-gitlab.md index 38c7e70d..405e7071 100644 --- a/docs/platforms/self-hosted-gitlab.md +++ b/docs/platforms/self-hosted-gitlab.md @@ -12,7 +12,10 @@ To initiate the integration, we require specific information. This is essential for the initial setup of CodeRabbit within your domain. Once this setup is complete, you can log in directly using the OAuth2 flow. -CodeRabbit supports GitLab `16.x` and above. Version `15.x` may experience unexpected issues such as review comments not being posted or the sign up process not working at all. While we won't block the integration, we recommend upgrading your GitLab instance to obtain the intended experience. +CodeRabbit supports GitLab `16.x` and above. Version `15.x` may experience +unexpected issues such as review comments not being posted or the sign-up +process not working at all. While we won't block the integration, we recommend +upgrading your GitLab instance to obtain the intended experience. ### **Step 1: Getting Started** @@ -29,7 +32,8 @@ organization and if we find an existing one, we are starting the login process. ![Untitled](/img/integrations/self-hosted-gitlab-host-url.png) -If the self-managed GitLab instance is not found, we initiate the onboarding process, which can be either manual or automated. +If the self-managed GitLab instance is not found, we initiate the onboarding +process, which can be either manual or automated. ### **Step 3: Onboarding Manual or Automated** @@ -42,31 +46,39 @@ If the self-managed GitLab instance is not found, we initiate the onboarding pro Admin access token is required to set up a new CodeRabbit bot user within your self-managed instance. The token is needed only once during the initial setup process. Once the token is generated, you can set its minimum expiration period. -This is the standard approach used by other products in this category. -This is not automatically installing the CodeRabbit -app across all projects. You will add CodeRabbit manually on the projects you -wish, as the next step. +This is the standard approach used by other products in this category. This is +not automatically installing the CodeRabbit app across all projects. You will +add CodeRabbit manually on the projects you wish, as the next step. #### 2. Manual onboarding -For the manual onboarding process we need to create the [CodeRabbit user](#creating-coderabbit-user) and the [OAuth2 GitLab application](#creating-oauth2-application). +For the manual onboarding process we need to create the +[CodeRabbit user](#creating-coderabbit-user) and the +[OAuth2 GitLab application](#creating-oauth2-application). ![Untitled](/img/integrations/manual-onboarding.png) #### **Creating CodeRabbit user** -This feature will work with any user from your organization, but we strongly suggest creating a -dedicated user called **CodeRabbitAI**. This ensures clarify about which user is used for our -application and allows for better fine-grained access control. +This feature will work with any user from your organization, but we strongly +suggest creating a dedicated user called **CodeRabbitAI**. This ensures clarify +about which user is used for our application and allows for better fine-grained +access control. -To create users in GitLab, log in with an instance admin account and follow the steps provided in the [GitLab documentation](https://docs.gitlab.com/ee/user/profile/account/create_accounts.html#create-users-in-admin-area). -After the user is created, you can retrieve the **User ID** from that user's profile and generate an [**access token**](#generating-personal-access-token). +To create users in GitLab, log in with an instance admin account and follow the +steps provided in the +[GitLab documentation](https://docs.gitlab.com/ee/user/profile/account/create_accounts.html#create-users-in-admin-area). +After the user is created, you can retrieve the **User ID** from that user's +profile and generate an [**access token**](#generating-personal-access-token). The access token is used to post reviews on merge requests. #### **Creating OAuth2 application** -For self-managed GitLab, we recommend creating an instance-wide application unless you want the reviews to be limited to a single group or user. +For self-managed GitLab, we recommend creating an instance-wide application +unless you want the reviews to be limited to a single group or user. -Please follow the steps outlined in the [GitLab documentation](https://docs.gitlab.com/ee/integration/oauth_provider.html#create-an-instance-wide-application) for creating the application. +Please follow the steps outlined in the +[GitLab documentation](https://docs.gitlab.com/ee/integration/oauth_provider.html#create-an-instance-wide-application) +for creating the application. Requirements: @@ -79,7 +91,8 @@ GitLab offers an option to generate a personal access token for adding a new user and setting up the application in the self-managed instance. To generate the token, please follow the process outlined below: -1. Login to your self-hosted instance. For [automated onboarding](#1-automated-onboarding) ensure you have admin rights. +1. Login to your self-hosted instance. For + [automated onboarding](#1-automated-onboarding) ensure you have admin rights. 2. On the left sidebar, select your avatar. 3. Select Edit profile. 4. On the left sidebar, select Access Tokens. @@ -104,7 +117,7 @@ the token, please follow the process outlined below: ### **Step 5: Whitelist CodeRabbit IP address** Use this CodeRabbit IP if your instance requires IP whitelisting -`35.222.179.152/32` +`35.222.179.152/32` and `34.170.211.100/32`. VPN tunneling is available as an add-on package. Please reach out to us at [contact@coderabbit.ai](mailto:contact@coderabbit.ai) if you are interested. From 361d4410738e54b2c39b430d584e5e6f10d851cd Mon Sep 17 00:00:00 2001 From: alexcoderabbitai Date: Tue, 22 Oct 2024 18:30:13 -0400 Subject: [PATCH 07/12] add sast notes to changelog (#114) * add sast notes to changelog * fix update --- docs/changelog.md | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/docs/changelog.md b/docs/changelog.md index 62740558..6b835ef4 100644 --- a/docs/changelog.md +++ b/docs/changelog.md @@ -5,6 +5,15 @@ description: The latest updates and changes to CodeRabbit. sidebar_position: 9 --- +## Security and SAST Remediation Improvements +#### Oct 22, 2024 +- Enabling comprehensive security analysis directly from context within GitHub Checks. +- CodeRabbit now seamlessly integrates with top SAST tools that create github check annotation comments like Codacy, SonarCloud, Code Climate, GitHub Advanced Security, Palo Alto Prisma Cloud, and more! +- We have added a [YouTube Tutorial](https://www.youtube.com/watch?v=tfy3FdsoUtU) for a step-by-step guide on using CodeRabbit with Codacy and SonarCloud during pull requests. +- Improved the [Semgrep Documentation](https://docs.coderabbit.ai/tools/semgrep). +- CodeRabbit now automatically detects Semgrep rulesets from default `semgrep.yml` or `semgrep.config.yml` files, eliminating the need for manual configuration. + + ## Related PRs and Label suggestions #### Sep 9, 2024 - Possibly related PRs: The walkthrough comment now includes a list of potentially related PRs to help you recall the past context. From 144ed03d54b84d548a181bd7b8ed201e82afd2a7 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Wed, 23 Oct 2024 06:11:31 +0000 Subject: [PATCH 08/12] Update schema.v2.json --- static/schema/schema.v2.json | 28 ++++++++++++++-------------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/static/schema/schema.v2.json b/static/schema/schema.v2.json index 83496d82..6c57c039 100644 --- a/static/schema/schema.v2.json +++ b/static/schema/schema.v2.json @@ -307,7 +307,7 @@ } }, "additionalProperties": false, - "description": "ast-grep is a code analysis tool that helps you to find patterns in your codebase using abstract syntax trees patterns." + "description": "Enable ast-grep | ast-grep is a code analysis tool that helps you to find patterns in your codebase using abstract syntax trees patterns. | v0.28.1" }, "shellcheck": { "type": "object", @@ -328,7 +328,7 @@ "enabled": { "type": "boolean", "default": true, - "description": "Enable Ruff | Ruff is a Python linter and code formatter. | Enable ruff integration. | v0.6.5" + "description": "Enable Ruff | Ruff is a Python linter and code formatter. | Enable ruff integration. | v0.7.0" } }, "additionalProperties": false, @@ -341,7 +341,7 @@ "enabled": { "type": "boolean", "default": true, - "description": "Enable Markdownlint\n\t\t\t\t| Markdownlint is a static analysis tool for Node.js with a library of rules to enforce standards and consistency for Markdown files.\n\t\t\t\t| Enable markdownlint integration.\n\t\t\t\t| v0.34.0" + "description": "Enable Markdownlint | Markdownlint is a static analysis tool for Node.js with a library of rules to enforce standards and consistency for Markdown files. | Enable markdownlint integration. | v0.35.0" } }, "additionalProperties": false, @@ -426,7 +426,7 @@ "enabled": { "type": "boolean", "default": true, - "description": "Enable Biome | Biome is a fast formatter, linter, and analyzer for web projects. | Enable Biome integration. | v1.8.3" + "description": "Enable Biome | Biome is a fast formatter, linter, and analyzer for web projects. | Enable Biome integration. | v1.9.4" } }, "additionalProperties": false, @@ -469,7 +469,7 @@ "enabled": { "type": "boolean", "default": true, - "description": "Enable PHPStan | PHPStan requires [config file](https://phpstan.org/config-reference#config-file) in your repository root. Please ensure that this file contains the `paths:` parameter. | v1.11.7" + "description": "Enable PHPStan | PHPStan requires [config file](https://phpstan.org/config-reference#config-file) in your repository root. Please ensure that this file contains the `paths:` parameter. | v1.12.7" }, "level": { "type": "string", @@ -501,7 +501,7 @@ "enabled": { "type": "boolean", "default": true, - "description": "Enable golangci-lint | golangci-lint is a fast linters runner for Go. | Enable golangci-lint integration. | v1.59.1" + "description": "Enable golangci-lint | golangci-lint is a fast linters runner for Go. | Enable golangci-lint integration. | v1.61.0" }, "config_file": { "type": "string", @@ -531,7 +531,7 @@ "enabled": { "type": "boolean", "default": true, - "description": "Enable Gitleaks | Gitleaks is a secret scanner. | Enable Gitleaks integration. | v8.19.2" + "description": "Enable Gitleaks | Gitleaks is a secret scanner. | Enable Gitleaks integration. | v8.21.1" } }, "additionalProperties": false, @@ -544,7 +544,7 @@ "enabled": { "type": "boolean", "default": true, - "description": "Enable Checkov | Checkov is a static code analysis tool for infrastructure-as-code files. | v3.2.254" + "description": "Enable Checkov | Checkov is a static code analysis tool for infrastructure-as-code files. | v3.2.268" } }, "additionalProperties": false, @@ -574,7 +574,7 @@ "enabled": { "type": "boolean", "default": true, - "description": "Enable ESLint | ESLint is a static code analysis tool for JavaScript files." + "description": "Enable ESLint (Under Development) | ESLint is a static code analysis tool for JavaScript files." } }, "additionalProperties": false, @@ -587,7 +587,7 @@ "enabled": { "type": "boolean", "default": true, - "description": "Enable Rubocop | RuboCop is a Ruby static code analyzer (a.k.a. linter ) and code formatter. | v1.65.0" + "description": "Enable Rubocop | RuboCop is a Ruby static code analyzer (a.k.a. linter ) and code formatter. | v1.67.0" } }, "additionalProperties": false, @@ -600,7 +600,7 @@ "enabled": { "type": "boolean", "default": true, - "description": "Enable Buf | Buf offers linting for Protobuf files. | v1.42.0" + "description": "Enable Buf | Buf offers linting for Protobuf files. | v1.45.0" } }, "additionalProperties": false, @@ -613,7 +613,7 @@ "enabled": { "type": "boolean", "default": true, - "description": "Enable Regal | Regal is a linter and language server for Rego. | v0.25.0" + "description": "Enable Regal | Regal is a linter and language server for Rego. | v0.28.0" } }, "additionalProperties": false, @@ -639,7 +639,7 @@ "enabled": { "type": "boolean", "default": true, - "description": "Enable Pmd | PMD is an extensible multilanguage static code analyzer. It’s mainly concerned with Java. | v7.5.0" + "description": "Enable Pmd | PMD is an extensible multilanguage static code analyzer. It’s mainly concerned with Java. | v7.6.0" }, "config_file": { "type": "string", @@ -669,7 +669,7 @@ "enabled": { "type": "boolean", "default": true, - "description": "Enable Semgrep | Semgrep is a static analysis tool designed to scan code for security vulnerabilities and code quality issues. | Enable Semgrep integration. | v1.29.0" + "description": "Enable Semgrep | Semgrep is a static analysis tool designed to scan code for security vulnerabilities and code quality issues. | Enable Semgrep integration. | v1.92.0" }, "config_file": { "type": "string", From 646a0b6e5c9431a0878c5c6f90736f3451e0b218 Mon Sep 17 00:00:00 2001 From: dikshant-infracloud <160205839+dikshant-infracloud@users.noreply.github.com> Date: Wed, 23 Oct 2024 14:35:38 +0530 Subject: [PATCH 09/12] Update configure-coderabbit.md to correct spelling mistake in configuration (#116) --- docs/configure-coderabbit.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configure-coderabbit.md b/docs/configure-coderabbit.md index 39ae2442..8bff9952 100644 --- a/docs/configure-coderabbit.md +++ b/docs/configure-coderabbit.md @@ -47,7 +47,7 @@ Write your configuration file in the below editor to validate: :::note -`.coderabit.yaml` configuration file should exist in the feature branch for CodeRabbit review. +`.coderabbit.yaml` configuration file should exist in the feature branch for CodeRabbit review. ::: From 8cb736430cb746cf9397afb99d7932a7228947cb Mon Sep 17 00:00:00 2001 From: Gur singh <11731008+guritfaq@users.noreply.github.com> Date: Wed, 23 Oct 2024 21:30:14 -0700 Subject: [PATCH 10/12] Update introduction.md (#117) --- docs/introduction.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/introduction.md b/docs/introduction.md index eedcc95b..c42558e5 100644 --- a/docs/introduction.md +++ b/docs/introduction.md @@ -22,11 +22,11 @@ Developers can interact directly with the bot within the code, offering addition -## Integration with GitHub and GitLab +## Integration with GitHub, GitLab and Azure DevOps ->**CodeRabbit** integrates with both GitHub and GitLab repositories to deliver continuous and incremental reviews for each commit in a pull request (PR) or merge request (MR). Review feedback is automatically sent back to the PR/MR and can be committed directly. +>**CodeRabbit** integrates with GitHub, GitLab and Azure DevOps repositories to deliver continuous and incremental reviews for each commit in a pull request (PR) or merge request (MR). Review feedback is automatically sent back to the PR/MR and can be committed directly. -It works via GitHub/GitLab webhooks, monitoring Pull Request (PR) and Merge Request (MR) events. A comprehensive review is performed when a PR or MR is created, and for +It works via a webhook, monitoring Pull Request (PR) and Merge Request (MR) events. A comprehensive review is performed when a PR or MR is created, and for incremental commits and comments addressed to the bot. The feedback is then sent directly back to the Pull Request or Merge Request. ![CodeRabbit Code Review Flow showing how AI integrates with GitHub and GitLab for continuous pull request feedback.](/img/about/coderabbit-flow.png "CodeRabbit Code Review Flow") From 3a52e3691a36fa1f6f965a597cad781daa3d434c Mon Sep 17 00:00:00 2001 From: Ankur Tyagi Date: Wed, 23 Oct 2024 10:28:57 +0200 Subject: [PATCH 11/12] docs: enhance Support, Features, and Intro pages; improve image SEO, internal linking, clarity, and layout --- docs/about/features.md | 62 +++++++++++++++++++++++------------------- docs/about/pricing.md | 54 +++++++++++++++++++++++++++--------- docs/about/support.md | 39 ++++++++++++++++---------- 3 files changed, 100 insertions(+), 55 deletions(-) diff --git a/docs/about/features.md b/docs/about/features.md index 016fc5df..77589260 100644 --- a/docs/about/features.md +++ b/docs/about/features.md @@ -1,6 +1,6 @@ --- -title: High-level Features -sidebar_label: High-level Features +title: CodeRabbit Features +sidebar_label: Features description: Learn how CodeRabbit works in a pull request review. --- @@ -9,39 +9,44 @@ description: Learn how CodeRabbit works in a pull request review. Generated upon the creation of a pull request and subsequently updated with each incremental request. -High-Level Summary: This offers a concise overview of the changes in the pull +**High-Level Summary**: This offers a concise overview of the changes in the pull request. It helps the team, including those without technical expertise, to quickly understand the changes and the impact on the product. -![Summary Overview](/img/about/Summary-Overview.png) +![CodeRabbit- Pull Request Summary](/img/about/Summary-Overview.png) -Walkthrough: A detailed code walkthrough to understand the changes in each file +**Walkthrough**: A detailed code walkthrough to understand the changes in each file that is part of the pull request, followed by a celebratory poem about the changes. -![Summary Walkthrough](/img/about/Summary-Walkthrough.png) +![CodeRabbit- Pull Request Walkthrough Example](/img/about/Summary-Walkthrough.png) ### 2. Code Review feedback {#code-review-feedback} -Review feedback is posted as review comments on the lines of the code that -changed for each file. Code suggestions are given in a Diff format, which either +**Code review** feedback is posted as review comments on the lines of the code that +changed for each file. + +> Code suggestions are given in a Diff format, which either be copied or committed within the pull request with a single click. -![Review Feedback](/img/about/ReviewFeedback.png) +![CodeRabbit- Code Review Feedback](/img/about/ReviewFeedback.png) A review status is generated for each commit that is reviewed. It displays the commit IDs that were reviewed, the files examined and ignored, as well as the -additional comments generated for each review, and so on. Review status is -useful for understanding the auxiliary context of the review. +additional comments generated for each review, and so on. -![Review Status](/img/about/ReviewStatus.png) +:::info +Review status is useful for understanding the auxiliary context of the review. +::: +![CodeRabbit- Review Status](/img/about/ReviewStatus.png) ### 3. Chat with CodeRabbit {#chat-with-coderabbit} -CodeRabbit provides conversational capability that allows developers and the +- **CodeRabbit** provides conversational capability that allows developers and the reviewers to ask questions, generate code, and get feedback in the context of changes. Just comment on the CodeRabbit review to start the conversation. -CodeRabbit learns from your interactions and gets smarter over time. The more + +- **CodeRabbit** learns from your interactions and gets smarter over time. The more you chat, the better it gets. We support: @@ -50,37 +55,38 @@ We support: - Comments in Pull Requests - Comments in Git Issues -![Chat](/img/about/chat.png) +![Chat with CodeRabbit - Conversation in Pull Requests](/img/about/chat.png) ### 4. Issue Validation {#issue-validation} -Pull request changes are validated against the linked GitHub or GitLab issue and +**Pull request** changes are validated against the linked GitHub or GitLab issue and identifies all other issues which might be affected by this change. -![Issue Validation](/img/about/issue-validation.png) +![Issue Validation for GitHub/GitLab Issues - CodeRabbit](/img/about/issue-validation.png) ### 5. Sequence Diagrams {#sequence-diagrams} -CodeRabbit visualizes the changes occuring in any pull request using -[Mermaid Diagrams](https://mermaid.live/). +**CodeRabbit** visualizes the changes occuring in any pull request using +[Mermaid Sequence Diagram Example](https://mermaid.live/). ![Diagram](/img/about/diagram.png) -![Advanced Diagram](/img/about/advanced-diagram.png) +![Advanced Sequence Diagram Example - CodeRabbit](/img/about/advanced-diagram.png) ### 6. Commitable Suggestions {#commitable-suggestions} -For quick fixes, CodeRabbit offers one button solution to commit AI recommended -changes! +For quick fixes, **CodeRabbit** offers one button solution to commit AI recommended +changes. -![Commitable Suguestion](/img/about/committable-suggestion.png) +![AI Recommended Suggestions - CodeRabbit](/img/about/committable-suggestion.png) -![Irony](/img/about/ironic-committable.png) +![Irony in Committable Suggestions - CodeRabbit](/img/about/ironic-committable.png) ### 7. Learnings {#learnings} -CodeRabbit learns from user chat interactions to gain tribal knowledge on your -repositories and organization. CodeRabbit will apply and update these learnings -in future reviews +- **CodeRabbit** learns from user chat interactions to gain tribal knowledge on your +repositories and organization. +- **CodeRabbit** will apply and update these learnings +in future reviews. -![Learnings](/img/about/learnings.png) +![Learnings from Interactions - CodeRabbit AI](/img/about/learnings.png) diff --git a/docs/about/pricing.md b/docs/about/pricing.md index f3f69fa3..2ba5bceb 100644 --- a/docs/about/pricing.md +++ b/docs/about/pricing.md @@ -4,8 +4,7 @@ sidebar_label: Pricing description: Learn about the plans, pricing, and subscription management of CodeRabbit. --- -This section covers the plans, pricing, and subscription management of -CodeRabbit. +Find all the information you need about CodeRabbit's plans and how to manage your monthly bill. ## Overview @@ -22,6 +21,18 @@ CodeRabbit. --- +## Open Source +:::note +CodeRabbit Pro is free for all Open Source projects. +::: + +- **Price**: $0/month +- Free forever +- No credit card required +- Unlimited public repositories + +--- + ## Pro Plan ### Features @@ -34,16 +45,16 @@ CodeRabbit. ### Pricing -- Monthly: $15 per month per contributing developer. -- Annual: $12 per month, billed annually per contributing developer. +- **Monthly**: $15 per month per contributing developer. +- **Annual**: $12 per month, billed annually per contributing developer. ### Usage Limits These are the hourly usage limits for each developer per repository: -- Number of files reviewed per hour: 150 Files -- Number of reviews per hour (includes incremental reviews): 9 -- Number of conversations per hour: 50 +- Number of files reviewed per hour: **150 Files** +- Number of reviews per hour (includes incremental reviews): **9** +- Number of conversations per hour: **50** --- @@ -62,27 +73,44 @@ These are the hourly usage limits for each developer per repository: --- +## Plan Comparison + +| Feature | Free Plan | Pro Plan | +| ----------------------------- | ---------------- | --------------- | +| **Free Trial** | 14-day free trial| 14-day free trial| +| **Private Repos** | Limited access | Unlimited access| +| **Public Repos** | Unlimited access | Unlimited access| +| **Pull Request Summarization** | Included | Included | +| **Line-by-Line Reviews** | Public repos only | All repos | +| **Conversational Bot** | No | Yes | +| **Hourly Usage Limits** | Limited | 150 files/hour, 9 reviews/hour, 50 conversations/hour | +| **Price** | Free forever | $15 per seat/mo | + +--- + ## Subscription Management ### Pro Plan -- GitHub/GitLab organization owners can purchase or introduce changes to the +- [GitHub/GitLab](docs/tools/tools.md) organization owners can purchase or introduce changes to the subscription. - You can choose to manually purchase seats and assign them to developers, or have them assigned automatically as developers create pull requests. - During the trial period, seat assignment is automatic, but the number of seats can be adjusted when purchasing the subscription. -![Seat Management](/img/about/cr_seat_manage_dark.png#gh-dark-mode-only) -![Seat Management](/img/about/cr_seat_manage_light.png#gh-light-mode-only) +![Seat Management for CodeRabbit Subscription](/img/about/cr_seat_manage_dark.png#gh-dark-mode-only) +![Seat Management for CodeRabbit Subscription](/img/about/cr_seat_manage_light.png#gh-light-mode-only) ### Free Plan - Seats are assigned to new developers immediately -![Free Seat Assignment](/img/about/cr_seat_free_dark.png#gh-dark-mode-only) -![Free Seat Assignment](/img/about/cr_seat_free_light.png#gh-light-mode-only) +![Free Plan Seat Assignment - CodeRabbit](/img/about/cr_seat_free_dark.png#gh-dark-mode-only) +![Free Plan Seat Assignment - CodeRabbit](/img/about/cr_seat_free_light.png#gh-light-mode-only) -**Note:** The subscription is limited to human users; bot users are not +:::note +The subscription is limited to human users; bot users are not supported. Thus, pull requests or merge requests created by bots will not be reviewed. +::: \ No newline at end of file diff --git a/docs/about/support.md b/docs/about/support.md index 688d350d..581e3bc9 100644 --- a/docs/about/support.md +++ b/docs/about/support.md @@ -4,31 +4,42 @@ sidebar_label: Support description: Get help with CodeRabbit and find answers to common questions. --- -Welcome to CodeRabbit Support! Please refer to the following sections for +Welcome to CodeRabbit Support. Please refer to the following sections for contacting our support team. Our support team will respond back as soon as possible. -## Community Discord +## Discord Server -For real-time support and to connect with other CodeRabbit users, join our -[Discord](http://discord.gg/GsXnASn26c). +All CodeRabbit users have access to the [CodeRabbit Discord Server](http://discord.gg/GsXnASn26c), where you can ask questions or see what others are doing with CodeRabbit. You will find CodeRabbit users and members of the CodeRabbit team actively engaged. ## Support Tickets -To get assistance from our support team, open a ticket using the help icon on -the CodeRabbit UI: +:::tip +For assistance from our support team, click the help icon located in the bottom right corner of the [CodeRabbit UI](https://app.coderabbit.ai/login). This will open a chat window where you can submit your support ticket. +::: + +Complete the support ticket by providing your name, email, a description of your issue, and attaching any necessary files. If you are reporting a bug, please provide the GitHub or GitLab organization name. + + +![How to Open a Support Ticket-CodeRabbit ](/img/about/cr_support_help_light.png#gh-light-mode-only) +![How to Open a Support Ticket-CodeRabbit ](/img/about/cr_support_help_dark.png#gh-dark-mode-only) + +:::note +If you are a paying user and cannot access the support ticket form in the CodeRabbit UI for some reason, you can contact CodeRabbit support at the following email address: support@coderabbit.ai. +::: + +## Customer Responsibilities -Complete the support ticket by providing your name, email, a description of your -issue, and attaching any necessary files. If you are reporting a bug, please -provide the GitHub or GitLab organization name. +> To ensure efficient resolution of issues, customers are expected to -![Open a Ticket](/img/about/cr_support_help_light.png#gh-light-mode-only) -![Open a Ticket](/img/about/cr_support_help_dark.png#gh-dark-mode-only) +1. Provide detailed information about the issue. +2. Cooperate with the Support team during troubleshooting. +3. Utilize available self-service resources/docs for basic inquiries. -## Email Support +## Etiquette +Regardless of the method or location through which CodeRabbit provides Support, communication should be professional and respectful. Any communication that is deemed objectionable by CodeRabbit staff is not tolerated. This includes but is not limited to any communication that is abusive or contains profane language. -You can also reach out to us at -[support@coderabbit.ai](mailto:support@coderabbit.ai). +> CodeRabbit reserves the right to terminate Support Services in the event of any such objectionable communication. :::tip From 1dd5ff76de9f95ebb0262cb775d515f34dd8b7ef Mon Sep 17 00:00:00 2001 From: Ankur Tyagi Date: Thu, 24 Oct 2024 08:52:24 +0200 Subject: [PATCH 12/12] docs: enhance Support, Features, and Intro pages; improve image SEO, internal linking, clarity, and layout --- docs/about/support.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/about/support.md b/docs/about/support.md index 581e3bc9..e5e15b1c 100644 --- a/docs/about/support.md +++ b/docs/about/support.md @@ -10,7 +10,7 @@ possible. ## Discord Server -All CodeRabbit users have access to the [CodeRabbit Discord Server](http://discord.gg/GsXnASn26c), where you can ask questions or see what others are doing with CodeRabbit. You will find CodeRabbit users and members of the CodeRabbit team actively engaged. +All CodeRabbit users have access to the [CodeRabbit Discord Server](http://discord.gg/coderabbit), where you can ask questions or see what others are doing with CodeRabbit. You will find CodeRabbit users and members of the CodeRabbit team actively engaged. ## Support Tickets