Skip to content
/ pr_risky_zones_highlighter Public

GitHub action designed to spot risky parts in Pull Requests, aiming to make code review easier for maintainers

License

MIT license
1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

savinmikhail/pr_risky_zones_highlighter

BranchesTags

Repository files navigation

PR Risky Zones Highlighter

Description

The PR Risky Zones Highlighter is a GitHub Action designed to enhance the code review process by identifying potentially risky areas in pull requests. It utilizes the capabilities of ChatGPT to analyze changes and pinpoint sections of code that may contain vulnerabilities or are prone to errors. This action aims to assist reviewers by focusing their attention on critical parts of the code that need thorough scrutiny.

Remember that ChatGPT API isn't for free. The action uses gpt-3.5-turbo.

Inputs

Required Inputs

  • gpt_api_key: The API key for accessing ChatGPT to analyze the pull request.

    • Description: API key for accessing ChatGPT.
    • Required: Yes
    • Example: sk-g33uNV6xasvglAk14N5chOQsFcs1lsFi

  • gpt_url: The URL to ChatGPT.

  • github_token: The GitHub token used to fetch pull request details and post comments.

    • Description: GitHub token for accessing repository data.
    • Required: Yes
    • You don't need to add it to secrets manually, GitHub will do it

  • repo_full_name: The full name of the repository that the pull request is made to.

    • Description: Full name of the repository, e.g., "octocat/hello-world".
    • Required: Yes
    • You don't need to add it to secrets manually, GitHub will do it

  • pull_number: The number associated with the pull request to analyze.

    • Description: The number of the pull request to analyze.
    • Required: Yes
    • You don't need to add it to secrets manually, GitHub will do it

Outputs

This action does not generate any outputs except for posting comments directly on the pull request based on the analysis results.

Secrets

The action uses the following secrets to ensure safe and authorized interactions with GitHub and ChatGPT:

  • GPT_API_KEY: Used to authenticate and interact with ChatGPT for analyzing pull requests.
  • GITHUB_TOKEN: Used to interact with GitHub API for fetching pull request data and posting comments.

Environment Variables

This action does not use additional environment variables beyond the inputs required.

Usage

To use the PR Risky Zones Highlighter in your workflow, add the following step to your GitHub Actions workflow file (e.g., .github/workflows/main.yml):

name: Highlight Risky Zones in PRs

on:
  pull_request:
    types: [opened, synchronize]

jobs:
  analyze_pr:
    runs-on: ubuntu-latest

    steps:

    - name: Highlight Risky Zones in PRs
      uses: savinmikhail/pr_risky_zones_highlighter@0.1.x
      with:
        gpt_api_key: ${{ secrets.GPT_API_KEY }}
        github_token: ${{ secrets.GITHUB_TOKEN }}
        repo_full_name: ${{ github.repository }}
        pull_number: ${{ github.event.pull_request.number }}

For testing see the https://github.com/savinmikhail/test_risk_zone_highlighter_action

There ypu can create some PRs and see the result.

About

GitHub action designed to spot risky parts in Pull Requests, aiming to make code review easier for maintainers

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

4 tags

Packages

No packages published

Languages