AI-CodeWise GitHub Action: Your AI-powered Code Reviewer!
🧠Triggers on pull requests, sending code diffs to StepSecurity API & using Azure OpenAI API for code analysis
🔒Pull request comments via StepSecurity bot, pinpointing issues to enhance code quality & tackle security risks
To use AI-CodeWise, add this GitHub Actions workflow to your repositories
name: Code Review on: pull_request: permissions: contents: read jobs: code-review: runs-on: ubuntu-latest permissions: contents: read pull-requests: read steps: - name: Harden Runner uses: step-security/harden-runner@128a63446a954579617e875aaab7d2978154e969 # v2.4.0 with: disable-sudo: true egress-policy: block allowed-endpoints: > api.github.com:443 - name: Code Review uses: step-security/ai-codewise@v1
When you create a pull request in the repository, the workflow will get triggered and add a pull request comment. The comment will be added even if the pull request is from a fork. Here is an screenshot of what the comment will look like:
The bot solely generates code comments, it does not approve or block PRs based on its suggestions. The action passes once the code comments are posted in the PR discussion.
Comparison with existing SAST and IaC scanners
🌐: Detects code smells, best practice violations, & security issues across languages for versatile code review.
Unforeseen Issue Detection
🎯: AI-powered for discovering issues that rule-based systems might miss, ensuring thorough code analysis.
🔧: Offers code change suggestions directly in PR comments, empowering devs to resolve issues efficiently, boosting code quality & security.
Here are a few example pull requests with PR comments from AI-CodeWise
- Terraform file with multiple security issues
- Java code vulnerable to XML external entities attacks
- Python code vulnerable to server-side request forgery (SSRF)
- C# code vulnerable to command injection
To try it out, you can also create a pull request in our demo repository. https://github.com/step-security/ai-codewise-demo
Support for private repositories
To use AI-CodeWise on a private repository, please join the beta.
- AI-CodeWise will only review changes if the total number of file changes in a pull request is less than 10.
- AI-CodeWise will only review changes in a file if the total characters in the diff is less than approximately 10K.