Service for assisted code review, that allows running custom code Analyzers on pull requests.
Website โข Documentation โข Blog โข Slack โข Twitter
Introduction
With source{d} Lookout, weโre introducing a service for assisted code review, that allows running custom code analyzers on pull requests.
Jump to the Quickstart section to start using it!
Table of Contents
Motivation and Scope
source{d} is the company driving the Machine Learning on Code (#MLonCode) movement. Doing Machine Learning on Code consists of applying ML techniques to train models that can cluster, identify and predict useful aspects of source code and software repositories.
source{d} Lookout is the first step towards a full suite of Machine Learning on Code applications for AI-assisted coding, but you can also create your own analyzers without an ML approach.
The benefits of using source{d} Lookout are:
- Keep your code base style/patterns consistent.
- Language agnostic assisted code reviews.
- Identify where to focus your attention on code reviews.
- Automatically warn about common mistakes before human code review.
Current Status
Currently, source{d} Lookout is in development process.
Further Reading
This repository contains the code of source{d} Lookout and the project documentation, which you can also see properly rendered at https://docs.sourced.tech/lookout.
Quickstart
There are several ways to run source{d} Lookout; we recommend to use docker-compose
because it's straightforward, but you can learn more about the different ways to run source{d} Lookout.
Please refer to the Configuring source{d} Lookout guide for documentation about the config.yml
file, and to know how to configure source{d} Lookout to analyze your repositories, or to use your own analyzers.
There is docker-compose.yml
config file for Docker Compose to start source{d} Lookout, its dependencies (bblfsh and PostgreSQL) and a dummy
analyzer which will add some stats to the watched pull requests.
To do so, clone this repository or download docker-compose.yml
directly.
Create the config.yml
file in the same directory where docker-compose.yml
is. You can use config.yml.tpl
as a template. Make sure that you specify in the config.yml
the repositories that will be watched by source{d} Lookout. Then run, passing a valid GitHub user/token:
$ docker-compose pull
$ GITHUB_USER=<user> GITHUB_TOKEN=<token> docker-compose up --force-recreate
Once it is running, source{d} Lookout will start posting the comments returned by dummy
analyzer into the pull requests opened at GitHub in the repositories that you configured to be watched.
You can stop it by pressing ctrl+c
If you want to try source{d} Lookout with your own analyzer instead of dummy
one, you must run it in advance, then set it into config.yml
and then run:
$ docker-compose pull
$ GITHUB_USER=<user> GITHUB_TOKEN=<token> docker-compose up --force-recreate lookout bblfsh postgres
If you need to reset the database to a clean state, you should drop the postgres
container. To do so, stop running source{d} Lookout with ctrl+c
and then execute:
$ docker rm lookout_postgres_1
Available Analyzers
This is the list of the known implemented analyzers for source{d} Lookout:
Name | Description | Targeted files | Maturity level |
---|---|---|---|
style-analyzer | Code style analyzer | development | |
terraform | Checks if Terraform files are correctly formatted | Terraform | usable |
gometalint | Reports gometalinter results on pull requests | Go | testing and demo |
sonarcheck | Reports SonarSource checks results on pull requests using bblfsh UAST | Java | testing and demo |
flake8 | Reports flake8 results on pull requests | Python | testing and demo |
npm-audit | Reports issues with newly added dependencies using npm-audit | JavaScript | development |
function-name analyzer | Applies a translation model from function identifiers to function names. | development |
Create an Analyzer
If you are developing an Analyzer, or you want more info about how they work, please check the documentation about source{d} Lookout analyzers.
Contribute
Contributions are more than welcome, if you are interested please take a look at our Contributing Guidelines.
Community
source{d} has an amazing community of developers and contributors who are interested in Code As Data and/or Machine Learning on Code. Please join us!
Code of Conduct
All activities under source{d} projects are governed by the source{d} code of conduct.
License
Affero GPL v3.0 or later, see LICENSE.