Quick Start
Get up and running with DeepReview in under 5 minutes. This guide will walk you through the essential steps to integrate AI-powered code reviews into your GitHub workflow.
Prerequisites
- A GitHub account with admin access to at least one repository
- A DeepReview account (free tier available)
Step 1: Install the GitHub App
Click the button below to install the DeepReview GitHub App:
Install DeepReview App
Select the repositories you want DeepReview to monitor. You can choose all repositories or specific ones.
Step 2: Configure Your Project
Create a .deepreview.yml file in your repository root:
version: "1.0"
review:
enabled: true
auto_review: true
languages:
- typescript
- python
- go
rules:
security: strict
performance: moderate
style: relaxed
ignore:
- "**/*.test.ts"
- "docs/**"
Step 3: Create Your First PR
Once configured, simply create a pull request as usual. DeepReview will automatically:
- Analyze the code changes using the ReAct reasoning engine
- Explore related files and dependencies for full context
- Post review comments with actionable suggestions
- Generate a summary report with severity levels
Tip: DeepReview works best when it has access to your project's documentation. Consider adding a docs/ folder or linking your Wiki.
Installation
DeepReview offers multiple installation options to fit your team's needs.
Cloud (Recommended)
The fastest way to get started. No infrastructure management required.
- Sign up at app.deepreview.ai
- Connect your GitHub/GitLab account
- Select repositories to monitor
- Start receiving AI reviews on your PRs
Self-Hosted (Enterprise)
For teams with strict compliance requirements, DeepReview can be deployed in your own infrastructure.
docker pull deepreview/server:latest
docker run -d \
--name deepreview \
-p 8080:8080 \
-e DATABASE_URL=postgres://... \
-e LLM_API_KEY=your-api-key \
-e GITHUB_APP_ID=your-app-id \
-e GITHUB_PRIVATE_KEY=your-private-key \
deepreview/server:latest
Kubernetes Deployment
apiVersion: apps/v1
kind: Deployment
metadata:
name: deepreview
spec:
replicas: 3
selector:
matchLabels:
app: deepreview
template:
spec:
containers:
- name: deepreview
image: deepreview/server:latest
ports:
- containerPort: 8080
Configuration
DeepReview can be configured at multiple levels: repository, organization, and global.
Configuration File Reference
| Option |
Type |
Default |
Description |
version |
string |
"1.0" |
Configuration schema version |
review.enabled |
boolean |
true |
Enable/disable automatic reviews |
review.auto_review |
boolean |
true |
Auto-review on PR creation |
review.languages |
array |
["*"] |
Languages to analyze |
rules.security |
string |
"moderate" |
strict | moderate | relaxed |
rules.performance |
string |
"moderate" |
strict | moderate | relaxed |
ignore |
array |
[] |
Glob patterns to ignore |
Environment Variables
| Variable |
Required |
Description |
LLM_API_KEY |
Yes |
API key for the LLM provider |
LLM_MODEL |
No |
Model to use (default: gpt-4) |
LLM_FALLBACK_MODEL |
No |
Fallback model for long contexts |
DATABASE_URL |
Yes |
PostgreSQL connection string |
REDIS_URL |
No |
Redis for task queue |
ReAct Engine
The ReAct (Reasoning and Action) engine is the core of DeepReview's intelligent code review capability. Unlike traditional static analyzers that apply fixed rules, ReAct enables the AI to think, explore, and iterate until it fully understands the code changes.
How It Works
The ReAct engine operates in iterative cycles, similar to how a human reviewer would approach code:
1
Think
Analyze the diff and reason about what context is needed
→
2
Act
Use tools to gather information (read files, search code, fetch docs)
→
3
Observe
Integrate findings and decide: loop back or generate report
Example ReAct Flow
The PR modifies the authentication function. I need to understand
how the password hashing is implemented.
read_file("src/auth/password.ts")
File contains bcrypt implementation with salt rounds = 10
I see a potential security issue - the salt rounds are hardcoded.
Let me check if there's a config file for security settings.
search_code("salt.*rounds", "src/", "*.ts")
Found: config/security.ts defines SALT_ROUNDS constant
The PR should reference the config constant instead of hardcoding.
I have enough context to generate the review.
Available Tools
The AI agent has access to the following tools during review:
| Tool |
Description |
Example Use |
read_file |
Read the contents of any file |
Understanding full function implementation |
search_code |
Search for patterns in codebase |
Finding all usages of a function |
list_directory |
Explore project structure |
Understanding module organization |
fetch_docs |
Query library documentation |
Checking correct API usage |
read_wiki |
Read project wiki pages |
Understanding project conventions |
think |
Internal reasoning scratchpad |
Complex logical reasoning |
Key Advantage: Unlike diff-only tools, DeepReview can trace function calls, understand architectural patterns, and detect issues that require cross-file context.
Review Workflow
Understanding the complete flow from PR creation to review completion.
Synchronous vs Asynchronous Mode
| Mode |
Best For |
Response Time |
| Synchronous |
Small PRs (<500 lines) |
30-60 seconds |
| Asynchronous |
Large PRs, deep analysis |
2-10 minutes (webhook callback) |
Review Output Structure
Each review generates multiple outputs:
- Detailed Report: Full analysis with all findings
- Summary: Executive summary for quick overview
- Suggestions List: Actionable items with severity levels
- Inline Comments: Posted directly on PR lines
Severity Levels
| Level |
Icon |
Description |
| Critical |
π |
Security vulnerabilities, data loss risks |
| Warning |
β‘ |
Performance issues, potential bugs |
| Info |
π‘ |
Code style, refactoring suggestions |
Retry & Fault Tolerance
DeepReview implements multiple layers of fault tolerance to ensure reliable reviews.
Retry Strategy
| Error Type |
Strategy |
Max Retries |
| Network timeout |
Exponential backoff |
3 |
| Rate limit |
Wait + retry |
5 |
| Context too long |
Switch to larger model |
1 |
| Model unavailable |
Fallback model |
2 |
Model Switching
When the context exceeds the primary model's limit, DeepReview automatically switches to a larger capacity model:
Primary: gpt-4 (8K context)
β (if context > 8K)
Fallback: gpt-4-32k (32K context)
β (if context > 32K)
Extended: claude-3-opus (200K context)
GitHub Integration
DeepReview provides native integration with GitHub through a GitHub App.
Permissions Required
- Read: Repository contents, metadata, pull requests
- Write: Pull request comments, checks
Webhook Events
DeepReview listens to the following GitHub events:
| Event |
Action |
pull_request.opened |
Trigger automatic review |
pull_request.synchronize |
Re-review on new commits |
issue_comment.created |
Respond to @deepreview mentions |
REST API
Integrate DeepReview into your custom workflows using our REST API.
Authentication
Authorization: Bearer YOUR_API_KEY
Create Review
POST /api/v1/reviews
Content-Type: application/json
{
"repository": "owner/repo",
"pull_request": 123,
"base_ref": "main",
"head_ref": "feature-branch",
"async": true,
"callback_url": "https://your-server/webhook"
}
Response
{
"review_id": "rev_abc123",
"status": "processing",
"created_at": "2024-01-15T10:30:00Z"
}
Get Review Result
{
"review_id": "rev_abc123",
"status": "completed",
"summary": "Found 3 issues: 1 critical, 2 warnings",
"suggestions": [
{
"severity": "critical",
"file": "src/auth.ts",
"line": 42,
"message": "SQL injection vulnerability",
"suggestion": "Use parameterized queries"
}
],
"stats": {
"files_analyzed": 15,
"tool_calls": 23,
"tokens_used": 45000
}
}