[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"project-79227":3},{"id":4,"name":5,"fullName":6,"owner":7,"repo":5,"description":8,"homepage":9,"htmlUrl":10,"language":11,"languages":10,"totalLinesOfCode":10,"stars":12,"forks":13,"watchers":14,"openIssues":15,"contributorsCount":16,"subscribersCount":16,"size":16,"stars1d":17,"stars7d":18,"stars30d":19,"stars90d":16,"forks30d":16,"starsTrendScore":20,"compositeScore":21,"rankGlobal":10,"rankLanguage":10,"license":22,"archived":23,"fork":23,"defaultBranch":24,"hasWiki":23,"hasPages":25,"topics":26,"createdAt":10,"pushedAt":10,"updatedAt":32,"readmeContent":33,"aiSummary":34,"trendingCount":16,"starSnapshotCount":16,"syncStatus":35,"lastSyncTime":36,"discoverSource":37},79227,"open-code-review","alibaba\u002Fopen-code-review","alibaba","Open-source & free — Battle-tested at Alibaba's scale. Hybrid architecture code review tool: deterministic pipelines + LLM Agent, precise line-level comments, built-in fine-tuned ruleset (NPE, thread-safety, XSS, SQL injection), OpenAI & Anthropic compatible.","https:\u002F\u002Falibaba.github.io\u002Fopen-code-review\u002F",null,"Go",6186,338,19,12,0,167,4944,6165,1278,38.59,"Apache License 2.0",false,"main",true,[27,28,29,30,31],"agent","code-review","code-review-assistant","harness","repository-level-context","2026-06-12 02:03:50","\u003Cdiv align=\"center\">\n\nEnglish | [简体中文](README.zh-CN.md)\n\n\u003C\u002Fdiv>\n\n# OpenCodeReview\n\nAI-powered code review CLI that reads Git diffs, sends changed files to a configurable LLM via an agent with tool-use capabilities, and generates structured review comments with line-level precision.\n\nThe agent can read full file contents, search the codebase, inspect other changed files for context, and produce deep reviews — not just surface-level diff feedback.\n\n![Open Benchmark](imgs\u002Fopen-benchmark.png)\n\n## Install\n\n### Via NPM (Recommended)\n\n```bash\nnpm install -g @alibaba-group\u002Fopen-code-review\n```\n\nAfter installation, the `ocr` command is available globally.\n\n### From GitHub Release\n\nDownload the latest binary from [GitHub Releases](https:\u002F\u002Fgithub.com\u002Falibaba\u002Fopen-code-review\u002Freleases):\n\n```bash\n# macOS (Apple Silicon)\ncurl -Lo ocr https:\u002F\u002Fgithub.com\u002Falibaba\u002Fopen-code-review\u002Freleases\u002Flatest\u002Fdownload\u002Fopencodereview-darwin-arm64\nchmod +x ocr && sudo mv ocr \u002Fusr\u002Flocal\u002Fbin\u002Focr\n\n# macOS (Intel)\ncurl -Lo ocr https:\u002F\u002Fgithub.com\u002Falibaba\u002Fopen-code-review\u002Freleases\u002Flatest\u002Fdownload\u002Fopencodereview-darwin-amd64\nchmod +x ocr && sudo mv ocr \u002Fusr\u002Flocal\u002Fbin\u002Focr\n\n# Linux (x86_64)\ncurl -Lo ocr https:\u002F\u002Fgithub.com\u002Falibaba\u002Fopen-code-review\u002Freleases\u002Flatest\u002Fdownload\u002Fopencodereview-linux-amd64\nchmod +x ocr && sudo mv ocr \u002Fusr\u002Flocal\u002Fbin\u002Focr\n\n# Linux (ARM64)\ncurl -Lo ocr https:\u002F\u002Fgithub.com\u002Falibaba\u002Fopen-code-review\u002Freleases\u002Flatest\u002Fdownload\u002Fopencodereview-linux-arm64\nchmod +x ocr && sudo mv ocr \u002Fusr\u002Flocal\u002Fbin\u002Focr\n```\n\n### From Source\n\n```bash\ngit clone https:\u002F\u002Fgithub.com\u002Falibaba\u002Fopen-code-review.git\ncd open-code-review\nmake build\nsudo cp dist\u002Fopencodereview \u002Fusr\u002Flocal\u002Fbin\u002Focr\n```\n\n## Quick Start\n\n### 1. Configure LLM\n\n**You must configure an LLM before reviewing code.**\n\n```bash\n# Option A: Interactive config\nocr config set llm.url https:\u002F\u002Fapi.anthropic.com\u002Fv1\u002Fmessages\nocr config set llm.auth_token your-api-key-here\nocr config set llm.model claude-opus-4-6\nocr config set llm.use_anthropic true\n\n# Option B: Environment variables (highest priority)\nexport OCR_LLM_URL=https:\u002F\u002Fapi.anthropic.com\u002Fv1\u002Fmessages\nexport OCR_LLM_TOKEN=your-api-key-here\nexport OCR_LLM_MODEL=claude-opus-4-6\nexport OCR_USE_ANTHROPIC=true\n```\n\nConfig is stored in `~\u002F.opencodereview\u002Fconfig.json`.\n\nThe tool also falls back to Claude Code environment variables (`ANTHROPIC_BASE_URL`, `ANTHROPIC_AUTH_TOKEN`, `ANTHROPIC_MODEL`) and parses `~\u002F.zshrc` \u002F `~\u002F.bashrc` for those exports.\n\n### 2. Test Connectivity\n\n```bash\nocr llm test\n```\n\n### 3. Review\n\n```bash\ncd your-project\n\n# Workspace mode — review all staged, unstaged, and untracked changes\nocr review\n\n# Branch range — compare two refs\nocr review --from main --to feature-branch\n\n# Single commit\nocr review --commit abc123\n```\n\n## Commands\n\n| Command | Alias | Description |\n|---------|-------|-------------|\n| `ocr review` | `ocr r` | Start a code review |\n| `ocr rules check \u003Cfile>` | — | Preview which review rule applies to a file path |\n| `ocr config set \u003Ckey> \u003Cvalue>` | — | Set configuration values |\n| `ocr llm test` | — | Test LLM connectivity |\n| `ocr viewer` | `ocr v` | Launch WebUI session viewer on `localhost:5483` |\n| `ocr version` | — | Show version info |\n\n### `ocr review` Flags\n\n| Flag | Shorthand | Default | Description |\n|------|-----------|---------|-------------|\n| `--repo` | — | current dir | Git repository root |\n| `--from` | — | — | Source ref (e.g., `main`) |\n| `--to` | — | — | Target ref (e.g., `feature-branch`) |\n| `--commit` | `-c` | — | Single commit to review |\n| `--preview` | `-p` | `false` | Preview which files will be reviewed without running the LLM |\n| `--format` | `-f` | `text` | Output format: `text` or `json` |\n| `--concurrency` | — | `8` | Max concurrent file reviews |\n| `--timeout` | — | `10` | Concurrent task timeout in minutes |\n| `--audience` | — | `human` | `human` (show progress) or `agent` (summary only) |\n| `--rule` | — | — | Path to custom JSON review rules |\n| `--tools` | — | — | Path to custom JSON tools config |\n\n## Examples\n\n```bash\n# Preview which files will be reviewed (no LLM calls)\nocr review --preview\nocr review -c abc123 -p\n\n# Review workspace changes with default settings\nocr review\n\n# Review branch diff with higher concurrency\nocr review --from main --to my-feature --concurrency 4\n\n# Review a specific commit with verbose JSON output\nocr review --commit abc123 --format json --audience agent\n\n# Use custom review rules\nocr review --rule \u002Fpath\u002Fto\u002Fmy-rules.json\n\n# Preview which rule applies to a file\nocr rules check src\u002Fmain\u002Fjava\u002Fcom\u002Fexample\u002FFoo.java\nocr rules check --rule custom.json src\u002Fmain\u002Fresources\u002Fmapper\u002FUserMapper.xml\n\n# View review session history in browser\nocr viewer\nocr viewer --addr :3000\n```\n\n## Review Rules\n\nOCR resolves review rules using a four-layer priority chain. Each layer uses first-match-wins: if a file path matches a pattern, that rule is used; otherwise it falls through to the next layer.\n\n| Priority | Source | Path | Description |\n|----------|--------|------|-------------|\n| 1 (highest) | `--rule` flag | User-specified path | CLI explicit override |\n| 2 | Project config | `\u003CrepoDir>\u002F.opencodereview\u002Frule.json` | Per-project rules, can be committed to git |\n| 3 | Global config | `~\u002F.opencodereview\u002Frule.json` | User-wide personal preferences |\n| 4 (lowest) | System default | Embedded `system_rules.json` | Built-in rules covering common languages and file types |\n\n### Rule File Format\n\nLayers 1–3 share the same JSON format:\n\n```json\n{\n  \"rules\": [\n    {\n      \"path\": \"force-api\u002F**\u002F*.java\",\n      \"rule\": \"All new methods must validate required parameters for null values\"\n    },\n    {\n      \"path\": \"**\u002F*mapper*.xml\",\n      \"rule\": \"Check SQL for injection risks, parameter errors, and missing closing tags\"\n    }\n  ]\n}\n```\n\n- `path` supports `**` recursive matching and `{java,kt}` brace expansion.\n- Within each layer, rules are evaluated in declaration order — the first match wins.\n- If a rule file does not exist, it is silently skipped.\n\n## Architecture\n\nThe review agent follows a **three-phase workflow**:\n\n1. **Plan Phase** — For changes exceeding 50 lines, the agent performs risk analysis before reviewing. Smaller diffs skip directly to the main phase.\n2. **Main Task Loop** — Each changed file gets its own goroutine. The LLM interacts with built-in tools (read files, search code, read diffs, submit comments) in a conversation loop until it calls `task_done`.\n3. **Memory Compression** — When prompt context exceeds token thresholds (60% async, 80% sync), the agent uses three-zone partitioning (frozen \u002F compress \u002F active) to manage context window size.\n\n### Key Design Decisions\n\n- **Concurrent per-file processing** — Files are reviewed in parallel (default 8 workers). Timeout prevents any single file from blocking others.\n- **Dual protocol support** — Both Anthropic Messages API and OpenAI Chat Completions API are supported, with automatic URL normalization.\n- **Tool-use agent** — The LLM has access to domain-specific tools (`code_search`, `file_read`, `code_comment`, `file_find`, `file_read_diff`), enabling cross-referential context-aware reviews rather than isolated diff scanning.\n\n## Configuration Reference\n\nConfig file: `~\u002F.opencodereview\u002Fconfig.json`\n\n| Key | Type | Example |\n|-----|------|---------|\n| `llm.url` | string | `https:\u002F\u002Fapi.openai.com\u002Fv1\u002Fchat\u002Fcompletions` |\n| `llm.auth_token` | string | `sk-xxxxxxx` |\n| `llm.model` | string | `claude-opus-4-6` |\n| `llm.use_anthropic` | boolean | `true` \\| `false` |\n| `language` | string | `English` \\| `Chinese` (default: Chinese) |\n| `telemetry.enabled` | boolean | `true` \\| `false` |\n| `telemetry.exporter` | string | `console` \\| `otlp` |\n| `telemetry.otlp_endpoint` | string | OTLP collector address |\n| `telemetry.content_logging` | boolean | Include prompts in telemetry |\n\nEnvironment variables take precedence over the config file.\n\n### Environment Variables\n\n| Variable | Purpose |\n|----------|---------|\n| `OCR_LLM_URL` | LLM API endpoint URL |\n| `OCR_LLM_TOKEN` | API key \u002F auth token |\n| `OCR_LLM_MODEL` | Model name |\n| `OCR_USE_ANTHROPIC` | `true` = Anthropic, `false` = OpenAI |\n\n### Template Parameters\n\nInternal defaults defined in `internal\u002Fconfig\u002Ftemplate\u002Ftask_template.json`:\n\n| Parameter | Default | Description |\n|-----------|---------|-------------|\n| `MAX_TOKENS` | 58888 | Max tokens per LLM request |\n| `MAX_TOOL_REQUEST_TIMES` | 20 | Max tool-use iterations per file |\n| `PLAN_MODE_LINE_THRESHOLD` | 50 | Skip plan phase below this line count |\n| `TOOL_REQUEST_WAIT_TIME_MS` | 10000 | Per-tool-request timeout |\n\n## Built-in Tools\n\nTools the LLM agent can invoke during review:\n\n| Tool | Phases | Purpose |\n|------|--------|---------|\n| `task_done` | main_task | Terminate the review (DONE\u002FFAILED) |\n| `code_comment` | main_task | Submit a line-level review comment |\n| `file_read` | main_task | Read file content at a line range |\n| `code_search` | plan + main | Search text\u002Fregex across files |\n| `file_read_diff` | plan + main | View diff content for other changed files |\n| `file_find` | plan + main | Find files by filename keyword |\n\n## System Review Rules\n\nBuilt-in glob-pattern-matched review checklists per file type, defined in `internal\u002Fconfig\u002Frules\u002Fsystem_rules.json`:\n\n| Pattern | Focus Areas |\n|---------|-------------|\n| `*.java` | NPE risks, dead loops, switch fallthrough, N+1 queries, thread safety |\n| `*.{ts,js,tsx,jsx}` | Quality, React best practices, async norms, XSS\u002Fsecurity |\n| `*.kt` | Null safety, coroutine usage, idiomatic patterns |\n| `*{go,py,ets,lua,dart,swift,groovy}` | Logic bugs, typos |\n| `*{cpp,cc,hpp}` | Smart pointers, RAII, STL, const correctness |\n| `*.c` | malloc\u002Ffree pairing, buffer overflow |\n| `pom.xml` \u002F `build.gradle` | SNAPSHOT version prevention |\n| `package.json` | Latest\u002Fwildcard versions, dependency conflicts |\n| `*mapper*.xml` \u002F `*dao*.xml` | SQL injection, performance, logic errors |\n| `*.properties` | Typo detection, duplicate keys, security issues |\n\nOverride with `--rule path\u002Fto\u002Frules.json`.\n\n## Telemetry\n\nOpenTelemetry integration for observability (spans, metrics). Disabled by default.\n\n```bash\nocr config set telemetry.enabled true\nocr config set telemetry.exporter otlp\nocr config set telemetry.otlp_endpoint localhost:4317\n```\n\nSet `telemetry.content_logging` to include LLM prompts and responses in exported data.\n\n## Development\n\n```bash\nmake build      # Build for current platform\nmake test       # Run tests with race detection\nmake clean      # Remove dist\u002F\nmake build-all  # Cross-compile (linux\u002Famd64, linux\u002Farm64, darwin\u002Famd64, darwin\u002Farm64)\nmake dist       # Full release pipeline\n```\n\n## License\n\n[Apache-2.0](LICENSE) — Copyright 2026 Alibaba\n","OpenCodeReview 是一个由阿里巴巴开发的代码审查工具，结合了确定性流水线和大语言模型（LLM）代理，能够提供精确到行级别的评论。该项目采用 Go 语言编写，支持内置的细粒度规则集，包括空指针异常、线程安全、XSS 和 SQL 注入等常见问题检测，并且兼容 OpenAI 和 Anthropic 的 LLM。它适用于需要高质量代码审查的各种开发场景，特别是大型项目中，能够帮助开发者快速发现潜在问题并提高代码质量。通过配置不同的 LLM，用户可以根据自己的需求选择合适的模型进行深度代码审查。",2,"2026-06-11 03:57:37","CREATED_QUERY"]