Introduction

Service for assisted code review, that allows running custom code Analyzers on pull requests.

GitHub version Build Status Development Code Coverage Go Report Card GoDoc

WebsiteDocumentationBlogSlackTwitter

Introduction

With source{d} Lookout, we’re introducing a service for assisted code review, that allows running custom code analyzers on pull requests.

Jump to the Quickstart section to start using it!

Table of Contents

Motivation and Scope

source{d} is the company driving the Machine Learning on Code (#MLonCode) movement. Doing Machine Learning on Code consists of applying ML techniques to train models that can cluster, identify and predict useful aspects of source code and software repositories.

source{d} Lookout is the first step towards a full suite of Machine Learning on Code applications for AI-assisted coding, but you can also create your own analyzers without an ML approach.

The benefits of using source{d} Lookout are:

  • Keep your code base style/patterns consistent.

  • Language agnostic assisted code reviews.

  • Identify where to focus your attention on code reviews.

  • Automatically warn about common mistakes before human code review.

Current Status

Currently, source{d} Lookout is in development process.

Further Reading

This repository contains the code of source{d} Lookout and the project documentation, which you can also see properly rendered at https://docs.sourced.tech/lookout.

Quickstart

There are several ways to run source{d} Lookout; we recommend to use docker-compose because it's straightforward, but you can learn more about the different ways to run source{d} Lookout.

Please refer to the Configuring source{d} Lookout guide for documentation about the config.yml file, and to know how to configure source{d} Lookout to analyze your repositories, or to use your own analyzers.

There is docker-compose.yml config file for Docker Compose to start source{d} Lookout, its dependencies (bblfsh and PostgreSQL) and a dummy analyzer which will add some stats to the watched pull requests.

To do so, clone this repository or download docker-compose.yml directly.

Create the config.yml file in the same directory where docker-compose.yml is. You can use config.yml.tpl as a template. Make sure that you specify in the config.yml the repositories that will be watched by source{d} Lookout. Then run, passing a valid GitHub user/token:

$ docker-compose pull
$ GITHUB_USER=<user> GITHUB_TOKEN=<token> docker-compose up --force-recreate

Once it is running, source{d} Lookout will start posting the comments returned by dummy analyzer into the pull requests opened at GitHub in the repositories that you configured to be watched.

You can stop it by pressing ctrl+c

If you want to try source{d} Lookout with your own analyzer instead of dummy one, you must run it in advance, then set it into config.yml and then run:

$ docker-compose pull
$ GITHUB_USER=<user> GITHUB_TOKEN=<token> docker-compose up --force-recreate lookout bblfsh postgres

If you need to reset the database to a clean state, you should drop the postgres container. To do so, stop running source{d} Lookout with ctrl+c and then execute:

$ docker rm lookout_postgres_1

Available Analyzers

This is the list of the known implemented analyzers for source{d} Lookout:

Name

Description

Targeted files

Maturity level

style-analyzer

Code style analyzer

development

terraform

Checks if Terraform files are correctly formatted

Terraform

usable

gometalint

Reports gometalinter results on pull requests

Go

testing and demo

sonarcheck

Reports SonarSource checks results on pull requests using bblfsh UAST

Java

testing and demo

flake8

Reports flake8 results on pull requests

Python

testing and demo

npm-audit

Reports issues with newly added dependencies using npm-audit

JavaScript

development

function-name analyzer

Applies a translation model from function identifiers to function names.

development

Create an Analyzer

If you are developing an Analyzer, or you want more info about how they work, please check the documentation about source{d} Lookout analyzers.

Contribute

Contributions are more than welcome, if you are interested please take a look at our Contributing Guidelines.

Community

source{d} has an amazing community of developers and contributors who are interested in Code As Data and/or Machine Learning on Code. Please join us! 👋

Code of Conduct

All activities under source{d} projects are governed by the source{d} code of conduct.

License

Affero GPL v3.0 or later, see LICENSE.