AI-powered code review for teams without a senior engineer
Project description
Oneport Review
AI-powered code review for teams without a senior engineer.
Oneport reviews your pull requests and code files like a senior engineer — catching logic errors, security vulnerabilities, performance issues, and bad patterns — and returns detailed comments in plain English.
Features
- Full PR review — not just inline autocomplete. Understands context across the entire diff.
- Security scanning — SQL injection, hardcoded secrets, insecure deserialization, SSRF, and more.
- Performance analysis — N+1 queries, unbounded loops, missing indexes, memory leaks.
- Logic errors — off-by-one, race conditions, missing null checks, incorrect error handling.
- Bad patterns — God objects, missing abstractions, copy-paste code, broken SOLID principles.
- Plain English output — every comment explains what the issue is, why it matters, and how to fix it.
- Zero config to start — works out of the box. Customize with
.oneportrcwhen you need to.
Installation
pip install oneport-review
Set your Anthropic API key:
export ANTHROPIC_API_KEY=sk-ant-...
Quick Start
Review a file
oneport review path/to/file.py
Review a GitHub pull request
oneport review https://github.com/org/repo/pull/42
Review staged changes
oneport review --staged
Review last commit
oneport review --head
VS Code Extension
Install from the marketplace:
ext install oneport.oneport-review
Or search "Oneport Review" in the VS Code Extensions panel.
Once installed:
- Open the Command Palette (
Cmd+Shift+P/Ctrl+Shift+P) - Run Oneport: Review Current File or Oneport: Review Pull Request
- Issues appear as red squiggles with hover explanations and quick-fix suggestions
CI Integration (GitHub Actions)
Add to .github/workflows/ci.yml:
- name: Oneport Code Review
uses: oneport/oneport-review@v1
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
anthropic-api-key: ${{ secrets.ANTHROPIC_API_KEY }}
Oneport will post review comments directly on the pull request.
See docs/ci-integration.md for GitLab CI, Bitbucket Pipelines, and Jenkins.
Configuration
Create a .oneportrc file in your project root:
model: claude-sonnet-4-20250514
max_tokens: 4096
rules:
ignore:
- OPR001 # disable a specific rule
severity:
OPR042: warning # downgrade a rule
ignore_paths:
- "migrations/**"
- "**/*.generated.py"
- "vendor/**"
output:
format: inline # inline | json | github | sarif
min_severity: warning # info | warning | error | critical
See docs/custom-rules.md for writing your own rules.
Output Formats
| Format | Use case |
|---|---|
inline |
Terminal — human-readable, coloured output |
json |
Scripting, custom tooling |
github |
GitHub Checks API / PR comment format |
sarif |
VS Code Problems panel, GitHub Code Scanning |
oneport review file.py --format json | jq '.issues[] | select(.severity == "critical")'
Programmatic API
from oneport import review
result = review("path/to/file.py")
for issue in result.issues:
print(f"[{issue.severity}] Line {issue.line}: {issue.message}")
print(f" Fix: {issue.suggestion}")
See docs/api-reference.md for the full API.
Privacy
- Your code is sent to Anthropic's API for analysis. Review Anthropic's privacy policy.
- API keys are stored in your OS keychain (VS Code) or environment variables (CLI). Never written to disk.
- Set
ONEPORT_TELEMETRY=offto disable all usage analytics.
Contributing
git clone https://github.com/oneport/oneport-review
cd oneport-review
pip install -e ".[dev]"
make test
See CONTRIBUTING.md for guidelines.
License
MIT © Oneport
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file oneport_review-1.0.0.tar.gz.
File metadata
- Download URL: oneport_review-1.0.0.tar.gz
- Upload date:
- Size: 27.7 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.13.0
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
51e78013f23adbe9323350f11fa6df32bbaa7e45c684f1bfa9618279b543cb63
|
|
| MD5 |
8b7e158f9d7201b0a52633d3b5df8c37
|
|
| BLAKE2b-256 |
e23990c2485f2bb1b18fe4f8b7fbb268b55d39d201203575d208770cfa9b10ef
|
File details
Details for the file oneport_review-1.0.0-py3-none-any.whl.
File metadata
- Download URL: oneport_review-1.0.0-py3-none-any.whl
- Upload date:
- Size: 33.3 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.13.0
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
47a4a281b16201d6e856d01fe888456887cc9e9e60842d36e5566b1467d64e49
|
|
| MD5 |
0f4046b8a811e5c70dc2dd9f947d6d74
|
|
| BLAKE2b-256 |
e44a42c925eadc3ee4086ecaa2d96476784c8a1834d2d2fabd7fe115cd1a13c9
|