No project description provided
Project description
PatchWork
An open-source framework for patching and managing code repositories using large language models. PatchWork allows you to automate workflows like PR reviews, bug fixing, security patching, and more using a self-hosted CLI agent and your preferred LLMs.
Key Components
- Steps: A set of reusable atomic actions that define various operations.
- Patchflows: LLM-assisted automations such as PR reviews, code fixing, debugging.
Patchflows can be run locally in your CLI and IDE, or as part of your CI/CD pipeline.
Installation
Using Poetry
PatchWork is built using Poetry, a dependency management and packaging tool for Python. To install PatchWork using Poetry, follow these steps:
-
Make sure you have Poetry installed. If you don't have it installed, you can install it by running:
curl -sSL https://install.python-poetry.org | python3 -
-
Clone the PatchWork repository:
git clone https://github.com/patched-codes/patchwork.git
-
Navigate to the project directory:
cd patchwork_cli
-
Activate a shell using virtual environment:
poetry shell
-
Install the dependencies using Poetry:
poetry install
PatchWork CLI
The CLI runs Patchflows, as follows:
patchwork-cli <Patchflow> <?Arguments>
Where
- Arguments: Allow for overriding default/optional attributes of the Patchflow in the format of
key=value
. Ifkey
does not have any value, it is considered a booleanTrue
flag.
Example
For an AutoFix patchflow which patches vulnerabilities based on a scan using Semgrep:
patchwork-cli AutoFix openai_api_key=<YOUR_OPENAI_API_KEY> github_api_key=<YOUR_GITHUB_TOKEN>
The above command will default to patching code in the current directory, by running Semgrep to identify the vulnerabilities.
You can take a look at the default.yml
file for the list of configurations you can set to manage the AutoFix patchflow.
PatchWork in CI
You can also run PatchWork in a CI environment with ease:
Jenkins CI
pipeline {
agent any
stages {
stage('Auto Fix Vulnerabilities') {
steps {
sh 'pip3 install patchwork'
sh 'patchwork-cli AutoFix'
}
}
}
}
GitHub Actions
- Workflow
name: Auto Fix Vulnerabilities
on:
# Patch files in PRs (diff-aware scanning):
pull_request: {}
# Patch on-demand through GitHub Actions interface:
workflow_dispatch: {}
jobs:
patchwork:
# User definable name of this GitHub Actions job.
name: semgrep/ci
runs-on: ubuntu-latest
container:
# A Docker image with patchwork installed. Do not change this.
image: patched-codes/patchwork
steps:
# Fetch project source with GitHub Actions Checkout.
- uses: actions/checkout@v3
# Run the "patchwork" command on the command line of the docker image.
- run: patchwork-cli AutoFix
- Action (Available on Github Marketplace)
- name: Auto Fix Vulnerabilities
uses: patchwork/AutoFix@main
Gitlab CI
patchwork:
# A Docker image with PatchWork installed.
image: patched-codes/patchwork
# Run "patchwork" command on the command line of the docker image.
script: patchwork-cli AutoFix
rules:
# Patch changed files in MRs, (diff-aware patching):
- if: $CI_MERGE_REQUEST_IID
# Patch mainline (default) branches and fix all findings.
- if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
Patchflows
Patchwork comes with a set of predefined patchflows, and more will be added over time. Below is a sample list of patchflows:
- AutoFix: Generate and apply fixes to code vulnerabilities in a repository.
- DependencyUpgrade: Update your dependencies from vulnerable to fixed versions.
- PRReview: On PR creation, extract code diff, summarize changes, and comment on PR.
- GenerateREADME: Create a README.md file for a given folder, to add documentation to your repository.
Prompt Templates
Prompt templates are used by patchflows and passed as queries to LLMs. Templates contain prompts with placeholder variables enclosed by {{}} which are replaced by the data from the steps or inputs on every run.
Below is a sample prompt template:
{
"id": "ReviewPR",
"prompts": [
{"role": "system", "content": "You are a helpful assistant."},
{"role": "user", "content": "Create a well-structured message for the pull request body based on a review of the code diff. CODE DIFF - {{prDiff}}"}
]
}
Each patchflow comes with an optimized default prompt template. But you can specify your own using the prompt_template_file=/path/to/prompt/template/file
option.
Contributing
To create a new patchflow, follow these instructions.
To create a new step, follow these instructions.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for patchwork_cli-0.0.1-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 93406f89e19e3dc9abc764ab145f06f26f695402bfc1c39e40fdde6cb04c8e30 |
|
MD5 | 0fb6ea912365d44d8ad4246794c6a8c7 |
|
BLAKE2b-256 | d5144626cba122d921d0ca916483e854c2cb99e7bb2b3578b5ab2baa7f2013f2 |