🚀 Patch Pilot - AI Code Analysis Platform

Quick Start · Features · Docs · Demo

🆕 Analyze ENTIRE REPOSITORIES or Pull Requests!
Detect security vulnerabilities, performance bottlenecks, architecture issues, and code quality problems.
Get AI-powered insights with our advanced ML-inspired pattern detection engine.

🔮 Why Patch Pilot v2.0?

🎯 Repository & PR Analysis

Analyze entire repositories or pull requests. Just paste any GitHub URL and get instant insights!

🧠 Advanced AI Engine

Super-powered analysis with AI insights, architecture patterns, and cognitive complexity detection.

📊 AI Insights Dashboard

Beautiful real-time dashboard with code health metrics, trends, and AI recommendations.

⚡ Lightning Fast

Optimized for speed with parallel analysis, smart caching, and incremental scanning.

✨ New Features in v2.0

🎉 MAJOR UPDATE: Full Repository Analysis

🆕 Analyze entire GitHub repositories - not just PRs!
🆕 Smart URL detection - automatically detects repository vs PR URLs
🆕 Recent analysis history - quickly re-analyze previous repos

🧠 AI-Powered Insights Dashboard

📊 Code Health Metrics - Real-time visualization of code quality
📈 Trend Analysis - Track quality improvements over time
🎯 Smart Recommendations - AI-prioritized action items
🔥 Language Distribution - See your tech stack at a glance

🚀 Enhanced Analysis Engine

🔒 Security Analysis (30+ patterns)

✅ Hardcoded secrets & API keys detection
✅ SQL injection vulnerabilities
✅ XSS (Cross-Site Scripting) risks
✅ Command injection detection
✅ Path traversal vulnerabilities
✅ XXE (XML External Entity) attacks
✅ Weak cryptography usage
✅ Insecure random number generation
✅ SSRF vulnerabilities
✅ Open redirect detection

⚡ Performance Analysis

🎯 N+1 query detection
🎯 Memory leak identification
🎯 Inefficient loop patterns
🎯 Synchronous I/O in async contexts
🎯 Unbounded cache growth
🎯 Blocking operations detection

🏗️ Architecture Analysis (NEW!)

🏛️ Tight coupling detection
🏛️ Missing dependency injection patterns
🏛️ Circular dependency risks
🏛️ God class anti-patterns
🏛️ Long method detection
🏛️ Deep nesting analysis

🤖 AI Insights (NEW!)

🧠 Memory optimization opportunities
🧠 Missing data validation
🧠 Async/await pattern suggestions
🧠 Resource cleanup detection
🧠 Context-aware code improvements
🧠 Cognitive complexity analysis

📊 Code Quality Metrics

📈 Cyclomatic complexity calculation
📈 Cognitive complexity scoring
📈 Code duplication detection
📈 Magic number identification
📈 TODO/FIXME tracking
📈 Best practices compliance
� Automatic PR polling
📉 Code quality trends
🎯 Issue tracking and resolution
📱 Webhook integration

🔒 Enterprise Security

� JWT-based authentication
🔑 HMAC webhook verification
🛡️ Role-based access control (RBAC)
🔒 Secure credential storage
📜 Audit logging

🏗️ Architecture

graph TB
    A[👤 User Browser] -->|HTTP/3000| B[⚡ Nginx Proxy]
    B -->|Proxy /api/*| C[🚀 Spring Boot Backend]
    C -->|JDBC| D[(🐘 PostgreSQL)]
    C -->|REST API| E[🐙 GitHub API]
    C -->|Clone & Analyze| F[💾 Workspace]
    B -->|Static Files| G[⚛️ React Frontend]
    
    style A fill:#61DAFB,stroke:#333,stroke-width:2px
    style B fill:#009639,stroke:#333,stroke-width:2px
    style C fill:#6DB33F,stroke:#333,stroke-width:2px
    style D fill:#316192,stroke:#333,stroke-width:2px
    style E fill:#181717,stroke:#333,stroke-width:2px
    style F fill:#FFD700,stroke:#333,stroke-width:2px
    style G fill:#61DAFB,stroke:#333,stroke-width:2px

🛠️ Tech Stack

🎨 Frontend

Technology	Purpose
	UI Framework
	Type Safety
	Build Tool
	Styling

⚙️ Backend

Technology	Purpose
	Framework
	Language
	Database
	Deployment

📦 Database Support

Database	Status	Use Case
PostgreSQL	✅ Recommended	Production & Large teams
MySQL	✅ Supported	Alternative production DB
SQLite	✅ Supported	Small teams & testing
H2	✅ Supported	Development & testing

🚀 Quick Start

🐳 One-Command Setup (Docker - Recommended)

docker-compose up --build

That's it! 🎉 Open http://localhost:3000 in your browser.

🎨 Usage Examples

🆕 Analyze a Full Repository

Go to the Analysis page

Enter a repository URL:

https://github.com/AM4517UMOR4NG/Patch_Pilot

Click Start Deep Analysis
Watch real-time analysis progress
View results in the AI Insights Dashboard!

🔄 Analyze a Pull Request

Go to the Analysis page
Enter a PR URL:
```
https://github.com/owner/repo/pull/123
```
Click Start Deep Analysis
Get instant feedback on PR quality

📊 View AI Insights Dashboard

Complete any analysis
Click AI Insights in the navigation
Explore:
- 📈 Code Health Metrics
- 🧠 AI Recommendations
- 📉 Quality Trends
- 🎯 Architecture Issues

📋 Prerequisites

For Docker Setup ✅ Easiest

Docker Desktop 20.10+
4GB RAM minimum
10GB free disk space

For Manual Setup 🛠️ Advanced

Java 17+ (OpenJDK recommended)
Node.js 18+ & npm 9+
PostgreSQL 15+ (or MySQL/SQLite)
Git

🐳 Docker Installation (Recommended)

# 1️⃣ Clone the repository
git clone https://github.com/AM4517UMOR4NG/Patch-Pilot.git
cd Patch-Pilot

# 2️⃣ Create .env file (optional)
cat > .env << EOF
GITHUB_TOKEN=your_github_token_here
OPENAI_API_KEY=your_openai_key_here
EOF

# 3️⃣ Start all services
docker-compose up --build -d

# 4️⃣ Check status
docker-compose ps

# 5️⃣ View logs
docker-compose logs -f

📊 Docker Services Overview

SERVICE      PORT     STATUS
────────────────────────────────────
frontend     3000     ✅ Running
backend      8080     ✅ Running
database     5432     ✅ Running

🔧 Docker Management Commands

# Stop services
docker-compose down

# Restart services
docker-compose restart

# View logs
docker-compose logs backend
docker-compose logs frontend

# Clean up (removes volumes)
docker-compose down -v

# Rebuild specific service
docker-compose up --build backend

💻 Manual Installation (Alternative)

Click to expand manual installation steps

1️⃣ Clone Repository

git clone https://github.com/AM4517UMOR4NG/Patch-Pilot.git
cd Patch-Pilot

2️⃣ Setup Database

PostgreSQL Setup (Recommended)

CREATE DATABASE aicodereview;
CREATE USER postgres WITH PASSWORD 'postgres';
GRANT ALL PRIVILEGES ON DATABASE aicodereview TO postgres;

# Update backend/src/main/resources/application.yml
spring:
  datasource:
    url: jdbc:postgresql://localhost:5432/aicodereview
    username: postgres
    password: postgres

MySQL Setup

CREATE DATABASE aicodereview;
CREATE USER 'aiuser'@'localhost' IDENTIFIED BY 'aipassword';
GRANT ALL PRIVILEGES ON aicodereview.* TO 'aiuser'@'localhost';

3️⃣ Start Backend

cd backend
mvn clean install
mvn spring-boot:run "-Dspring-boot.run.profiles=local"

4️⃣ Start Frontend

cd frontend
npm install
npm run dev

5️⃣ Access Application

Service	URL
🌐 Frontend	http://localhost:3000
🔧 Backend API	http://localhost:8080
📚 API Docs	http://localhost:8080/swagger-ui.html

✅ Verification

Test if everything is working:

# Test backend health
curl http://localhost:8080/actuator/health

# Expected: {"status":"UP"}

# Test frontend
curl http://localhost:3000

# Expected: HTML content

🎯 First Steps

Open Frontend: Navigate to http://localhost:3000

Paste PR URL: Enter a GitHub PR URL like:

https://github.com/facebook/react/pull/27000

Click Analyze: Wait ~30 seconds for analysis
View Results: See files, findings, and recommendations!

Need help? Check out 📚 Full Documentation or ❓ Troubleshooting

🔧 Configuration

Database Setup

PostgreSQL Setup

Create database and user:

CREATE DATABASE patchpilot;
CREATE USER patchpilot WITH PASSWORD 'your-password';
GRANT ALL PRIVILEGES ON DATABASE patchpilot TO patchpilot;

Run the initialization script:

psql -U postgres -d patchpilot -f postgres-setup.sql

MySQL Setup

Create database and user:

CREATE DATABASE patchpilot;
CREATE USER 'patchpilot'@'localhost' IDENTIFIED BY 'your-password';
GRANT ALL PRIVILEGES ON patchpilot.* TO 'patchpilot'@'localhost';
FLUSH PRIVILEGES;

Run the initialization script:

mysql -u root -p patchpilot < mysql-setup.sql

SQLite Setup

The SQLite database will be automatically created at ./data/patchpilot.db when using the SQLite profile.

H2 Setup

For H2, you can use the H2 Console at http://localhost:8080/h2-console with:

JDBC URL: jdbc:h2:mem:testdb (in-memory) or jdbc:h2:file:./data/patchpilot (file)
Username: sa
Password: (empty)

Environment Variables

Backend

# Database (PostgreSQL)
DATABASE_URL=jdbc:postgresql://localhost:5432/patchpilot
DATABASE_USER=postgres
DATABASE_PASSWORD=your-password

# Database (MySQL)
DATABASE_URL=jdbc:mysql://localhost:3306/patchpilot
DATABASE_USER=patchpilot
DATABASE_PASSWORD=your-password

# Security
JWT_SECRET=your-jwt-secret-key
JWT_EXPIRATION_SECONDS=86400
GITHUB_WEBHOOK_SECRET=your-webhook-secret

# CORS
APP_CORS_ALLOWED_ORIGINS=http://localhost:5173

Frontend

VITE_API_BASE_URL=http://localhost:8080/api

📚 Documentation

📖 Document	Description
API Documentation	Complete REST API reference with examples
System Architecture	Detailed system flow (Bahasa Indonesia)
API Quick Reference	Quick API endpoint cheat sheet
Setup Guide	Advanced configuration guide

🎮 Demo

🎬 See It In Action

🔍 Code Analysis

Real-time analysis of pull requests with severity indicators

📊 Dashboard View

Beautiful dashboard showing findings and metrics

🐛 Finding Details

Detailed view of security issues and bugs

✨ AI Suggestions

AI-powered fix suggestions with explanations

🎯 Usage Guide

Step 1️⃣: Analyze a Pull Request

# Open frontend
http://localhost:3000

# Paste GitHub PR URL
https://github.com/facebook/react/pull/27000

# Click "Analyze PR" button

Step 2️⃣: View Results

The system will show:

✅ Files Changed: All modified files in the PR
🐛 Findings: Detected issues with severity levels
💡 Recommendations: AI-generated fix suggestions
📊 Metrics: Code quality statistics

Step 3️⃣: Review Findings

Each finding includes:

Severity: HIGH, MEDIUM, or LOW
Category: SECURITY, BUG, CODE_SMELL, etc.
Location: File path and line numbers
Description: What's wrong
Suggestion: How to fix it

Step 4️⃣: Apply Fixes (Optional)

# Download suggested patch
# Apply manually or use git apply

# Or copy the suggested code directly

🔌 API Examples

Analyze Pull Request

curl -X POST http://localhost:8080/api/github/sync/facebook/react/pr/27000

Get Analysis Results

# Get repositories
curl http://localhost:8080/api/repos

# Get pull requests
curl http://localhost:8080/api/pullrequests/repo/1

# Get analysis runs
curl http://localhost:8080/api/runs/pull-request/1

📝 See More API Examples

# Health check
curl http://localhost:8080/actuator/health

# Sync entire repository
curl -X POST http://localhost:8080/api/github/sync/facebook/react

# Get specific run
curl http://localhost:8080/api/runs/1

# Start polling
curl -X POST http://localhost:8080/api/github/polling/start

# Get polling status
curl http://localhost:8080/api/github/polling/status

Full API documentation: http://localhost:8080/swagger-ui.html

❓ Troubleshooting

🔴 Backend Health is DOWN

# Check backend logs
docker-compose logs backend --tail 50

# Check database connection
docker exec patch_pilot-db-1 psql -U postgres -d aicodereview -c "SELECT 1;"

# Restart backend
docker-compose restart backend

⚠️

404 Error on API Calls

# Verify nginx proxy config
docker exec patch_pilot-frontend-1 cat /etc/nginx/nginx.conf

# Test backend directly
curl http://localhost:8080/api/actuator/health

# Test via nginx
curl http://localhost:3000/api/actuator/health

🐙 GitHub API 404 - Repository Not Found

The repository might be:

Private: Set GITHUB_TOKEN environment variable
Wrong name: Verify exact owner/repo spelling (case-sensitive!)
Deleted: Repository no longer exists

# Test if repo exists
curl https://api.github.com/repos/owner/repo

# For private repos, set token
echo "GITHUB_TOKEN=your_token_here" >> .env
docker-compose up --build

⏳ Analysis Stuck in PENDING

# Check runner service logs
docker-compose logs backend | grep -i "runner\|analysis"

# Check workspace directory
docker exec patch_pilot-backend-1 ls -la /tmp/patch-pilot-workspace

# Restart backend
docker-compose restart backend

🔑 Rate Limit Exceeded

GitHub API has rate limits:

Without token: 60 requests/hour
With token: 5000 requests/hour

Solution: Add GitHub token to .env:

GITHUB_TOKEN=ghp_your_token_here

Check your rate limit:

curl https://api.github.com/rate_limit

🌐 Environment Variables

📝 Complete Environment Configuration

Backend Variables

# Database Configuration
DATABASE_URL=jdbc:postgresql://db:5432/aicodereview
DATABASE_USER=postgres
DATABASE_PASSWORD=postgres

# GitHub Integration (Required for private repos)
GITHUB_TOKEN=ghp_your_github_personal_access_token

# AI Analysis (Optional)
OPENAI_API_KEY=sk-your_openai_api_key

# Spring Profile
SPRING_PROFILES_ACTIVE=local

# CORS Configuration
APP_CORS_ALLOWED_ORIGINS=http://localhost:3000

# Workspace Directory
WORKSPACE_DIR=/tmp/patch-pilot-workspace

# Polling Configuration
POLLING_ENABLED=false
POLLING_INTERVAL_MINUTES=30

# Analysis Configuration
ANALYSIS_MAX_FILES=50
ANALYSIS_FILE_EXTENSIONS=.java,.js,.ts,.jsx,.tsx,.py,.go

Frontend Variables

# API Base URL
VITE_API_BASE_URL=/api

🛡️ Security

Best Practices

Webhook Verification
- All GitHub webhooks are verified using HMAC SHA-256
- Signature validation prevents unauthorized webhook calls
Authentication & Authorization
- JWT-based authentication with configurable expiration
- Role-based access control (RBAC)
- Secure password hashing with BCrypt
Environment Security
- Never commit secrets to version control
- Use environment variables for sensitive configuration
- Rotate secrets regularly
Code Execution (⚠️ Important)
- Code analysis must run in isolated containers
- Apply resource limits and network isolation
- Never execute untrusted code on the host system

📁 Project Structure

Patch-Pilot/
├── backend/                  # Spring Boot backend
│   ├── src/
│   │   ├── main/
│   │   │   ├── java/       # Java source code
│   │   │   └── resources/  # Configuration files
│   │   └── test/           # Test files
│   ├── target/             # Compiled JAR
│   └── pom.xml             # Maven configuration
├── frontend/               # React frontend
│   ├── src/
│   │   ├── components/     # Reusable components
│   │   ├── pages/         # Page components
│   │   ├── hooks/         # Custom React hooks
│   │   ├── api/           # API client
│   │   └── utils/         # Utility functions
│   ├── dist/              # Production build
│   └── package.json       # Node dependencies
├── docs/                  # Documentation
│   └── examples/         # Sample payloads
├── docker-compose.yml    # Docker configuration
├── docker-compose-postgres.yml  # PostgreSQL Docker config
├── docker-compose-mysql.yml     # MySQL Docker config
├── postgres-setup.sql    # PostgreSQL setup script
├── mysql-setup.sql       # MySQL setup script
├── direct-analyzer.html  # Standalone analyzer
└── README.md            # This file

🧪 Testing

Unit Tests

# Backend
cd backend
mvn test

# Frontend
cd frontend
npm test

Integration Tests

# Backend integration tests
mvn verify

# Frontend E2E tests
npx playwright test

Test Coverage

# Generate coverage report
mvn jacoco:report
npm run coverage

🚢 Deployment

Production Checklist

🤝 Contributing

We love your input! We want to make contributing as easy and transparent as possible.

🚀 How to Contribute

1. Fork & Clone

git clone https://github.com/YOUR_USERNAME/Patch-Pilot.git
cd Patch-Pilot

2. Create Branch

git checkout -b feature/amazing-feature

3. Make Changes

# Write your code
# Add tests
# Update docs

4. Commit & Push

git commit -m '✨ Add amazing feature'
git push origin feature/amazing-feature

5. Open a Pull Request 🎉

📋 Development Guidelines

✅ Follow existing code style
✅ Write tests for new features
✅ Update documentation
✅ Ensure all tests pass
✅ Keep PRs focused and small
✅ Use meaningful commit messages

🐛 Found a Bug?

Open an issue with:

Clear bug description
Steps to reproduce
Expected vs actual behavior
Screenshots (if applicable)

� Community & Support

_{Report Bugs}

_{Ask Questions}

_{Direct Contact}

Developer: @AM4517UMOR4NG
Email: aekmohop@gmail.com

📊 Project Stats

📄 License

This project is licensed under the Apache License 2.0

See LICENSE file for details.

🙏 Acknowledgments

Special thanks to:

🍃 Spring Boot Community - For the amazing framework
⚛️ React Team - For the powerful UI library
🐙 GitHub - For the comprehensive API
🤖 OpenAI - For AI capabilities
👥 All Contributors - For making this project better

⭐ Star History

If you find this project useful, please consider giving it a ⭐ star!

🆕 Changelog

v1.0.0 (Latest)

✨ New Features

🎯 GitHub PR Analysis: Paste any PR URL for instant analysis
🤖 AI-Powered Recommendations: Intelligent fix suggestions
🔍 Security Scanning: Detect vulnerabilities automatically
📊 Real-time Dashboard: Beautiful UI with live updates
🐳 Docker Support: One-command deployment
📚 Comprehensive API: RESTful API with OpenAPI docs

🐛 Bug Fixes

Fixed case sensitivity in repository names
Improved nginx proxy configuration
Enhanced error handling in GitHub API calls
Better database connection management

📖 Documentation

Added complete API documentation
Created system architecture guide (ID)
Improved troubleshooting section
Added quick reference guide

🚀 Ready to Get Started?

Made with by @AM4517UMOR4NG

Patch Pilot - Your AI-Powered Code Review Companion

Name		Name	Last commit message	Last commit date
Latest commit History 86 Commits
.github/workflows		.github/workflows
backend		backend
docs/examples		docs/examples
frontend		frontend
.gitignore		.gitignore
API_DOCUMENTATION.md		API_DOCUMENTATION.md
API_QUICK_REFERENCE.md		API_QUICK_REFERENCE.md
ARCHITECTURE.md		ARCHITECTURE.md
CARA_KERJA_SISTEM.md		CARA_KERJA_SISTEM.md
COMMANDS_CHEATSHEET.md		COMMANDS_CHEATSHEET.md
DEPLOYMENT_GUIDE.md		DEPLOYMENT_GUIDE.md
LICENSE		LICENSE
QUICKSTART.md		QUICKSTART.md
QUICK_START.md		QUICK_START.md
README.md		README.md
docker-compose-postgres.yml		docker-compose-postgres.yml
docker-compose.yml		docker-compose.yml
pom.xml		pom.xml
postgres-migration-guide.md		postgres-migration-guide.md

Folders and files

Latest commit

History

Repository files navigation