Loading...
Everything is configured from the Settings panel inside VS Code. Open it with Cmd+Shift+P → Git AutoReview: Open Settings
Most settings live in these tabs. A few advanced options are in VS Code's native settings (Cmd+,) under gitAutoreview.*
Settings tab: General / Review
Git AutoReview supports three AI providers. You can use one, two, or all three. Each provider needs its own API key.
Opus 4.6, Sonnet 4.6, Haiku 4.5 — best for detailed, nuanced feedback
2.5 Pro, 2.5 Flash — fast with broad context understanding
GPT-5, o3, o4-mini — general-purpose analysis
Uses your Claude Code subscription — no API key. Reads your full project for deeper reviews. Takes 5-25 min — keep coding while it runs.
Settings tab: Repositories
Tell Git AutoReview which repos to monitor. You can add GitHub, Bitbucket (Cloud, Server, Data Center), and GitLab (Cloud, Self-Managed).
Owner + repo name. Needs a Personal Access Token with repo scope.
Workspace + repo slug. Needs an App Password with read/write permissions.
Base URL + project key + repo. Uses username + HTTP access token.
Group/username + project name. Needs a PAT with api scope.
Same as Cloud, plus your instance URL. Supports custom CA certificates and skip SSL verification.
Settings tab: Review
Choose how deeply the AI analyzes your code. Each mode configures temperature, token limits, and prompt style per model.
Quick scan — lower token budget, focused on critical issues. Best for small PRs or rapid iteration.
Deep analysis — higher token budget, covers security, performance, style. Best for important PRs.
Your own settings. Set temperature, max tokens, and custom review instructions per model.
Settings tab: Review
Not every AI suggestion is worth reading. The confidence filter hides low-certainty issues so you only see what matters.
Only very confident issues. Fewer results, less noise.
Balanced — good default. Shows most real issues, filters guesses.
Everything the AI found. More results, more noise.
Settings tab: Review
Built-in security rules catch hardcoded secrets, SQL injection, XSS, and 20+ vulnerability patterns — before the AI even runs.
Pattern-based rules for secrets, API keys, common vulnerabilities.
Additional AI pass with expert security prompt — catches OWASP Top 10, auth flaws, SSRF, and more.
Settings tab: Integrations
Connect Jira so the AI can verify your PR meets acceptance criteria from the linked ticket.
AI reads the AC field from the Jira ticket and checks if the PR satisfies each criterion.
Fetches comments, subtasks, attachments, and linked issues to give the AI full context.
Settings tab: Team
On Team plans, admins manage members, share repos, and provide team-wide API keys so nobody configures anything manually.
Configure once, everyone sees them. No individual setup needed.
Team-wide AI keys (AES-256 encrypted). Members don't need their own keys.
Total reviews, hours saved, trend indicators, and a member leaderboard.
Settings tab: Analytics / History / Insights
Track your review activity, see what types of issues the AI catches, and measure improvement over time.
Settings tab: VS Code Settings
Skip files you don't want reviewed (generated code, vendor files) and customize the built-in rule engine.
Comment Format & Publishing
Settings tab: Review (advanced)
Control how AI review comments look when published to your Git platform.
How to set up
Default format
Includes [SEVERITY] prefix, category line, and 'Generated by Git AutoReview' footer.
Custom template
Use placeholders: {severity}, {title}, {category}, {description}, {suggestion}, {model}.