-
Notifications
You must be signed in to change notification settings - Fork 0
Review command
Muhammet Şafak edited this page May 27, 2026
·
1 revision
When invoked without a subcommand, commitbrief runs a code review
against the active scope.
commitbrief [scope-flag] [global-flags...]
| Flag | Short | Default | What it reviews |
|---|---|---|---|
--staged |
-s |
yes | Staged changes (git diff --cached). |
--unstaged |
-u |
no | Working-tree changes (git diff). |
If neither is set, --staged is the default. The two flags are
mutually exclusive — passing both is a cobra-level error.
For historic ranges (HEAD~3 HEAD, main...feature, <merge-sha>)
use the diff subcommand instead. The
v0.x --commit/--branch/--pull-request scope flags were
collapsed into diff in v0.9.0.
| Flag | Short | Repeatable | Notes |
|---|---|---|---|
--file <path> |
-f |
yes | Review only these files. Combines with the scope flag. |
--dir <path> |
-d |
yes | Review only files under these directories. |
commitbrief --staged -f src/main.go -f src/util.go
commitbrief --unstaged -d database/seeder -d app/ModelsPath filters apply after the diff is parsed and after the ignore layers; see Filtering for the full pipeline.
- Resolve context — load merged config, pick active provider, resolve language.
-
Load rules — read
COMMITBRIEF.md(or fall back to the embedded default) andOUTPUT.md(template). -
Fetch diff — staged/unstaged from the git layer (go-git or
gitCLI per ADR-0002). -
Filter — built-in ignore patterns →
.commitbriefignore→--file/--dirpath filters. -
Pre-send guards:
-
.commitbrief/guard (ADR-0007): if the diff touches files under.commitbrief/, prompt for confirmation in a TTY; abort in a non-TTY unless--yesis set. - Secret scanner: if
guard.secret_scanis true and the diff contains credential-shaped patterns, prompt or abort. Bypass with--allow-secrets.--yesdoes NOT bypass the scanner (since v0.9.1).
-
-
Build prompt — wraps rules content in
<project_rules>...</project_rules>XML, appends a language directive, appends the diff. -
Cache lookup — SHA-256 cache key over
diff + system_prompt + provider + model + lang + schema_version. Hit replays the cached response; miss continues. -
Cost preflight — estimates token cost; if it exceeds the
configured
cost.warn_threshold_usd, prompts (TTY) or aborts (non-TTY). Bypass with--no-cost-check.--yesdoes NOT bypass the preflight (since v0.9.1). - Provider call — sends the prompt; receives structured findings JSON (API providers) or pre-formatted plain text (CLI-tool-backed providers).
- Render — cards (default TTY), JSON, or markdown.
- Copy (optional) — pushes findings to clipboard via OSC 52 plus native tools.
-
Fail-on — if
--fail-on=<severity>is set, exits non-zero when any finding meets or exceeds that severity.
Every flag on Global flags applies. Most relevant:
-
Output:
--json,--markdown,--output <file>,--copy,--compact,--verbose/-v,--quiet/-q,--color. -
Provider override:
--provider <name>,--model <name>,--cli <claude|gemini>(shorthand for--provider <name>-cli; mutually exclusive with--providerAND with--json/--markdownsince CLI providers emit pre-formatted text). -
Cache:
--no-cacheto bypass. -
Guards:
--allow-secrets,--no-cost-check,--yes. -
CI gating:
--fail-on=<critical|high|medium|low|info|any|none>. -
Locale:
--lang en|tr.
| Code | Meaning |
|---|---|
| 0 | Review completed; no --fail-on threshold reached. |
| 1 | An error occurred (git failure, provider error, parse failure, guard abort, etc.) OR --fail-on threshold was reached. |
See Exit codes for the precise --fail-on semantics.
# Standard review of staged changes, default rendering.
commitbrief
# Working-tree review, plain markdown to a file.
commitbrief --unstaged --markdown --output review.md
# Pipe JSON into jq for tooling.
commitbrief --json | jq '.findings[] | select(.severity=="critical")'
# CI gate: exit non-zero on any high-or-worse finding.
commitbrief --staged --fail-on=high
# Restrict to a single subdirectory.
commitbrief --staged --dir cmd/server
# Override the configured provider for this one invocation.
commitbrief --provider gemini --model gemini-2.5-flash
# Use the locally-installed Claude Code CLI as the backend.
commitbrief --cli claude --staged