Skip to content
View bugviper's full-sized avatar
0 followers · 1 following

Achievements

Achievement: Pull Shark

Achievements

Achievement: Pull Shark

Block or report bugviper

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
BugViper/README.md

🐍 BugViper

An AI-powered code review assistant that understands your entire codebase β€” not just the diff.

Dashboard GitHub Status

What is BugViper?

BugViper is a GitHub App that automatically reviews your pull requests using a knowledge graph of your entire codebase. Instead of analyzing a diff in isolation, it understands the relationships between your functions, classes, and modules β€” so it catches bugs that context-blind tools miss.

See It Live

Dashboard β†’ frontend-service-760266971868.us-central1.run.app

Source β†’ github.com/Pavel401/BugViper

How It Works

PR opened β†’ BugViper reads the diff
          β†’ queries your codebase graph in Neo4j
          β†’ finds callers, dependencies, blast radius
          β†’ posts inline comments with fixes
  1. Install the GitHub App on your repository
  2. Ingest your codebase β€” BugViper parses and maps it into a knowledge graph
  3. Open a PR β€” BugViper automatically reviews it and posts inline feedback
  4. Iterate β€” the graph stays current as you push new commits

What BugViper Catches

πŸ› Bugs

  • Bare exception handling that swallows unexpected errors
  • Incorrect error propagation
  • Logic errors visible only when tracing call chains

πŸ”’ Security

  • Sensitive data (API keys, error traces) leaking into responses
  • Auth bypass patterns
  • Injection-prone code paths

πŸ“‰ Code Quality

  • High cyclomatic complexity functions
  • Functions with too many callers β€” risky to change
  • Missing error handling at system boundaries

Screenshots

PR Review β€” Summary

PR Review Summary

A top-level comment with a walkthrough of every changed file, model used, and actionable comment count.

PR Review β€” Inline Bug Comment

Inline Bug Comment

Each issue is pinned to the exact diff line with severity, confidence score, and a one-click suggested fix you can commit directly from GitHub.

PR Review β€” Inline Security Comment

Inline Security Comment

Security issues flagged with category and a concrete remediation suggestion.

Dashboard

Dashboard

Manage all your indexed repositories and their graph stats from one place.

Code Search

Code Search

Full-text and semantic search across your entire codebase β€” find any function, class, or code pattern instantly.

Ask Agent

Ask Agent

Chat with an AI that reasons directly over your graph. Ask anything about your codebase and get cited, code-backed answers.

Why Graph-Based Review?

Traditional Code Review Tools BugViper
Analyze the diff in isolation Understands the full call graph
Generic lint rules Context-aware, codebase-specific findings
No impact analysis Shows blast radius of every change
One-time scans Stays current with every push
File-level context Cross-file dependency awareness

Self-Hosting

Want to run BugViper on your own infrastructure?

git clone https://github.com/Pavel401/BugViper.git
cd BugViper
uv sync
cp .env.example .env   # add your Neo4j, OpenRouter, and GitHub App credentials
./start.sh             # starts API + Frontend + Ngrok

Full setup instructions in the repository.

BugViper: Because code review should understand your entire project, not just the diff.

Popular repositories Loading

  1. BugViper BugViper Public