A GitHub Action for AI-powered code reviews using Continue Agent.
CodeBunny is a GitHub Action that provides intelligent, context-aware code reviews on your pull requests using Continue's AI capabilities. It analyzes your codebase patterns, applies custom rules, and provides actionable feedback.
Own Your Review Data - Unlike SaaS code review services, CodeBunny runs entirely in your GitHub Actions environment. Your code never leaves your repository, and all review data stays under your control.
Powered by Continue - Built on Continue, the leading open-source AI code assistant. Use Continue's Hub service or bring your own key (BYOK) for complete control.
Battle-Tested - Inspired by existing code review tools and refined in the contributor.info repository. Now generalized for any JavaScript/TypeScript project.
✅ Automated AI Reviews - Reviews are triggered automatically on PR creation and updates
✅ Codebase Pattern Analysis - Understands your project's conventions and architecture
✅ Custom Rules - Define project-specific review guidelines
✅ Interactive Commands - Trigger focused reviews with @codebunny mentions
✅ Review History Tracking - Persistent review summaries in .contributor/reviews/
✅ Approval State Monitoring - Track how often PRs go in/out of approval
✅ Sticky Comments - Updates existing review comments within 1 hour to reduce PR noise
✅ Privacy-First - Runs in your GitHub Actions, your code never leaves your repo
✅ Bring Your Own Key - Use Continue's Hub or BYOK for full control
CodeBunny follows Semantic Versioning. We recommend pinning to a specific major version for stability:
# Recommended: Pin to major version (gets latest features and fixes)
- uses: bdougie/codebunny@v1
# Pin to specific version (maximum stability)
- uses: bdougie/codebunny@v1.0.0
# Always latest (not recommended for production)
- uses: bdougie/codebunny@mainVersion Types:
- Major (v1, v2) - May include breaking changes
- Minor (v1.1, v1.2) - New features, backward compatible
- Patch (v1.0.1, v1.0.2) - Bug fixes only
See CHANGELOG.md for release history.
- A GitHub repository with pull requests
- Node.js 20+ (automatically available in GitHub Actions)
- A Continue account (or BYOK setup)
- A Continue Assistant configured for code reviews
Create a GitHub App with these permissions:
- Contents: Read
- Issues: Write
- Pull Requests: Write
Need help? See the Detailed GitHub App Setup Guide
Add these to your repository settings (Settings → Secrets and variables → Actions):
CONTINUE_ORG- Your Continue Hub organization nameCONTINUE_CONFIG- Your Continue assistant path (format:username/assistant-name)
CONTINUE_API_KEY- Your Continue API key from hub.continue.dev (or your BYOK provider)
For better API rate limits and permissions, you can optionally set up a GitHub App:
Variables:
APP_ID- Your GitHub App ID (found in app settings)
Secrets:
APP_PRIVATE_KEY- The private key file content
Without GitHub App: The action will use the default GITHUB_TOKEN with standard permissions.
Create .github/workflows/code-review.yml in your repository:
name: Code Review
on:
pull_request:
types: [opened, synchronize, ready_for_review]
issue_comment:
types: [created]
permissions:
contents: read
pull-requests: write
issues: write
jobs:
review:
runs-on: ubuntu-latest
if: |
github.event_name == 'pull_request' ||
(github.event_name == 'issue_comment' && contains(github.event.comment.body, '@codebunny'))
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: CodeBunny Review
uses: bdougie/codebunny@v1
with:
continue-api-key: ${{ secrets.CONTINUE_API_KEY }}
continue-org: ${{ vars.CONTINUE_ORG }}
continue-config: ${{ vars.CONTINUE_CONFIG }}name: Code Review
on:
pull_request:
types: [opened, synchronize, ready_for_review]
issue_comment:
types: [created]
permissions:
contents: read
pull-requests: write
issues: write
jobs:
review:
runs-on: ubuntu-latest
if: |
github.event_name == 'pull_request' ||
(github.event_name == 'issue_comment' && contains(github.event.comment.body, '@codebunny'))
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
# Optional: Generate GitHub App token
- name: Generate App Token
id: app-token
if: vars.APP_ID != ''
uses: actions/create-github-app-token@v1
with:
app-id: ${{ vars.APP_ID }}
private-key: ${{ secrets.APP_PRIVATE_KEY }}
- name: CodeBunny Review
uses: bdougie/codebunny@v1
with:
github-token: ${{ steps.app-token.outputs.token || github.token }}
continue-api-key: ${{ secrets.CONTINUE_API_KEY }}
continue-org: ${{ vars.CONTINUE_ORG }}
continue-config: ${{ vars.CONTINUE_CONFIG }}- Create a test PR or push changes to an existing one
- Watch for the CodeBunny comment - It will appear automatically
- Try interactive commands - Comment
@codebunny review thison any PR
If you prefer to host the action in your own repository:
- Copy the
actions/codebunnyfolder to your repository - Update the workflow to use the local path:
- name: CodeBunny Review uses: ./actions/codebunny
Create review rules in .continue/rules/ to enforce project-specific standards:
---
globs: "**/*.{ts,tsx}"
description: "TypeScript Standards"
---
# TypeScript Best Practices
- Use strict type checking
- Avoid 'any' types
- Prefer interfaces for object shapes
- Use proper error handlingSecurity Rule (.continue/rules/security.md):
---
globs: "**/*.{ts,js,tsx,jsx}"
description: "Security Review"
alwaysApply: true
---
# Security Checklist
- No hardcoded credentials or API keys
- Validate and sanitize user inputs
- Use parameterized queries
- Check for XSS vulnerabilities
- Verify authentication/authorizationTesting Rule (.continue/rules/testing.md):
---
globs: "**/*.{test,spec}.{ts,tsx,js,jsx}"
description: "Testing Standards"
---
# Testing Guidelines
- Write tests for new features
- Test edge cases and error conditions
- Use descriptive test names
- Keep tests focused and isolatedComment on any PR to trigger focused reviews:
@codebunny check for security issues
@codebunny review the TypeScript types
@codebunny explain the architecture changes
@codebunny suggest performance improvements
CodeBunny implements "sticky comments" to keep your PR threads clean and organized:
- Within 1 hour: New reviews update the existing comment
- After 1 hour: Creates a fresh comment for the new review
- Benefits: Reduces notification noise and keeps PR threads readable
How it works:
- First review creates a new comment
- Subsequent reviews within 1 hour update the same comment
- After 1 hour, a new comment is created (useful for tracking review iterations)
Example timeline:
00:00- Initial review posted (Comment #1)00:30- Code updated, review updates Comment #100:45- Another update, still updates Comment #101:15- After 1 hour, creates Comment #2 (new review iteration)
This approach balances keeping threads clean while preserving the history of significant review iterations.
┌─────────────────┐
│ PR Created │
│ or Updated │
└────────┬────────┘
│
▼
┌─────────────────┐
│ Load Custom │
│ Rules │
└────────┬────────┘
│
▼
┌─────────────────┐
│ Analyze │
│ Codebase │
│ Patterns │
└────────┬────────┘
│
▼
┌─────────────────┐
│ Generate │
│ Enhanced │
│ Prompt │
└────────┬────────┘
│
▼
┌─────────────────┐
│ Continue CLI │
│ Review │
└────────┬────────┘
│
▼
┌─────────────────┐
│ Post/Update │
│ Comment │
└─────────────────┘
codebunny/
├── actions/
│ └── codebunny/ # Main action implementation
│ ├── action.yml # Action definition
│ ├── index.ts # Main entry point
│ ├── codebase-analyzer.ts
│ ├── enhanced-prompt-generator.ts
│ ├── review-metrics.ts
│ ├── review-history.ts # Historical review tracking
│ ├── github-app-auth.ts
│ ├── package.json
│ ├── tsconfig.json
│ └── README.md
├── .contributor/
│ └── reviews/ # Historical review summaries
│ └── pr-*.md # Per-PR review history
├── .github/
│ └── workflows/
│ └── codebunny.yml # Example workflow
└── README.md
DEBUG_MODE=true- Enable verbose loggingCONTINUE_API_KEY- Your Continue API keyGITHUB_TOKEN- GitHub App installation token
CodeBunny maintains a historical record of all reviews for continuous learning:
Review Summaries (.contributor/reviews/pr-{number}.md):
- Chronological log of all reviews for each PR
- Approval state transitions (MERGE ✅ → CHANGES 🔄 → MERGE ✅)
- @codebunny mention timestamps and responses
- Key metrics: processing time, issues found, patterns detected
- Expandable sections with full review details
Review Metrics (.continue/review-metrics.json):
- Processing time trends
- Issues found by priority
- Rules applied per review
- Patterns detected across reviews
How It Works:
- Each review is saved as a GitHub Actions artifact
- On subsequent reviews, previous artifacts are downloaded
- Review history is aggregated into markdown files
- Approval state changes are tracked and counted
- @codebunny mentions are logged with timestamps
View your review summaries in .contributor/reviews/ to see how your PRs evolved!
- The action installs the CLI automatically
- Check if
@continuedev/cliis accessible - Verify Node.js 20+ is available
- Verify your GitHub App ID and private key
- Ensure the App is installed on the repository
- Check App permissions match requirements
- Check Continue API key is valid
- Verify assistant configuration
- Look for errors in action logs
Contributions welcome! This project helps make code reviews more intelligent and context-aware.
git clone https://github.com/bdougie/codebunny.git
cd codebunny/actions/codebunny
npm install
npm run buildUse act to test workflows locally:
act pull_request -e .github/events/pull_request.jsonMIT License - See LICENSE file for details
Your Code Stays in Your Repo - CodeBunny runs as a GitHub Action in your own infrastructure. Unlike SaaS code review services, your code is never sent to third-party servers for analysis.
Own Your Review History - All review data is stored as GitHub comments and optional metrics in your repository. You control the data, not a vendor.
Bring Your Own Key Option - Use Continue's cloud service or bring your own API keys for complete control over your AI infrastructure.
MIT Licensed - Fork it, modify it, extend it. The code is yours.
No Vendor Lock-In - Switch between Continue's cloud and BYOK at any time. Your review configuration stays the same.
Community-Driven - Built on Continue, the open-source AI code assistant trusted by developers worldwide.
CodeBunny was inspired by existing code review automation tools and the need for more context-aware, privacy-respecting AI reviews. It was initially developed and tested in the contributor.info repository, where it helped maintain code quality across numerous contributions.
The action has been generalized to work with any JavaScript/TypeScript project, making it easy to add AI-powered code reviews to your workflow while maintaining control over your data.
- Built with Continue - The Continuous AI platform
- Tested and refined in contributor.info
- Inspired by code review tools like Danger, CodeRabbit, and GitHub Copilot
- Thanks to the open source community
Made with ❤️ by @bdougie