Changelog

What's new in DevLens

All the latest updates, improvements, and fixes shipped to DevLens.

v1.2.0February 2026Latest

BYOM, Security Hardening, Rate Limiting & Production Readiness

•Bring Your Own Model (BYOM): organizations can choose their LLM — GPT-4o, Claude, DeepSeek, Llama 3, or 100+ providers via LiteLLM
•Per-org LLM configuration from the Settings page with preset selection and custom model support
•Unified authentication: all API routes protected by session cookie or API key auth
•Redis-backed rate limiting on all abuse-prone endpoints (auth, webhooks, contact forms)
•Pydantic schema validation on all API inputs including webhook payloads
•CSRF protection on all OAuth/OIDC flows with Redis-backed state tokens
•Multi-stage Docker builds with non-root containers for all services
•Health checks on backend, worker, and frontend services in production
•HSTS headers enforced in production (max-age=63072000; includeSubDomains; preload)
•React Error Boundary for graceful frontend crash recovery
•Global API request timeouts (30s) and automatic 401 session expiry handling
•Safe production environment configuration — no localhost fallbacks in prod builds
•pip-audit and npm audit integrated into CI pipeline
•Dependabot configured for pip, npm, Docker, and GitHub Actions ecosystems
•Dependency version pinning with upper bounds to prevent breaking upgrades

v1.1.0February 2026

14 New Features: AI Auto-Fix, PR Summaries, Check Runs, Complexity Tracking & More

•AI Fix Suggestions: every comment with a fix can be applied as a commit directly on the PR branch with one click
•AI PR Summary: auto-generated human-readable summaries with key changes, breaking change detection, and impact areas
•GitHub Check Runs: DevLens now creates pass/fail status checks — integrate with branch protection rules
•Inline Diff View: annotated diff viewer on the PR detail page with findings overlaid on exact lines
•Feedback Learning Loop: per-agent accuracy tracking, false positive detection, and feedback analytics dashboard
•Code Complexity Tracking: cyclomatic complexity delta per file — catch complexity creep before it spirals
•Duplicate / Copy-Paste Detection: flags duplicate code blocks within PRs with exact locations and previews
•PR Description Validation: automatic scoring for completeness — context, ticket refs, testing notes, template compliance
•Smart Reviewer Assignment: suggests reviewers based on who recently committed to changed files and directories
•Comment Resolution Sync: pull resolution status from GitHub comments back into DevLens with one click
•Batch Review Mode: review up to 20 PRs at once via a single API call — perfect for release branches
•Custom Review Rules: define regex patterns or natural language AI prompts to enforce team standards
•Code Coverage Integration: upload coverage from CI, track history, see before/after diffs on PRs
•Review Time Tracking: avg/median duration, first-response time, and slowest PR identification
•Comparison Reports: schedule weekly or monthly digest emails comparing code quality across repositories
•New Settings tabs: Custom Rules and Reports management
•Enhanced Analytics page with feedback accuracy and review time metrics

v1.0.0February 2026

Enterprise-Ready: 6-Agent Pipeline, Findings Lifecycle, SSO & Benchmarks

•New agents: Secret Scanner (16+ patterns), Dependency Vulnerability Checker (OSV.dev), and IaC Reviewer (Terraform/K8s/Docker)
•All 6 agents now run concurrently on every PR for comprehensive coverage
•Apply Patch: every finding includes a copy-ready code fix and git-format patch
•Findings lifecycle: Open → Acknowledged → Fixed → Ignored → False Positive with full tracking
•Custom rule engine: enable/disable rule packs, severity overrides, per-repo policies
•Quality Index with 0-100 code health score, repo drift detection, and category benchmarks
•Industry benchmarks: percentile rankings and weekly trend analysis across repos
•My Reviews personal dashboard — your PR risks, recurring patterns, fix suggestions
•Jira integration: create tickets from critical findings with one click
•SSO: GitHub OAuth, Google OAuth, SAML/Okta stub for enterprise onboarding
•Audit logs: every action tracked for SOC 2 compliance — rule changes, key creation, finding resolutions
•Data retention controls configurable per organization
•Enhanced PR summary comments with risk-based merge recommendations and top issues
•Updated settings page with Rules & Policies and Audit Log tabs

v0.9.0February 2026

14-Language Support & Infrastructure Upgrade

•Added full AST-aware analysis for Java, Kotlin, C#, Ruby, PHP, Rust, Swift, Scala, C/C++, and Dart
•Replaced OpenAI with LiteLLM for provider-agnostic LLM support (Ollama, vLLM, HuggingFace, etc.)
•Replaced Stripe with Lago for flexible billing & usage metering
•Added Prometheus metrics endpoint and Grafana dashboards
•Added Mattermost and Discord notification channels
•Direct SMTP email support (works with any SMTP provider)

v0.8.0January 2026

Multi-Tenancy & Team Features

•Organization and team management with role-based access (Owner, Admin, Member, Viewer)
•API key authentication with scoped permissions
•Rate limiting per plan tier
•Analytics dashboard with review metrics and trends
•Settings page for managing repos, API keys, and team members
•Audit logging for all organization events

v0.7.0December 2025

CLI Tool & CI/CD Pipeline

•Python CLI for local code reviews (staged changes or last commit)
•GitHub Actions workflow for automated PR reviews
•Security scanning with hardcoded secret detection
•SQL injection pattern detection across Python, Go, and JavaScript
•Unsafe deserialization detection

v0.6.0November 2025

Core Review Engine

•Autonomous PR review inside GitHub CI with inline comments
•Test generation agent with framework-aware skeletons
•Security scanning agent with OWASP-aligned rules
•AST-aware parser for Python, Go, and JavaScript
•GitHub webhook integration for automatic PR reviews
•Celery-based async task processing