Roadmap
Where DevLens is headed
Our roadmap is shaped by user feedback. Have a feature request? Let us know.
Shipped
6-Agent Review Pipeline
Code reviewer, test generator, SAST security, secret scanner, dependency vulnerability checker, and IaC reviewer — all running concurrently on every PR.
14-Language AST Support
Full AST-aware parsing for Python, Go, JS/TS, Java, Kotlin, C#, Ruby, PHP, Rust, Swift, Scala, C/C++, and Dart.
Apply Patch & Suggested Fixes
Every finding includes a copy-ready code fix and git-format patch. Engineers apply fixes directly from the review comment.
AI Fix Suggestions (Auto-Apply)
Click "Apply Fix" to commit the suggested fix directly on the PR branch. Zero manual editing — from finding to fix in one click.
AI PR Summary Generation
Auto-generated human-readable PR summary with key changes, breaking change detection, and impact areas.
GitHub Check Runs
DevLens creates pass/fail status checks on every PR. Integrate with branch protection rules to block risky merges.
Inline Diff View
Annotated diff viewer with findings overlaid on exact lines. See code changes and review comments in one unified view.
Code Complexity Tracking
Tracks cyclomatic complexity delta per file and PR. Catch complexity creep before it spirals.
Duplicate / Copy-Paste Detection
Automatically flags copy-pasted code blocks within PRs with exact locations, previews, and refactoring suggestions.
PR Description Validation
Automatic scoring for PR description quality — checks context, ticket references, testing notes, and template compliance.
Smart Reviewer Assignment
Suggests reviewers based on code ownership — who recently committed to the changed files and directories.
Comment Resolution Sync
Sync comment resolution status from GitHub back into DevLens. Keep findings lifecycle in sync across platforms.
Batch Review Mode
Review up to 20 PRs at once via a single API call — perfect for release branches and large backlogs.
Custom Review Rules (Regex + AI Prompts)
Define your own review rules with regex patterns or natural language AI prompts. Enforce team conventions, ban anti-patterns.
Code Coverage Integration
Upload coverage from CI pipelines, track history over time, and see before/after coverage diffs on every PR.
Review Time Tracking & Metrics
Track avg/median review duration, first-response time, and identify the slowest reviews. Surface bottlenecks automatically.
Comparison Reports (Digest Emails)
Schedule weekly or monthly digest emails comparing code quality, trends, and violations across repositories.
Feedback Learning Loop
Per-agent accuracy tracking, false positive detection, and feedback analytics. Watch DevLens get smarter over time.
Findings Lifecycle & Governance
Track findings from Open → Acknowledged → Fixed → Ignored → False Positive. Full audit trail for SOC 2 compliance.
Rule Packs & Org Policies
Enable/disable rule packs (security, bugs, performance, style, tests, docs), set severity overrides, and create per-repo policies.
Quality Index & Benchmarks
Single 0-100 code health score, percentile rankings, category benchmarks, repo drift detection, and weekly trend analysis.
Secret & Supply Chain Scanning
GitLeaks-style secret detection (16+ patterns) and OSV.dev integration for dependency vulnerability checking.
Jira Integration
Create Jira tickets from critical findings with severity, code context, and fix suggestions — all in one click.
SSO — GitHub, Google, SAML
Enterprise single sign-on via GitHub OAuth, Google OAuth, and SAML/Okta for seamless team onboarding.
My Reviews Dashboard
Personal view showing your open PR risks, recurring patterns, and fix-before-review suggestions.
Flexible Infrastructure
LiteLLM for provider-agnostic LLM support, Lago billing, Prometheus/Grafana monitoring, Caddy reverse proxy, and direct SMTP.
Multi-Tenancy & RBAC
Organizations, teams, role-based access control, API key management, and complete audit logging.
CLI Tool & GitHub Actions
Local code reviews from the terminal and automated PR reviews triggered via GitHub Actions.
Bring Your Own Model (BYOM)
Organizations can select their preferred LLM — GPT-4o, Claude, DeepSeek, Llama 3, or any of 100+ providers via LiteLLM. Configurable from the Settings page.
Rate Limiting & Input Validation
Redis-backed rate limiting on all abuse-prone endpoints (auth, webhooks, contact). Pydantic schema validation on all API inputs.
Infrastructure Hardening
Multi-stage Docker builds with non-root containers, health checks on all services, HSTS in production, and automated dependency audits in CI.
Frontend Hardening
Global API request timeouts, automatic 401 session handling, React Error Boundary, and safe production environment configuration.
CI/CD Security Pipeline
pip-audit + npm audit in CI, Dependabot for all ecosystems (pip, npm, Docker, GitHub Actions), and automated weekly dependency updates.
Unified Authentication
All API routes protected by session cookie or API key auth. CSRF protection on OAuth flows with Redis-backed state tokens.
In Progress — Q1 2026
GitLab & Bitbucket Support
Extend webhook integration beyond GitHub to support GitLab merge requests and Bitbucket PRs.
IDE Extensions (VS Code & JetBrains)
VS Code and JetBrains plugins for in-editor review feedback before you push.
Review Caching & Deduplication
Skip re-reviewing unchanged files and deduplicate findings across incremental pushes.
Slack Bot (Interactive)
Two-way Slack integration: get review summaries, triage findings, and update status without leaving Slack.
Planned — Q2 2026
SCIM Auto-Provisioning
Automatic user provisioning and deprovisioning via SCIM for Okta, Azure AD, and OneLogin.
Monorepo Awareness
Understand cross-package dependencies and review changes in the context of the full monorepo.
Self-Hosted Helm Chart
Single-command Helm chart for Kubernetes-based air-gapped enterprise deployments.
Compliance Reporting
Automated evidence collection for SOC 2, ISO 27001, and HIPAA code review requirements.
AI Model Fine-Tuning
Fine-tune the review model on your codebase and feedback — learn your team's patterns and conventions.