git-lrc

Product Introduction

1. Definition: git-lrc is an AI-powered Git hook tool that automates code reviews by analyzing diffs pre-commit. It falls under the technical category of version control extensions and AI-assisted code review systems.
2. Core Value Proposition: It prevents AI-generated code errors by enforcing mandatory reviews before commits land, addressing risks like logic removal, credential leaks, and silent behavior changes. Primary keywords: AI code review, Git commit hook, prevent AI coding errors.

Main Features

1. Pre-Commit AI Review Engine: Hooks into Git’s native pre-commit workflow to scan staged diffs using Google’s Gemini API. Analyzes code for security flaws (e.g., leaked credentials), performance anti-patterns (expensive cloud calls), and logic regressions. Runs locally but leverages cloud-based AI via API calls.
2. Interactive Review UI: Displays GitHub-style diffs with inline AI annotations, severity badges, and file-level change summaries. Supports issue navigation, one-click copy of flagged problems, and real-time iteration tracking.
3. Workflow Flexibility: Offers three modes:
   • review: Full AI analysis (default on commit).
   • vouch: Bypass AI (user takes responsibility; logs prior coverage).
   • skip: Opt-out (no review; logged as skipped).
4. Git Log Integration: Appends review metadata (e.g., LiveReview Pre-Commit Check: ran (iter:3, coverage:85%)) to commit messages, creating an auditable trail of review status across repositories.
5. Centralized Configuration: Uses Hexmos’s LiveReview service (free tier) to manage API keys and settings globally. Requires two tokens: a LiveReview API key and a Google Gemini API key.

Problems Solved

1. Pain Point: AI-generated code introduces undetected vulnerabilities (e.g., exposed secrets), logic erosion, and costly inefficiencies. git-lrc catches these during development, not post-deployment.
2. Target Audience:
   • AI-Assisted Developers: Users of Copilot, Cursor, or Claude generating >30% of code.
   • Engineering Managers: Teams scaling AI adoption but needing quality control.
   • DevOps/AppSec Engineers: Preventing cloud cost spikes or compliance breaches from flawed AI output.
3. Use Cases:
   • Blocking commits with AWS_ACCESS_KEY leaks.
   • Flagging new database calls in loops during refactoring.
   • Auditing AI-generated payment logic changes pre-merge.

Unique Advantages

1. Differentiation: Unlike GitHub Copilot Code Review (post-commit) or CodeRabbit (PR-based), git-lrc enforces pre-commit reviews—catching issues earlier. Unlike Graphite, it requires zero per-repo configuration.
2. Key Innovation:
   • Iteration Tracking: Quantifies review cycles (iter:N) and prior coverage (coverage:X%), unique in Git tooling.
   • Zero-Cost Model: Free unlimited reviews via user-provided Gemini keys; no vendor lock-in.

Frequently Asked Questions (FAQ)

1. Is git-lrc free?
   Yes. It uses Google Gemini’s free tier; you supply the API key. Hexmos’s LiveReview coordination service is free indefinitely—no trials or credit cards.
2. What data does git-lrc send to external services?
   Only staged diffs (code changes) are sent to Gemini. Full repos, history, or credentials are never transmitted. Diffs are discarded post-review.
3. How to disable git-lrc for a specific repository?
   Run git lrc hooks disable locally in the repo. Re-enable with git lrc hooks enable.
4. Can git-lrc review past commits?
   Yes. Use git lrc review --commit HEAD (last commit) or HEAD~3..HEAD (range) to audit historical changes.
5. Does git-lrc work with private repositories?
   Yes. All processing occurs locally; only diffs are sent to Gemini via encrypted API calls. No code is stored by Hexmos.