Amazon CodeGuru Reviewer is an AWS service that uses program analysis and machine learning to detect potential defects that are difficult for developers to find and offers suggestions for improvement.
CodeGuru Reviewer finds defects in Java and Python code. For more information about how to set up and use CodeGuru Reviewer, see the Amazon CodeGuru Reviewer User Guide.
This repo demonstrates some of CodeGuru Reviewer's Java detectors. For more descriptions of each detector, see our Detector Library. To see the Python code examples repo, click here.
You can use this code repository to try out CodeGuru Reviewer using your AWS credentials.
To use the CodeGuru Reviewer GitHub Action to scan a fork of this repo, you will first need to create a suitable Role, S3 Bucket, and Policy in your AWS account. You can do this automatically by following these instructions.
A CodeGuru Reviewer GitHub Action workflow template has already been added to this repo. To see CodeGuru Reviewer in action:
- Fork this repo.
- In
.github/workflows/analyze.yml
, replace the following three fields with the values obtained from the prerequisites step above: your Role ARN (role-to-assume
), your Region (aws-region
), and your S3 bucket name (s3_bucket
). - Click on the Actions tab (next to pull requests).
- Click on the CodeGuru Reviewer Workflow.
- Click "Run workflow".
- Navigate to the Security tab to see results (it should take 5-10 min). GitHub only enables the security tab for free on public repositories.
You can copy the CodeGuru Reviewer GitHub Action analyze.yml
that you made in the Setup step to your own personal repo. However, please take note of the following items:
- If you use a build system other than Gradle, you may need to edit the build step using the appropriate command for your build system.
- If your build system doesn't place the resulting .jar files in
build/libs
, you may need to edit thebuild_path
field in theanalyze.yml
workflow. - If you do not have GitHub Advanced Security, you will still be able to view your findings within the AWS Console. You can also use tools like
jq
within your workflow to postprocess the findings. If you print some of the findings to stdout, you will see them in your workflow's output log.
Use the community resources below for getting help with AWS CodeGuru Reviewer.
- Use GitHub issues to report bugs and request features.
- Open a support ticket with AWS Support.
- For contributing guidelines, refer to CONTRIBUTING.
See CONTRIBUTING for more information.
This project is licensed under the Apache-2.0 License. See the LICENSE file.