diffray 0.4.0 → 0.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/README.md +54 -17
  2. package/dist/diffray.cjs +229 -227
  3. package/package.json +1 -1
package/README.md CHANGED
@@ -1,6 +1,6 @@
1
1
  <table>
2
2
  <tr>
3
- <td><img src="logo.svg" alt="diffray" width="120"></td>
3
+ <td><img src="docs/logo.svg" alt="diffray" width="120"></td>
4
4
  <td>
5
5
  <h1>diffray</h1>
6
6
  <strong>Free open-source multi-agent code review</strong>
@@ -13,7 +13,7 @@
13
13
  > **How is it different from [diffray.ai](https://diffray.ai)?** The cloud platform automatically learns from your team's review feedback and generates rules. This CLI version requires manual rule configuration but gives you full control and runs locally.
14
14
 
15
15
  <p align="center">
16
- <img src="/docs/diffray.png" alt="diffray in action" width="800">
16
+ <img src="docs/demo.gif" alt="diffray in action" width="800">
17
17
  </p>
18
18
 
19
19
  ---
@@ -48,10 +48,10 @@ npm install -g diffray
48
48
  cd your-project
49
49
 
50
50
  # Review your uncommitted changes (or last commit if working tree is clean)
51
- diffray
51
+ diffray review
52
52
 
53
53
  # Or review changes between branches
54
- diffray --base main
54
+ diffray review --base main
55
55
  ```
56
56
 
57
57
  That's it! diffray will analyze your changes and show any issues found.
@@ -60,25 +60,32 @@ That's it! diffray will analyze your changes and show any issues found.
60
60
 
61
61
  ```bash
62
62
  # Review uncommitted changes, or last commit if clean
63
- diffray
63
+ diffray review
64
64
 
65
65
  # Review changes compared to main branch
66
- diffray --base main
66
+ diffray review --base main
67
67
 
68
68
  # Review last 3 commits
69
- diffray --base HEAD~3
69
+ diffray review --base HEAD~3
70
+
71
+ # Review specific file(s) - only git changes in these files
72
+ diffray review --files src/auth.ts
73
+ diffray review --files src/auth.ts,src/user.ts
74
+
75
+ # Review entire file content (without git diff)
76
+ diffray review --files src/auth.ts --full
70
77
 
71
78
  # Show only critical and high severity issues
72
- diffray --severity critical,high
79
+ diffray review --severity critical,high
73
80
 
74
81
  # Run only specific agent
75
- diffray --agent bug-hunter
82
+ diffray review --agent bug-hunter
76
83
 
77
84
  # Output as JSON (for CI/CD pipelines)
78
- diffray --json
85
+ diffray review --json
79
86
 
80
87
  # Show detailed progress
81
- diffray --stream
88
+ diffray review --stream
82
89
 
83
90
  # List available agents and rules
84
91
  diffray agents
@@ -235,7 +242,26 @@ Supports any git URL:
235
242
  - `https://github.com/owner/repo#v1.0` — specific tag/branch
236
243
  - `git@github.com:owner/repo.git` — SSH format
237
244
 
238
- Then run `diffray extends install` to download. Agents/rules from extends have lower priority than local ones.
245
+ **Extends commands:**
246
+
247
+ ```bash
248
+ # Install extends from config
249
+ diffray extends install
250
+
251
+ # Install specific URL (auto-adds to config)
252
+ diffray extends install https://github.com/owner/repo
253
+
254
+ # Force re-clone all extends
255
+ diffray extends install --force
256
+
257
+ # List installed extends
258
+ diffray extends list
259
+
260
+ # Remove an extend
261
+ diffray extends remove https://github.com/owner/repo
262
+ ```
263
+
264
+ Agents/rules from extends have lower priority than local ones.
239
265
 
240
266
  ### Config commands
241
267
 
@@ -312,7 +338,7 @@ You should see `my-rules` in the list.
312
338
  **Step 4.** Run a review - your agent will now analyze your code!
313
339
 
314
340
  ```bash
315
- diffray
341
+ diffray review
316
342
  ```
317
343
 
318
344
  ### Header fields explained
@@ -765,7 +791,7 @@ Your completely custom instructions here...
765
791
  diffray uses Claude AI which takes time to analyze code properly. Typical review takes 10-30 seconds. For faster (but less accurate) reviews, use:
766
792
 
767
793
  ```bash
768
- diffray --skip-validation
794
+ diffray review --skip-validation
769
795
  ```
770
796
 
771
797
  ### Why didn't it find an obvious bug?
@@ -777,13 +803,18 @@ AI isn't perfect. diffray is tuned for **low false positives** (fewer wrong aler
777
803
  Yes! Use `--json` flag for machine-readable output:
778
804
 
779
805
  ```bash
780
- diffray --json --severity critical,high
806
+ diffray review --json --severity critical,high
781
807
  ```
782
808
 
783
809
  Exit code is non-zero if issues are found.
784
810
 
785
811
  **GitHub Actions example:**
786
812
 
813
+ > **⚠️ Security Warning:**
814
+ > - Never commit `ANTHROPIC_API_KEY` or `CLAUDE_CODE_OAUTH_TOKEN` to git
815
+ > - Always use GitHub Secrets for API keys in CI/CD
816
+ > - For local development: use `claude setup-token` to generate `CLAUDE_CODE_OAUTH_TOKEN`
817
+
787
818
  ```yaml
788
819
  name: Code Review
789
820
  on: [pull_request]
@@ -802,9 +833,15 @@ jobs:
802
833
 
803
834
  - run: npm install -g diffray @anthropic-ai/claude-code
804
835
 
805
- - run: claude auth login --api-key ${{ secrets.ANTHROPIC_API_KEY }}
836
+ # Option 1: Use ANTHROPIC_API_KEY (recommended for CI/CD)
837
+ - run: diffray review --base origin/${{ github.base_ref }} --json --severity critical,high
838
+ env:
839
+ ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }}
806
840
 
807
- - run: diffray --base origin/${{ github.base_ref }} --json --severity critical,high
841
+ # Option 2: Use CLAUDE_CODE_OAUTH_TOKEN (get via: claude setup-token)
842
+ # - run: diffray review --base origin/${{ github.base_ref }} --json --severity critical,high
843
+ # env:
844
+ # CLAUDE_CODE_OAUTH_TOKEN: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }}
808
845
  ```
809
846
 
810
847
  ### How much does it cost?