Package Exports
- @preflight-ai/cli
- @preflight-ai/cli/dist/index.js
This package does not declare an exports field, so the exports above have been automatically detected and optimized by JSPM instead. If any package subpath is missing, it is recommended to post an issue to the original package (@preflight-ai/cli) to support the "exports" field. If that is not possible, create a JSPM override to customize the exports field for this package.
Readme
Prefl AI - Your Dream Code Review Tool â¨
Professional AI-powered code review that catches bugs before they reach production
Website: prefl.run
đ Features
- đ Comprehensive Analysis - Detects runtime errors, security vulnerabilities, memory leaks, performance issues
- đ¯ Smart Context Tracking - Analyzes related code and imports to maintain full context
- đ¨ Critical Issue Blocking - Prevents commits with critical problems
- đ Multi-Language Support - Works with any programming language
- ⥠Lightning Fast - Analyzes only staged changes, not entire codebase
- đ¨ Beautiful Output - Clear, emoji-rich reports with actionable fixes
- đž Export Reports - Save detailed analysis to files
- đĒ Git Integration - Auto-runs on pre-commit hooks
đĻ Installation
npm i -g @preflight-ai/cli@latestđ ī¸ Setup
1. Initialize in your project
cd your-project
prefl initThis will:
- â
Create
prefl.jsonconfig file - â
Create
.envand ask for your GROQ API key - â
Add
.envto.gitignore - â Install pre-commit hook automatically
2. Get your Groq API Key
- Visit console.groq.com
- Create a free account
- Generate an API key
- Paste it when prompted during
prefl init
đ¯ Usage
Automatic Review (Recommended)
Once initialized, Prefl automatically reviews your code before every commit:
git add .
git commit -m "feat: add new feature"
# ⨠Prefl analyzes your changes automatically!Manual Analysis
# Analyze staged changes
prefl analyze
# Analyze entire repository
prefl analyze --all
# Save report to file
prefl analyze --output my-report.txt
# JSON output for CI/CD
prefl analyze --format jsonCommands
prefl init # Setup Prefl in your project
prefl analyze # Analyze staged changes
prefl analyze --all # Analyze entire repo
prefl analyze --output FILE # Save results to file
prefl fix # Generate AI-suggested patches
prefl fix --apply # Auto-apply generated fixes
prefl --version # Show version
prefl --help # Show helpđ What Gets Analyzed?
đ¨ CRITICAL ISSUES (Blocks Commits)
- Runtime Errors: Null/undefined access, type mismatches, unhandled promises
- Security Vulnerabilities: SQL injection, XSS, CSRF, exposed secrets, insecure auth
- Memory Leaks: Event listeners without cleanup, circular references
- Data Loss: Missing validation, race conditions, improper async handling
â ī¸ WARNINGS (Alerts)
- Performance: N+1 queries, unnecessary re-renders, blocking operations
- Code Smells: Tight coupling, magic numbers, duplicated logic
- Accessibility: Missing ARIA labels, keyboard navigation issues
- Edge Cases: Empty arrays, null inputs, boundary conditions
âšī¸ SUGGESTIONS (Nice to Have)
- Best Practices: Inconsistent naming, missing types, outdated patterns
- Optimization: Memoization opportunities, lazy loading, code splitting
- Maintainability: Complex logic without comments, long functions
đ¨ Example Output
đ Code Review Results
đ¨ Critical: 2 | â ī¸ Warnings: 3 | âšī¸ Info: 1
ââââââââââââââââââââââââââââââââââââââââââââââââââââââââ
đ¨ CRITICAL ISSUES (Must Fix)
1. đ¨ Potential runtime error: chained property access after JSON.parse without validation
đ File: src/api.ts (line 45)
đ Code: const userId = JSON.parse(response).user.id;
â
Fix: Assign JSON.parse result to a variable, validate it, then access properties safely:
const data = JSON.parse(response);
if (data && typeof data === 'object') { /* use data */ }
2. đ Security: Hardcoded secret detected
đ File: src/config.ts (line 12)
đ Code: const API_KEY = "sk-123456789";
â
Fix: Move secrets to environment variables (.env) and add .env to .gitignore
ââââââââââââââââââââââââââââââââââââââââââââââââââââââââ
â ī¸ WARNINGS (Recommended Fixes)
1. â ī¸ Potential memory leak: addEventListener without cleanup
đ File: src/components/Modal.tsx (line 28)
đ Code: window.addEventListener('keydown', handleEscape);
đĄ Fix: Store the listener reference and remove it in cleanup
ââââââââââââââââââââââââââââââââââââââââââââââââââââââââ
đ Commit blocked due to critical issues. Please fix them first.âī¸ Configuration
Edit prefl.json in your project root:
{
"ignore": {
"globs": [
"node_modules/**",
"dist/**",
".git/**",
"*.test.js",
"coverage/**"
]
},
"review": {
"blockSeverities": ["critical"],
"context": {
"baseLimit": 10,
"importExpansionLimit": 20
}
}
}Configuration Options
- ignore.globs: Files/folders to skip (supports glob patterns)
- review.blockSeverities: Which severity levels block commits (
["critical"],["critical", "warning"], or[]) - review.context.baseLimit: How many files to include as context (default: 10)
- review.context.importExpansionLimit: Max files to add via import tracking (default: 20)
đ§ Advanced Features
Generate and Apply Fixes
# Generate a patch file
prefl fix
# Validate the patch
prefl fix --dry-run
# Auto-apply the patch
prefl fix --applyCI/CD Integration
# .github/workflows/code-review.yml
name: Prefl Code Review
on: [pull_request]
jobs:
review:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with: { node-version: 20 }
- run: npm i -g @preflight-ai/cli
- run: prefl analyze --format json
env:
GROQ_API_KEY: ${{ secrets.GROQ_API_KEY }}đ Why Prefl?
| Feature | Prefl | ESLint | SonarQube |
|---|---|---|---|
| AI-Powered Analysis | â | â | â |
| Runtime Error Detection | â | â ī¸ Limited | â ī¸ Limited |
| Security Scanning | â | â ī¸ Plugins | â |
| Memory Leak Detection | â | â | â ī¸ Limited |
| Multi-Language | â | â | â |
| Context-Aware | â | â | â ī¸ Limited |
| Actionable Fixes | â | â ī¸ Sometimes | â ī¸ Sometimes |
| Beautiful Output | â | â | â ī¸ Web Only |
| Auto-Fix Suggestions | â | â ī¸ Limited | â |
đ¤ Contributing
We welcome contributions! Please see our Contributing Guide.
đ License
Apache 2.0 - See LICENSE for details
đŦ Support
- đ Website: prefl.run
- đ§ Email: support@prefl.run
- đ Issues: GitHub Issues
Made with â¤ī¸ by developers, for developers