Know the blast radius of every PR before you merge

CodeDig analyzes every pull request for risk, security vulnerabilities, test gaps, and architectural impact — before it reaches production. Install in 60 seconds.

Start Free — No Credit Card Required See How It Works

codedig-botcommented 2 minutes ago

bot

CodeDig PR Analysis — Medium Risk (Score: 62/100)

Summary

Metric	Value
Files Changed	12
Blast Radius	47 downstream consumers
Test Coverage on Changed Paths	23%
Public API Changes	3 breaking
Security Findings	1 (SQL injection risk)

⚠️ Key Findings

3 public API changes detected — 47 downstream consumers affected
Payment processing module changed with 0% test coverage
New SQL query without parameterized inputs (line 142)

✓ Recommendations

Add tests for PaymentProcessor.processRefund()
Use parameterized query in UserRepository.findByEmail()
Update API documentation for breaking changes

→ View full report

Up and running in 3 steps

1
Install the GitHub App
1 click to connect your repositories. No config files, no CI changes.
2
Open a Pull Request
CodeDig automatically analyzes every PR the moment it is opened.
3
Review with Confidence
See risk scores, blast radius, and recommendations inline on every PR.

Everything you need to ship with confidence

Automated analysis on every pull request so your team can move fast without breaking things.

PR Risk Analysis

Every PR gets a risk score based on blast radius, test coverage gaps, and complexity changes. High-risk PRs are flagged before they cause incidents.

Security Scanning

Automatic detection of PII exposure, SQL injection, hardcoded secrets, and OWASP Top 10 vulnerabilities in every code change.

Architectural Intelligence

Track architectural drift, detect dead code, and understand how your codebase evolves over time with time-travel analysis.

Catch vulnerabilities before they ship

Every PR is scanned for hardcoded secrets, SQL injection, PII exposure, and 200+ security rules. Findings appear inline on the PR with severity and remediation guidance.

Security Findings

5 issues found

SeverityFindingFile

CriticalHardcoded AWS secret keysrc/config/aws.ts

HighSQL injection in query buildersrc/db/queries.ts

MediumPII exposure in log outputsrc/utils/logger.ts

MediumMissing CSRF token validationsrc/api/auth.ts

LowOutdated dependency (lodash 4.17.20)package.json

Works with GitHub No source code stored Security-first architecture Privacy by design End-to-end encrypted

Built for teams like yours

Platform Engineering

Understand blast radius across microservices

Security-Conscious Orgs

Catch vulnerabilities before they reach production

Fast-Growing Startups

Ship with confidence as your codebase scales

Enterprise Dev Teams

Compliance-ready analysis with audit trails

Simple, transparent pricing

Start free, scale as your team grows.

MonthlyAnnual Save 20%

Free

$0/mo

Repos1
PRs analyzed/mo30
Users3
PR risk analysis✓
Security scanningBasic
Test gap analysis—
Architectural drift—
Time-travel analysis—
Data retention7 days
SupportCommunity

Start Free

Team

$49/mo

Repos15
PRs analyzed/mo500
Users15
PR risk analysis✓
Security scanningFull
Test gap analysis✓
Architectural drift—
Time-travel analysis—
Data retention90 days
SupportEmail

Start Free Trial

Business

$299/mo

ReposUnlimited
PRs analyzed/mo5,000
UsersUnlimited
PR risk analysis✓
Security scanningFull
Test gap analysis✓
Architectural drift✓
Time-travel analysis✓
Data retention1 year
SupportPriority

Start Free Trial

Enterprise

Custom

SSO, on-premise deployment, dedicated support, and custom SLAs for large organizations.

Contact Sales

Talk to our team

Need SSO, on-premise, or custom SLAs? Book a call or send us a message.

Book a Demo Call

or fill out the form below

< 30s

Average Analysis Time

Zero

Config Files Required

Languages Supported