CodeDig
Analyze a PR free

Sample PR report

See the merge-risk picture reviewers get before approval

This sample shows the kind of PR-time signal CodeDig is built to surface: blast radius, test gaps, security-relevant findings, and concrete next actions for reviewers.

Analyze a PR freeBook a 15-min demo
A
codedig-botcommented 2 minutes ago
bot
CodeDig PR Analysis — Medium Risk (Score: 62/100)

Summary

MetricValue
Files Changed12
Blast Radius47 downstream consumers
Test Coverage on Changed Paths23%
Public API Changes3 breaking
Security Findings1 (SQL injection risk)

⚠️ Key Findings

  • 3 public API changes detected — 47 downstream consumers affected
  • Payment processing module changed with 0% test coverage
  • New SQL query without parameterized inputs (line 142)

Recommendations

  • Add tests for PaymentProcessor.processRefund()
  • Use parameterized query in UserRepository.findByEmail()
  • Update API documentation for breaking changes
→ View full sample report

Medium risk: 62/100

Risk is elevated because the PR touches payment-processing code, changes public API behavior, and has weak test coverage on modified paths.

47 downstream consumers

The report traces callers and dependent flows so reviewers can see which systems may be affected outside the visible diff.

23% changed-path coverage

Coverage is evaluated against changed code paths so reviewers can ask for the tests most likely to reduce merge risk.

Top affected consumers

Example output from blast-radius analysis. This is illustrative, not a customer case study.

Checkout API
Calls PaymentProcessor.processRefund()
High attention
Admin refunds page
Depends on refund status response shape
Medium attention
Billing worker
Consumes refund-created events
Medium attention
Customer notifications
Renders refund status copy
Low attention

Reviewer plan

What the reviewer can do next

CodeDig is not trying to replace judgment. It gives reviewers a risk map so they can decide where to slow down, ask for tests, or bring in the right owner before merge.

Ask for tests around refund error handling and rollback behavior.

Confirm the public API response change is intended and documented.

Review the SQL query change before approving the PR.

Notify owners of downstream billing and checkout flows if the response shape changes.

PR comment

Reviewers see the summary where the merge decision happens.

Security context

Findings are scoped to changed code and paired with remediation guidance.

Blast radius

Affected consumers and owners help reviewers route follow-up before merge.