How it works

Two minutes to better reviews

No agents to deploy. No changes to your CI pipeline. Install the Commitloom GitHub App, grant diff-read access to the repos you choose, and every subsequent PR gets reviewed automatically. The first review posts within 60 seconds of opening.

Start free
Step 1

Connect — GitHub App install in two clicks

Visit the Commitloom GitHub App page, click Install, and choose which repos to grant access to. No personal access tokens. No service accounts. The App uses GitHub's secure OAuth flow with minimal scopes.

  • Read-only diff access — Commitloom never writes to your codebase
  • Select specific repos or grant org-wide in one step
  • GitLab: connect via webhook URL + token in settings
github.com/apps/commitloom 
✓  GitHub App: Commitloom
   Version: 1.4.2
   Created by: commitloom

Installing to: ironveil-systems
Repository access: Selected repos

  ✓  payment-service
  ✓  auth-gateway
  ○  legacy-monolith (skipped)

Permissions requested:
  pull_requests: read + write (comments)
  contents: read (diff only)
  metadata: read

→  Install complete. First PR review active.
webhook payload (trimmed) 
{
  "action": "opened",
  "number": 247,
  "pull_request": {
    "title": "feat: add retry logic",
    "additions": 38,
    "deletions": 4,
    "changed_files": 3,
    "base": { "ref": "main" },
    "head": { "ref": "retry-logic" }
  }
}
Step 2

Open a PR — Commitloom reads the diff automatically

The moment a pull request opens (or a push to an existing one), GitHub delivers a webhook to Commitloom. Within seconds, Commitloom fetches the diff — not the full repository — and begins analysis.

  • Triggered on PR open and re-open
  • Re-runs on force push to keep comments fresh
  • Only the diff is read — not the full repo history
03

Review appears — inline comments pinned to the diff, summary in the description

Comments land on the specific diff lines within 60 seconds, each labelled Warning, Issue, or Suggestion. The PR description is pre-filled with the generated summary — what changed, risk areas flagged by file and line, suggested review order. Your reviewer sees all of this before reading a single line of diff.

04

Iterate — address, dismiss, or squash and merge

Respond to Commitloom comments the same way you respond to any reviewer. Fix what you agree with, dismiss what you don't. On a force-push or new commit, Commitloom re-runs on the changed sections — old comments on unchanged lines are resolved automatically.

FAQ

Common questions

No. Commitloom reads the pull request diff ephemerally to generate its review, then discards it. We never persist your code or repository content. See our Security page for full details on our data handling model.
We request pull_requests: read + write (to post comments), contents: read (diff only), and metadata: read. We do not request write access to code, issues, or any other resource. Full permissions breakdown is on the Security page.
Commitloom works on any language that GitHub or GitLab can diff. It has the highest accuracy on Go, TypeScript, Python, Rust, and Java — languages where its training data is deepest — but it produces useful reviews for most modern languages.
Yes. Team tier and above supports a commitloom.yaml config file in your repo root. You can define custom patterns, adjust severity thresholds, and set paths to ignore. See the configuration reference.
Yes — all AI reviewers do. Commitloom errs on the side of flagging potential issues rather than missing them. You can dismiss any comment individually, and the system learns from patterns of dismissals on your repos to reduce noise over time.
By default, Commitloom skips draft pull requests and activates when the PR moves to "Ready for review." This is configurable — you can enable early review on drafts by setting review.drafts: true in your commitloom.yaml.

Install. Open a PR. See the comments.

The setup is shorter than reading this page. Free plan, no credit card.

Start free Quickstart guide