Private, Offline-First AI Architectural Code Reviews

The surgical command-line sentinel that automatically scans git diffs against architectural rules locally using private Ollama models.

Get Started Star on GitHub

bash - dev@pika-review

dev@pika-review:~$

🏛️ Introduction

Pika Review is an enterprise-grade AI Code Reviewer designed to run natively and privately on your developer workstation. Instead of sending full source code bundles to proprietary cloud platforms, Pika surgical-scans only your staged git changes against project-specific compliance rules stored locally in your repository.

🦙

100% Offline-First

No API keys required. Connect natively to local Ollama tag daemons (like Qwen, Llama, and Codegemma) and keep your proprietary code strictly on your local machine.

🧠

Custom Rules

Define naming architectures, framework boundaries, state models, or security policies in plain English inside a simple .pika-rules.md file.

🛡️

Git Safeguards

Install automated, backup-safe pre-commit hooks that scan code before commits are created, intercepting high-severity compliance debt in real-time.

📦 Installation

Pika Review is written in strict TypeScript and works on Mac, Linux, and Windows. You can install it globally via your preferred package manager:

bash

bun add -g pika-review

bash

npm install -g pika-review

bash

yarn global add pika-review

🛠️ Configuration Schema

Initializing Pika Review creates a global YAML configuration file located at ~/.pika-review.yaml. Below is the detailed parameter layout:

Property	Type	Default	Description
`ai.provider`	String	`"openai"`	Primary engine. Use `"ollama"` for private local scanning.
`ai.apiKey`	String	`""`	Secret credentials for cloud providers. (Optional/Bypassed for Ollama).
`ai.accountId`	String	`""`	Required only if provider is explicitly set to Cloudflare.
`ai.model`	String	`"gpt-4o"`	The target LLM model name (e.g. `"qwen2.5-coder:7b"` locally).
`ai.baseURL`	String	`"https://api.openai.com/v1"`	Custom endpoint. Set to `"http://localhost:11434/v1"` for local Ollama.
`scanner.ignoreFiles`	Array	Standard lock/media	Global file suffixes ignored by scanning loops.

💡

Pro-Tip: Pika Review skips key validation automatically if ai.provider is set to "ollama", allowing you to operate immediately behind restrictive firewalls or entirely without internet access.

⌨️ CLI Command Reference

Pika Review provides an expressive, user-friendly suite of CLI utilities to manage models, pre-commit protective hooks, and compliance sweeps:

Performs a live compliance scan of staged git changes (default behavior). Analyze specific directories or use -i to trigger interactive file check checkboxes.

# Scan staged files (standard commit guard)
pika-review scan

# Scan unstaged files
pika-review scan -u

# Run headlessly in CI/CD pipeline (fails on High/Critical issues)
pika-review scan --ci

Polls local Ollama API tags, filters available code models, and interactively switches active endpoints without manually editing configuration YAMLs on disk.

# Launch interactive selector
pika-review models

Installs or removes the Git pre-commit protection hook. Highly secure: automatically creates backups of pre-existing hooks and restores them during uninstallation.

# Inject quality shield in current repository
pika-review hook install

# Cleanly restore previous hook configs
pika-review hook uninstall

Scans the folders, names, and dependency specifications of your project. It automatically drafts a tailored .pika-rules.md template file featuring customized architectural guidelines matching your frameworks.

# Auto-bootstrap compliance regulations
pika-review rules --generate

🧠 The Local Rules Engine

Pika Review reads custom architectural regulations directly from your project's root in a file called .pika-rules.md. The rules are written in plain, human-readable English.

markdown

# Architectural Rules

## 🏛️ Component Boundaries
- All React components must reside in folders matching `src/components/` and be declared using standard ES6 functional wrappers.
- Never use direct state manipulation in visual files; state must pass through our global Zustand stores.

## 🔐 Security
- Prevent hardcoded auth headers. Always fetch secret credentials through env providers.
- Prevent sql raw strings in repositories; queries must go through the Prisma client.

🛡️ Git Safeguard Hook Workflow

Installing Pika Review hooks intercepts git commits seamlessly. If a developer attempts to commit code containing high-severity architectural anomalies, the pre-commit script runs headlessly, catches the violation, and halts the commit before it can pollute the branch history.

⚠️

Note: In headless pipeline runners (such as GitHub Actions or GitLab Runner), you can override default displays by passing the --ci parameter. This forces a clean text output and returns a non-zero exit code if high-severity anomalies are uncovered, safely failing the PR build!

🤝 Contributing

We welcome PRs, bug reports, and suggestions from the engineering community! If you are interested in extending CLI subcommands or optimization parsers, check out our master developer blueprint:

Read the official Contributing Guide to quickly bootstrap your environment.