Self-hosting
AI providers
AI review is optional. The deterministic gate still runs when no provider is configured.
Provider options
- anthropic
- Native Anthropic Messages API. Requires ANTHROPIC_API_KEY.
- openai or openai-compatible
- OpenAI chat completions shape. Works with OpenAI, gateway providers, vLLM, Ollama, and compatible endpoints.
- ollama
- Local model endpoint. Good for private experiments; quality depends on the pulled model.
- claude-code
- Subscription CLI path. Requires CLI availability and CLAUDE_CODE_OAUTH_TOKEN from an interactive setup.
- codex
- Subscription CLI path. Treat credentials carefully; do not mount prompt-readable auth into untrusted review sandboxes.
Single provider
.env
AI_PROVIDER=anthropic
ANTHROPIC_API_KEY=<provider-key>
ANTHROPIC_AI_MODEL=claude-sonnet-4-6OpenAI-compatible endpoint
.env
AI_PROVIDER=openai-compatible
OPENAI_COMPATIBLE_AI_BASE_URL=http://ollama:11434/v1
OPENAI_COMPATIBLE_AI_API_KEY=
OPENAI_COMPATIBLE_AI_MODEL=llama3.1Fallback and dual review
A comma-list can be a fallback chain or a two-reviewer plan. With two available providers,AI_COMBINE controls how decisions are combined.
.env
AI_PROVIDER=anthropic,ollama
AI_COMBINE=synthesis
AI_ON_MERGE=either- single
- One reviewer verdict. This is the automatic mode when one provider is configured.
- consensus
- Block only when both reviewers flag a critical defect. A lone defect holds for human review.
- synthesis
- Both reviewers run, then one merged decision is produced. AI_ON_MERGE controls either or both.
Subscription CLI safety
Credential isolation matters
Subscription CLIs store credentials on disk. Do not mount a writable or prompt-readable CLI home into review execution unless you have isolated it from PR-controlled content. Use an API provider or local OpenAI-compatible endpoint when isolation is not clear.
Related context
AI providers produce the review. REES and RAG add context that the reviewer can use.