Semantic code review intelligence

The staff engineer that never sleeps on your PRs.

DevPulsr catches semantic drift, test-gap blind spots, and API contract breaks at PR time — before they compound into the kind of outage that pages you at 3 AM.

Start free trial See how it works

Used by 40+ engineering teams · No credit card required

devpulsr · PR #482 · feat/payments-webhook

Add Stripe webhook idempotency key validation

rajsundaram +47 −12 lines payments/webhook.ts

payments/webhook.ts

18 export async function handleStripeWebhook(req, res) {

19 const event = stripe.webhooks.constructEvent(req.body, sig, secret);

19 const event = await validateAndConstruct(req.body, sig, secret);

20 if (!event.idempotencyKey) return res.status(400).end();

Idempotency guard — prevents duplicate processing on Stripe retry. Correct placement before handler dispatch.

34 const charge = await processPayment(event.data.object);

Missing test path — no test covers idempotency key absent scenario. Add test for 400 response branch.

Trusted by teams at

Axlepath Kettner Labs LoopForm NovaCog Driftmark Syncframe

Code review is your last defense — and it's breaking

1

PRs merge without semantic understanding

A function can return the right type but carry a wrong invariant — a logic change that looks structurally correct in the diff but breaks the system in context. Static analysis never sees this.
2

Coverage numbers hide test gaps

82% line coverage sounds healthy — until the one branch you didn't test is the one you just changed. Path-level gap detection is what matters, not the aggregate percentage.
3

API contracts drift until an outage surfaces the break

A field renamed, a type changed, a required parameter added — each individually innocuous. Collectively, they break the consumer that discovers the change in production at 2 AM.

73%

of production incidents originate in PRs that passed review — based on analysis of 12,000 PRs in beta cohort

2.4×

longer to fix a defect found post-merge versus at PR review time

~6 hrs

typical engineering manager time per week on review coordination and triage

Three lenses on every pull request

Semantic Drift Detection

DevPulsr builds a call-graph model of your codebase and maps each changed function to its usage context. A function that changes a subtle invariant — correct in isolation, wrong for the system — gets flagged with the specific callers affected.

Test Gap Intelligence

Maps each changed function to its test surface — not file-level coverage — and surfaces the specific code paths your PR introduces with no corresponding test assertion. An actionable gap list, not an aggregate percentage.

API Contract Analysis

Parses OpenAPI specs, GraphQL schemas, and gRPC proto files. Flags backward-incompatible changes — removed fields, type changes, renamed endpoints — before merge, before your downstream consumers' CI even runs.

PR Velocity Metrics

PR cycle time trends, reviewer load distribution, and defect escape patterns — surfaced as a developer-facing dashboard. DevPulsr tracks code review health, not sprint progress or project management.

GitHub & GitLab Native

Installs as a GitHub App or GitLab integration in under 10 minutes. Annotations post inline in your PR diff — no new dashboard required, no CI pipeline changes needed.

Ephemeral Analysis Architecture

Code is fetched per-run, processed in isolated compute, and discarded. Never stored, never used for model training, never shared across tenants. SOC 2 Type II audit underway — results available under NDA to enterprise customers.

Zero config. First insight in 5 minutes.

Connect your repository

Install the DevPulsr GitHub App or GitLab integration. We request read-only code and PR permissions — nothing else. No write access, no secrets access.

Open a PR

DevPulsr analyzes the diff in context of your full codebase graph. No uploads, no CI configuration changes required. Analysis completes in under 90 seconds for most changesets.

Review the intelligence

Inline PR comments pinpoint the exact line, the risk type, and the specific reasoning. Dismiss false positives with one click — dismissals are tracked and inform future precision.

See the full walkthrough

Review health for the engineering team, not the executive deck

PR cycle time, reviewer load distribution, defect escape patterns — real-time, per-engineer and per-repo. Not a sprint tracker, not a JIRA replacement. Code review health only.

Review queue

feat/rate-limiter-redis-backend

2 findings

fix/user-session-expiry-edge-case

Clean

refactor/payment-service-split

API break

chore/dependency-updates-q2

Analyzing…

What engineering teams say

We were shipping a logic inversion in a billing calculation — discount > 0 changed to >= 0, looked trivial in the diff. Nobody caught it in three review rounds. DevPulsr flagged it 40 seconds after the PR opened. That alone paid for the year.

Engineering Manager

Payments infrastructure company, 18-person team

Test gap detection is genuinely useful. Not "you have 80% coverage" — but "these three branches in the function you just changed have zero test coverage." That's the difference between a metric and something you act on before merge.

Staff Engineer

Developer tooling company, 9-person team

Our three senior engineers review every PR. DevPulsr doesn't replace them — it changes what they spend their time on. They arrive at the diff already knowing which 3 spots need real attention. Review time dropped 40% with zero reduction in quality.

CTO

Workflow automation startup, 6-person team

Plugs into your existing workflow

DevPulsr doesn't replace your deployment pipeline, CI system, or project management tools — it adds a semantic analysis layer to the code review step you already have.

GitHub GitLab Slack Jira VS Code GitHub CLI Webhooks SAML SSO

Your next PR is the right time to start

Connects to GitHub or GitLab in under 10 minutes. No code changes, no CI configuration, no credit card. Free for teams up to 3 developers.

Start free trial Talk to the team