Docs

PushSafe documentation

Everything you need to understand how PushSafe connects to GitHub, triggers reviews, comments on pull requests, and fits into a clean branch-based workflow.

Jump to section

Getting Started

Getting started with PushSafe

PushSafe is built for the moment between pushing code and merging it. Open a pull request and it reviews the diff automatically.

What is PushSafe

PushSafe is an AI-powered PR reviewer for indie developers. It connects to your GitHub repos and automatically reviews every pull request the moment you open one, posting inline comments directly on your PR like a teammate would.

No team required. No manual review steps. Just open a PR and PushSafe handles the rest.

How it works

PushSafe watches your GitHub repos for pull request activity. When you open a PR, PushSafe:

Fetches the diff, meaning the code you changed
Sends it to an AI model for review
Posts inline comments on the PR for real issues found
Re-reviews automatically when you push new commits

All of this usually happens in under 30 seconds.

Quickstart

Step 1

Sign up and connect GitHub

Create your account and authorize GitHub so PushSafe can access your pull requests.

Connect GitHub

Step 2

Add a repo on your dashboard

Choose a repository, load branches, select the target branch, and add it to PushSafe.

Add Repository

Choose a GitHub repo to connect to PushSafe.

Screenshot

Search repositories

pushsafe/app

privatetarget main

pushsafe/docs-site

privatetarget main

Step 3

Create a branch and push

Push your feature branch

git checkout -b fix/my-featuregit add .git commit -m "my changes"git push origin fix/my-feature

Step 4

Open a PR

Open the pull request

gh pr create --title "my fix" --base main

Or open it on GitHub. After every push, GitHub usually shows a one-click banner to create the PR.

Step 5

PushSafe reviews automatically

Check your PR on GitHub. Review comments should appear within about 30 seconds.

Connecting GitHub

Connecting GitHub to PushSafe

Install PushSafe

Go to `pushsafe.xyz/login`.

Click "Connect GitHub".

Authorize PushSafe to access your repos.

You will be redirected to your dashboard.

PushSafe requests these GitHub permissions:

`repo`: read your code and post PR comments
`read:user`: identify your account
`user:email`: save your email for account and waitlist updates

Add your first repo

From your dashboard click "Add Repository".

A modal will show your GitHub repos.

Search for the repo you want to connect.

Load branches, choose the target branch, then click "Add".

PushSafe will register a webhook on that repo. From that point on, every PR opened against the configured target branch can be reviewed automatically.

Managing repos

You can toggle each connected repo active or inactive individually.

`Active`: PushSafe reviews matching PRs.

`Inactive`: reviews are paused for that repo.

To remove a repo, go to `/repos`, click "Remove", and confirm deletion.

Removing a repo deletes its stored review history for that repository.

The free launch plan allows one connected repo.

How Reviews Work

How reviews work

What triggers a review

PushSafe fires on two PR events:

`opened`, when a PR is first created
`synchronize`, when new commits are pushed to an open PR

Every trigger counts as 1 review toward your monthly limit.

PushSafe does not fire on:

Direct pushes to `main`
Closed or merged PRs
Draft PRs, which are not handled yet
PRs with no useful code diff to review
PRs targeting a branch other than the connected repo's configured target branch

What PushSafe checks

PushSafe reviews your diff for:

Bugs

Null or undefined not handled
Missing `await` on async functions
Logic errors and wrong conditions
Off-by-one errors
Unreachable code

Security

Hardcoded API keys or secrets
SQL injection risks
Exposed sensitive data
Insecure dependency guidance is planned later

Warnings

Missing error handling
Unhandled promise rejections
Deprecated methods
Memory leak risks

Suggestions

Performance improvements
Cleaner alternatives
Missing edge-case handling

What PushSafe ignores

PushSafe deliberately ignores:

Code style and formatting
Indentation and whitespace
Naming conventions
Comment style
Import ordering
Semicolons

These are better handled by your formatter and linter. PushSafe aims for low noise and high signal.

Re-reviews on new commits

Every time you push new commits to an open PR, PushSafe automatically re-reviews the updated diff.

Fix what PushSafe flagged
Push to your branch
PushSafe reviews again within about 30 seconds
Repeat until clean
Merge with confidence

Each re-review counts as 1 review toward your monthly limit.

Review limits

Free launch plan: 20 reviews per month.

The review counter resets every 30 days.

When you hit the launch limit:

PushSafe posts a comment on your PR to let you know
The review is saved as `limit reached` in your dashboard
You can join the premium waitlist if you want higher limits in the next update

Understanding Comments

Understanding PushSafe comments

Severity levels

PushSafe tags every comment with a severity:

[bug] real bugs that will likely break your app

[security] security vulnerabilities

[warning] risky patterns worth fixing

[suggestion] optional improvements

Inline comments on GitHub

PushSafe posts comments directly on your PR diff on the exact line where the issue is found.

They appear just like a teammate reviewing your code. You can reply to them, resolve them, or ignore them.

Example comment

[bug] line 42 - user can be null here if the sessionhas expired. Add a null check before accessinguser.id or this will throw in production.

Reading your review dashboard

Every review is saved to your PushSafe dashboard at `/reviews`.

Each review shows:

PR title and link back to GitHub
Repo and branch
Review status
Counts for bugs, security issues, warnings, and suggestions
Comments grouped by file

You can also trigger a fresh review from the dashboard for an existing PR.

Git Workflow

Git workflow with PushSafe

Recommended workflow

# 1. start a new feature or fixgit checkout -b fix/your-feature-name# 2. make your changesgit add .git commit -m "describe what you changed"# 3. push the branchgit push origin fix/your-feature-name# 4. open a PR (GitHub shows a banner, one click)gh pr create --title "your title" --base main# 5. wait 30 seconds - PushSafe reviews automatically# 6. fix any issues PushSafe flaggedgit add .git commit -m "fix: address review comments"git push origin fix/your-feature-name# 7. PushSafe re-reviews automatically# 8. merge when cleangh pr merge --squash

Git commands reference

Create a new branch:git checkout -b branch-namePush branch to GitHub:git push origin branch-namePush with upstream set (first time):git push -u origin branch-nameStage all changes:git add .Stage specific file:git add path/to/fileCommit:git commit -m "your message"Amend last commit:git commit --amend --no-editPush after amend:git push origin branch-name --force-with-lease

Using GitHub CLI

GitHub CLI reference

Install GitHub CLI:brew install gh        # macwinget install gh      # windowsAuthenticate:gh auth loginCreate a PR:gh pr create --title "title" --base mainCreate PR with body:gh pr create --title "title" \  --body "description" \  --base mainList open PRs:gh pr listCheck PR status:gh pr statusMerge PR:gh pr merge --squash

Common workflows

Hotfix on main (emergency):git checkout -b hotfix/critical-bug# fix the buggit add .git commit -m "hotfix: fix critical bug"git push origin hotfix/critical-buggh pr create --title "hotfix" --base main# PushSafe reviews -> merge fastFeature work:git checkout -b feature/new-thing# build the feature across multiple commitsgit add .git commit -m "wip: scaffold"git add .git commit -m "feat: core logic"git add .git commit -m "feat: add tests"git push origin feature/new-thinggh pr create --title "feat: new thing" --base main# PushSafe reviews entire diff

Launch Limits

Free launch limits

Free launch

20 PR reviews per month.

Core AI review for bugs, security issues, warnings, and suggestions.

Inline GitHub comments.

Review history on your dashboard.

One connected repo on the current launch plan.

No credit card required.

Premium waitlist

There is no paid checkout in the launch version.

Use `/premium` or the form in `/settings` to join the interest list for higher limits.

If enough users ask for it, a future premium update may include:

More connected repositories
More or unlimited PR reviews
Priority processing

FAQ

Common questions

Does PushSafe work with private repos?

Yes. PushSafe works with both public and private repos. The app reviews pull request diffs and stores the review results in your dashboard.

What language does PushSafe support?

Any language GitHub can render in a PR diff works well in practice, including JavaScript, TypeScript, Python, Go, Rust, Ruby, PHP, and more.

Does PushSafe work with GitLab or Bitbucket?

Not yet. GitHub only for now.

Can I customize what PushSafe looks for?

Not today. The current reviewer uses a fixed standard focused on bugs, security issues, risky patterns, and useful suggestions.

Will PushSafe spam my PRs with comments?

No. The reviewer prompt is tuned to skip style-only feedback and focus on real issues, so the goal is low noise and high signal.

Is my code safe?

PushSafe reviews the pull request diff rather than your whole repository. It sends the diff to the review model and keeps the resulting review data in your account dashboard.

What AI model does PushSafe use?

The current implementation sends diffs to DeepSeek through OpenRouter. The exact model can change later if review quality improves.

How do I trigger a review manually?

Go to `/reviews`, find the PR, and click "Re-review". That manual run counts toward your monthly review limit.

What if PushSafe misses a bug?

PushSafe is a fast first pass on the PR diff, not a replacement for good tests or careful product QA. Cross-file issues can still be missed.

Can I use PushSafe on multiple repos?

The launch plan currently supports one connected repo and 20 reviews per month. Join the premium waitlist if you want higher limits.