CodeDig
Analyze a PR free

PR risk analysis before merge

CodeDig focuses review attention where it matters: blast radius, risky changes, test gaps, and security-relevant findings before a pull request is approved.

PR Risk Analysis

Every pull request is automatically scored for risk so your team can focus review effort where it matters most. CodeDig evaluates blast radius, complexity delta, and historical failure patterns to surface the PRs that deserve extra scrutiny.

  • Composite risk score combining size, complexity, and change history
  • Blast-radius mapping shows downstream services and consumers affected
  • Test coverage gap detection highlights untested code paths in the diff
  • Complexity trend tracking flags functions growing beyond maintainability thresholds
codedig / pr-risk-analysis

Security Scanning

Catch vulnerabilities before they reach production. CodeDig runs 200+ security rules against every code change, covering OWASP Top 10 categories and language-specific pitfalls. Findings appear inline on the PR with severity ratings and remediation guidance.

  • PII exposure detection across logs, API responses, and database queries
  • SQL injection and NoSQL injection pattern matching
  • Hardcoded secrets, API keys, and credential scanning
  • OWASP Top 10 coverage with language-aware rule sets
codedig / security-scanning

Architectural Intelligence

Understand how your codebase evolves over time. CodeDig builds a living model of your architecture and alerts you when changes drift from established patterns, introducing unwanted coupling or violating module boundaries.

  • Architectural drift detection flags boundary violations in real time
  • Dependency graph analysis reveals hidden coupling between modules
  • Time-travel analysis shows how architecture has changed across releases
  • Module boundary enforcement based on your declared architecture rules
codedig / architectural-intelligence

Test Gap Analysis

Go beyond line-level coverage numbers. CodeDig overlays test coverage data on every PR diff so reviewers can see exactly which new or modified code paths lack tests, and prioritize test writing where risk is highest.

  • Coverage overlay highlights untested lines directly on the PR diff
  • Test-gap cartography maps coverage deserts across the full codebase
  • Risk-weighted gap scoring prioritizes high-impact untested areas
  • Historical gap trend tracking shows whether coverage is improving or declining
codedig / test-gap-analysis

Dead Code Detection

Eliminate maintenance burden by identifying code that is no longer reachable. CodeDig performs cross-file, cross-module analysis to find unused exports, unreachable functions, and orphaned modules that can be safely removed.

  • Unused export and function detection across the entire repository
  • Orphaned module identification for files with no remaining importers
  • Safe-removal confidence scores so you can clean up with certainty
  • PR-level dead code alerts when changes create newly unreachable code
codedig / dead-code-detection

Multi-Language Support

One tool for your whole stack. CodeDig provides deep, language-aware analysis for the most popular backend and frontend languages, with the same rich insights regardless of which language a PR touches.

  • First-class support for C#, TypeScript, Rust, Python, Java, and Go
  • Language-specific security rules tuned to each ecosystem
  • Cross-language dependency tracking in polyglot repositories
  • Unified dashboard view across all languages in your organization
codedig / multi-language-support

Compliance & Audit

Support governed engineering workflows without turning PR review into paperwork. CodeDig helps teams retain risk signals, review decisions, and findings that can support internal audit conversations.

  • Automated audit trail for every PR review and approval
  • Security and review evidence that can support internal control mapping
  • Policy-as-code enforcement for organizational coding standards
  • Exportable review summaries for engineering and security stakeholders
Unified Dashboard with codebase health metrics

GitHub Integration

Get started in under 60 seconds. CodeDig installs as a GitHub App with a single click and requires zero configuration files or CI pipeline changes. Analysis results appear as inline comments directly on your pull requests.

  • 1-click GitHub App install with no config files or CI changes
  • Inline PR comments with risk scores, findings, and remediation tips
  • Status checks that gate merges on security and quality thresholds
  • Organization-wide rollout with per-repo configuration overrides
codedig / github-integration

Ready to ship with confidence?

Start analyzing your pull requests in under 60 seconds. No credit card required.

Analyze a PR freeView Pricing