Code Review Assistant for Bitbucket

for Bitbucket Server 7.8.0 - 8.8.2, Bitbucket Data Center 7.8.0 - 8.8.2 and more
237 installs
  • Supported

Shows compiler warnings, static code analysis results & OWASP vulnerable dependencies in PRs to fight quality and security issues

YouTube's thumbnail image for the video.

Shows Compiler and Code Analysis results in PRs

Analyzes build logs and shows compiler (e.g., Java deprecation warnings) and code analysis results (e.g., PMD, ESLint, Checkstyle, ShellCheck, PHPStan, Ktlint) right in a PR, so developers can fix issues before merging.

Shows OWASP dependency vulnerabilities

Shows OWASP dependency scan vulnerability results from the build logs right in your pull requests - including links to the CVE reports. Prevent sneaking security vulnerabilities into your main branch!

Enforces quality requirements with Merge Checks

Provides merge checks for the Compiler and Code Analysis tools to prevent merging in case a configurable threshold of violations is exceeded. Do not allow quality issues to sneak in your main branch!

More details

Show Compiler, Code Analysis and OWASP dependency vulnerability results in your Pull Requests to prevent code quality and security issues.

Currently supported:

  • Compilers:
    • Java
    • Scala
    • TypeScript
  • Code Analyzers:
    • PMD
    • Checkstyle
    • ESLint
    • PHP CodeSniffer
    • PHPStan
    • ShellCheck
    • Ktlint
    • Stylelint
    • Golangci-lint

Let us know which Compilers or Analyzers you are missing!

Learn more about how to prevent vulnerable dependencies in your code base with this app in our community article.

No configuration necessary in Bitbucket, it just requries that you execute the Compilers and Analyzers in your CI system (Jenkins and Bamboo supported).

Please check our documentation for more information.

Want to know more? Schedule a live demo!

More apps you'll like:

Privacy and security

Privacy policy

Atlassian's privacy policy is not applicable to the use of this app. Please refer to the privacy policy provided by this app's partner.

Partner privacy policy


This app is not part of the Marketplace Bug Bounty program. Learn more



Shows all found issues with the help of Code Insights.