Skip to content

patched-admin/patchwork

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
.github/workflows
.github/workflows
 
 
patchwork
patchwork
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
poetry.lock
poetry.lock
 
 
poetry.toml
poetry.toml
 
 
pyproject.toml
pyproject.toml
 
 

Repository files navigation

PatchWork Logo

PatchWork

An open-source framework for patching and managing code repositories using large language models. PatchWork allows you to automate workflows like PR reviews, bug fixing, security patching, and more using a self-hosted CLI agent and your preferred LLMs.

Key Components

  • Steps: A set of reusable atomic actions that define various operations.
  • Patchflows: LLM-assisted automations such as PR reviews, code fixing, debugging.

Patchflows can be run locally in your CLI and IDE, or as part of your CI/CD pipeline.

Installation

Using Pip

PatchWork is available on PyPI and can be installed using pip:

pip install patchwork-cli --upgrade

Using Poetry

PatchWork is built using Poetry, a dependency management and packaging tool for Python. To install PatchWork using Poetry, follow these steps:

  1. Make sure you have Poetry installed. If you don't have it installed, you can install it by running:

    curl -sSL https://install.python-poetry.org | python3 -

  2. Clone the PatchWork repository:

    git clone https://github.com/patched-codes/patchwork.git

  3. Navigate to the project directory:

    cd patchwork

  4. Activate a shell using virtual environment:

    poetry shell

  5. Install the dependencies using Poetry:

    poetry install

PatchWork CLI

The CLI runs Patchflows, as follows:

patchwork <Patchflow> <?Arguments>

Where

  • Arguments: Allow for overriding default/optional attributes of the Patchflow in the format of key=value. If key does not have any value, it is considered a boolean True flag.

Example

For an AutoFix patchflow which patches vulnerabilities based on a scan using Semgrep:

patchwork AutoFix openai_api_key=<YOUR_OPENAI_API_KEY> github_api_key=<YOUR_GITHUB_TOKEN>

The above command will default to patching code in the current directory, by running Semgrep to identify the vulnerabilities.

You can take a look at the default.yml file for the list of configurations you can set to manage the AutoFix patchflow.

PatchWork in CI

You can also run PatchWork in a CI environment with ease:

Jenkins CI

pipeline {
  agent any
    stages {
      stage('Auto Fix Vulnerabilities') {
        steps {
          sh 'pip3 install patchwork'
          sh 'patchwork AutoFix'
      }
    }
  }
}

GitHub Actions

  • Workflow
name: Auto Fix Vulnerabilities

on:
  # Patch files in PRs (diff-aware scanning):
  pull_request: {}
  # Patch on-demand through GitHub Actions interface:
  workflow_dispatch: {}

jobs:
  patchwork:
    # User definable name of this GitHub Actions job.
    name: patchwork/ci
    runs-on: ubuntu-latest

    container:
      # A Docker image with patchwork installed. Do not change this.
      image: patched-codes/patchwork

    steps:
      # Fetch project source with GitHub Actions Checkout.
      - uses: actions/checkout@v3
      # Run the "patchwork" command on the command line of the docker image.
      - run: patchwork AutoFix
  • Action (Available on Github Marketplace)
- name: Auto Fix Vulnerabilities
  uses: patchwork/AutoFix@main

Gitlab CI

patchwork:
  # A Docker image with PatchWork installed.
  image: patched-codes/patchwork
  # Run "patchwork" command on the command line of the docker image.
  script: patchwork AutoFix

  rules:
  # Patch changed files in MRs, (diff-aware patching):
  - if: $CI_MERGE_REQUEST_IID

  # Patch mainline (default) branches and fix all findings.
  - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH

Patchflows

Patchwork comes with a set of predefined patchflows, and more will be added over time. Below is a sample list of patchflows:

  • AutoFix: Generate and apply fixes to code vulnerabilities in a repository.
  • DependencyUpgrade: Update your dependencies from vulnerable to fixed versions.
  • PRReview: On PR creation, extract code diff, summarize changes, and comment on PR.
  • GenerateREADME: Create a README.md file for a given folder, to add documentation to your repository.

Prompt Templates

Prompt templates are used by patchflows and passed as queries to LLMs. Templates contain prompts with placeholder variables enclosed by {{}} which are replaced by the data from the steps or inputs on every run.

Below is a sample prompt template:

{
    "id": "ReviewPR",
    "prompts": [
        {"role": "system", "content": "You are a helpful assistant."},
        {"role": "user", "content": "Create a well-structured message for the pull request body based on a review of the code diff. CODE DIFF - {{prDiff}}"}
    ]
}

Each patchflow comes with an optimized default prompt template. But you can specify your own using the prompt_template_file=/path/to/prompt/template/file option.

Contributing

To create a new patchflow, follow these instructions.

To create a new step, follow these instructions.

About

Automated Development Workflows with LLMs

patched.codes

Resources

Readme

License

AGPL-3.0 license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Python 100.0%