autofix.ci logo

autofix.ci automatically fixes pull requests to increase developer productivity.

  Install on GitHub

How It Works

1. Define a GitHub Actions workflow.

Run your favorite code-fixing tools, then call autofix.ci.

name: autofix.ci
on: [ push, pull_request ]
jobs:
  autofix:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - run: cargo fmt
      - uses: autofix-ci/action@ff86a557419858bb967097bfc916833f5647fa8c

2. Receive automatic fixes.

autofix.ci securely updates your pull requests if necessary.

a screenshot showing automated commits on GitHub
  See Example Actions

Features

  • Works with your existing linters, formatters, bundlers, compilers, or other code fixers.
  • No configuration: Simply call the autofix.ci action when you want to update the pull request.
  • Supports all pull requests (including from forks) and branches without branch protection.

Used By

logo of MermaidMermaid logo of NuxtNuxt logo of Vue.jsVue.js logo of TanStackTanStack logo of mitmproxymitmproxy logo of tRPCtRPC logo of SlidevSlidev logo of Langflow AILangflow AI logo of React NavigationReact Navigation logo of TabbyMLTabbyML logo of UnoCSSUnoCSS logo of oxcoxc logo of BunBun logo of UnJSUnJS logo of pdocpdoc and many more.

FAQ

Why is this useful?

  • Pull Requests are often blocked on relatively trivial issues such as code formatting or leftover imports. Fixing these details is expensive as it requires additional roundtrips and context switching. autofix.ci automatically fixes such problems, unblocking development flow.

Why does this require an app?

  • For security reasons, pull requests from forked repositories do not have any write permissions which they could use to update themselves. The autofix.ci app provides pull requests with tightly-locked self-update capabilities. Alternative approaches such as processing untrusted code in pull_request_target or passing around personal access tokens are highly dangerous to outright insecure.

Which platforms are supported?

  • autofix.ci supports GitHub Actions only.

Does it work for all commits?

  • For safety reasons, autofix.ci will not apply patches if the last four commits have been authored by a bot. This avoids infinite loops with bots continuously correcting each other.

What happens under the hood?

  • When you invoke the autofix.ci action, it will git diff the current repository, create an autofix.json file containing all changes, upload this file as a GitHub Actions artifact, and notify the autofix.ci server.
  • The autofix.ci server fetches autofix.json from GitHub, validates its contents, and pushes a new commit to the pull request branch using its GitHub App credentials.

Is it secure?

  • Yes, because we keep autofix.ci's GitHub authentication token away from potentially untrusted actions. By using autofix.ci, you only provide your auto-fixing workflow with the capability to update the pull request branch once. Please see autofix.ci/security for details.

Who is behind autofix.ci?

If your question is not answered here, please open a GitHub issue or reach out to supportnoreply@test@autofix.ci.