Quickstart
Getting started with Patchwork in 5 minutes
Patchwork is a command-line interface. It can be used in your local terminal, IDE or as part of a CI/CD pipeline.
Installation
Using Pip
PatchWork is available on PyPI and can be installed using pip:
pip install 'patchwork-cli[all]' --upgrade
The following optional dependency groups are available.
- security: installs semgrep and depscan with
pip install 'patchwork-cli[security]'
and is required for AutoFix and DependencyUpgrade patchflows. - rag: installs chromadb with
pip install 'patchwork-cli[rag]'
and is required for the ResolveIssue patchflow. - notifications: Used by steps sending notifications, e.g. slack messages.
- all: installs everything.
- not specifying any dependency group (
pip install patchwork-cli
) will install a core set of dependencies that are sufficient to run the GenerateDocstring, PRReview and GenerateREADME patchflows.
Using Poetry
PatchWork is built using Poetry, a dependency management and packaging tool for Python. To install PatchWork using Poetry, follow these steps:
-
Make sure you have Poetry installed. If you don’t have it installed, you can install it by running:
curl -sSL https://install.python-poetry.org | python3 -
-
Clone the PatchWork repository:
git clone https://github.com/patched-codes/patchwork.git
-
Navigate to the project directory:
cd patchwork
-
Activate a shell using virtual environment:
poetry shell
-
Install the dependencies using Poetry:
poetry install --all-extras
PatchWork CLI
The CLI runs Patchflows, as follows:
patchwork <Patchflow> <?Arguments>
Where
- Arguments: Allow for overriding default/optional attributes of the Patchflow in the format of
key=value
. Ifkey
does not have any value, it is considered a booleanTrue
flag.
Example
For an AutoFix patchflow which patches vulnerabilities based on a scan using Semgrep:
patchwork AutoFix openai_api_key=<YOUR_OPENAI_API_KEY> github_api_key=<YOUR_GITHUB_TOKEN>
The above command will default to patching code in the current directory, by running Semgrep to identify the vulnerabilities.
You can take a look at the default.yml
file for the list of configurations you can set to manage the AutoFix patchflow. You will need to pass your own openai_api_key
to call the LLM. Otherwise, to get started, you can get a patched_api_key
for free by
by signing in at https://app.patched.codes/signin and generating an API key from the integrations tab. You can then call the patchflow with the key as follows:
patchwork AutoFix patched_api_key=<YOUR_PATCHED_API_KEY> github_api_key=<YOUR_GITHUB_TOKEN>
Similarly, to use Google’s models you can set the google_api_key
and model
, this is useful if you want to work with large contexts as the gemini-pro-1.5
model supports a input context length of 1 million tokens.
The patchwork-configs repository contains the default configuration and prompts for all the patchflows. You can clone that repo and pass it as a flag to the CLI:
patchwork AutoFix --config /path/to/patchwork-configs/patchflows