How it works
What MergeGuard does on your pull requests and merge requests—no setup jargon.
MergeGuard reviews the code you changed in a pull request or merge request, then posts feedback where your team already reviews: a summary plus comments on specific lines.
Automatic reviews
When you open or update a PR/MR, MergeGuard reads the diff, scores risk, lists recommended fixes, and adds inline comments on changed lines when possible.
Security scanning
Every review can include OSV dependency CVEs and Trivy filesystem findings in the main summary. On Pro+ plans, when a PR changes a Dockerfile, MergeGuard also enqueues an async container image scan—your review posts immediately, and image CVEs arrive in a follow-up comment. See Container image scan →.
Test generation
When changed source files lack matching test updates, MergeGuard adds a Test coverage section to the review summary with a checkbox to use the agent to generate tests. Tick it or reply @mergeguards generate-tests to commit new or extended specs on your branch. See Test generation →.
On-demand commands
You can ask for another pass or a deeper scan, or apply a fix from an inline thread. See Command reference.
GitHub vs GitLab
| GitHub | GitLab |
|---|---|
| Install the MergeGuards GitHub App | Sign in with GitLab and connect a project on the dashboard |
| Summary on the Conversation tab | Summary on the MR Overview tab |
| Inline comments on Files changed | Inline threads on the Changes tab |
What we need from you
- GitHub: Install the app on the repos you want reviewed. Install guide →
- GitLab: Maintainer access on the project you connect. Connect guide →