How to use coderabbit for code auditing and does it support deadlock detection? - @coderabbitai

[wangzhong9999]

How do I use coderabbit for code auditing? Are there any operation manuals or instructional videos available? Additionally, can coderabbit detect deadlock issues caused by different transactions accessing the same database table based on the source code?

请问下如何使用 coderabbit 的代码审计，是否有操作文档或指导视频之类的。另外 coderabbit 是否可跟进源代码检测出不同事务访问同一张数据库表导致的死锁缺陷。

[linear[bot]]

ENG-406 How to use coderabbit for code auditing and does it support deadlock detection? - @coderabbitai

[NatoBoram]

The auditing offered by CodeRabbit is limited to code reviews at the moment.

• During code review, CodeRabbit might decide to perform additional validations on the project
• These validations are done using a wide range of CLI tools to help it navigate the project and extract information from text files
• The information found is specifically used in the context of a code review

For deadlock issues, they can be detected if they are obvious, but it doesn't perform a formal proof. A human reviewer is still required to review issues of this level of complexity.

However, it can detect a wide range of security issues such as SQL injections and insufficient user input validations.

Our documentation and guides (including video tutorials) are available at https://docs.coderabbit.ai/