Arbor is a pull request review companion. It walks changed code paths and tells solo devs, small teams, and AI agents what might break before merge.

Does Arbor work with GitHub pull requests?

Yes. Arbor installs as a GitHub App, analyzes pull requests, and comments with the breakage path reviewers should inspect.

AI pull request merge check

Catch the bug your AI agent didn't know it wrote

Paste a diff or public GitHub PR URL. Arbor finds the almost-right failure path, writes the review comment, and hands your coding agent the exact test to fix first.

Analyze a PR Install GitHub App Read docs Try examples

PR URLor pasted diff

0code stored

3agent exports

sharerisk card

Almost Right scan - #184checkout-webhook

This PR looks reasonable, but it can double-charge a retry path that the generated tests never touched.

src/billing/checkout.ts

Looks like a small price lookup change, but it now writes billing state before Stripe confirms.

Replay checkout success, duplicate webhook, and existing trial renewal before merge.

src/api/stripe/webhook.ts

Retry worker now runs inside the webhook path and can double-apply invoice side effects.

Add the idempotency regression test the agent skipped.

agent-handoff.md

Codex, Claude Code, or Cursor can receive a scoped repair prompt instead of wandering the repo.

Patch the risky branch first. Stop when the regression test passes.

Agent handoff

almost_right_score: 84/100likely_break: duplicate invoice retry for existing customersagent_next: write idempotency test before changing more files

Free merge-confidence tool

Can you merge this AI-written PR?

Paste a diff or public GitHub pull request URL. Arbor maps the almost-right failure path, writes the PR comment, and exports a scoped handoff for Codex, Claude Code, or Cursor.

Public PR URLNo signupNo code storageAgent handoff

Shareable risk card

High-risk change: billing/payment path

Almost-right trap likely

Existing checkout, invoice, subscription, or webhook state around src/billing/checkout.ts.

100Almost right

16%Confidence

Sample: Stripe webhook | no source code stored in this card

InputPublic PR URL or unified diff

diff --git a/src/billing/checkout.ts b/src/billing/checkout.ts
index 7c42a1d..ad9114c 100644
--- a/src/billing/checkout.ts
+++ b/src/billing/checkout.ts
@@ -18,8 +18,15 @@ export async function createCheckoutSession(user, plan) {
-  const priceId = PRICE_IDS[plan]
-  return stripe.checkout.sessions.create({ line_items: [{ price: priceId, quantity: 1 }] })
+  const priceId = await resolvePriceId(user.accountId, plan)
+  await db.billingEvents.insert({ userId: user.id, plan, status: "pending" })
+  return stripe.checkout.sessions.create({
+    customer: user.stripeCustomerId,
+    line_items: [{ price: priceId, quantity: 1 }],
+    success_url: process.env.NEXT_PUBLIC_APP_URL + "/dashboard/billing/success",
+  })
 }

diff --git a/src/api/stripe/webhook.ts b/src/api/stripe/webhook.ts
index 0c4bdb2..bd42ab1 100644
--- a/src/api/stripe/webhook.ts
+++ b/src/api/stripe/webhook.ts
@@ -33,6 +33,7 @@ export async function POST(req) {
   const event = stripe.webhooks.constructEvent(body, sig, secret)
+  await queueInvoiceRetry(event.data.object.customer)
   return Response.json({ received: true })
 }

OutputHigh-risk change: billing/payment path

100Almost right risk

Almost-right trap likely16% merge confidence

High-risk change: billing/payment path

Existing checkout, invoice, subscription, or webhook state around src/billing/checkout.ts.

First check: Add or update one regression test for the riskiest branch before merge.

2Files

+8Added

-2Removed

2Chunks

Shareable risk card

High-risk change: billing/payment path

Almost-right trap likely

Existing checkout, invoice, subscription, or webhook state around src/billing/checkout.ts.

100Almost right

16%Confidence

Sample: Stripe webhook | no source code stored in this card

Billing/payment pathhigh

src/billing/checkout.ts, src/api/stripe/webhook.ts

Database/data contracthigh

src/billing/checkout.ts

Network/API boundarymedium

src/api/stripe/webhook.ts

Async/job pathmedium

src/api/stripe/webhook.ts

Config/runtime surfacemedium

src/billing/checkout.ts

User-facing UIlow

src/billing/checkout.ts

Checks before merge

Add or update one regression test for the riskiest branch before merge.Run the smallest checkout, webhook replay, or invoice-state test that covers the changed branch.Check plan/price IDs, retry behavior, and duplicate event handling before merge.Confirm the migration or query is backward-compatible with existing rows.Run the changed read/write path against an empty state and a realistic existing record.Confirm production env defaults exist and local fallbacks cannot mask a missing secret.Run the build or boot command that consumes the changed config.Open the touched screen on mobile and desktop and check loading, empty, and error states.

Viral wedge

Paste the PR before you trust it.

Arbor is useful before setup: public PR URLs, pasted diffs, and shareable risk cards make it easy to drop into a review thread, Discord, or an agent prompt.

Upgrade path

Install only when the habit sticks.

The GitHub App turns this same map into automatic PR comments, saved dashboard runs, and repo-specific policies. The free tool earns the trust first.

60-second product demo

Watch Arbor turn a tiny diff into a useful review plan.

The point is not another giant report. The point is one PR comment that tells a human and an AI agent where the change reaches, what might break, and which test or patch should happen next.

arbor-botcommented just now

For the solo dev

You get the side effects you did not have time to trace manually: billing, auth, jobs, emails, CLI commands, and shared helpers.

For AI agents

Agents can read the Arbor brief before they keep editing, then limit their next patch to the risky path and generate the missing test first.

For tiny teams

Reviewers see the exact regression to test instead of re-learning the whole codebase in the PR thread.

How it works

From diff to breakage brief in four steps.

Arbor keeps the hard analysis deterministic, then turns the result into review context that humans and agents can both use.

Step 01

Read the PR

Arbor starts from the diff, changed symbols, imports, and framework entry points. It builds the local map reviewers usually reconstruct by hand.

arbor-walk

// PR #184
changed:
  - billing/checkout.ts
  - billing/plan-id.ts
entrypoints:
  - POST /checkout
  - POST /webhooks/stripe

Agent idea: Arbor as the pre-edit context server.

Before an AI agent edits a repo, it can ask Arbor for the PR's breakage brief. Arbor returns changed paths, likely side effects, unknown edges, and the first test to write. That keeps agent work grounded in the code graph, not just the prompt.

Capabilities

Built for devs and agents moving faster than review.

Arbor is the deterministic context layer between a PR and the next edit. It tells you what the change touches, what might break, and how to hand that context to a human reviewer or AI agent.

Breakage path tracing

Trace from changed code into routes, jobs, webhooks, commands, shared helpers, billing flows, auth flows, and data writes.

Diff -> path -> side effectKnown unknowns shownNo vague verdicts

Agent-ready briefs

Give AI coding agents a compact handoff: risky files, likely side effects, unknown edges, first test to write, and where to stop.

JSON/YAML handoffPatch scopeTest-first next action

PR comments people read

One short review note with the paths that matter. No spreadsheet, no giant dashboard detour, no ceremony.

Test suggestions

Arbor names the regression test or manual check that best matches the path it found.

Small-team path heat

See the downstream files and workflows touched by a change before the reviewer has to mentally page in the repo.

Honest unknowns

Dynamic imports, generated files, and unresolved edges stay visible so nobody treats a partial walk as a full answer.

Open graph core

The Rust parsing and graph pieces are inspectable, so advanced users can understand what Arbor saw.

Framework entrypoints

Next.js, Express, FastAPI, Axum, Spring, and other stacks get real route and handler detection before the walk starts.

Deterministic run

The same code produces the same structural walk, which makes the brief useful to both humans and automation.

AI agent workflow

Give agents a map before they touch the repo again.

Arbor can be used as a pre-edit context source: run the PR walk, pass the compact brief to the agent, then let the agent write the missing test or constrained patch with less wandering.

Question

Arbor answers

AI agent uses it to

Reviewer gets

What changed?

Changed symbols, affected entrypoints, and downstream call paths.

Reads the Arbor brief before writing another patch.

Checks the small set of files that actually matter.

What might break?

Billing, auth, data, jobs, emails, CLI commands, and shared helpers touched by the diff.

Generates the missing regression test first.

Reviews the side effect instead of the whole repo.

What is unknown?

Dynamic imports, generated code, unresolved edges, and confidence limits.

Stops or asks for a human decision at unknown boundaries.

Sees where judgment is still needed.

Why Arbor

Tests pass. AI says LGTM. The side effect is still hiding.

Arbor exists for the gap between a clean diff and the thing it accidentally touches three calls later. It gives humans and agents the map before the merge.

Understands the impact pathYes

Arbor

Walks changed code through routes, jobs, helpers, and downstream side effects.

Partial

Typical review

Usually summarize the diff or flag individual files.

Gives agents useful constraintsYes

Arbor

Returns scope, likely breakage, unknown edges, and the first test to write.

Typical review

Agents often keep editing from prompt context alone.

Helps tiny teams review fasterYes

Arbor

Compresses repo context into one note reviewers can act on immediately.

Partial

Typical review

Senior reviewers still reconstruct the path manually.

Names the unknownsYes

Arbor

Dynamic imports and unresolved edges stay visible in the PR.

Typical review

Uncertainty often gets hidden behind confident prose.

Works before mergeYes

Arbor

Posts while the PR is still fresh and fixable.

Partial

Typical review

Runtime tools catch the fallout later.

Language support

14 languages. Real AST parsing.

Syntax-accurate parsing for every supported language. The graph is built from actual function definitions, call sites, and imports.

TypeScript.ts .tsx

JavaScript.js .jsx

Python.py

Rust.rs

Go.go

Java.java

C#.cs

Ruby.rb

PHP.php

Swift.swift

Kotlin.kt

C / C++.c .cpp .h

Scala.scalabeta

Elixir.ex .exsbeta

Framework-aware entry points

Next.jsTypeScript

App Router, Pages API, Middleware

ExpressJavaScript

Route handlers, Middleware chains

FastAPIPython

Endpoint decorators, Dependencies

SpringJava

Controllers, REST resources

AxumRust

Handlers, Extractors, Layers

Gin / EchoGo

Handler funcs, Group routing

Every language uses a dedicated grammar for precise AST parsing. No regex, no line-level matching, no heuristics.

Open source core

The graph engine is open. Inspect what Arbor sees.

Parsing and graph construction are open-source Rust crates. Read the code, run it locally, verify the call graph.

arbor-coreLanguage parsing for 14 languages

crate

arbor-graphCall graph engine + reachability analysis

crate

MIT licensedUse it in your own tooling

license

View on GitHub

example.rs

1use arbor_graph::ArborGraph;
2
3// Parse the repository into a call graphlet graph = ArborGraph::from_directory("./src")?;
4
5// Walk upstream from a changed functionlet impact = graph.analyze_impact(node_id, 5);
6
7// Every caller, callee, and transitive pathfor upstream in &impact.upstream {    println!("{} → {} ({} hops)",        upstream.node_info.name,        upstream.node_info.file,        upstream.hop_distance,    );}

RustUTF-8 | LF

Pricing

Free for everyone.

Public beta — all repos, all features, no credit card. Paid plans come later. You'll hear from us before anything changes.

Public beta

$0forever, for now

Every feature, every repo type. Install and start getting PR breakage notes today.

Install free — public and private

Using Arbor on a private repo? Tell us it's working →

Public and private repos

Full PR breakage path comment

Changed files → reachable sinks map

Auth, payments, database, PII surfaces

Agent handoff brief

14 languages (JS/TS, Python, Go, Rust, Java, and more)

Run history + dashboard

No credit card, no limits during public beta

Private repo users: we'll ask for feedback before anything changes.

FAQ

Common questions.

How Arbor walks PRs, how agents can use the brief, and how it fits a small-team workflow.

No LLM judgment

Can agents use it anyway?

Yes. Arbor produces the grounded brief; an agent can use that brief to write tests or keep a patch scoped.

Repo handling

Does Arbor run my code?

No. The worker parses and walks source structure. It does not execute your app, tests, install scripts, or runtime commands.

Failure mode

What if the map is incomplete?

The missing edge is named in the PR so a reviewer or agent knows where the uncertainty is.

01What does Arbor actually do?

02Is this replacing code review?

03How do AI agents use Arbor?

04Does Arbor use an LLM to judge code?

05What happens when Arbor cannot fully resolve the graph?

06What data does Arbor need from my repo?

07What kind of repos is this for?

08How fast is it?

09Can I customize the paths Arbor cares about?

10What if I exceed plan limits?

11Can I cancel?

Product notes

Follow the PR breakage rollout.

Product changelogs, agent workflow notes, and examples from real PR walks.

No spamUnsubscribe anytimeEngineering-only content

Catch the bug your AI agent didn't know it wrote

Paste a diff or public GitHub PR URL. Arbor finds the almost-right failure path, writes the review comment, and hands your coding agent the exact test to fix first.

PR URLor pasted diff

0code stored

3agent exports

sharerisk card

Checks before merge

Add or update one regression test for the riskiest branch before merge.

Run the smallest checkout, webhook replay, or invoice-state test that covers the changed branch.

Check plan/price IDs, retry behavior, and duplicate event handling before merge.

Confirm the migration or query is backward-compatible with existing rows.

Run the changed read/write path against an empty state and a realistic existing record.

Confirm production env defaults exist and local fallbacks cannot mask a missing secret.

Run the build or boot command that consumes the changed config.

Open the touched screen on mobile and desktop and check loading, empty, and error states.

1use arbor_graph::ArborGraph; 2 3// Parse the repository into a call graphlet graph = ArborGraph::from_directory("./src")?; 4 5// Walk upstream from a changed functionlet impact = graph.analyze_impact(node_id, 5); 6 7// Every caller, callee, and transitive pathfor upstream in &impact.upstream { println!("{} → {} ({} hops)", upstream.node_info.name, upstream.node_info.file, upstream.hop_distance, );}