Code Analysis
Connect your repository to enable deeper analysis and more targeted test generation.
Why Connect Your Repository?
While OpenQA can test any application with just a URL, connecting your repository enables:
Structure Understanding
Understands your project structure, routes, and components
Code-Aware Tests
Generates tests that match your actual code patterns
Vulnerability Detection
Identifies potential security issues in source code
Change-Based Testing
Focuses tests on recently changed code
Connect a Repository
Via API
# Connect a GitHub repository
curl -X POST http://localhost:3000/api/saas-config/repository \
-H "Content-Type: application/json" \
-d '{"url": "https://github.com/myorg/my-app"}'
# Connect a GitLab repository
curl -X POST http://localhost:3000/api/saas-config/repository \
-H "Content-Type: application/json" \
-d '{"url": "https://gitlab.com/myorg/my-app"}'Via Local Path
If your code is already on the machine:
curl -X POST http://localhost:3000/api/saas-config/local-path \
-H "Content-Type: application/json" \
-d '{"path": "/path/to/your/project"}'What Gets Analyzed
When you connect a repository, the Brain analyzes:
| Aspect | What It Finds |
|---|---|
| Project Structure | Directories, entry points, configuration files |
| Dependencies | package.json, requirements.txt, Gemfile, etc. |
| Routes/Endpoints | API routes, page routes, middleware |
| Components | React/Vue/Angular components, forms, inputs |
| Database | Schema files, migrations, models |
| Security | Auth patterns, input validation, sanitization |
Analysis Output
After analysis, you can see what the Brain learned:
curl http://localhost:3000/api/brain/analyze
# Response:
{
"understanding": "Next.js e-commerce app with Stripe integration",
"techStack": {
"framework": "Next.js 14",
"database": "PostgreSQL with Prisma",
"auth": "NextAuth.js",
"payments": "Stripe"
},
"routes": [
"/", "/products", "/cart", "/checkout", "/api/..."
],
"suggestedTests": [
"Test Stripe webhook handling",
"Test NextAuth session management",
"Test Prisma query edge cases"
],
"risks": [
"SQL injection in search query",
"Missing CSRF protection on checkout"
]
}Supported Languages
Privacy & Security
🔒 Your code stays local. OpenQA clones your repository to the local machine and analyzes it there. Code is never sent to external servers. The LLM only receives summarized information about your code structure, not the actual source code.