Getting Started with Bop

This guide walks you through installing Bop, configuring your API key, and running your first code review. You’ll be up and running in under a minute.

Prerequisites

LLM API Key: An Anthropic API key is all you need to get started. Additional providers (OpenAI, Gemini, Ollama) are optional.
Git: Bop works with Git repositories
GitHub Token (optional): Required for PR reviews and GitHub integration

Installation

macOS (Homebrew)

1
brew install delightfulhammers/tap/bop

Linux (AMD64)

1
2
3
curl -LO https://github.com/delightfulhammers/homebrew-tap/releases/latest/download/bop-linux-amd64.tar.gz
tar xzf bop-linux-amd64.tar.gz
sudo mv bop bop-mcp /usr/local/bin/

Linux (ARM64)

1
2
3
curl -LO https://github.com/delightfulhammers/homebrew-tap/releases/latest/download/bop-linux-arm64.tar.gz
tar xzf bop-linux-arm64.tar.gz
sudo mv bop bop-mcp /usr/local/bin/

Windows

Download from GitHub Releases, extract the zip, and add the directory to your PATH.

Verify Installation

1
bop --version

Configuration

Bop works out of the box with minimal configuration. You just need one API key.

Option 1: Environment Variables (Recommended for Getting Started)

Set your API key as an environment variable:

1
2
3
4
5
# One API key is all you need
export ANTHROPIC_API_KEY="sk-ant-..."

# For GitHub PR reviews (optional)
export GITHUB_TOKEN="ghp_..."

Add these to your shell profile (~/.bashrc, ~/.zshrc, etc.) to persist them.

Want more providers? You can optionally add OpenAI (OPENAI_API_KEY), Gemini (GEMINI_API_KEY), or Ollama for multi-provider reviews. See the Configuration Guide.

Option 2: Configuration File

Create a project-level config at bop.yaml or .bop.yaml in your repo root, or a user-level config at ~/.config/bop/bop.yaml:

1
2
3
4
providers:
  anthropic:
    enabled: true
    apiKey: ${ANTHROPIC_API_KEY}  # References environment variable

See the Configuration Guide for all options.

Your First Review

Review a Local Branch

Navigate to your Git repository and run:

1
2
3
4
5
6
7
8
# Review current branch against main
bop review branch

# Review a specific branch against main
bop review branch feature/my-feature

# Review against a different base
bop review branch --base develop

Bop will:

Compute the diff between your branch and the base
Send the changes to the configured reviewer
Generate findings with severity levels and suggestions
Output results to the review-output/ directory

Review a GitHub Pull Request

1
2
3
4
5
6
7
8
# Using PR number (infers owner/repo from git remote)
bop review pr 123

# Using full reference
bop review pr owner/repo#123

# Using URL
bop review pr https://github.com/owner/repo/pull/123

Understanding the Output

Bop generates three output files:

Format	File	Use Case
Markdown	`review-*.md`	Human-readable findings
JSON	`review-*.json`	Programmatic processing
SARIF	`review-*.sarif`	CI/CD integration, IDE support

Each finding includes:

Severity: critical, high, medium, or low
Category: security, bug, performance, maintainability, etc.
Location: File path and line numbers
Description: What the issue is
Suggestion: How to fix it

Example Output

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
## Finding: SQL Injection Vulnerability

**Severity**: critical
**Category**: security
**File**: src/db/queries.go:45-48

The query concatenates user input directly into SQL:

    query := "SELECT * FROM users WHERE id = " + userID

**Suggestion**: Use parameterized queries:

    query := "SELECT * FROM users WHERE id = $1"
    db.Query(query, userID)

Next Steps

CLI Reference - Learn all CLI commands and flags
MCP Integration - Use Bop with Claude Code or Cursor
GitHub Actions - Automate PR reviews
Configuration - Customize reviewers and behavior
Reviewer Personas - Understand built-in and custom reviewers

Documentation