Reviewer Personas

Bop uses reviewer personas to provide focused, expert-level code review. Each reviewer has a distinct focus area and set of categories they prioritize.

Built-in Reviewer

Bop ships with a single default reviewer that works out of the box with one API key.

Default Reviewer

Property	Value
Provider	Anthropic (Claude)
Weight	1.0
Persona	None (uses `review.instructions`)

The default reviewer performs a comprehensive review guided by the review.instructions block in your config. It covers security, bugs, code quality, architecture, and performance in a single pass.

This design means you get broad coverage with just one API key. For specialized, deeper reviews, configure custom reviewers below.

Using Reviewers

Default Behavior

By default, Bop uses the built-in default reviewer:

1
2
defaultReviewers:
  - default

Selecting Specific Reviewers

1
2
3
4
5
6
7
8
# Use a specific custom reviewer
bop review branch --reviewers security

# Use multiple reviewers
bop review branch --reviewers security,performance

# Use all your custom reviewers
bop review branch --reviewers security,architecture,performance

In Configuration

1
2
3
4
# bop.yaml or .bop.yaml
defaultReviewers:
  - default
  - security

Creating Custom Reviewers

Define custom reviewers in your bop.yaml or .bop.yaml to get specialized, deeper reviews.

Example: Security Reviewer

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
reviewers:
  security:
    provider: anthropic
    weight: 1.5
    persona: |
      You are a security engineer focusing on OWASP Top 10,
      authentication, authorization, and injection vulnerabilities.
    focus:
      - security
      - authentication
      - authorization
    ignore:
      - style
      - documentation

Example: Architecture Reviewer

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
reviewers:
  architecture:
    provider: openai
    weight: 1.0
    persona: |
      You are a software architect focusing on SOLID principles,
      design patterns, and long-term maintainability.
    focus:
      - maintainability
      - architecture
      - complexity
    ignore:
      - performance

Example: Performance Reviewer

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
reviewers:
  performance:
    provider: gemini
    model: gemini-3-flash-preview  # Use faster model
    weight: 1.0
    persona: |
      You are a performance engineer focusing on N+1 queries,
      algorithm complexity, and resource management.
    focus:
      - performance
      - scalability
      - resource_management
    ignore:
      - style
      - documentation

Example: Multi-Reviewer Panel

Combine multiple specialized reviewers for comprehensive coverage:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
reviewers:
  default:
    provider: anthropic
    weight: 1.0

  security:
    provider: anthropic
    weight: 1.5
    persona: |
      You are a security engineer focusing on OWASP Top 10,
      authentication, authorization, and injection vulnerabilities.
    focus:
      - security
      - authentication
      - authorization
    ignore:
      - style
      - documentation

  architecture:
    provider: openai
    weight: 1.0
    persona: |
      You are a software architect focusing on SOLID principles,
      design patterns, and long-term maintainability.
    focus:
      - maintainability
      - architecture
      - complexity

  performance:
    provider: gemini
    model: gemini-3-flash-preview
    weight: 1.0
    persona: |
      You are a performance engineer focusing on N+1 queries,
      algorithm complexity, and resource management.
    focus:
      - performance
      - scalability
      - resource_management

defaultReviewers:
  - security
  - architecture
  - performance

Example: Domain-Specific Reviewer

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
reviewers:
  api-design:
    provider: openai
    model: gpt-4o
    weight: 1.2
    persona: |
      You are an API design expert focusing on REST best practices,
      GraphQL patterns, and API versioning strategies.

      Key areas:
      - HTTP method semantics
      - Resource naming conventions
      - Error response formats
      - Pagination patterns
      - Rate limiting considerations
      - API documentation quality
    focus:
      - architecture
      - documentation

Example: Test Quality Reviewer

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
reviewers:
  test-quality:
    provider: anthropic
    weight: 1.0
    persona: |
      You are a test engineering expert focusing on test quality,
      coverage, and maintainability.

      Look for:
      - Missing edge case tests
      - Flaky test patterns
      - Test isolation issues
      - Assertion quality
      - Mock/stub overuse
      - Test readability
    focus:
      - test_coverage
      - maintainability
    ignore:
      - performance
      - style

Reviewer Properties

provider (required)

The LLM provider to use for this reviewer:

anthropic - Claude models
openai - GPT models
gemini - Gemini models
ollama - Local models

model (optional)

Override the provider’s default model:

1
2
3
4
reviewers:
  fast-security:
    provider: gemini
    model: gemini-3-flash-preview  # Faster than default

weight (optional)

Influence in consensus merging (default: 1.0):

1.5 - Higher influence (findings prioritized)
1.0 - Normal influence
0.5 - Lower influence (findings deprioritized)

Weights affect how duplicate findings are merged when multiple reviewers identify the same issue.

persona (optional)

Instructions that define the reviewer’s expertise and focus. The built-in default reviewer has no persona and uses review.instructions instead.

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
persona: |
  You are a [role] focusing on [areas].

  Key concerns:
  - [Concern 1]
  - [Concern 2]

  Look for:
  - [Pattern 1]
  - [Pattern 2]

focus (optional)

Categories this reviewer prioritizes:

1
2
3
4
focus:
  - security
  - bug
  - error_handling

ignore (optional)

Categories this reviewer skips:

1
2
3
ignore:
  - style
  - documentation

Available Categories

Use these categories in focus and ignore:

Category	Description
`security`	Security vulnerabilities
`bug`	Logic errors and bugs
`test_coverage`	Missing or inadequate tests
`maintainability`	Code maintainability issues
`architecture`	Architectural concerns
`performance`	Performance problems
`error_handling`	Error handling issues
`observability`	General observability
`logging`	Logging-specific issues
`metrics`	Metrics-specific issues
`tracing`	Distributed tracing
`style`	Code style and formatting
`documentation`	Documentation quality

Consensus and Merging

When multiple reviewers are used, Bop merges their findings using a consensus algorithm:

Fingerprinting: Findings are fingerprinted based on file, line range, and description
Grouping: Similar findings are grouped together
Weighting: Reviewer weights influence which description/severity is kept
Deduplication: Semantic deduplication removes near-duplicates

Example

If both security and architecture reviewers flag the same code:

1
2
Security (weight 1.5): "SQL injection vulnerability" (critical)
Architecture (weight 1.0): "String concatenation in query" (high)

The merged finding will:

Use the security reviewer’s description (higher weight)
Keep severity as critical
Note agreement from multiple reviewers

Best Practices

Start with the default: The built-in reviewer covers most needs with one API key
Add reviewers incrementally: Start with one custom reviewer for your biggest concern (e.g., security)
Adjust weights: Increase weight for your most important concerns
Use focus/ignore: Prevent reviewer overlap and reduce noise
Keep personas focused: Shorter, focused personas produce better results
Test your reviewers: Run reviews and iterate on personas based on quality

Documentation