Hey dev.to community! I just launched CodeLens AI — an AI-powered code review tool that automatically reviews every pull request. Connect your GitHub repo Open a PR AI automatically reviews the code Detailed review comment posted on PR Bugs and logic errors SQL injection and security vulnerabilities Performance issues Code quality improvements Next.js + TypeScript NextAuth + GitHub OAuth Supabase
Why We Open-Sourced Our AI Safety Layer When we built the AI safety layer for As You Wish (AYW), we faced a choice: keep it proprietary or open-source it to help the community. Here's why we chose the latter (and why it made our platform stronger). If you're building AI-assisted development tools, you need: Input validation (sanitizing prompts, preventing injection) Output filtering (catching u
If you want to Automate GitHub PRs, the real goal is not just adding another bot comment to a pull request. The goal is to give reviewers the context they usually have to gather manually: who owns the service, whether it is deployed, whether basic repository standards are in place, and whether the change looks safe to merge. A useful AI pull request workflow can do exactly that. When a PR opens, i
How I Used GitHub Actions to Auto-Publish to AMO on Every Release Manually uploading extension files to AMO (Mozilla's Add-On Observatory) is tedious. After the fifth time forgetting to increment the version number, I automated it with GitHub Actions. Here's exactly how I set up the pipeline for the Weather & Clock Dashboard extension. Trigger on new GitHub release Validate the manifest version
If you've tried to follow any AI coding discussion in the last six months, you've probably felt like everyone suddenly started speaking a dialect you never signed up to learn. "Vibe coding." "Agentic workflows." "Context windows." "Prompt engineering." The jargon is multiplying faster than JavaScript frameworks, and that's saying something. Matt Pocock — who you might know from his TypeScript educ
Your generic linter doesn't know the difference between a Server Component and a Client Component. MergeWell does. We've all been there. You open a pull request at 4 PM on a Friday. Your teammate glances at the diff, sees it's a Next.js change, and approves it — because honestly, who has the bandwidth to reason through every App Router edge case under deadline pressure? So you merge. And Saturday
GitHub Copilot just got a lot more complicated — and not in a good way. If you tried to sign up for Copilot Pro recently and hit a wall, that's not a bug. GitHub quietly paused new sign-ups for Copilot Pro, Pro+, and Student plans starting in late April 2026. No end date announced. No workaround offered. Just a message and a door that won't open. That alone would be worth covering. But they made t
I maintain a small open-source project called pubm. pubm is a tool for complex publish and release workflows. Since the project is still small, I use GitHub issues as my planning system. Every feature idea, rough product thought, and future workflow becomes an One of those issues was about release channels: stable, beta, rc, canary, nightly, and how pubm should treat them as first-class release wo