Agentic code review for a world where agents write all of the code.
Agents now write most of the code on a growing number of teams, at a volume closer to engineers x 100 than x 1. Two things stop teams from fully unlocking that:
- Human diff review does not scale. Asking a 5-person team to review their agents' output is like asking 5 people in a 500-person org to review the other 495. You cannot fix that by trying harder.
- Without review, codebases rot. Things go great until they don't, and then you have a ball of mud nobody can work in.
The usual shape of agentic review hands the whole diff to one reviewer and has it leave comments for a person to act on. As you ask one generic reviewer to check more things, its recall on any single concern collapses, and a more capable model does not change that. A 1-item checklist agent works great; at 10 items it slips; at 100 it is useless.
Bastion runs code review as a set of single-concern reviewers: focused agent prompts, each responsible for exactly one property, run over a changeset. Because each reviewer owns one concern, it stays at high recall; you cover more ground by adding narrow reviewers, never by broadening one. The repository's reviewers run locally (fast, pre-PR) and in CI (authoritative), and their verdicts aggregate into one merge gate; locally you can also add personal user-level reviewers that CI does not run. The human moves from reviewing diffs to authoring, curating, and governing the reviewers.
The bastion CLI is the local surface: an authoring agent loops bastion review
until green, then opens a PR that CI largely just confirms.
For the full motivation, mental model, and threat model, see the core design.
The install scripts detect your platform, download the matching archive from the
latest GitHub release, verify its
SHA-256 checksum, and put bastion on your PATH.
Linux and macOS:
curl -sSfL https://raw.githubusercontent.com/jssblck/bastion/main/scripts/install.sh | bashWindows (PowerShell):
irm https://raw.githubusercontent.com/jssblck/bastion/main/scripts/install.ps1 | iexThe shell installer accepts -v/--version, -b/--bin-dir, -t/--tmp-dir, and
-l/--libc (pass them after bash -s --); the PowerShell installer reads the
Version and BinDir environment variables. Run either with --help /
$env:Help="true" for details. For example, to pin a version and install location:
curl -sSfL https://raw.githubusercontent.com/jssblck/bastion/main/scripts/install.sh | bash -s -- -v 0.1.0 -b /usr/local/binOn Linux the installer autodetects the C runtime: it picks the statically linked
musl build on musl systems and on any host whose glibc is older than 2.35 (or
undetectable), and the glibc build only when the host glibc is 2.35 or newer
(Ubuntu 22.04, Debian 12, RHEL 9, and later). You can force the choice with
--libc gnu|musl (or BASTION_LIBC=...); the musl build has no glibc dependency
and runs anywhere:
curl -sSfL https://raw.githubusercontent.com/jssblck/bastion/main/scripts/install.sh | BASTION_LIBC=musl bashPrefer to do it by hand? Prebuilt binaries for Linux (x86_64 and aarch64, glibc and
musl), macOS (Intel and Apple silicon), and Windows (x86_64) are attached to every
release. Each archive bundles the binary with README.md, LICENSE, and NOTICE,
and the release lists SHA-256 checksums.txt:
# Example: Linux x86_64
curl -sSL https://github.com/jssblck/bastion/releases/latest/download/bastion-x86_64-unknown-linux-gnu.tar.gz | tar -xz
sudo install bastion-x86_64-unknown-linux-gnu/bastion /usr/local/bin/
bastion --versionOn a system with glibc older than 2.35, swap gnu for musl in those URLs to get
the static build.
To build from source instead, you need a Rust 2024 toolchain:
cargo build --release
./target/release/bastion --version- User guide: using Bastion on your project. Concepts, writing reviewers, the local loop, CI, and governance. Start here.
- Developer guide: working on Bastion itself. Architecture, the backend boundary, conventions, and the design references.
The getting-started chapter takes you from install to your first review in about five minutes.
Bastion follows the repository license split described in NOTICE:
runtime software is AGPL-3.0-or-later, while documentation and creative content are
CC-BY-SA-4.0 unless a file says otherwise. See also the
security policy and contributing guide.