Documentation Index Fetch the complete documentation index at: https://mintlify.com/lvndry/jazz/llms.txt
Use this file to discover all available pages before exploring further.
Jazz runs in CI/CD pipelines with --output raw and --auto-approve flags, purpose-built for automation. Use Jazz for automated code reviews, release note generation, and other workflow automation in your pipelines.
Why use Jazz in CI/CD Jazz isn’t just a local tool. It’s designed to run in CI/CD environments:
Automated code reviews on every pull requestRelease note generation from commit historySecurity audits on dependenciesDocumentation generation from codeDeploy workflows with pre-checks and smoke tests
Jazz uses --output raw for CI-friendly output and --auto-approve to run without interactive prompts.
Automated code review Every pull request to Jazz gets reviewed by a Jazz agent. The workflow posts inline review comments directly on the PR.
How it works
Installs jazz-ai in the CI runner
Runs a code review workflow against the PR diff
Posts inline review comments directly on the PR - on specific lines, with context
GitHub Actions workflow name : AI Code Review on : pull_request : types : [ opened , synchronize ] issue_comment : types : [ created ] permissions : contents : read pull-requests : write jobs : code-review : runs-on : ubuntu-latest steps : - name : Checkout PR head uses : actions/checkout@v4 with : fetch-depth : 0 - name : Setup Node.js uses : actions/setup-node@v4 with : node-version : "22" - name : Install Jazz run : npm install -g jazz-ai - name : Run code review env : OPENAI_API_KEY : ${{ secrets.OPENAI_API_KEY }} CI : "true" run : | jazz --output raw workflow run code-review --auto-approve --agent ci-reviewer
What the agent checks The review agent analyzes:
Correctness : Logic errors, edge cases, potential bugsSecurity issues : SQL injection, XSS, hardcoded secrets, auth vulnerabilitiesTypeScript best practices : Type safety, null handling, error handlingPerformance concerns : O(n²) algorithms, memory leaks, inefficient queriesCode quality : Readability, maintainability, test coverage
📝 Jazz Code Review src/auth/jwt.ts:45 Potential security issue: Token expiration not validated The refresh token is being used without checking if it has expired. This could allow expired tokens to be used for authentication. Suggested fix: if (refreshToken.expiresAt < Date.now()) { throw new Error('Refresh token expired'); }
The agent posts inline comments on specific lines of code, making it easy to see exactly what needs to be fixed.
Real-world example: Jazz reviews Jazz Jazz uses itself for code review. Every PR to the Jazz repository is reviewed by a Jazz agent:
# .github/workflows/jazz.yml (simplified) - name : Run Jazz code review run : jazz --output raw workflow run code-review --auto-approve --agent ci-reviewer env : OPENAI_API_KEY : ${{ secrets.OPENAI_API_KEY }}
The workflow:
Resolves PR metadata (base SHA, head SHA, PR number)
Checks out the PR head
Runs the code review workflow
Parses the JSON output from the agent
Posts inline review comments on the PR
Security gate The workflow only runs on PRs from the same repository (not forks) to prevent secret exposure:
if : | (github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name == github.repository) || (github.event_name == 'issue_comment' && github.event.issue.pull_request != null && contains(github.event.comment.body, '/jazz-review') && ( github.event.comment.author_association == 'OWNER' || github.event.comment.author_association == 'MEMBER' || github.event.comment.author_association == 'COLLABORATOR' ))
Always implement security gates when running workflows on PRs. Never expose secrets to untrusted code from forks.
Automated release notes Every release gets its notes written by Jazz. The workflow analyzes commits and generates structured release notes.
How it works
Bumps the version and creates a git tag
Runs a Jazz agent to analyze all commits since the last release
Generates release notes grouped by feature area
Creates the GitHub Release with those notes
GitHub Actions workflow name : Release on : workflow_dispatch : inputs : version_type : description : "Version bump type" required : true type : choice options : - patch - minor - major jobs : release : runs-on : ubuntu-latest steps : - name : Checkout repository uses : actions/checkout@v4 with : fetch-depth : 0 - name : Setup Node.js uses : actions/setup-node@v4 with : node-version : "22" - name : Install Jazz run : npm install -g jazz-ai - name : Generate release notes env : OPENAI_API_KEY : ${{ secrets.OPENAI_API_KEY }} CI : "true" run : | jazz --output raw workflow run release-notes --auto-approve --agent release-notes - name : Create GitHub release uses : actions/github-script@v7 with : script : | const fs = require('fs'); const output = fs.readFileSync('/tmp/jazz-release-notes.txt', 'utf8'); // Extract markdown from output and create release
Example release notes # v2.3.0 ## Features - **Auth** : Add JWT refresh token rotation (#234) - **API** : New batch endpoints for bulk operations (#245) - **CLI** : Add `jazz workflow schedule` command (#251) ## Bug Fixes - Fix race condition in payment processing (#239) - Resolve memory leak in long-running workflows (#242) ## Performance - Optimize context window management (40% reduction) (#248) - Cache expensive git operations (#250) ## Documentation - Update authentication guide with refresh flow (#235) - Add CI/CD integration examples (#252) ## Contributors Thank you to all contributors who made this release possible!
No more “what changed in this release?” - Jazz reads the commits, understands the changes, and writes release notes that actually make sense.
Run Jazz in your pipelines You can use Jazz in any CI/CD environment. Here are examples for popular platforms:
GitHub Actions name : AI Code Review on : pull_request jobs : review : runs-on : ubuntu-latest steps : - uses : actions/checkout@v4 with : fetch-depth : 0 - run : npm install -g jazz-ai - name : Run review run : jazz --output raw workflow run my-review --auto-approve env : OPENAI_API_KEY : ${{ secrets.OPENAI_API_KEY }}
GitLab CI code-review : image : node:22 script : - npm install -g jazz-ai - jazz --output raw workflow run code-review --auto-approve --agent ci-reviewer variables : OPENAI_API_KEY : $CI_OPENAI_API_KEY only : - merge_requests
CircleCI version : 2.1 jobs : code-review : docker : - image : cimg/node:22.0 steps : - checkout - run : name : Install Jazz command : npm install -g jazz-ai - run : name : Run code review command : jazz --output raw workflow run code-review --auto-approve environment : OPENAI_API_KEY : ${OPENAI_API_KEY}
Jenkins pipeline { agent any stages { stage( 'Code Review' ) { steps { sh 'npm install -g jazz-ai' withCredentials([string( credentialsId : 'openai-api-key' , variable : 'OPENAI_API_KEY' )]) { sh 'jazz --output raw workflow run code-review --auto-approve' } } } } }
CI flags and options --output rawOutputs raw text without ANSI colors or formatting, ideal for CI logs:
jazz --output raw workflow run code-review
--auto-approveRuns without interactive prompts. Use with auto-approve policies:
jazz workflow run code-review --auto-approve
--agent <name>Specifies which agent to use:
jazz workflow run code-review --agent ci-reviewer
Environment variables
CI=true: Tells Jazz it’s running in CIJAZZ_DISABLE_CATCH_UP=1: Disables workflow catch-up logicOPENAI_API_KEY: Your LLM provider API key
Agent configuration for CI Create a dedicated CI agent with appropriate tools and model:
{ "name" : "ci-reviewer" , "description" : "Code review agent for CI/CD" , "model" : "gpt-4o" , "provider" : "openai" , "tools" : [ "git" , "file-system" ], "skills" : [ "code-review" ], "temperature" : 0.3 }
Save to .github/jazz/agents/ci-reviewer.json and copy to the runner:
- name : Setup Jazz agent run : | mkdir -p "$HOME/.jazz/agents" cp .github/jazz/agents/ci-reviewer.json "$HOME/.jazz/agents/"
Workflow configuration for CI Create workflows that work in CI environments:
--- name : code-review description : Review PR changes for issues autoApprove : read-only --- Analyze the git diff from __PR_BASE_SHA__ to __PR_HEAD_SHA__. Review for : - Correctness and logic errors - Security vulnerabilities - Performance issues - Best practices Output as JSON array of comments with structure : { "path" : "src/file.ts" , "line" : 42 , "body" : "Review comment" }
Substitute placeholders at runtime:
sed -e "s/__PR_BASE_SHA__/ $PR_BASE_SHA /g" \ -e "s/__PR_HEAD_SHA__/ $PR_HEAD_SHA /g" \ .github/jazz/workflows/code-review/WORKFLOW.md > workflows/code-review/WORKFLOW.md
See .github/jazz/ More CI/CD use cases
Security audits Run dependency audits and security scans on every commit
Documentation Generate API docs and update README from code changes
Test generation Automatically generate tests for new code
Deploy workflows Coordinate deployments with pre-checks and smoke tests
Best practices
Use dedicated agents : Create CI-specific agents with lower temperature and focused toolsImplement security gates : Only run on trusted PRs, never expose secrets to forksSet timeouts : CI environments have time limits, configure appropriate timeoutsCache dependencies : Cache Jazz installation and agent configs for faster runsMonitor costs : Track LLM API usage and set budgetsVersion lock : Pin Jazz version in CI for reproducible builds
Always use secrets management for API keys. Never hardcode credentials in workflow files or commit them to git.