Ripple Report Comment (Part 1)
Ripple Report Comment (Part 2)

Ripple: Blast-Radius Reviewer

GitLab Transcend Hackathon 2026 · Showcase Track

The pain point

Every engineering team has felt the moment: someone changes a shared utility function, opens a merge request, and nobody realises until after the merge — or worse, after the deploy — that five files in three other services were calling the old signature.

Code review tools today operate on the diff in front of them. GitLab Duo Code Review will tell you whether the change looks correct within the changed file. What it won't tell you is which other modules, services, or repos depend on the symbol you just changed.

This isn't a new observation. The GitLab community has been asking for it:

Issue #591861 ("Make Code Review DAP flow review step agentic with on-demand repository context access") — the current reviewer cannot fetch additional files or search code during a review, making cross-file bug detection and reverse dependency analysis (finding every caller of a changed symbol) impossible.
Issue #596274 ("Contextual Dev Assistant: Accuracy degrades with multi-repo complexity and cross-dependency chains") — across repository boundaries the assistant cannot reason about how a change in one repo affects another, what the correct dependency interfaces are, or how shared libraries are consumed downstream.

Both issues describe the same root cause: the reviewer's context window is the diff. The blast radius lives outside it.

Demo scope note. Ripple analyses the entire project — every directory, any language — not a fixed set of paths. The blast-radius walk here runs at project scope because hackathon provisioning gives us a single project, not a full group. But the same Orbit query_graph call that traces callers within this project will, with group_id substituted for project_id, trace callers across independently-hosted repos in a real group. The query pattern is identical; only the scope parameter changes. Project scope is a faithful stand-in for the cross-repo production case.

How Ripple fixes it

Ripple is a GitLab Duo Agent Platform Flow that answers the blast-radius question automatically, on every merge request, with no extra work from the developer.

When triggered (via @ai-ripple mention or MR reviewer assignment), the agent:

Reads the diff and extracts the names of every changed function or class — the changed symbols.
Queries Orbit (query_graph MCP tool, after confirming the live graph schema with get_graph_schema) with a semantic call-graph query:

   MATCH (caller)-[:CALLS|IMPORTS]->(callee)
   WHERE callee.name = "validate_token"
     AND callee.project_id = {{project_id}}
   RETURN caller.file_path, caller.name

The query is unscoped by path — it finds callers anywhere in the project, then results are grouped by their top-level directory. Orbit's knowledge graph resolves import aliases and indirect references that git grep misses. At group scope the same query spans multiple repos.

Maps CI coverage — for each affected file, checks whether a pipeline job exists that exercises it, so the reviewer knows immediately whether there is a safety net.
Identifies owners — queries git history and recent MR activity to surface the people most likely to care about each affected file.
Posts a single MR comment containing:
- A per-directory table: file · callers · owners · CI status.
- A Mermaid dependency diagram showing the blast radius visually.

The entire analysis runs in under a minute and requires no configuration beyond enabling the Flow.

What changes for the developer

Before Ripple:

Developer adds required_scope to validate_token with a None default so existing callers keep compiling.
Opens an MR.
Reviewer reads the diff — looks fine in isolation. CI is green across all three services.
MR merges.
Five callers across two services are silently skipping scope enforcement. No test fails. No alert fires.
The compliance gap surfaces at the next security audit, weeks later.

After Ripple:

Developer changes validate_token.
Opens an MR.
Ripple posts:

🌊 Ripple — Blast Radius Report

MR !7 — feat(auth): require explicit scope claim in validate_token Changed symbols: validate_token

billing-service

File Called by Owners CI

billing_service/subscriptions.py get_subscription(), upgrade_subscription(), cancel_subscription() @alice ✅ test:billing-service

billing_service/invoices.py generate_invoice(), mark_paid(), list_invoices() @alice ✅ test:billing-service

billing_service/webhooks.py handle_payment_succeeded(), handle_payment_failed(), handle_subscription_cancelled() @alice ✅ test:billing-service

notifications-service

File Called by Owners CI

notifications_service/dispatcher.py send_notification(), get_sent_notifications(), retry_failed() @bob ✅ test:notifications-service

notifications_service/preferences.py get_preferences(), update_preferences(), reset_preferences() @bob ✅ test:notifications-service

File	Called by	Owners	CI
`billing_service/subscriptions.py`	`get_subscription()`, `upgrade_subscription()`, `cancel_subscription()`	@alice	✅ `test:billing-service`
`billing_service/invoices.py`	`generate_invoice()`, `mark_paid()`, `list_invoices()`	@alice	✅ `test:billing-service`
`billing_service/webhooks.py`	`handle_payment_succeeded()`, `handle_payment_failed()`, `handle_subscription_cancelled()`	@alice	✅ `test:billing-service`

File	Called by	Owners	CI
`notifications_service/dispatcher.py`	`send_notification()`, `get_sent_notifications()`, `retry_failed()`	@bob	✅ `test:notifications-service`
`notifications_service/preferences.py`	`get_preferences()`, `update_preferences()`, `reset_preferences()`	@bob	✅ `test:notifications-service`

Developer updates all five files before the MR is reviewed.
All CI jobs pass. MR merges cleanly.

The developer doesn't change their workflow. They open an MR exactly as before. Ripple adds the blast-radius context they would otherwise have to gather manually — or discover the hard way.

Technical highlights

GitLab Duo Agent Platform Flow source: .gitlab/duo/flows/blast-radius-reviewer.yaml with a single AgentComponent driven by a structured seven-step prompt.
Orbit query_graph + get_graph_schema MCP tools for semantic call-graph traversal — the key differentiator vs. text search. The agent reads the live graph schema first, then runs the same DSL query at project scope (this demo) and group scope (cross-repo production use).
Language-agnostic by design — symbol extraction and test-coverage inference key off the declaration and naming conventions of whatever language each changed file uses (Python, JS/TS, Go, Rust, Java/C#, …), and callers are grouped by top-level directory rather than a hard-coded path list, so the Flow drops into any project unchanged.
GitLab API tools: get_merge_request, list_merge_request_diffs, list_commits, gitlab_merge_request_search, and create_merge_request_note — the full read + write surface the Flow needs, with no external infrastructure required.
Mermaid diagram generated inline in the MR comment (graph LR for a narrow, scroll-friendly layout) for at-a-glance visual blast-radius mapping.
Offline simulator (tools/simulate_blast_radius.py) uses Python ast static analysis to reproduce the Orbit query locally, so the blast-radius output can be validated without a running GitLab instance.

Built With

duo
mermaid
orbit

Updates

Alexander Korostin started this project — Jun 24, 2026 10:51 AM EDT

Leave feedback in the comments!

Log in or sign up for Devpost to join the conversation.