Code comprehension, now with consequences.

Your PR says
“small refactor.”
Prove it.

A short, code-dependent quiz for the person who opened the PR. No trivia. No gotchas. No answers copied from the description they wrote five minutes ago.

Install the GitHub App, then sign in with GitHub. No password. No code to deploy. Mild accountability.

pull / 184
READY FOR REVIEW

Definitely just a tiny refactor

+
+
Author confidenceSuspiciously high
POP QUIZWhat happens when the retry is exhausted?
The error is swallowed
The job moves to failed
We blame DNS
Check pending — prove it

THE REVIEWER READS THE DIFF.

THE AUTHOR SHOULD TOO.

“LGTM” IS NOT A TEST STRATEGY.

Getting in

GitHub is your account.
No mystery login portal.

GateCheck uses your GitHub identity, so there is no separate password to forget—or paste into Slack.

How it works

Three steps. One fewer awkward stand-up.

01

We read the changed code

The diff is processed in memory. The PR description is treated as an exclusion list, because repeating the ticket is not understanding the implementation.

02

We reject bad questions

A separate review pass throws out trivia, gotchas, ambiguous answers, and anything that does not reveal a meaningful misunderstanding.

03

GitHub gets the verdict

Pass and the check goes green. Miss one and it goes red. Closing the PR is optional—accountability does not have to mean chaos.

A tiny taste

Not “what does this variable do?”

Questions focus on behavior, failure modes, data flow, security, and decisions that matter when somebody changes the code again.

  • Grounded in the actual diff
  • Impossible to ace from the PR description
  • Reviewed for impact and fairness
QUESTION 2 OF 4SELECT ALL THAT APPLY

After the new queue worker claims a job, which conditions allow another worker to reclaim it?

Your app, your consequences

Strict where it counts.
Chill where it doesn’t.

Quiz pull requests
Include drafts
Include bots
Close PR after a failed quiz

The red check is automatic. The locked door is your call.

We ask only for the permissions the workflow needs. If you want the quiz to block merging, the setup screen walks you through making the check required. No sneaky Administration permission.

See installation permissions →
NOCODE
HOARDING

Privacy without the interpretive dance

Your diff is input, not inventory.

Changed code is held only while the quiz is generated. Queue jobs contain identifiers, not source. Application logs avoid PR content, questions, answers, and tokens. We keep aggregate PR count and diff size so one enthusiastic monorepo cannot eat the entire budget.

Reasonable questions

Before your security team asks.

Does it train on our code?+

GateCheck does not train a model. Your selected AI provider processes the diff to create and review the quiz; choose a paid API plan with appropriate data-use terms for proprietary repositories.

What stops the quiz from being a gotcha?+

Every candidate faces a separate quality review. It must be impactful, code-dependent, description-independent, fair, and grounded. Fewer than three survivors means generation retries instead of publishing junk.

Does failing really close the PR?+

Only if an installation administrator explicitly turns that setting on. By default, failure makes the check red and leaves the PR open for a human conversation.

Does the check block merging?+

It can. GitHub always shows the check, and your repository owner decides whether to make it required in a ruleset. We provide the setup link but do not seize Administration permission.

?

Go on, then

Make “I read the code”
less of a vibe.

Install GateCheck

Deploy nothing. Configure in minutes. Blame nobody but the diff.