Privacy settings

Privacy and GDPR notice

Nfero uses essential storage for language preferences and demo access controls. With your consent, Google Analytics and lightweight usage events help improve model demos and outbound subscription routing. Live demo prompts may be sent to configured Alibaba-hosted model endpoints.

Tool + model pairing

Open Code Review with Alibaba Model Studio API

Alibaba open-source AI code review CLI for reviewing git diffs, scanning files, and producing structured line-level comments.

Open Code Review is an Alibaba open-source review CLI. Treat repository review automation as a Model Studio API integration unless the exact use remains an assigned user's permitted interactive coding session.

Choose the right access route

Choose the right access route

For pull-request automation, CI, scheduled reviews, or shared repository services, use a general pay-as-you-go Model Studio API key—not a Coding Plan or Token Plan key.

RecommendedPay-as-you-go Model Studio API for review automation

Token Plan (Team Edition)

Only consider it for a clearly interactive assigned-user workflow that Alibaba permits; do not assume CI or shared review bots qualify.

Coding Plan

Do not use it for automated review scripts, CI, application backends, or batch calls.

Pay-as-you-go Model Studio API

Correct route for CI, pull-request automation, scheduled scans, and shared review services.

Safe configuration pattern

Use a general Model Studio provider for automated reviews

The example is deliberately redacted. Replace placeholders only on your device and never paste a real API key into Nfero.

Before you start

  1. Define whether the review is a local interactive tool session or automation/CI.
  2. For automation, create a general Model Studio API key in the same region as its endpoint.
  3. Store the key in a secret manager or CI secret rather than repository configuration.
  4. Review repository permissions and test on a non-sensitive change first.

Safe configuration pattern

Protocol
OpenAI-compatible Model Studio API
  1. Create a general Model Studio key for the deployment region.
  2. Use the region-specific general endpoint, not a Coding Plan or Token Plan endpoint.
  3. Configure the provider locally or in a protected CI secret.
  4. Restrict repository permissions and validate review output before publishing comments.

Verify the connection

  • Confirm the endpoint does not contain `coding-intl` or `token-plan`.
  • Run the review against a disposable branch or sample diff.
  • Verify secrets are masked in logs.
  • Set billing alerts before enabling scheduled or pull-request-triggered runs.

Model pairings

Recommended starting models

Use this tool to run interactive coding, reasoning, review, and documentation tasks with each model. Confirm final model availability and exact plan support in Alibaba Cloud before production use.

Text generationReasoningVisual understanding
Best pairing angle

Strong general reasoning route; confirm pay-as-you-go availability in your selected region.

Text generationReasoning
Best pairing angle

Long-context option for larger diffs and repository context.

Common problems

Common problems

What you see

401 or invalid API key

Likely cause

The general API key and regional Model Studio endpoint do not match.

What to do

Create or select the key in the same region/workspace as the endpoint.

What you see

Review automation stops after plan-policy enforcement

Likely cause

A plan key was used for a non-interactive workflow.

What to do

Move the integration to a general Model Studio API key and pay-as-you-go endpoint.

Important restrictions

  • Do not place Alibaba API keys in a repository, pull-request comment, build log, or Nfero.
  • Use least-privilege repository permissions and require human review before automatically changing code.
  • Coding Plan and Token Plan credentials are not a substitute for production or automated API access.