Skip to main content
Nectr uses environment variables for all configuration. Copy .env.example to .env and configure the required variables to get started.

Required Variables

These variables must be set for Nectr to start and review PRs.

AI Configuration

ANTHROPIC_API_KEY
string
required
Your Anthropic API key for Claude Sonnet 4.5.Get your API key from console.anthropic.com
ANTHROPIC_API_KEY=sk-ant-...
ANTHROPIC_MODEL
string
default:"claude-sonnet-4-5-20250929"
The Claude model to use for PR reviews.
ANTHROPIC_MODEL=claude-sonnet-4-5-20250929

Database

DATABASE_URL
string
required
PostgreSQL connection string with asyncpg driver.Recommended: Use Supabase free tier.Navigate to: Dashboard → Connect → Connection Pooling → Session Mode (port 5432)
DATABASE_URL=postgresql+asyncpg://postgres.<project-id>:<password>@aws-0-<region>.pooler.supabase.com:5432/postgres
Use postgresql+asyncpg:// (not postgresql://) as Nectr requires async database support.

GitHub OAuth

GITHUB_CLIENT_ID
string
required
GitHub OAuth App client ID.Create an OAuth App at: github.com/settings/developers → New OAuth App
GITHUB_CLIENT_ID=Iv1.abc123...
GITHUB_CLIENT_SECRET
string
required
GitHub OAuth App client secret.
GITHUB_CLIENT_SECRET=abc123def456...
Keep this secret secure. Never commit it to version control.
GITHUB_PAT
string
required
GitHub Personal Access Token (Classic) with repo scope.Used to post PR review comments on behalf of your account.Create at: github.com/settings/tokens → Generate new token (classic)Required scope: repo (Full control of private repositories)
GITHUB_PAT=ghp_...

Authentication

SECRET_KEY
string
required
Secret key for JWT signing and token encryption.Generate a secure random key:
python -c "import secrets; print(secrets.token_hex(32))"

SECRET_KEY=your-64-character-hex-string
Changing this key will invalidate all existing user sessions and require users to re-authenticate.
ALGORITHM
string
default:"HS256"
JWT signing algorithm.
ALGORITHM=HS256
ACCESS_TOKEN_EXPIRE_MINUTES
integer
default:"1440"
JWT token expiration time in minutes (default: 24 hours).
ACCESS_TOKEN_EXPIRE_MINUTES=1440

URLs

BACKEND_URL
string
required
Public URL where your backend API is hosted.This URL is used for:
  • GitHub webhook callback endpoints
  • OAuth redirect URIs
# Development
BACKEND_URL=http://localhost:8000

# Production
BACKEND_URL=https://your-backend.up.railway.app
FRONTEND_URL
string
required
Public URL where your frontend is hosted.Used for redirects after authentication.
# Development
FRONTEND_URL=http://localhost:3000

# Production
FRONTEND_URL=https://your-app.vercel.app

Neo4j Knowledge Graph

NEO4J_URI
string
required
Neo4j connection URI.Enables file-expert maps and related-PR context in every review.Get a free instance at: neo4j.com/cloud/platform/aura-graph-database
NEO4J_URI=neo4j+s://xxxxxxxx.databases.neo4j.io
NEO4J_USERNAME
string
default:"neo4j"
Neo4j username.
NEO4J_USERNAME=neo4j
NEO4J_PASSWORD
string
required
Neo4j password.
NEO4J_PASSWORD=your-neo4j-password

Mem0 Memory Layer

MEM0_API_KEY
string
required
Mem0 API key for semantic memory storage.Enables per-project patterns and per-developer learned habits.Get your API key at: mem0.ai
MEM0_API_KEY=m0-...

Optional Variables

These variables enable optional features. Leave blank to disable.

MCP Integrations

Pull live context (issues, errors, messages) into every review. Each integration is independent — set only the ones you use.
LINEAR_MCP_URL
string
Linear MCP server base URL.
LINEAR_MCP_URL=https://your-linear-mcp-server.com
LINEAR_API_KEY
string
Linear personal API key.Get your API key from: Linear → Settings → API → Personal API keys
LINEAR_API_KEY=lin_api_...
SENTRY_MCP_URL
string
Sentry MCP server base URL.
SENTRY_MCP_URL=https://your-sentry-mcp-server.com
SENTRY_AUTH_TOKEN
string
Sentry auth token with project read permissions.Create at: Sentry → Settings → Auth Tokens
SENTRY_AUTH_TOKEN=sntrys_...
SLACK_MCP_URL
string
Slack MCP server base URL for fetching relevant channel messages.
SLACK_MCP_URL=https://your-slack-mcp-server.com

Slack Bot (Direct Notifications)

SLACK_BOT_TOKEN
string
Slack Bot User OAuth Token for direct notifications.This is separate from the MCP Slack integration above.
SLACK_BOT_TOKEN=xoxb-...
SLACK_SIGNING_SECRET
string
Slack app signing secret for verifying webhook requests.
SLACK_SIGNING_SECRET=abc123...

Webhook Security

GITHUB_WEBHOOK_SECRET
string
Global fallback webhook secret.Per-repo secrets are stored in the database automatically when you connect a repo. This global secret is only used as a fallback if no per-repo secret is found.
GITHUB_WEBHOOK_SECRET=your-webhook-secret
In production (APP_ENV=production), webhook signature verification is enforced. Without a valid secret, webhooks will be rejected with a 403 error.

Feature Flags

PARALLEL_REVIEW_AGENTS
boolean
default:"false"
Enable parallel review mode with 3 specialized agents.
  • false (default): Single agentic review loop (faster, less token usage)
  • true: 3 specialized agents run in parallel (security / performance / style)
PARALLEL_REVIEW_AGENTS=false
When enabled, Nectr runs three specialized agents concurrently:
  1. Security Agent - Focuses on vulnerabilities, authentication, data validation
  2. Performance Agent - Analyzes efficiency, database queries, caching
  3. Style Agent - Reviews code style, patterns, and maintainability
A synthesis agent then combines all three reviews into a final cohesive review.Trade-offs:
  • ✅ More thorough, specialized analysis
  • ✅ Parallel execution can be faster for large PRs
  • ❌ Higher token usage (4x Claude API calls)
  • ❌ Slightly higher cost per review

App Settings

Safe to leave as-is for local development.
APP_NAME
string
default:"Nectr"
Application name.
APP_NAME=Nectr
APP_ENV
string
default:"development"
Application environment.
  • development - Development mode (CORS relaxed, debug enabled)
  • production - Production mode (CORS strict, webhook signature verification enforced)
APP_ENV=development
DEBUG
boolean
default:"true"
Enable debug mode.
DEBUG=True
LOG_LEVEL
string
default:"DEBUG"
Logging level.Options: DEBUG, INFO, WARNING, ERROR, CRITICAL
LOG_LEVEL=DEBUG
HOST
string
default:"0.0.0.0"
Server host binding.
HOST=0.0.0.0
PORT
integer
default:"8000"
Server port.
PORT=8000

Example Configuration

# AI
ANTHROPIC_API_KEY=sk-ant-api03-xxx
ANTHROPIC_MODEL=claude-sonnet-4-5-20250929

# Database
DATABASE_URL=postgresql+asyncpg://postgres.abc:[email protected]:5432/postgres

# GitHub OAuth
GITHUB_CLIENT_ID=Iv1.abc123
GITHUB_CLIENT_SECRET=secret123
GITHUB_PAT=ghp_abc123

# Auth
SECRET_KEY=64-character-random-hex-string

# URLs
BACKEND_URL=http://localhost:8000
FRONTEND_URL=http://localhost:3000

# Neo4j
NEO4J_URI=neo4j+s://abc123.databases.neo4j.io
NEO4J_USERNAME=neo4j
NEO4J_PASSWORD=password

# Mem0
MEM0_API_KEY=m0-abc123

# ══════════════════════════════════════════════════════
# REQUIRED
# ══════════════════════════════════════════════════════

# AI
ANTHROPIC_API_KEY=sk-ant-api03-xxx
ANTHROPIC_MODEL=claude-sonnet-4-5-20250929

# Database
DATABASE_URL=postgresql+asyncpg://postgres.abc:[email protected]:5432/postgres

# GitHub OAuth + API
GITHUB_CLIENT_ID=Iv1.abc123
GITHUB_CLIENT_SECRET=secret123
GITHUB_PAT=ghp_abc123

# Auth
SECRET_KEY=64-character-random-hex-string
ACCESS_TOKEN_EXPIRE_MINUTES=1440
ALGORITHM=HS256

# URLs
BACKEND_URL=https://your-backend.up.railway.app
FRONTEND_URL=https://your-app.vercel.app

# Neo4j
NEO4J_URI=neo4j+s://abc123.databases.neo4j.io
NEO4J_USERNAME=neo4j
NEO4J_PASSWORD=password

# Mem0
MEM0_API_KEY=m0-abc123

# ══════════════════════════════════════════════════════
# OPTIONAL
# ══════════════════════════════════════════════════════

# MCP Integrations
LINEAR_MCP_URL=https://linear-mcp.example.com
LINEAR_API_KEY=lin_api_abc123
SENTRY_MCP_URL=https://sentry-mcp.example.com
SENTRY_AUTH_TOKEN=sntrys_abc123
SLACK_MCP_URL=https://slack-mcp.example.com

# Slack Bot (Direct Notifications)
SLACK_BOT_TOKEN=xoxb-abc123
SLACK_SIGNING_SECRET=abc123

# Webhook Security
GITHUB_WEBHOOK_SECRET=webhook-secret-123

# Feature Flags
PARALLEL_REVIEW_AGENTS=false

# App Settings
APP_NAME=Nectr
APP_ENV=production
DEBUG=False
LOG_LEVEL=INFO
HOST=0.0.0.0
PORT=8000

Next Steps

OAuth Setup

Configure GitHub OAuth App for user authentication

Webhooks

Learn how webhooks are configured and verified

Build docs developers (and LLMs) love

Get started for freeTalk to us