Mergecraft

Most code-review tools look at one PR at a time. That's useful but it misses the patterns that only emerge in aggregate — the author who consistently ships 800-line diffs with two-line descriptions, the file that's been touched in 12 of the last 30 PRs, the review threads that keep relitigating the same architectural argument.

Mergecraft scoops up to 30 merged PRs in one batch, fetches metadata + reviews + inline comments locally, and asks Claude to find the *across-batch* signal. Output is structured: anti-patterns, review friction, author tendencies, churn hotspots — each with a list of citing PR numbers that render as clickable links back to the source. Findings without evidence get dropped before they're shown.

No backend means there is literally nothing to compromise. No proxy, no serverless function, no telemetry, no analytics. Your GitHub PAT and your Anthropic key live in your browser's `localStorage` and never leave it. Your PR data goes from GitHub straight to Anthropic — I never see it.

The trade-off is honest in the README: anything with browser access (a hostile extension, devtools running malicious code) can read `localStorage`. The benefit is the rest of the threat model collapses. There are no servers to breach, no logs to subpoena, no contract to violate. The recommended Content-Security-Policy locks the connect-src down to `api.github.com` and `api.anthropic.com` — anyone self-hosting can verify the network surface in a browser devtools tab in under a minute.

LLM tools that hide their costs train users to be afraid of every button. Mergecraft inverts that: before any analysis run, the cost preview calls Anthropic's free `count_tokens` endpoint and shows a `$0.04 – $0.09` range based on the actual selected batch and chosen model. You see what you're committing to.

Three scan modes (Shallow / Survey / Deep) make the data-cost trade-off explicit — Shallow sends metadata + reviews, Survey adds per-PR file lists for churn analysis, Deep adds truncated diffs (capped at 6KB per PR, skipped if >30 changed files). Three model tiers (Haiku 4.5, Sonnet 4.6, Opus 4.7) are listed with their actual $/MTok pricing, not marketing names. A 30-PR Shallow run on Haiku is ~$0.06; a 30-PR Deep run on Opus is ~$0.50. You know before you click.

The frontend is Angular 21 — a deliberate choice in a React-saturated landscape. Built on Angular's native signals + dependency-injected services, with no external state management library. Two non-negotiable constraints, both stated in the contributing docs: no backend, no external state lib. Constraints force good design.

The payoff is a SPA that's small (~2.6k lines of TS/HTML/CSS), trivially self-hostable as a static bundle, and CI-gated with Prettier-blocking format checks. Build output goes straight to any static host — GitHub Pages, Netlify, Vercel, S3. The hosting README documents `_headers` and `_redirects` configs for Netlify and Cloudflare Pages alongside the recommended CSP.