When a backend change breaks a frontend call site, DACIP names the exact file and line it orphans — derived from source on both sides of your PR — and attaches a repro that fails until the break is fixed.
No LLM in the pipeline. No spec to keep honest. Same refs in, byte-identical verdict out — every run. Built for teams shipping large codebases with coding agents.
Free for public repos + one private repo. Installs in one click; first verdict in about a minute.
An LLM reviewer says "this might break something." DACIP hands your reviewer a test that fails because it's broken — and passes the moment it's fixed. Nobody argues with a red test.
$ pytest .dacip/runs/gate/repro_2e70be3bdef4.py -x -q FAILED repro_2e70be3bdef4.py::test_contract — DACIP: no backend route — GET /api/queries/recent answered 404 # restore the route (or authorize the removal in your plan) … $ pytest .dacip/runs/gate/repro_2e70be3bdef4.py -x -q 1 passed in 0.31s # the PR comment flips to ✅ resolved on the next push — same comment, no bot spam
Agents don't write bad syntax — they break contracts. The route renamed while three call sites keep calling it. Tests green, CI green, production 404.
Diffs the contract graph between your PR's two refs: routes removed, methods changed, auth markers dropped, required fields added — each with every affected caller at file:line.
Flask, Flask-RESTX/RESTful, Django/DRF (nested routers, monorepo roots, re_path), Express, Next.js handlers — matched against real fetch/axios call sites. No OpenAPI required; wrong specs can't lie to it.
Inside Claude Code, a resident gate judges each edit's contract impact before it hits disk — and denies unauthorized breaks naming the orphaned callers. A human override always wins.
Findings become work orders; agent patches pass a four-layer acceptance gate (scope, contract, tests + repro flip, size); merges ship with a before/after evidence bundle a reviewer can replay.
One idempotent PR comment (edited in place — never a comment stack), a contract-gate check run, and SARIF into code scanning. Silent on clean PRs.
Dynamic paths, unresolved prefixes, unsupported frameworks: counted and labelled in every verdict. When DACIP can't see, it says so — it never pads the report with guesses.
LLM reviewers are useful — keep yours. DACIP is a different instrument: a deterministic gate for the one class of bug that survives green CI. Here's the honest matrix.
| DACIP | CodeRabbit | Greptile | Qodo Merge | Cursor BugBot | Copilot Review | |
|---|---|---|---|---|---|---|
| Engine | Deterministic static analysis — no LLM | LLM | LLM + code graph | Multi-agent LLM | 8-pass LLM voting | LLM |
| Same input → same output | Always — byte-identical | No | No | No | Majority vote | No |
| Cross-boundary contract breaks frontend call sites × backend routes, from source | Core capability — file:line blast radius | — | — | — | — | — |
| Runnable proof per finding | Every asserted finding | — | — | — | — | — |
| False-positive discipline | 0 across 9 audited OSS repos; demotes to labelled observations when unsure | 2 FPs in published benchmark; noisy on small PRs | 11 FPs same benchmark | — | — | surface-level |
| Blocks agent edits pre-write | Yes — in-session guardrail | — | — | — | IDE fix button | — |
| Comment behavior | One comment, edited in place; silent when clean | "too many comments" | — | — | — | — |
| Your code + LLMs | Never leaves the runner; no model sees it; fingerprints only | Sent to LLM | Indexed + LLM | Sent to LLM | Sent to LLM | Sent to LLM |
| Review breadth (style, logic, security opinions) | Deliberately narrow — contracts, imports, routes, dead schedules | Broad | Broad | Broad | Broad | Broad-ish |
| Languages | Python + TypeScript stacks (the niche, done deeply) | Many | Many | Many | Many | Many |
| Pricing | $15/dev · free tier — no per-token costs underneath | $24–30/seat | $30/seat + usage | $0–19/seat | $40/seat + Cursor | bundled $19+ |
Competitor rows compiled from vendor pages and third-party comparisons (Jan 2026); corrections welcome. The last two rows are where the field beats us — on purpose. DACIP does one class of failure exhaustively rather than every class shallowly, and it complements whichever reviewer you already run.
Before asking anyone to trust the zero-false-positive claim, we ran DACIP cold on nine large open-source repos and hand-audited every asserted defect against source.
| Repository | Routes extracted | Asserted defects | Hand-audit verdict |
|---|---|---|---|
| getsentry/sentry | 151 | 0 | 0 FP largest repo — 36s cold |
| zulip/zulip | 445 | 0 | 0 FP |
| posthog/posthog | 85 | 0 | 0 FP weak coverage declared, not guessed |
| Flagsmith/flagsmith | 549 | 0 | 0 FP |
| netbox-community/netbox | 235 | 0 | 0 FP |
| mathesar-foundation/mathesar | 24 | 0 | 0 FP unsupported frontend: says so, loudly |
| getredash/redash | 123 | 1 | real bug verified below |
| apache/superset | — | 1 | real bug verified below |
| HumanSignal/label-studio | 185 | 1 | real bug verified below |
GET api/dashboards/recent — the frontend still ships this call; the backend endpoint no longer exists. Zero hits across the entire server tree.
A TYPE_CHECKING import references tests.common.example_data… — a path that stopped existing after a refactor. Every type-check of that file has been broken since.
io_storages/filesystem.py imports .base, which doesn't exist — a dead module that crashes on first import. No importers left; pure debt.
Full methodology, per-repo write-ups, and the 19 extractor gap classes we fixed to get here ship with the beta. Bugs were disclosed upstream before publication.
There's no per-token inference bill underneath a deterministic engine — the pricing passes that through.
Private beta opens with the GitHub App. If your stack is Django/Flask + React/Next and your team ships with agents, you're exactly who this was built for.
⛔ 1 breaking change introduced by this PR
Removes GET /api/queries/recent — 1 call site still targets it:
pytest .dacip/runs/gate/repro_2e70be3bdef4.py -x -q