!vulqn Commands
VULQN listens for !vulqn commands in pull request comments on GitHub and Bitbucket.
Commands are useful when you want to control VULQN without leaving the PR.
Command rules
- Commands are case-insensitive.
!VULQN REVIEWworks the same as!vulqn review. - The command must be the first non-whitespace text in the comment.
- Commands inside inline code or fenced code blocks are ignored.
- Unknown commands are ignored.
- Some commands work as top-level PR comments, some work as replies to VULQN inline comments, and some support both.
- Parsed commands usually receive an acknowledgement reply from VULQN.
Quick reference
| Command | Where to post | What it does |
|---|---|---|
!vulqn review | Top-level or reply | Queues an incremental review. |
!vulqn full review | Top-level or reply | Queues a full review of the PR diff. |
!vulqn pause | Top-level recommended | Pauses automatic reviews for this PR. |
!vulqn resume | Top-level recommended | Resumes automatic reviews for this PR. |
!vulqn resolve | Top-level or reply | Resolves all open findings or one replied-to finding. |
!vulqn ack | Reply only | Acknowledges one finding as intentionally accepted. |
!vulqn ignore | Top-level recommended | Turns off automatic reviews for the rest of this PR. |
!vulqn learn <text> | Top-level or reply | Saves a team learning; replies also acknowledge the finding. |
!vulqn review
Queues an incremental review.
!vulqn reviewUse this after pushing fixes or when you want VULQN to review the latest changes without waiting for the next automatic event.
Notes:
- The PR must already have a VULQN review record. For the first review, open the PR or push a commit to trigger automatic review.
- This command bypasses a pause state.
- It does not clear a pause. Use
!vulqn resumeif you want future pushes to trigger automatic reviews again.
!vulqn full review
Queues a full review of the PR diff.
!vulqn full reviewUse this when the PR has changed enough that an incremental review would miss useful context, or when you want a fresh look after a large rebase.
!vulqn full by itself is not a command.
!vulqn pause
Pauses automatic reviews for the PR.
!vulqn pauseUse pause when a PR is still moving quickly and automatic reviews would create noise. VULQN stops reviewing new pushes until you resume or manually queue a review.
Best used after VULQN has reviewed the PR at least once.
!vulqn resume
Resumes automatic reviews for a paused PR.
!vulqn resumeThe next push to the PR can trigger a review, as long as the repository and branch settings still allow it.
!vulqn resolve
Resolves findings.
!vulqn resolveThere are two modes:
| Where you post it | Result |
|---|---|
| Reply to a VULQN inline comment | Marks that specific finding as resolved and resolves the thread when possible. |
| Top-level PR comment | Marks all open VULQN findings on the PR as resolved. |
Acknowledged findings are not changed by the top-level command.
Use this when the team has fixed the issue or manually verified that a finding no longer applies.
!vulqn ack
Acknowledges a specific finding.
!vulqn ackThis command must be posted as a reply to a VULQN inline comment.
Acknowledgement means:
- The team intentionally accepts the finding.
- VULQN marks it as acknowledged.
- The source-control thread is resolved when possible.
- Equivalent findings are not re-posted on later re-reviews.
- The finding remains visible in review history.
Use ack for intentional tradeoffs. Use resolve for issues that are fixed or no longer apply.
!vulqn ignore
Turns off automatic reviews for the rest of the PR.
!vulqn ignoreUse this when a PR should no longer receive automatic VULQN reviews. Manual review commands can still queue a review if needed.
For temporary review suppression, prefer !vulqn pause because it can be reversed with !vulqn resume.
!vulqn learn <text>
Saves a team learning for future reviews.
!vulqn learn <text>Examples:
!vulqn learn This module keeps legacy response fields because mobile clients before 5.3 still depend on them.!vulqn learn Admin exports are capped at 100 rows, so an N+1 query here is acceptable.There are two modes:
| Where you post it | Result |
|---|---|
| Reply to a VULQN inline comment | Saves the learning, acknowledges that finding, and resolves the thread when possible. |
| Top-level PR comment | Saves the learning only. |
The text after learn is required. A bare !vulqn learn is ignored.
Good learnings are specific and tied to a team convention, compatibility rule, or accepted tradeoff. Do not use learnings to suppress entire categories of review.
Automatic pause notice
After a PR has been reviewed 5 times, VULQN pauses automatic reviews to save credits and reduce noise. The pause notice tells you to continue with one of these commands:
!vulqn review!vulqn full review!vulqn resolveManual commands let you choose whether more review is worth the credit.