# Northstar – AI PR review for Azure DevOps teams (flat price, not per-seat)

> Source: <https://northstardevops.com/>
> Published: 2026-07-16 08:14:45+00:00



```
Early access
```

# Review faster.

Ship with more confidence.

Northstar reads every pull request on GitHub and Azure DevOps, grades its delivery risk, points reviewers at what matters, and drafts release notes — without ever storing your diffs or replacing human judgement.

Rewrites session token issuance and expiry. Touches authentication and identity handling — the highest-blast-radius area in the change.

0

diffs kept on disk

processed in memory, then discarded

1

AI call per revision

cached, gated, and budget-capped

2

providers, one workspace

GitHub and Azure DevOps

How it works

## From webhook to reviewed, in one quiet pass.

01

### Connect your provider

Authorise GitHub or Azure DevOps with least-privilege scopes. Work/school Entra accounts use OAuth; personal accounts connect with a Personal Access Token.

02

### Every PR becomes a signal

Changed files and patch metadata are analysed asynchronously into a risk grade, reviewer guidance, missing-test and security findings, and a concise summary.

03

### Route it to the right people

A tidy review comment lands on the PR, and high-risk alerts reach Teams, Slack, or the dashboard before the change slips through.

What you get

## Precise where it counts. Quiet everywhere else.

Risk classification

### Know which PRs actually need a senior reviewer.

High, medium, and low grades are derived from file paths, diff size, review heuristics, and provider context — so triage takes seconds, not a standup.

Authentication paths changed · token & identity handling · +142 / −38

Diff retention

### Patch data never touches disk.

0

bytes of diff stored permanently

Patches are analysed in memory, secret-redacted, then discarded. Only the risk signal is kept.

Release notes

### Completion notes for every audience.

● #247 auth — high · token expiry paths

● #244 api — medium · contract change

○ #241 docs — low · README update

Polished summaries after merge, pitched at the right level for engineers or stakeholders.

Smart routing

### High-risk alerts arrive before reviewers open the PR.

Teams and Slack notifications, provider-tagged dashboard views, and monitored queues keep GitHub and Azure DevOps work visible in one place.

High-risk PR: Update JWT token handler

just nowTeams · northstar-alerts

PR digest: 4 merged this sprint

3m agoSlack · #eng-releases

Privacy by design

```
No diff retentionPatch content lives in memory during analysis only. Nothing is written to permanent storage.
Secret redactionPattern and entropy checks scrub API keys, tokens, and connection strings before analysis begins.
Human in the loopEvery recommendation is advisory. Northstar surfaces the risk — your team makes the call.
Minimal permissionsOAuth scopes stay narrow, sign-in supports GitHub and Microsoft, and reconnect stays explicit and revocable.
```

Simple, predictable pricing

## One flat price. No per-seat math.

Most review tools bill for every developer, so the invoice climbs each time you hire. We charge one clear monthly price for a generous pool of pull-request analyses that your whole team shares. Grow the team without growing the bill — priced by the work you ship, not the people you employ.

Priced on your code, not your headcount

Add as many engineers as you like. Your plan scales with pull-request volume — never with seat counts or per-user fees.

No surprises on the invoice

A single flat rate with a clear analysis allowance. No background usage meters, no overage shocks, no seat audits at renewal.

Higher tiers, honestly better value

Move up for unlimited repositories, a much larger analysis pool, advanced risk analytics, release notes, and audit logs — what growing teams genuinely need.

## Connect your first repository in a couple of minutes.

Start free, sign in with GitHub or Microsoft, and bring review risk, release notes, and alerts into one workflow.
