Koalr scores pull requests for deploy risk before merge. 36 signals — blast radius, churn, reviewer load — give teams an objective risk score. Plus DORA metrics and PR insights.
Koalr started from a simple observation: most production incidents trace back to a pull request nobody looked at closely enough. Not because engineers are careless — because nothing in the standard review process gives an objective signal about how risky a change actually is.
We built Koalr to fix that. It scores every pull request on 36 signals before it merges, so teams ship with confidence instead of crossed fingers.
Today Koalr tracks deploy risk, DORA metrics, PR cycle time, and flow efficiency for engineering teams who care about what they ship — not just how fast they ship it.
Our stack
Koalr is built on a Next.js frontend backed by a NestJS API running on Fastify. Data lives in PostgreSQL with Prisma as the ORM, Redis for caching and queuing via BullMQ, and ClickHouse for historical metrics aggregation at scale.
The risk scoring engine runs 36 signals per pull request, pulling live data from the GitHub API and processing it through a weighted model with per-organisation signal tuning.
Everything runs on Oracle Cloud — self-hosted, no managed Kubernetes, no bloated infra bill. AI features are powered by Anthropic Claude. The whole platform is a TypeScript monorepo built with Turborepo and pnpm.
