Two AIs argue about your PR until it's mergeable. You click merge.
Latch is a bounded review⇄fix loop that converges any pull request — human- or agent-authored — to mergeable, then stops. The reviewer is independent of the agent that wrote the code. The loop never merges; a human always does.
npx github:nishantkumar1292/latch init
FSL-1.1-Apache-2.0 · self-host free forever · runs in your own GitHub Actions
Coding agents open pull requests faster than anyone can review them.
Fifty PRs land by 7am with green CI on every one — and green CI never saw the answer tiles that always put the right answer in the middle. The one scarce thing left is judgment about whether a diff is safe to merge.
A loop that converges, then stops.
Two identities, one bounded cycle. Every hop is its own auditable run — nothing self-approves, and nothing merges itself.
An independent reviewer attacks the PR.
It treats the PR description as claims to falsify, distrusts golden tests regenerated in the same commit, and checks every new field for a producer and a consumer. Findings post as inline comments with a concrete failure scenario; the run ends on a verdict.
identity: reviewer · verdict: MERGE / MERGE-WITH-FIXES / DO-NOT-MERGE
A separate fixer addresses each finding.
It runs the real checks before it commits. And it has standing to refuse: when a finding is wrong, it replies with its reasoning and leaves the thread open for a human instead of blindly complying — which is what stops the loop thrashing on a bad comment.
identity: fixer ≠ reviewer · so nothing self-approves
The reviewer runs again against the new head.
A fresh run re-verifies the earlier findings and looks for anything the fix introduced. Cycles are bounded by a hard cap; hit it and the loop escalates to a human rather than spinning.
every hop is a separate run on your audit trail
When the findings clear, it stops. The check goes green.
Latch converges the mechanically-verifiable debris and hands the judgment calls to you. It does not merge — you do. Any thread the fixer left open is yours to resolve.
0 human review cycles → 1 human action: merge
The agent that wrote the code can't be the one that clears it.
Independence isn't a feature of this product — it's the whole product.
Correlated blind spots
Ask an agent to review its own PR and it runs on the same weights, the same context, and the same blind spots that produced the bug. Its errors are correlated with the code's errors, so it clears exactly the mistakes it was always going to make.
— model-independence knob —
Point the reviewer at a model unlike your author-agent. Independence isn't a slogan; it's a setting — and a catch-rate metric to measure the lift is on the roadmap.
A generated math drill sorted its answer choices, so the correct tile was always the middle one — and a five-year-old learned to just tap the middle every time. CI was green the whole time; a parent caught it, not the tests. An independent reviewer with the repo's doctrine catches exactly that class of bug.
6 + 1 = ? — the answer never moves.
A gate you can hand a probabilistic agent.
The defaults are the conservative ones. You turn up the enforcement yourself, once you trust your own false-positive rate.
Never merges
The loop converges to mergeable and stops. A human always presses merge. (Opt into GitHub's native auto-merge yourself if you want it.)
Anti-tamper
The fixer can never edit the workflows or the policy file that govern it. The loop can't rewrite its own rules.
Bounded cycles
A hard cap on review⇄fix rounds. Hit it and the loop escalates to a human instead of thrashing forever.
Non-blocking by default
The verdict ships as a non-blocking commit status. Mark it a required check yourself, per repo, once you've seen its false-positive rate.
We see nothing
The open-source loop runs in your own GitHub Actions, on your key, on your audit trail. Your code never leaves your repo.
Every hop is a run
Review, fix, re-review — each is a separate, directional, inspectable run. The automation can't self-trigger or self-approve.
Gate your first PR in a few minutes.
One command writes the workflows and a policy file. Add a key, open a PR, and watch it converge.
Run init in your repo
It writes the review and fix workflows plus a .latch/policy.yml (mined from your CLAUDE.md or AGENTS.md if you have one).
npx github:nishantkumar1292/latch init
Add your key as a repo secret
A Claude subscription token or an API key. Latch runs on your key, in your Actions — nothing is sent to us.
# Settings → Secrets and variables → Actions CLAUDE_CODE_OAUTH_TOKEN=<your token>
Open a pull request
The reviewer runs, the fixer converges it, and the verdict lands as a commit status. When it's green, you press merge.
Paste this to Claude Code, Codex, Cursor, or any coding agent working in the repo:
Add Latch to this repo as the merge gate: 1. Run: npx github:nishantkumar1292/latch init 2. Commit the generated .github/workflows/ files and .latch/policy.yml — do not edit them afterward (Latch's anti-tamper guard won't either). 3. Open a pull request and report the review verdict: MERGE / MERGE-WITH-FIXES / DO-NOT-MERGE. Note: Latch reviews your PR from a separate context with an adversarial doctrine. Treat its findings as an outside opinion, not your own — address them or reply with your reasoning.
Free where it runs on your compute. Paid where we run it for you.
The whole loop is open source and free forever. The hosted gate is a zero-config convenience, not a paywall around the product.
Bring your own Claude subscription or API key.
- The full loop: independent review, fix-or-refuse, re-review, converge
- Anti-tamper guard, bounded cycles, human escalation
- Runs in your Actions — your key, your audit trail
- FSL-1.1-Apache-2.0
Includes 25 gated PRs, then $8 / gated PR. BYOK discount.
- Zero-config GitHub App — gates every PR, no YAML to commit
- Our sandbox and inference — doesn't spend your Actions minutes
- Check-run verdict with inline annotations and fix buttons
- Code-retention-free by construction
For teams with a security review and a compliance bar.
- SSO and audit export
- Self-hosted license
- Bring-your-own-model (Bedrock / Vertex)
- Priority doctrine tuning for your repos
The honest answers.
Isn't this just AI reviewing AI?
Yes — and that only helps if the reviewer is independent of the author. Latch runs the reviewer in a separate context with an adversarial doctrine, and lets you point it at a model unlike the one that wrote the code, so its errors don't correlate with the author's.
It also never claims a verdict it can't back. Latch converges the mechanically-checkable findings — the missing consumer, the un-randomized answer, the failing check — and escalates the judgment calls to you. It's triage and autofix with an outside opinion, not a rubber stamp.
Does it merge my code?
No. Ever. The loop converges the PR to mergeable and stops; a human always presses merge. That's the trust posture, not a limitation. If you want it, you can opt into GitHub's native auto-merge yourself — the default is a human merges.
Do you see my code?
Not in the open-source version — it runs entirely in your own GitHub Actions, on your key, on your audit trail. We never receive it. The hosted gate runs on an ephemeral, code-retention-free sandbox that clones, reviews, and is destroyed; we keep only metadata (verdicts, timings, cycle counts).
What if the reviewer is wrong?
The fixer can refuse a finding with reasoning and leave it open for a human, so the loop doesn't thrash on a bad comment. And the verdict is non-blocking by default — a false DO-NOT-MERGE can't stop your team from shipping until you decide to make the check required.
Which agents does it work with?
Any that open a pull request — Copilot, Codex, Devin, OpenHands, Cursor, Claude Code, or a human. Latch meets them at the PR, the one artifact they all emit, so nothing on their side changes.