Overview
When Devin is tracking a pull request, it monitors incoming comments and responds to them automatically. By default, Devin ignores comments from bot users (such asgithub-actions[bot], dependabot[bot], or code review bots) to prevent infinite feedback loops. The Autofix settings - bot comments feature lets you control this behavior so Devin can automatically respond to comments from bots you trust.
This is an organization-level setting that applies to all Devin sessions within your org.
Where to find it
Navigate to Settings > Customization > Pull request settings > Autofix settings - bot comments.Only organization admins can modify this setting.
Available modes
Don’t respond to bot comments (default)
Devin ignores all comments from bot users on PRs. This is the safest option and prevents any risk of infinite loops between Devin and other automated tools.Respond to all bot comments
Devin treats bot comments exactly like human comments and processes all of them.Respond to specific bots only
You provide an allowlist of bot usernames that Devin should respond to. Devin processes comments from those bots and ignores all others. This is the recommended option for most teams because it gives you precise control. To add a bot to the allowlist:- Select Respond to specific bots only from the dropdown.
- Enter the bot’s GitHub username in the input field (e.g.,
github-actions[bot]). - Click Add.
[bot]. You can find a bot’s username by looking at who authored the comment on your pull request.
To remove a bot, click the × button next to its name in the allowlist.
How it works at runtime
When a bot leaves a comment on a PR that Devin is tracking, Devin checks your organization’s bot comment settings:- Mode is “none” — the comment is ignored.
- Mode is “allowlist” — the bot’s username is checked against your allowlist. If it matches, Devin processes the comment. Otherwise, it is ignored.
- Mode is “all” — the comment is processed.
Lint failure comments from bots (containing “lint check failed”) are always processed regardless of this setting, so Devin can always respond to CI failures.
Common use cases
- CI bots: Allow your CI bot so Devin can automatically fix lint errors, test failures, or build issues flagged by your pipeline.
- Security scanners: Allow your security scanning bot so Devin can address vulnerability reports directly.
- Code quality tools: Allow bots like SonarQube or Codacy so Devin can respond to code quality feedback.
Interaction with Devin Review
Devin Review posts comments on PRs asdevin-ai-integration[bot]. Because this is a bot account, its comments are subject to your bot comment settings. Under the default mode (“Don’t respond to bot comments”), Devin sessions will not automatically act on findings from Devin Review.
If you want Devin to automatically address issues flagged by Devin Review, either:
- Set the mode to “Respond to specific bots only” and add
devin-ai-integration[bot]to the allowlist. - Set the mode to “Respond to all bot comments”.
Devin Review’s “No Issues Found” summary comments are always ignored regardless of this setting — only comments that report actual findings are affected.
Interaction with mention-only mode
If you have the “Only respond to PR comments that mention Devin” setting enabled, bot comments must also mention Devin (starting withDevinAI or @devin) to be processed. The bot comment filter runs first, and then the mention-only filter is applied.
Tips
- Start with “Respond to specific bots only” and add bots one at a time. This lets you verify that each bot interacts well with Devin before adding more.
- If you notice unexpected loops, switch back to “Don’t respond to bot comments” to stop them immediately.
- Bot users are identified by their GitHub user type (
Bot), not by their username. Human users with[bot]in their name are not affected by this setting.