Troubleshooting

FAQ

Frequently asked questions about Koalr — how it works, what data it stores, and how it compares to other tools.

Product

How is Koalr different from Swarmia or LinearB?

Swarmia and LinearB are excellent DORA dashboards — they measure what happened after the fact. Koalr does that too, but its primary differentiator is pre-deploy risk prediction: every pull request gets a 0–100 risk score before anyone clicks merge, computed from 23 research-validated signals.

Neither Swarmia nor LinearB has pre-deploy risk scoring, CODEOWNERS drift detection, or a conversational AI panel against live engineering data.

Does Koalr replace PagerDuty or OpsGenie?

Koalr includes native incident management: on-call scheduling, escalation policies (voice, SMS, push), rotation management, and a service catalog. For teams that want a single platform, Koalr can replace PagerDuty or OpsGenie.

If you prefer to keep your existing on-call tool, Koalr integrates with both and correlates incidents to the deployments that caused them. The integrations are complementary, not mutually exclusive.

What is deploy risk prediction and how does it work?

Koalr analyzes every pull request using 23 research-validated signals across five categories — change characteristics (entropy, size, DDL migrations), author expertise (file familiarity, CODEOWNERS ownership, rework rate), review coverage (depth, reviewer familiarity, compliance), test coverage (delta on changed files, new code coverage), and deployment context (timing, SLO burn rate, AI authorship) — and produces a composite risk score from 0–100.

Scores ≥ 70 are HIGH risk. Koalr can send a Slack alert, post a GitHub comment, or block the merge via a GitHub Check Run depending on your configuration.

See Deploy Risk for the full signal breakdown.

Can Koalr automatically block risky deploys?

Yes, on the Business plan. Koalr writes a Koalr Deploy Risk GitHub Check Run when a PR score exceeds your configured threshold. Combined with a branch protection rule requiring the check to pass, this blocks engineers from merging until the risk is addressed (or an admin overrides).

Configure the threshold at Settings → Deploy Risk → Block Threshold. We recommend starting at 80 and adjusting based on your team's false positive tolerance.

What is CODEOWNERS enforcement?

GitHub's CODEOWNERS file specifies which engineers must review changes to specific files or directories. Koalr syncs your CODEOWNERS daily, detects drift (files with no registered owner), and can enforce CODEOWNERS review as a GitHub Check Run.

This means a PR touching src/payments/ won't merge until someone from the billing team approves it — even if all other checks pass. See CODEOWNERS for governance and drift detection.

Does Koalr work with GitHub Actions?

Yes. Koalr reads GitHub Check Runs from your Actions workflows to include CI status in the risk score. It also reads GitHub Deployments to track deployment events. No changes to your CI pipeline are required.

On Business plan, Koalr can also write a Check Run back to GitHub to block high-risk merges.


Data & Privacy

Does Koalr read or store my source code?

No. Koalr never reads or stores source code. It pulls metadata only:

  • PR titles, descriptions, and labels
  • File paths and line change counts (not file contents)
  • GitHub Check Run statuses and names
  • Commit SHAs and timestamps
  • Coverage percentages (from Codecov or SonarCloud)
  • Deployment event metadata

The LLM-based Semantic Risk signal analyzes commit messages and PR descriptions — not code diffs.

Is my data used to train AI models?

No. Your engineering metrics data is never used to train Koalr's AI models or shared with third parties. Koalr AI (the chat panel) uses Anthropic's Claude API. Queries and your metric summaries are sent to Anthropic under their data processing agreement; raw source code is never sent.

Where is data stored?

Koalr stores all data in PostgreSQL 16 + TimescaleDB on Railway (AWS us-east-1). Data is encrypted at rest (AES-256) and in transit (TLS 1.3). See the Privacy Policy and Subprocessors list.

How long is data retained?

PlanRetention
Free30 days
Growth90 days
Business1 year

Data is purged automatically after the retention window.


Billing & Contributors

What counts as a contributor?

A contributor is any active Koalr user account. Invited engineers who accept their invitation count as contributors. Koalr does not charge per repository, per integration, or per API call.

The Free plan includes 5 contributors at no cost. Growth supports up to 25 contributors. Business is unlimited.

Can I downgrade from Business to Growth or Free?

Yes. Downgrading takes effect at the end of your current billing period. Data history beyond your new plan's retention limit is archived (not deleted) for 30 days in case you upgrade again.

Do you offer annual pricing?

Yes — annual plans save approximately 20% compared to monthly. Contact [email protected] for an annual quote.


Setup & Integrations

How long does initial data sync take?

The first GitHub sync backfills up to 90 days of PR and deployment history. For most organizations this completes in 2–5 minutes. Larger organizations (1000+ PRs/month) may take up to 20 minutes for the initial backfill.

Live data (new PRs, new deployments, new incidents) is synced via webhooks in real time.

I connected GitHub but I don't see any data.

See Data Not Showing After Setup for a step-by-step diagnosis guide.

The most common causes:

  1. GitHub Personal Access Token is missing the repo or read:org scope
  2. Webhook was not delivered — check Settings → Integrations → GitHub → Webhook Events
  3. The PAT was entered for a GitHub user that is not a member of the organization

Do you support GitHub Enterprise (self-hosted)?

Koalr supports GitHub Enterprise Cloud (github.com-hosted). Self-hosted GitHub Enterprise Server (GHES) is on the roadmap for a future release. Contact [email protected] if GHES support is a blocker for your evaluation.

Do you support GitLab or Bitbucket?

Not currently. GitHub is the only supported VCS. GitLab is the next planned integration. Contact us to register interest.


Security

Is Koalr SOC 2 compliant?

Koalr is currently pursuing SOC 2 Type II certification. Contact [email protected] for our current security posture documentation and timeline.

Can I use SSO?

SAML/OIDC SSO is available on the Business plan. Supported identity providers: Okta, Azure AD, Google Workspace, and any SAML 2.0-compatible provider.

What permissions does the GitHub integration require?

Koalr requires a GitHub PAT with the following scopes:

  • repo — read repository metadata, PRs, files, and check runs
  • read:org — list organization members and teams
  • read:user — identify the authenticated user

We never request write access unless you enable GitHub Check Run blocking (Business plan), which requires statuses:write or checks:write.