SiteBrief
Start free
All articles
Product6 min read·May 21, 2026

Introducing DevLab: SiteBrief Now Fixes Issues and Opens Pull Requests Automatically

Every agency deals with the same recurring problems — missing security headers, broken robots.txt, WP_DEBUG left on in production. DevLab detects them, generates the fix, and opens a GitHub or GitLab PR for your review.

Every web agency deals with the same recurring issues on client sites. A missing Strict-Transport-Security header here. A robots.txt that blocks crawlers there. WP_DEBUG accidentally left on in production. SEO meta tags that nobody added when the site launched.

These aren't hard fixes. They're just tedious — and they pile up across 10, 20, 50 client sites. Today, we're shipping DevLab: a new section in SiteBrief that not only detects these problems, but generates the fix and opens a pull request on your GitHub or GitLab repository for your review.

DevLab is available now for all SiteBrief Pro and Agency plans. Connect your GitHub or GitLab account in Integrations, link a repo per site in Site Settings, and you're ready.

The workflow: Detect → Explain → Fix → PR → You approve

The whole point of DevLab is to compress a task that normally takes 15–30 minutes per site into a single click — while keeping you in full control. Here's what happens:

1. Detect
SiteBrief continuously scans every site for security header gaps, SEO problems, PageSpeed issues, WordPress misconfigurations, and broken crawl settings.
2. Explain
Every issue surfaces in DevLab with a plain-English description, severity level (Critical / High / Medium / Low), confidence score, and manual fix steps — so you always understand what's happening.
3. Fix generated
Click "Preview fix" and SiteBrief generates the exact code change — the file path, the new content, and what specifically will be added or modified.
4. PR opened
Confirm in the preview modal and SiteBrief opens a pull request (GitHub) or merge request (GitLab) on your repo — with a descriptive title, full context in the body, and a dedicated fix branch.
5. You approve
Review the diff on GitHub or GitLab as you normally would. Nothing merges automatically. Your repo, your rules.

What DevLab can auto-fix today

Each fix type has a confidence score — a measure of how likely the generated fix is correct without any manual adjustment:

WP_DEBUG on in production
define('WP_DEBUG', true) → define('WP_DEBUG', false) in wp-config.php
wp-config.php
95% confidence
robots.txt missing or broken
Creates a valid robots.txt with User-agent: * / Allow: / and your Sitemap URL
public/robots.txt
90% confidence
Missing security headers
Strict-Transport-Security, X-Frame-Options, CSP, X-Content-Type-Options, and more
netlify.toml / .htaccess / nginx.conf
88% confidence
viewport or canonical missing
Adds the correct meta viewport or canonical link tag
app/layout.tsx or index.html
85% confidence
PageSpeed — no cache headers
Adds Cache-Control: max-age=31536000 for JS, CSS, fonts, and images
netlify.toml / .htaccess / nginx.conf
75% confidence
SEO title / description missing
Generates a placeholder value based on site name — review before merging
app/layout.tsx or index.html
62% confidence

Confidence scores are colour-coded throughout DevLab: green (≥85%) means the fix is safe to merge without testing, amber (≥70%) means you should test on staging first, and orange (<70%) means the generated value is a placeholder that needs your review.

Auto-detection: we find the right file in your repo

One of the more interesting engineering decisions was server type detection. When DevLab generates a fix for, say, a missing security header, it doesn't assume you're on Netlify. It tries each candidate file in order:

  • netlify.toml — if found, adds a [[headers]] block
  • .htaccess — if found, adds a Header always set directive inside mod_headers
  • nginx.conf (or nginx/default.conf) — if found, injects add_header into the server block

For SEO fixes, it detects your framework: Next.js App Router sites get changes to app/layout.tsx using the metadata export. Plain HTML sites get the appropriate <meta> tags injected into <head>.

We know AI-generated fixes sound scary

We built several layers of trust into the workflow specifically because we know this sounds intimidating at first:

Preview before anything happens
You see the exact file, value, and confidence score before a PR is created.
Nothing merges automatically
Every fix is a PR or MR. You review the diff and approve — same as any other code change.
One-click rollback
Changed your mind? Close the PR directly from DevLab without leaving SiteBrief.
GitHub + GitLab
Works with both providers. Connects via OAuth in 30 seconds, per site.

Multi-page SEO crawl

DevLab also extends the existing SEO audit beyond the homepage. When you run an SEO check, SiteBrief now crawls up to 10 internal sub-pages — extracted from the homepage's internal links — and checks each for missing title, description, h1, og:title, and og:description. The results appear in a collapsible "Sub-pages crawled" section in the SEO Audit panel.

PR history and audit trail

Every PR and MR opened by DevLab is recorded. At the top of the DevLab page you'll find a history panel showing all open fixes across your sites — with direct links to review them on GitHub or GitLab, and a Close button to roll back any fix you decide not to merge.

What's coming next

We're working on expanding the auto-fix library. On the short list:

  • Staging branch deploys — open the fix PR against a staging branch, not main
  • Dependency security updates — scan package.json and composer.json, PR with safe version bumps
  • Scheduled maintenance reports — weekly email digest of all issues and fixes across your portfolio
Try DevLab now → Go to DevLab in your SiteBrief dashboard. Connect GitHub or GitLab in Integrations, link a repo in Site Settings, and click "Preview fix" on any auto-fixable issue.
All articlesTry SiteBrief free