Previous: Sentry Demo
G
+
C

From PR Review to Refactor

I designed this co-sell motion to show how Cursor's agent supercharges GitHub's code review workflow, automating multi-file refactors and test generation from review comments.

Cursor helps enterprises supercharge their existing tech stack. This agentic workflow is repeatable across any GitHub Enterprise customer.

Scroll to experience the workflow

Act 1

PR Review Flags Issues

A complex pull request lands for review. Team leads flag duplicated logic, inconsistent patterns, and missing functionality across multiple files.

refactor: consolidate auth session handling#347
2 reviewers 3 comments
+236-1996 files changed
Changes requested

Files changed

session-manager.ts
+47-12
token-store.ts
+23-8
rate-limiter.ts
+89-3
profile.ts
+15-31
cache.ts
+62
legacy-auth.ts
-145
src/services/auth/session-manager.ts
1 export class SessionManager {
2   private store: TokenStore;
3  
-  async refresh(sessionId: string) {
-    const token = await this.store.get(sessionId);
-    if (token.isExpired()) {
-      const newToken = await this.issueToken(token.userId);
-      await this.store.set(sessionId, newToken);
-      return newToken;
-    }
-    return token;
-  }
+  async refresh(sessionId: string) {
+    const token = await this.store.get(sessionId);
+    if (!token) throw new SessionNotFoundError(sessionId);
+    if (token.isExpired()) {
+      const refreshed = await this.tokenRefreshService.rotate(token);
+      await this.store.set(sessionId, refreshed);
+      this.emit("session:refreshed", { sessionId });
+      return refreshed;
+    }
+    return token;
+  }
24  
25   async revoke(sessionId: string) {

Review Comments

S
sarah-engsession-manager.ts:34

This session refresh logic duplicates what we have in token-store.ts. Can we consolidate these into a single source of truth?

A
alex-leadrate-limiter.ts:17

The rate limiting config is hardcoded here. We should pull this from the shared config and make it consistent across all middleware.

S
sarah-engcache.ts:8

This cache implementation doesn't handle TTL expiration. Also, the eviction strategy needs to match our existing pattern in redis-client.ts.

Act 2

Cursor Ingests the Repo

Cursor indexes the entire repository, loads the PR context with review comments, and maps dependencies across the codebase.

Scanning repository
src
services
auth
session-manager.ts
token-store.ts
token-refresh.ts
legacy-auth.ts
payment
gateway.ts
stripe-client.ts
middleware
rate-limiter.ts
cors.ts
auth-guard.ts
api
users
profile.ts
settings.ts
utils
cache.ts
redis-client.ts
config.ts
127 files indexed8 files relevant to PR
Cursor Context Engine

Indexing repository

127 files parsed

Loading PR context

6 changed files + 3 comments

Cross-referencing patterns

8 related files identified

Context ready

Full dependency map built

Act 3

Multi-file Refactor

Cursor generates a coordinated refactor across 5 files simultaneously, addressing every review comment while preserving existing behavior.

Cursor - Multi-file Edit
5 files modified
session-manager.ts
token-refresh.ts
rate-limiter.ts
cache.ts
profile.ts
src/services/auth/session-manager.ts+4-3
 export class SessionManager {
-  private store: TokenStore;
+  private tokenService: TokenRefreshService;
+  private eventBus: EventEmitter;
  
-  async refresh(sessionId: string) {
-    const token = await this.store.get(sessionId);
+  async refresh(sessionId: string): Promise<Token> {
+    return this.tokenService.refreshSession(sessionId);
   }
src/services/auth/token-refresh.ts+15-0
+import { TokenStore } from "./token-store";
+import { EventEmitter } from "@/utils/events";
+ 
+export class TokenRefreshService {
+  constructor(
+    private store: TokenStore,
+    private events: EventEmitter
+  ) {}
+ 
+  async refreshSession(sessionId: string) {
+    const token = await this.store.get(sessionId);
+    if (!token) throw new SessionNotFoundError(sessionId);
+    // ... consolidated refresh logic
+  }
+}
src/middleware/rate-limiter.ts+4-3
-const RATE_LIMIT = 100;
-const WINDOW_MS = 60_000;
+import { config } from "@/utils/config";
+ 
+const { rateLimit, windowMs } = config.middleware;
  
 export function rateLimiter(req: Request) {
-  const key = getClientKey(req);
+  const key = getClientIdentifier(req);
src/utils/cache.ts+10-2
-export class SimpleCache {
-  private map = new Map();
+import { RedisClient } from "./redis-client";
+ 
+export class Cache {
+  constructor(private redis: RedisClient) {}
+ 
+  async get<T>(key: string): Promise<T | null> {
+    const entry = await this.redis.get(key);
+    if (!entry || entry.expiredAt < Date.now()) return null;
+    return entry.value as T;
+  }
src/api/users/profile.ts+2-2
-import { SessionManager } from "@/services/auth/session-manager";
+import { TokenRefreshService } from "@/services/auth/token-refresh";
  
-const session = new SessionManager();
+const tokenService = container.resolve(TokenRefreshService);
  
 export async function getProfile(req: Request) {
5 files changed across 3 modules
+67 additions-29 deletions
Act 4

Tests Auto-generated

Cursor generates a comprehensive test suite for the refactored code, covering edge cases and verifying backward compatibility.

token-refresh.test.ts
new file
Test Results
8 passed
refreshes expired tokens12ms
throws for missing sessions3ms
emits event on successful refresh8ms
uses config-driven rate limits5ms
cache respects TTL expiration14ms
cache delegates to redis client7ms
profile endpoint uses new token service22ms
legacy auth migration path works18ms

All tests passing

8 tests, 3 suites, 89ms total

100%

Pass rate

94%

Coverage

89ms

Total time

Act 5

Better Together

G
C

Smarter Reviews

GitHub surfaces review feedback and code quality issues. Cursor understands the full repo context to execute the right fix.

Instant Refactors

Cursor transforms review comments into multi-file refactors in minutes. No more back-and-forth review cycles.

Ship with Confidence

Auto-generated tests and CI validation ensure every refactor is production-ready before merge.

0%

Faster Code Review Cycles

When GitHub review feedback feeds directly into Cursor's intelligent refactoring, review cycles shrink from days to minutes.