AI Code Review
September 3, 2020

The Evolution of Automated AI Code Reviews

DevOps

It wasn’t that long ago when code reviews needed to be conducted face-to-face. They usually resulted in long meetings filled with a few unenthusiastic participants. The process and outcomes were usually never well defined, except to find the bugs.

But with the rise of automated code reviews, humans are becoming less and less involved. The next step in code review’s evolution is leveraging new technology to review more code in less time. The future of artificial intelligence (AI) code reviews, specifically those using machine learning (ML) is still being formed. But how can they help teams use these tools to move faster and produce higher-quality code?

Code Review Automation of Today

In organizations with solid continuous improvement cultures, code reviews often focus on finding or fixing issues and ensuring best practices in coding are being followed. Most code review development workflows are now automated.

Before the code review, automated steps happen in a CI pipeline:

  • Linting or static code analysis.
  • Running a build.
  • Performing unit tests.

After builds and tests pass, developers outside of the author take a look at the code itself. Because no one wants to waste time reviewing code that “might” be defective. These steps happen very often as developers are committing code throughout the day. For teams that “shift left,” you can expect each developer to commit multiple times a day. Using containers and orchestration tools such as Kubernetes, automation can handle this volume of CI workload. The more commits being made, the more code reviews are required.

With collaboration tools, you can automatically spread the workload of reviews out among members of your team.

Benefits and Challenges with Humans Reviewing Code

Of course, there are benefits for implementing code review processes run by humans.

  • Transparency — The entire team gets a better picture of what everyone is working on.
  • Promoting Shared Values — You want people to be so proud of their work, they look forward to showing it to their colleagues.
  • Becoming More Cohesive — Developers tend to be heads-down introverts. Human code reviews allow them to interact more. It’s gives a change for a developer to explain what they are doing, and why.
  • Building Self-Esteem for New Developers — Human code reviews help showcase knowledge and skill, among both peers and leaders. They can help onboard new team members.

Although there are benefits, human reviews can impede overall improvement. Sometimes, busy developers look at changes quickly, so they can move on to the next work item. Unless they see something that obviously doesn’t make sense, they may provide very minimal feedback. Other times they might provide unhelpful or mean/sarcastic comments. These “social-media” like behaviors impede any actual conversation or review, and negatively impact team cohesion.

Advance of AI and Machine Learning Code Reviews

We are still a long way away from replacing face-to-face conversation with a bot. However, there are many initiatives looking to resolve the problems and costs associated with code reviews.

By adopting AI/machine learning techniques, teams could get more actionable insights, metrics, and functionality that are not possible without such algorithms. There are some tools already out there.

Deep Code AI Code Review

DeepCode says that its AI platform can build its own actionable recommendations. They are based on learnings from millions of open source commits and can find things humans might miss. You can then use AI to find out what is logically wrong and how others have fixed the same problem.

CodeGuru Machine Learning Code Review

Amazon CodeGuru is a newer product in review on AWS. Currently it only works with Java, but it takes a different approach to analyzing code. Although it is listed as a code review tool, you would find it in the category of AWS machine learning tools. With a focus on performance, this tool helps find the most expensive lines of code that hurt application performance.

CodeGuru is based on millions of code reviews and thousands of applications profiled on open source and internal projects at Amazon. It can discover issues in code like resource leaks, potential concurrency race conditions, and wasted CPU cycles. Plus, it can be integrated into your CI/CD pipeline, both in the code review and performance monitoring stages.

Learn More About of AI and Machine Learning Code Reviews

Machine learning and AI code review tools are in the early adopter phase. The potential benefits for teams are promising. And as they become increasingly integrated with IDEs and CI/CD pipeline tool, it is only a matter of time before more teams start using them.  

For forward-thinking companies, there is still a lot you can leverage to enhance automation and velocity. 

This blog is an excerpt from Accelerating Software Qualitya new book from bestselling author and testing expert Eran Kinsbruner, featuring many Perforce experts. Order your copy today to learn more.

Accelerating Software Quality