Is Code Review Dead?

3 min read 448 words
View on Substack
AI/ML Engineering Quality

We have a problem. If we are generating code with agents, the volume of code increases by orders of magnitude. People are complaining about the time they spend reviewing code, and that it doesn't improve productivity compared to simply writing it. That’s 100% true. We have two real options: stop using agents to write code so its easier to inspect it afterward, or engineer a solution for the problem. As an engineer, I default to the latter.

Claim: “You can put better instructions in place for lint and agent to perform automatic review, but in the end, if you are leading technical development, you have to be extremely careful during the review. There are, and will be, a few aspects that always require human attention, such as business logic and architectural patterns. If you leave these to automation, then God be with your customers.”

1. Never use an agent to execute rules. It's very expensive relative to using tools designed to execute rules. Use agents for patterns.

2. If you are code reviewing for business logic, you absolutely should not touch agents for coding. You should learn to test and then use agents to help fix your broken or missing test suite. Never use agents to review business logic. It's logic. It's rules. See 1. Before ever coding with agents, learn the habits of developing from tests instead of (hopefully) testing after development.

3. So, what CAN AI replace in code review? The things we should be looking for are code clarity and architectural patterns. That requires pattern matching. In code review, it's often based on opinions that may have value, but often are just "trust me, bro." Good architectural patterns and clarity of code are important. That's even more true when using agents to develop because the cost of reading poor code is high, whether done by people or machines. Fortunately, AI excels at recognizing patterns, and the good models are trained on what good patterns look like. So, define agents for that.

I can't think of anything else I code-review for when I have a solid CD pipeline (feature zero on everything I do). So, I'm adding these new review capabilities to every repo I need to work on, and I've stopped looking at code that meets my fitness criteria I’ve defined. If the pipeline is green, I ship.

That's not theory. That's my current practice at work. Just as with continuous delivery, it’s safer than the alternatives… if you take quality seriously. If not, use agents to help establish your quality process and validate that before using them for code.