Conf42 Python 2025 - Online

- premiere 5PM GMT

Not Just Syntax: How AI is Changing Code Review

Video size:

Abstract

Transform your pull request reviews with AI! Learn how to go beyond basic syntax checks using context-aware systems that analyze code, provide actionable feedback, and help developers write better software. A must-see session for anyone aiming to make code reviews faster and smarter.

Summary

Transcript

This transcript was autogenerated. To make changes, submit a PR.
Everyone. Welcome to Cog42, my name is Puneet. I'm Shubham and I'll be presenting my talk on Knowledge of Syntax, how AI is changing the code reviewer team. you know that moment when you submit your PM, and you just go cross your fingers and pray that code reviewer is in a very good mood, and then checks your Go then, but I've been both side of this core review as a contributor, you and I was debating copy back from the maintenance and core reviews, which is very exhausting for the maintenance and also as a collaborator, it's very exhaustive to read so many requests and so many changes in the code. It was it is that the project is included. So how can change this? That's exactly what I'm going to explore today. And this isn't just in checking syntax, but actually proving how we write and review the code in any kind of project. But first of all, let's talk about why AI code review really matters. Number one, the problem conditional code reviews is. It's like playing Game of Detective. You scan hundreds of lines, where you look for hidden bugs, bad logic, security issues. It's very slow. Human reviewers get tired, and sometimes it leads to inconsistent feedback. With AI, it increases the speed of development. The review is done instantly without waiting for any reviewer to look into your code and provide their comment. And then you work on that again to increase the development process and developers can actually work on what really matters for them rather than just wasting time on reviewing thousands of lines of code. How AI changes this game? So AI, our code review tools are very powerful in seeing the code quality. It just does not check the syntax, but also provides a feedback on how a piece of code can run smoothly. How it can be able to work efficiently with the context of the legacy code that it has been written in. Second, it is continuously improving with the beautiful learn from large and vast amounts of open source software. Learning from language models, GitHub, and Stack Overflow. The elements are always improving themselves. So it can easily find new ways. Potential box. You can suggest any kind of improvements in the test code that is present in the repository. Second and most important point is collaborative culture. AI code reviews and AI process of culture of collaboration and continuous improvement. It provides you insights, it provides you proper comments on your code so that other developers who are reading your code after your code is merged, they also get to understand if your code is really good, how the code actually works, they don't have to waste time on looking for bad code or code that is full of bugs. before diving deep into this, let's talk about how AI Code Review actually works. There are four major components of AI Code Review. Number one, static code analysis. We can, in simpler words, we can call it checking the code without actually running it. Second, dynamic code analysis. This is testing the code in an environment where it actually runs. it's like building something for the real world. and only getting bugs and errors when the code is unmanageable. Third is a rule based system. These are using predefined rules and best practices that are imposed in an organization or anything from the guidelines. So to ensure the code is detailed and understood by other developers as well. And natural language processing and algorithms. These algorithms help you to understand code like a human would. The AI system understands the code, as a human reviewer would actually look at the code and find any kind of security issues or any bugs present in the code. Number one, static code analysis. it's like the foundation of the used AI code review tools. It's a single static code analysis around a pranker who is sitting behind a van. He finds the problems in your code before they actually become very big disasters. It scans the code for any kind of style errors, any kind of security flaws, any performance issues. And all of this happens without actually running the code. So no running of the code happens in this stage. Another stage is dynamic coding, which is testing level, which I told you about real world testing. Our next type of analysis, dynamic analysis, is about seeing the code in action. Seeing things like memory leaks. And performance bottlenecks, any kind of security exploits while the program is running. It's similar to debugging, but it's not very high level steroids. You can say that is a bottleneck. Then comes rule based systems. This is enforcing best practices, but also following one rule at a time. Rule based systems follow predefined coding guidelines. These are provided by the company, by the senior developers, or maintainers of the repository, anyone. The interest in style seekers enforce this kind of consistency. So this makes sure that anyone who is contributing on the team, who is writing the code, writes clean and readable code. And it's similar to having a strict image teacher, but for your pull request and for your code that you're actually submitting. And last is LLM and NLP. This is the AI that reads code like a human. So this is where things actually get very exciting. This is a stage where AI isn't checking your code for sentences. It's actually understanding your code. LLM models like GPT 4, DeepCore, and many more. They can recognize patterns, such as improvements, And sometimes you can rewrite your code for better efficiency and performance. It's in simpler words, you can imagine a senior engineer who is available 24 7 and never gets tired. This is the actual potential for AI code review. Let's discuss some of the advantages of AI code review. This is how you will feel after reviewing your code using any kind of AI code review tools. So the first one is efficiency and speed. Absolutely. Any kind of developer Don't want to spend a lot of time with how much debugger code is 3am, 4am, in the midnight. So AI coder, we actually scan every line of code. Helps you find any bugs, any performance issues, everything that is wrong with your code. and writes or rewrites it according to your provided needs. Second, consistency and accuracy. There is no human bias, no fatigue. So AI ensures that the code that is written and code, depending on the code complexity, the inconsistencies and errors are minimized. To a certain level that humans often miss detection of hard to find bugs using stereo like dynamic, testing and NLMs, which excels identifying hidden bugs sometimes that humans often miss. Reduced learning effort, obviously AI tools has been reducing the manual effort of AI code reviewers, of human code reviewers and Increases the team productivity and helps in fast and continuous development. everything is just pros and cons. AI code is good at that too. There are certain limitations and concerns that you have to keep in mind when it comes to AI code. Number one is lack of human judgment. AI doesn't put it as creativity or any kind of design. For example, Once I experienced this when I wrote a SQL query, and my AI code reviewer flagged it as a dead mark. Even though the SQL query was written only for testing purposes, the AI couldn't understand it. It saw it as a security flaw. This happens sometimes with AI code reviewers. So it's better to provide context, provide for prompts, or files that can help the AI to understand the gist. It's not just for the purpose of production, but also for the testing purpose. Second, false positives and negatives. Sometimes the AI code reviewers will always flag a necessary vulnerability. Just like I explained with the example of the HPF reviewer. This happens. And, This is where human code reviewers are important, they come in and look at this, but most of the time it is not necessary. Number 3 is context. Providing a context is very important. AI doesn't understand business logic, so you have to provide a proper context to help AI code review tools. To properly review your code, identify your bugs, and especially prevent any kind of false positives. Now here comes AI and human collaboration. How we can use AI review tools and also work with AI review tools and not just be completely dependent on it. I believe AI's role should be the co pilot and human's role should be the pilot. AI's role is the co pilot and co pilot will Do the scalable code review, provide any fact on the common bug, suggest any kind of refactoring, and obviously, never gets tired. So a human soul, the pilot, a human is able to understand the business logic, everything human is able to know. That is why this particular form was written and why this has been here for a very long time. There might be certain issues, other policy on any kind of context that is important for the, for these company, the ai, that context only human to human reviewers. Can I create it Code. AI is trained on code that is already written by us, and it is sometimes monotonous and does not provide creative solutions to problems, whereas humans can think creatively and provide solutions that are maintainable, more readable, more efficient, and more creative. AI can validate the AI solution, humans can validate the AI solution. This is because when we use the AI review support, we can always review it again to see any kind of issue that might be missed or any kind of complex system that was flagged unnecessarily. So any AI reviewer, any human reviewer, Can work with an AI to improve tools and help them. The future of AI is definitely, AI to improve. And it will become more context of AI. So what we can do? We can employ a theory to learn from it. We can ride with it and move along with it. So we can explore various AI code review tools. Some of my favorites are GitHub Copilot, Open AI even. Code Rabbit is a GitHub plugin that can help you review your before it is merging into repository. We can also integrate AI tools into a current development systems. Let's cur AI or . We can generate and we do some monotonous work that is doing and focus more on what needs to be done. And you can always continuously learn and adapt. Whatever is needed. Whatever AI tools are being done or created in the market. that's the end. I hope you like this session and if you have any questions, if you want to discuss more about AI code review tools, if you want to try out my own code review tools, connect with me on LinkedIn or on Twitter. And we can always talk about it. And always remember, AI is always making the coding smarter. But great for the person like you and us, everyone. They will make it powerful. So just keep learning, keep building. Have a great day. Thank you so much.
...

Shubham Singh

Freelance

Shubham Singh's LinkedIn account Shubham Singh's twitter account



Join the community!

Learn for free, join the best tech learning community for a price of a pumpkin latte.

Annual
Monthly
Newsletter
$ 0 /mo

Event notifications, weekly newsletter

Delayed access to all content

Immediate access to Keynotes & Panels

Community
$ 8.34 /mo

Immediate access to all content

Courses, quizes & certificates

Community chats

Join the community (7 day free trial)