AI Code reviews sounds great but isn't that a catch 22--we still won't know what the code is doing. The point of the review is not just to ensure that code don't break but that it's in alignment with all company standards, especially security.
I agree, this will have to evolve to a hybrid split % based on organization.
That's correct. How I see it is that the author should take full responsibility of all the changes (AI should never be responsible), that includes security, style, standards, etc. And we try to optimize the AI code review as much as possible to include the context of all the important things.
I don't think there's a clear path yet on how exactly get to the point where we can trust AI enough to be the main reviewer, but I definitely see how big productivity gains this can bring.
In the recent weeks I was thinking in a very similar way.
- AI assisted code, being pushed to repository
- CI already checks for code style, static code analysis, security issues
- now add a AI bot to review code that gives insights over whole project.
I am wondering why require a human review.
I do understand it’s a habit and loosing control.
Human reviews are now very expensive and takes a lot of thinking power if provide in depth comments and analysis.
Some tells me it’s a knowledge sharing, but if code is already AI generated, it’s getting hard to understand and know others developers intent apart of AI suggested that.
So make it optional. And jump that leap of faith. Trust tests and monitoring, ability to revert or do rolling release. Looks like more crucial blocks than nice addition.
Right, I am hearing from more and more people that they doubling down on AI code reviews. It's just not sustainable to keep human reviews and it doesn't scale.
The author of the PR takes full accountability of the code, while the AI code reviewers review the code.
People have also told me they see a lot of productivity gains from doing this while the incidents haven't increased. I think this is where we are heading as an industry, and what's becoming a new standard.
AI Code reviews sounds great but isn't that a catch 22--we still won't know what the code is doing. The point of the review is not just to ensure that code don't break but that it's in alignment with all company standards, especially security.
I agree, this will have to evolve to a hybrid split % based on organization.
That's correct. How I see it is that the author should take full responsibility of all the changes (AI should never be responsible), that includes security, style, standards, etc. And we try to optimize the AI code review as much as possible to include the context of all the important things.
I don't think there's a clear path yet on how exactly get to the point where we can trust AI enough to be the main reviewer, but I definitely see how big productivity gains this can bring.
💯 agree with your points. If AI is going to help us create, we are still responsible for the success and the pitfalls.
In the recent weeks I was thinking in a very similar way.
- AI assisted code, being pushed to repository
- CI already checks for code style, static code analysis, security issues
- now add a AI bot to review code that gives insights over whole project.
I am wondering why require a human review.
I do understand it’s a habit and loosing control.
Human reviews are now very expensive and takes a lot of thinking power if provide in depth comments and analysis.
Some tells me it’s a knowledge sharing, but if code is already AI generated, it’s getting hard to understand and know others developers intent apart of AI suggested that.
So make it optional. And jump that leap of faith. Trust tests and monitoring, ability to revert or do rolling release. Looks like more crucial blocks than nice addition.
Right, I am hearing from more and more people that they doubling down on AI code reviews. It's just not sustainable to keep human reviews and it doesn't scale.
The author of the PR takes full accountability of the code, while the AI code reviewers review the code.
People have also told me they see a lot of productivity gains from doing this while the incidents haven't increased. I think this is where we are heading as an industry, and what's becoming a new standard.