Ask HN: What tools are you using for AI-assisted code review?
My team (around 40 people who write code) is evaluating tools for AI-assisted code review. The market appears to be rife with options, so before starting a series of free trials, I’d like to ask a knowledgeable crowd.
What tools or services are you using? Do you use them just for code review, or for other purposes as well, such as incident response or branch management? Why did you choose them, and what do you like or dislike about them?
What I use for: I use for identifying duplicated code. It is deterministic, doesn't use AI, offline, runs from CLI and is super fast (and free).
What I dislike: I won't say it I dislike, but it is not a tool that does all the jobs of a code review. For instance, it doesn't flag security issues. It is superfocused on code duplication (it performs better than Sonar for this use case) and is specifically useful for large codebases. Disclaimer: I am one of the collaborators, so take it with a grain of salt https://github.com/Rafaelpta/dupehound
Besides local review via codex and Claude code, we are using GitHub Copilot with custom instructions. We just assign it as a reviewer in GitHub and a couple minutes later, the review is done. It raises a lot of issues which are valid and which I never had found. https://docs.github.com/en/copilot/tutorials/customize-code-...
Opencode, mainly because I appreciate how one of the founders treats the UX as a first class concern. Its a great tool to learn since it can help us pivot from the potential impending provider crisis where teams may start having to consider things outside of the large labs.
As my daily driver at home, I use Pi though because it doesn't get in your way and forces you to understand how the sauce is made.
Built my own using Claude Code; inside a gitlab job we call Claude Code headless. This works well. There is a tiny mcp server exposed to Claude so it can post inline comments. All existing comments are fed into the reviewer to avoid double posting. The quality of feedback is high. Most complexity is in the SHA management. For example after a rebase. Luckily LLMs understand git very well otherwise it would have been impossible for me.
Claude-Code and Codex in combination, combined with an IDE such as Google Antigravity or VisualStudio-Code are very powerful tools, if your company can invest in hardware the new Mac Studio and MacBook Pro allow optimized local inference through open-source tools such as: https://github.com/antirez/ds4
I don't use these tools, but wouldn't it be better to use them only after you do a manual review to see if they find anything you missed? Otherwise I could see reviewers getting false confidence and doing a less thorough review. This happens with seeing that unit tests pass.
Honestly I get awful results using this skill. The output is way better when I simply ask it to review the changes on my branch compared to origin/main
What I use for: I use for identifying duplicated code. It is deterministic, doesn't use AI, offline, runs from CLI and is super fast (and free).
What I dislike: I won't say it I dislike, but it is not a tool that does all the jobs of a code review. For instance, it doesn't flag security issues. It is superfocused on code duplication (it performs better than Sonar for this use case) and is specifically useful for large codebases. Disclaimer: I am one of the collaborators, so take it with a grain of salt https://github.com/Rafaelpta/dupehound
As my daily driver at home, I use Pi though because it doesn't get in your way and forces you to understand how the sauce is made.
https://www.coderabbit.ai/
Codex on top of that with specific rules and syntax requirements.