![\"Current](\"https:\/\/www.tothenew.com\/blog\/wp-ttn-blog\/uploads\/2025\/05\/Screenshot-2025-05-05-at-12.10.31\u202fPM-1-1024x381.png\")
Current process of code review<\/p><\/div>\n
But code reviews themselves aren\u2019t perfect. Reviewers might be overloaded with tasks, unfamiliar with the specific part of the codebase, or just miss something. In teams handling dozens of PRs daily, giving every one of them enough attention is tough. And that\u2019s where AI can lend a hand.<\/p>\n
<\/h2>\nWhere Generative AI Fits In<\/h2>\n
Generative AI \u2014 like OpenAI\u2019s models can serve as a helpful assistant during the code review process. Not as a replacement for human reviewers, but as an extra layer of insight. Imagine an AI that instantly looks at your PR, summarizes the changes, points out issues, and suggests better approaches, all within seconds of opening the PR.<\/p>\n
Here\u2019s how that helps:<\/p>\n
- \n
- Every PR gets at least a baseline review.<\/li>\n
- Reviewers can focus on complex logic or business rules, rather than spotting typos or missed edge cases.<\/li>\n
- Developers get quicker feedback, which means faster iterations and fewer bugs.<\/li>\n<\/ul>\n
In this blog, I\u2019ll show you how to build an automated code review pipeline using:<\/p>\n
- \n
- GitHub Actions (to trigger reviews when a PR is raised)<\/li>\n
- Python (to extract code changes and communicate with OpenAI)<\/li>\n
- OpenAI (for generating the review)<\/li>\n
- GitHub PR Comments (to post the AI\u2019s feedback right where the developer needs it)<\/li>\n<\/ul>\n
<\/h2>\n
Architecture Overview<\/h2>\n
Here\u2019s a simple architecture diagram showing how everything connects:<\/p>\n
<\/h2>\n
![\"Automated](\"https:\/\/www.tothenew.com\/blog\/wp-ttn-blog\/uploads\/2025\/05\/Screenshot-2025-05-05-at-12.18.36\u202fPM-1024x415.png\")
Automated code review workflow<\/p><\/div>\n
Getting Started – What You\u2019ll Need<\/h2>\n
A GitHub Repository<\/h3>\n
You can use any existing GitHub repo or create a new one for this. The AI will review future PRs raised in this repository.<\/p>\n
An OpenAI Account<\/h3>\n
If you don\u2019t have one yet, create it here: OpenAI Platform<\/a> Then:<\/p>\n
- \n
- Check your available free credits here<\/a>.<\/li>\n
- If your credits are exhausted, add a payment method (minimum $5) here<\/a>.<\/li>\n
- Generate an API key and save it in your GitHub repo under:
\nSettings \u2192 Secrets and variables \u2192 Actions \u2192 Add Secret \u2192 OPENAI_API_KEY<\/li>\n<\/ul>\n<\/p>\n
How It Works \u2014 Step by Step<\/h2>\n
<\/h2>\n
1. Developer Raises a PR<\/h3>\n
This is your usual development flow, a feature or bugfix branch is pushed and a PR is created against the main branch.<\/p>\n
2. GitHub Action Is Triggered<\/h3>\n
GitHub lets you run automated workflows on events like PR creation. You can set this up by adding a YAML file under .github\/workflows\/ai-review.yml<\/strong>.<\/p>\n
The workflow does the following:<\/p>\n
- \n
- Checks out the code<\/li>\n
- Installs dependencies (like the OpenAI Python client)<\/li>\n
- Runs a Python script that triggers the review<\/li>\n<\/ul>\n
3. Get the Git Diff<\/h3>\n
The Python script compares the current branch with the target (usually main) to find out what changed:<\/p>\n
subprocess.check_output([\"git\", \"diff\", \"origin\/main...HEAD\"], text=True)<\/pre>\n
This gives us the exact changes the developer made.<\/p>\n
4. Send the Diff to OpenAI<\/h3>\n
We send this diff to OpenAI using a chat completion API, like this:<\/p>\n
client.chat.completions.create(\r\n\u00a0 \u00a0 model=\"gpt-3.5-turbo\",\r\n\u00a0 \u00a0 messages=[\r\n\u00a0 \u00a0 \u00a0 \u00a0 {\"role\": \"system\", \"content\": \"...\"},\r\n\u00a0 \u00a0 \u00a0 \u00a0 {\"role\": \"user\", \"content\": diff}\r\n\u00a0 \u00a0 ]\r\n)<\/pre>\nWe use the system role to tell the AI what kind of response we expect. In this case, a detailed code review. Here\u2019s a sample prompt:<\/p>\n
\"You are a senior software engineer and an expert code reviewer. \"\r\n\"When provided with code diffs, you will perform a detailed and structured review. \"\r\n\"Break your feedback into the following sections:\"\r\n\"1. Summary of Code Changes \u2013 Describe in simple terms what the changes are trying to do.\"\r\n\"2. Code Quality Issues \u2013 Point out bugs, code smells, or inefficiencies.\"\r\n\"3. Suggestions for Improvement \u2013 Offer clear, better alternatives (with code snippets) for problematic parts.\"\r\n\"4. Overall Assessment \u2013 Summarize how good or bad the changes are and if they meet clean code standards.\"\r\n\"Be constructive, concise, and professional.\"<\/pre>\n
The user message is the actual code diff.<\/p>\n
Why GPT-3.5 Turbo?
\nIt\u2019s fast, affordable, and surprisingly good at spotting bugs and recommending better code. If you want even deeper insights, you could upgrade to GPT-4 or GPT-4o \u2014 but for basic reviews, 3.5 is great.<\/p><\/blockquote>\n5. Post Review Back to the PR<\/h3>\n
- If your credits are exhausted, add a payment method (minimum $5) here<\/a>.<\/li>\n
- Check your available free credits here<\/a>.<\/li>\n
![\"Summary](\"https:\/\/www.tothenew.com\/blog\/wp-ttn-blog\/uploads\/2025\/05\/Screenshot-2025-05-04-at-9.24.14\u202fPM-1024x781.png\")
![\"SQL](\"https:\/\/www.tothenew.com\/blog\/wp-ttn-blog\/uploads\/2025\/05\/Screenshot-2025-05-05-at-11.46.05\u202fAM-1024x626.png\")