Graphite Reviewer is now Diamond

Using ChatGPT for code review

Greg Foster
Greg Foster
Graphite software engineer
Try Graphite

+Code review is a critical part of the software development lifecycle, helping teams identify bugs, maintain code quality, and ensure adherence to best practices. With the rise of large language models (LLMs) like ChatGPT, developers now have AI-powered tools to augment traditional code review processes. This technical guide explores how to effectively use ChatGPT for code review, including methodologies, best practices, limitations, and real-world applications.

AI code review refers to the use of artificial intelligence, particularly large language models (LLMs), to analyze code for errors, inefficiencies, security vulnerabilities, and style issues. Using tools like ChatGPT for code review offers several advantages:

  • Time efficiency: AI can review code faster than humans, often catching issues that would take developers hours to identify.
  • Consistency: AI tools apply the same level of scrutiny to every line of code, regardless of time constraints or reviewer fatigue.
  • Knowledge breadth: LLMs have been trained on vast repositories of code across multiple languages and frameworks.
  • Continuous improvement: As AI models improve, so does their ability to provide more nuanced and accurate code reviews.

ChatGPT and similar LLMs perform code review through a process that involves pattern recognition, contextual understanding, and comparison against learned best practices:

  1. Code parsing: The model analyzes the structure and syntax of submitted code.
  2. Pattern recognition: It identifies common patterns and anti-patterns based on its training data.
  3. Contextual analysis: It evaluates code within its surrounding context to understand functionality.
  4. Best practice comparison: It compares code against learned best practices and common conventions.
  5. Feedback generation: It generates human-readable feedback with suggestions for improvement.

The effectiveness of LLM code review depends on several factors:

  • The quality and breadth of the model's training data
  • The complexity and domain-specificity of the code being reviewed
  • How well the prompt structures the review task
  • The model's inherent limitations in understanding business logic and project-specific requirements

To effectively use ChatGPT for code review, follow these setup steps:

More advanced models like GPT-4 typically offer better code understanding capabilities than older versions. Consider using specialized code models when available.

Effective prompts are crucial for quality code reviews. Here's a template to start with:

Terminal
Please review the following [language] code for:
1. Potential bugs or logic errors
2. Performance optimization opportunities
3. Security vulnerabilities
4. Adherence to [language] best practices
5. Code readability and maintainability issues
Code to review:

For more accurate reviews, include:

  • Programming language and version
  • Framework or libraries being used
  • Project-specific conventions or requirements
  • The purpose of the code and expected behavior

Break large code reviews into manageable chunks to:

  • Stay within token limits
  • Get more focused feedback
  • Maintain context for related code sections

Direct ChatGPT to focus on specific aspects of code review:

Terminal
Please review this Python code, focusing specifically on:
1. Memory usage optimization
2. Error handling patterns
3. API security best practices

Use an iterative approach to refine both code and reviews:

  1. Submit code for initial review
  2. Apply suggested changes
  3. Submit updated code for follow-up review
  4. Ask clarifying questions about suggestions

Tailor prompts to the specific language being reviewed:

Terminal
Please review this TypeScript React component with a focus on:
1. Type safety
2. React hooks usage best practices
3. Component performance optimization
4. Accessibility compliance

While LLM code review offers significant benefits, it's important to understand its limitations:

  • Context window constraints: ChatGPT has a finite token limit, restricting the amount of code it can analyze at once
  • Training data cutoff: Some models may not be familiar with the latest language features, libraries, or best practices
  • Understanding project architecture: LLMs struggle to understand how individual components fit into larger systems
  • Business logic comprehension: AI cannot fully grasp domain-specific requirements or business logic
  • Over-reliance: Teams may become too dependent on automated reviews, missing issues that require human insight
  • False positives/negatives: AI may flag non-issues or miss subtle bugs
  • Implementation challenges: Suggested fixes may be technically correct but inappropriate for the specific project context

Pros:

  • Highly flexible for various languages and frameworks
  • Good for conversational, interactive reviews
  • Can explain issues in simple terms
  • Adaptable to different review focuses

Cons:

  • Limited integration with development environments
  • No access to repository history
  • Manual process for submitting code
  • Cannot enforce organizational standards automatically

Pros:

  • Deeper integration with development workflows
  • Access to repository context and history
  • Automated scanning and reporting
  • Customizable to organizational standards

Cons:

  • May be less flexible across languages
  • Often requires subscription or licensing
  • May have more limited explanation capabilities

Graphite's Diamond tool represents an evolution in AI code review, offering specialized capabilities that address many limitations of using general-purpose LLMs like ChatGPT:

  • CI/CD integration: Automatically reviews code as part of pull requests
  • Repository awareness: Understands the context of changes within the broader codebase
  • Customizable rules: Can be configured to enforce team-specific standards

Diamond's focused approach to AI code review demonstrates how specialized tools can provide more streamlined workflows compared to manual ChatGPT review processes, while still leveraging the power of LLM technology.

ChatGPT code review represents a powerful addition to the developer's toolkit, offering rapid, consistent feedback that can significantly improve code quality. While it shouldn't replace human review entirely, it serves as an excellent first pass and educational tool that can streamline the development process.

The most effective approach combines:

  • General-purpose LLM reviews (like ChatGPT) for flexible, educational feedback
  • Specialized tools like Graphite's Diamond for workflow integration and repository-aware insights
  • Human expertise for contextual understanding and strategic decisions

By understanding both the capabilities and limitations of LLM code review, development teams can leverage these tools to produce higher quality code while empowering developers to learn and improve continuously.

Built for the world's fastest engineering teams, now available for everyone