Code Review with LLMs
LLM-Powered Code Review
LLMs can review code for bugs, style issues, security vulnerabilities, and best practice violations.
Review Approaches
Comprehensive Review
``python
def review_code(code: str, language: str) -> str:
return llm.generate(f"""
Review this {language} code for:
1. Bugs and logical errors
2. Security vulnerabilities
3. Performance issues
4. Code style and readability
5. Best practice violations
Code:
`{language}`
{code}
Provide specific line numbers and suggested fixes.
""")
`
### Focused Reviews
`python
# Security-focused
def security_review(code: str) -> str:
return llm.generate(f"""
Analyze for security vulnerabilities:
- SQL injection
- XSS
- Authentication issues
- Secrets in code
- Input validation
Code: {code}
""")
# Performance-focused
def perf_review(code: str) -> str:
return llm.generate(f"""
Identify performance issues:
- N+1 queries
- Memory leaks
- Inefficient algorithms
- Unnecessary allocations
Code: {code}
""")
`
PR Review Automation
`python
def review_pr(diff: str, context: str) -> dict:
return llm.generate(f"""
Review this PR diff. Context: {context}
Diff:
{diff}
Return JSON with:
- summary: what the change does
- issues: list of problems found
- suggestions: improvements
- approval: approve/request_changes/comment
""")
``
Integration Points
| Integration | Purpose |
|-------------|---------|
| GitHub Actions | Auto-review on PR |
| Pre-commit hooks | Local checks before commit |
| IDE plugins | Real-time suggestions |
| Slack/Teams | Review notifications |
Comparison with Static Analysis
| Tool | Speed | Coverage | False Positives |
|------|-------|----------|-----------------|
| Linters (ESLint, Pylint) | Very fast | Style rules | Few |
| Static analysis (Semgrep) | Fast | Security patterns | Some |
| LLM review | Slow | Semantic understanding | Variable |
Best Practices
- Use LLM review to supplement, not replace, other tools
- Provide project context (conventions, dependencies)
- Review LLM suggestions before applying
- Fine-tune prompts for your codebase
- Cache reviews for unchanged files