AI is reshaping how we write, review, and merge code — here’s how GitHub Copilot, Snyk, and CodeRabbit are transforming pull requests.
AI Code Review Tools
Let’s take a real-life example — writing a book. An author writes the story. The story goes to an editor — they check for mistakes, suggest changes, and improve it. Once it’s good, the book is added to the library. The final version is cleaner and better because of collaboration.
Real Life Example
Now let’s see how this works for developer.
The developer writes code and creates a pull request (PR). A code reviewer looks at the PR and review the code, provide feedback and then approve it.
After the review, the code is merged into the main branch of the project.
Developer Workflow
Now, AI tools can help us review faster and smarter — like having an assistant to help the reviewer.
Along with the code reviewer, we now have AI tools helping out — just like smart assistants.
Think of them as AI teammates — always watching, always helping.
Let’s explore each AI tools and how effective to the project.
AI tools
Pull Requests, or PRs, are not just about merging code — they’re key for teamwork and code quality.
A good PR review helps catch bugs, share knowledge, and improve everyone’s work.
Now, let’s look at some common challenges with PR reviews:
Delays
Sometimes PRs sit waiting for review.
This slows down the entire team and blocks progress.
Inconsistent Reviews
Some reviewers give detailed feedback, others don’t.
This leads to uneven code quality.
Human Error
We’re all human — reviewers might miss a bug, or overlook a bad pattern.
Mistakes slip through, especially when there’s a time crunch.
Common Challenges
Let’s quickly go over why code reviews are important.
Catch bugs early
Reviews help spot issues before the code goes live.
It’s easier to fix problems early.
Ensure code quality and consistency
Everyone writes code a little differently.
Reviews help make sure the code follows our standards and stays clean.
Share knowledge across the team
Reviews are a great way to learn from each other.
It spreads awareness about what’s happening in the codebase.
Keep the code maintainable
Clean, reviewed code is easier to update in the future.
It helps future team members understand and work with the code.
Writing useless commit messages hurts collaboration
Current Issues - Commit Message and Code Review
Developer feeling tired after bad PRs
Bad Review
This tweet perfectly sums up real-world PR frustrations.
Reviewing 10 lines? — hours of pointing out every small mistake .
Reviewing 500 lines? — one casual ‘Looks good to me.
Tweet about Code Review
This is Painful.
Perfect example of how not to do with security checks
No Security Meme
Clearly, code reviews are messy — slow sometimes, rushed other times.
This is exactly where AI can step in and make a real difference
AI tools don’t replace reviewers, but they assist us
So, how can we fix these challenges?
AI is stepping in to help make PR reviews smarter, faster, and more consistent.
GitHub Copilot
CodeRabbit
Snyk’s DeepCode AI
CodiumAI (now Qodo)
Bito AI Code Review Agent
Let’s look at how AI is making Pull Requests smarter:
GitHub Copilot helps suggest better code.
CodeRabbit adds detailed line-by-line comments.
Snyk finds security issues before merging.
AI helps us focus on what matters most — writing good, safe code.
GitHub Copilot helps developers while coding also
Inline code completion
AI Chat Assistance
Copilot Code Review
Built on OpenAI Codex (GPT-3.5 & GPT-4)
Predicts next code token using file and code context (Autocompletion)
Summarizes PRs using code diffs and commit data
Use Extensions in VS Code
GitHub Copilot Pro for VS Code
You can use this link for download - GitHub Copilot for Xcode
GitHub Copilot Pro for Xcode
Check out the link to get access - Copilot plans and benefits
GitHub Copilot Pro Access confirmation mail
One amazing feature:
Automatic, meaningful commit messages based on code changes.
No more “Update file” commits!
GitHub Copilot - Automated Commit Message
For example, commit messages have a maximum length of 60 chars and should start with a verb in the present tense
You can enhance Copilot's chat responses by providing it with contextual details about your team's workflow, tools, or project specifics.
Instead of manually including this context in every chat query, you can create a custom instructions file that automatically incorporates this information with every chat request.
GitHub Copilot - Customized chat Response Instructions Settings
Custom instructions settings
github.copilot.chat.codeGeneration.useInstructionFiles: controls whether code instructions from .github/copilot-instructions.md are added to Copilot requests.
github.copilot.chat.codeGeneration.instructions (Experimental): set of instructions that will be added to Copilot requests that generate code.
github.copilot.chat.testGeneration.instructions (Experimental): set of instructions that will be added to Copilot requests that generate tests.
github.copilot.chat.reviewSelection.instructions (Preview): set of instructions that will be added to Copilot requests for reviewing the current editor selection.
github.copilot.chat.commitMessageGeneration.instructions (Experimental): set of instructions that will be added to Copilot requests that generate commit messages.
Check out: Customize chat responses in VS Code
GitHub Copilot - Customized chat Response Instructions Settings
Go to the project Settings and select the check the checkbox - Request pull request review from Copilot
GitHub Copilot - Ruleset for the Repository branch
Check out official documentation - Requesting a review from Copilot
On GitHub.com, create a pull request or navigate to an existing pull request.
Open the Reviewers menu, then select Copilot.
Wait for Copilot to review your pull request. This usually takes less than 30 seconds.Scroll down and read through Copilot's comments.
Copilot always leaves a "Comment" review, not an "Approve" review or a "Request changes" review.
GitHub Copilot Pull Request Summary
Once we integrate the Xcode extension - Copilot, you can give a prompt to generate code.
GitHub Copilot Full Code Suggestion Demo
While writing the code, Github Copilot automatically suggest the line of code. It’s called as autocompletion.
ℹ️
Hold ⌥ for full suggestion
GitHub Copilot Code Suggestion
ℹ️
Hold ⌥ tab to accept full suggestion
GitHub Copilot Full Code Suggestion
Currently available LLMs in Github Copilot
GitHub Copilot LLMs
Generates Summary of the changes
line-by-line feedback
AI code Reviewer
Powered by GPT-4 or Claude 2 (LLMs)
CodeRabbit doesn’t read the entire repository
Analyzes PR diffs and file context (not full repo)
Combines semantic diff parsing + LLM reasoning to write comments
Semantic diff parsing, which means: It doesn’t just see text changes, but tries to understand the meaning behind the code changes.
For example, if you refactor a function or change a method name, it can figure out why you did that — not just what changed.
Then it combines this understanding with LLM reasoning — like GPT-4’s smart thinking — to suggest proper review comments, catch mistakes, or recommend improvements.
No data from code reviews is used to train models
LLM queries are short-lived (ephemeral)
Temporary storage with conversation-based embeddings
Compliant with SOC2 Type II & GDPR
CodeRabbit ensures security and privacy.
No code is used for training. Data is short-lived and GDPR compliant
Refer the below flow diagram for more information
CodeRabbit - Flow
CodeRabbit - Review Flow
Once we signed up the Code Rabbit, we can easily integrate with GitHub and it takes only read-only access.
Authorization - GitHub
Creating Pull Request Summary is helpful for both developer and code reviewer.
Pull Request Summary
Code walkthrough will be really helpful for the code reviewer. This will be helpful to approve or reject the PR within the time limit.
Walkthrough
Assisting the developers by identifying the potential edge cases, thus helping amount of time.
Potential Issue
Code Refraction is much needed for the developers, thus helps to follow coding standards and best practices
Refractor Suggestion
In case we are using third party frameworks and that might not be latest stable version, thus reminds developers to upgrade it.
Verification agent
Sequence Diagram will be helpful for Junior developers and managers to understand how our project architecture works.
TCA Repository List Fetch and Star Flow
Vanilla SwiftUI Repository List Fetch and Star Flow
Snyk uses DeepCode AI to find vulnerabilities automatically.
It helps keep your codebase safe while you focus on features.
AI-driven static analysis tool
Automated PR checks
Automated Security Reviewer
Powered by DeepCode AI
DeepCode AI combines code scanning and machine learning.
It’s trained to spot vulnerabilities, not just obvious mistakes, using smart techniques like ASTs and semantic understanding.
Static code analysis + machine learning models
Trained on public vulnerability databases (NVD, Snyk DB)
Uses semantic analysis and abstract syntax trees (ASTs)
NVD (National Vulnerability Database) and Snyk’s own database
semantic analysis — meaning it understands the logic of the code
Abstract Syntax Trees — basically breaking the code into a structure
8 Security Code Review Best Practices
Snyk’s Code Analysis makes sure your PRs are clean from security risks
SAST Check - Code Analysis
Code Analysis - Hardcoded Data
Snyk Code Review Example
Copilot helps you write code faster
CodeRabbit ensures the code is clean
Snyk ensures the code is secure
Together, they build a smarter, safer development pipeline.
Same/duplicate effort
False Positives & False Negatives
Limited in Handling Non-Standard Code
Shallow Understanding of Code Intent
Bias & Limitations in Training Data
Cannot stop you from creating larger PRs
Cannot understand the entire context of your codebase/Project
You can’t eliminate human reviews completely
SPONSOR
The Unique iOS Swift Conference in the UK
SwiftLeeds is a premier iOS conference taking place on October 7-8 this year. If you’re looking to stay updated on the latest trends in iOS development and connect with like-minded professionals, this event is a must-attend! Don’t miss out—book your tickets now!
Get your tickets!PRs are teamwork, not just code merges.
Human + AI = Better Code Reviews.
Tools like GitHub Copilot, CodeRabbit, and Snyk assist
Use AI for speed, security, and consistency
Final responsibility always stays with us — the developers
Note
Please find the GitHub PR Example 1 and GitHub PR Example 2
This is a free third party commenting service we are using for you, which needs you to sign in to post a comment, but the good bit is you can stay anonymous while commenting.