Everyone is talking about Ankit Jain’s great piece on How to Kill the Code Review, and with good reason! Jain calls out a pretty big problem - we’re generating lots of code agentically, how can we review it all? In the bargain, that piece provides a pretty decent “swiss cheese” model of agentic code review. It’s AI-as-a-judge, applied to the software development life cycle. But let’s not mince words, it still makes me uncomfortable.

At the end of the day this discomfort is just “human chauvinism,” as Alan Turing called it. I trust humans to review code more than I trust AI, simply because they are humans. I’m perfectly aware of all the foibles of human code review - I’m guilty of many of them myself - so it’s not rational discomfort.

The big question is, how universal is this discomfort, and what will it look like when something goes pear-shaped?

It’s all well and good for me to set aside my own discomfort and decide that AI-as-a-judge is good enough, guardrails will save the day, and we can in fact ship code that no human has ever laid eyes on. But what about other stakeholders? What is their discomfort level, and what level of risk are they willing to accept? When - not if! - AI-generated-and-reviewed code causes an incident, how will we learn and improve?

To be clear, these questions are a little bit forward-looking. There is some time yet before we start seeing AI-only code shipped to production en masse. But it is already reality in some places, and I think it will become the “average” experience in reasonably short order. We had better start coming up with answers!

The topic is very much on my mind, and I hope to contribute useful suggestions as we move forward. But I admit I only have pretty thin thoughts right now. I’d love to hear yours!

Also find this post on LinkedIn!