Code Review

Learn how to use Tabnine CLI for effective code review.

Basic Code Review

Review a Single File

tabnine

Then:

> Review @src/auth/login.ts and suggest improvements

What Tabnine CLI does

Reads the file
Analyzes code structure
Checks for issues
Suggests improvements
Provides specific recommendations

Example Output

AI: I've reviewed @src/auth/login.ts. Here are my findings:

✓ Good Practices:
- Proper async/await usage
- Input validation present

⚠️  Suggestions:

1. Security: Line 45
   Add password strength validation
   
2. Error Handling: Line 67
   Use custom error types
   
3. Code Quality: Line 89
   Extract magic number to constant

Would you like me to make these changes?

Review Multiple Files

> Review all TypeScript files in @src/auth/ and check for:
> - Security vulnerabilities
> - Error handling
> - Missing documentation

Review Recent Changes

> Review the changes I made to @src/api/users.ts

Using Remote Code Search

Find related code for better context:

> Using Remote Code Search, find similar authentication code and review @src/auth.ts for consistency

Using Coaching Guidelines

Get best practices applied:

> Review @src/api/users.ts according to security best practices and coding guidelines

Security Audit

> Perform security audit on @src/:
> - SQL injection
> - XSS vulnerabilities
> - Authentication issues
> - Hardcoded secrets

Example Output:

AI: 🔒 Security Audit Results:

⚠️  HIGH: SQL Injection (Line 78)
query = `SELECT * FROM users WHERE id = ${userId}`;

Risk: Direct user input in SQL
Fix: Use parameterized queries:
const query = 'SELECT * FROM users WHERE id = ?';
const results = await db.query(query, [userId]);

⚠️  MEDIUM: Missing Input Validation (Line 45)
Fix: Add validation before processing

Performance Review

> Analyze @src/api/users.ts for performance issues:
> - N+1 queries
> - Inefficient loops
> - Missing caching

Automation Examples

Pre-Commit Review

Create review.sh:

#!/bin/bash

# Get staged files
STAGED_FILES=$(git diff --cached --name-only --diff-filter=ACM | grep '\.ts$\|\.js$')

if [ -z "$STAGED_FILES" ]; then
  exit 0
fi

# Review
echo "Reviewing staged files..."
tabnine -p "Review these files for issues: $STAGED_FILES" --output-format json > review.json

# Check results
if grep -q "critical\|security" review.json; then
  echo "⚠️  Issues found. Review before committing."
  exit 1
fi

echo "✓ Review complete"

CI/CD Integration

GitHub Actions:

- name: Code Review
  env:
    TABNINE_REFRESH_TOKEN: ${{ secrets.TABNINE_TOKEN }}
  run: |
    DIFF=$(git diff main...HEAD)
    tabnine -p "Review this PR: $DIFF" --output-format json > review.json

Best Practices

Be Specific

❌ "Review my code" ✅ "Review @src/auth.ts for security vulnerabilities and error handling"

Provide Context

> Review @src/payment/processor.ts

Context:
- Handles credit card payments
- Must be PCI compliant
- Processes ~1000 transactions/hour

Focus on security and reliability.

Use Multiple Tools

> Using Remote Code Search and Coaching Guidelines, review @src/api/ for best practices

Ask Follow-ups

> Review @src/auth.ts
> Can you explain the security issue in more detail?
> How would I fix it?
> Show me an example

Common Review Patterns

Before Merging

> Pre-merge checklist for @src/features/new-feature/:
> - All functions have tests
> - No debug code
> - Error handling complete
> - Documentation updated
> - Follows project conventions

After Refactoring

> Post-refactoring review of @src/services/user.ts:
> - Functionality preserved
> - No new bugs
> - More maintainable
> - Performance not degraded

For New Code

> Review @src/api/products.ts:
> - Code quality
> - Best practices
> - Security
> - Performance
> - Test coverage

Next Steps

Remote Code Search - Search large codebases
Coaching Guidelines - Get best practices
Quick Start - Learn more

Getting Help

FAQ - Common questions
Troubleshooting - Solve problems
In-App: Type /help or /bug

Last updated 20 days ago

Was this helpful?

hashtagBasic Code Review

hashtagReview a Single File

hashtagReview Multiple Files

hashtagReview Recent Changes

hashtagUsing Remote Code Search

hashtagUsing Coaching Guidelines

hashtagSecurity Audit

hashtagPerformance Review

hashtagAutomation Examples

hashtagPre-Commit Review

hashtagCI/CD Integration

hashtagBest Practices

hashtagCommon Review Patterns

hashtagBefore Merging

hashtagAfter Refactoring

hashtagFor New Code

hashtagNext Steps

hashtagGetting Help