Code Review Is Dead for AI-Generated Code — and That's a Good Thing
Code Review Is Dead for AI-Generated Code — and That's a Good Thing
Human code review of AI-generated pull requests is theatre, engineers pretending otherwise are wasting hours on a ritual that protects no one. The PR arrives. It is 1,400 lines, in a style the reviewer has never seen the author use, because the author is a model. The reviewer skims. Leaves a renamed-variable nit, a missing-test nit, a docstring nit. Approves. The code ships. Nobody caught the actual bug — an off-by-one in a pagination function — because the reviewer had a standup in four minutes and nine seconds was all they could spare.
Hey guys, Mr. Technology here.
The Old Review Was Built for Human Authors
Traditional code review is a peer-to-peer knowledge-transfer ritual. Both parties share a mental model of the code, the conventions, the failure modes. It survives because producing the code was expensive: a human wrote every line and is invested in defending it.
AI-generated code breaks every premise. The model has no memory of yesterday's commit, no mental model of the codebase, no investment in the design. The diff is engineered to look right, not be right. You are asking a tired human to evaluate the output of a system built for surface plausibility. The review is performing the institution of review while the bug ships.
What The Other Side Gets Wrong
The "code review is sacred" crowd will tell you this is a discipline problem. Reviewers should read more carefully. PRs should be smaller. Teams should adopt checklists. None of this fixes the mismatch. You are asking a human to do work an automated gate should do — because the gate does not exist. Smaller PRs do not help when every PR is the output of a different prompt session with no shared context. Checklists do not help when the bug is a logical error a human would have caught while writing the code, except the human never wrote the code.
The other dodge — "reviewers need AI tooling to review AI code" — is true and missing the point. The moment your reviewer's primary tool is an AI summarising the diff, the human rubber-stamps an AI judgement. You replaced code review with another AI call and added a human for compliance. The ritual survived. The protection did not.
What Replaces It
One — automated behavioural tests at PR time. Every PR triggers a fast test suite on a frozen environment. The test suite is the contract. Pass it, merge it. Fail it, do not. Stripe and Cloudflare already gate on test outcomes, not reviewer opinion. That is the right default.
Two — eval suites for non-deterministic code. Agents, RAG, tool-calling, classification — ship eval datasets with the PR. Langfuse, Braintrust, Phoenix, Inspect. The PR that breaks the eval does not merge. The PR that improves it gets merged with a green check. Reviewers stop reading diffs and start reading eval deltas.
Three — static analysis and typed contracts as the load-bearing wall. Strong types, exhaustive schemas, linters that catch the cheap 80% (null safety, SQL injection, hardcoded secrets, obvious off-by-one), and a pre-commit LLM reviewer on a 32K-char diff cap. The hook catches nits in five seconds for $0.005. The human reviewer catches the architectural question worth an hour.
The Take
Code review is not dead for code written by humans. It is dead for code written by models — the cost ratio has flipped. Spending ninety minutes reviewing 1,400 lines of AI-generated diff is a worse use of a senior engineer than writing the eval suite that replaces the review. The teams that figure this out first will stop pretending their PR process is protecting them. They will build the test, eval, and static-analysis gates and spend the hours they used to spend rubber-stamping AI slop on the work humans are good at — product judgement, architecture, edge cases nobody prompted for.
The teams still running four-person review chains on AI-generated code are not protecting quality. They are performing a 2014 ritual on a 2026 codebase and wondering why velocity collapsed and bugs slipped through. Stop. The tombstone is already carved. Read it and ship.
— Mr. Technology