# Open Code Review (Alibaba) Open Code Review is an open-source, **AI-powered CLI for automated code review** from Alibaba. It was incubated from Alibaba's internal tooling after two years and tens of thousands of developers, then released to the community. Its distinguishing bet is a **hybrid deterministic + agent** architecture that fixes the failure modes of using a general-purpose agent for review. > Open-source & free ; battle-tested at Alibaba's scale. ## The problem it targets General-purpose [[How Coding Agents Work|agents]] make unreliable reviewers: - **Incomplete coverage** ; they skip files on large changesets - **Position drift** ; line numbers and file references go stale - **Unstable quality** ; pure-LLM pipelines have no hard constraints, so results fluctuate ## How it works A split-responsibility design: - **Deterministic engineering** handles the precision-critical steps ; file selection and bundling, rule matching via template engines, comment positioning, and a reflection module - **The agent** handles the dynamic parts ; scenario-tuned review prompts and a purpose-built toolset (it can read full files, search the codebase, and inspect other changed files for context) It reads git diffs (workspace changes, branch ranges via `--from`/`--to`, or a single commit), reviews files concurrently (default 8), and emits line-level comments. A built-in fine-tuned ruleset covers NPE, thread-safety, XSS, and SQL injection; custom rules are JSON, resolved through a four-layer priority chain (CLI > project > global > system). JSON/text output plus a WebUI session viewer. ## Models & integration **Model-agnostic**: works with [[OpenAI]] and [[Anthropic]] APIs (configure endpoint, key, model ; e.g. Claude Opus 4.6). Integrates with [[GitHub Actions]] and [[GitLab]] CI, installs into [[Claude Code]] / [[Codex CLI|Codex]] as a skill or plugin, and supports OpenTelemetry for observability. ## Stack & install Primarily [[Go]] (with a TypeScript WebUI). Apache-2.0. ```bash npm install -g @alibaba-group/open-code-review ``` Pre-built binaries (macOS/Linux/Windows, x86_64 + ARM64) and build-from-source are also available. ## Where it fits - **vs a bare agent doing review** ([[Claude Code Review]] and similar): Open Code Review wraps the LLM in deterministic guardrails for coverage and line-accuracy, trading some flexibility for reproducibility ; the same "optimize the tooling layer, not just the prompt" insight behind tools like [[RTK]] - **vs traditional linters / static analysis**: those are deterministic but shallow; this adds LLM reasoning on top of the deterministic scaffolding ## References - GitHub: https://github.com/alibaba/open-code-review - Site: https://alibaba.github.io/open-code-review/ - Documentation: https://alibaba.github.io/open-code-review/#/docs ## Related - [[Claude Code Review]] - [[Claude Code]] - [[Codex CLI]] - [[GitHub Actions]] - [[GitLab]] - [[OpenAI]] - [[Anthropic]] - [[Go]] - [[How Coding Agents Work]]