Automatic code review tools

Codiga - a tool to automate your code reviews

Codiga formerly known as CodeInspector is a static code analysis tool. Codiga has been acquired and integrated into the Datadog platform as of April 2023. With that, it enhances Datadog’s observability features.
If you want to know about the previous features that Codiga offered, keep on reading, but also remember that this platform does not exist anymore.

Codiga helped developers to find and fix code issues and security vulnerabilities in their applications. Although it is not a traditional static application security testing tool, it can help developers identify and prevent security issues and helps to shift security left.

Here is a summary of its features and how it can be used during code review:

Codiga Code Review and Quality Cycle

If you have integrated Codiga into your IDE, the code quality checks already start while you are coding. Codiga will flag your code quality violations, security checks, or potential bugs in your source code editor and you can fix and improve your code already there. Then, once you commit your messages, Codiga can also check your code with a pre-commit hook, or it comments on your code, when checking it as an automated code review tool. As an automated code reviewer, Codiga will comment on your PRs and inform you of errors and warnings.

Codiga Code Review and Quality Check cycle

Figure: Codiga's Code Review and Quality Check cycle

Codiga’s main features

  • Advanced code analysis: Codiga uses advanced code analysis techniques to identify code issues and security vulnerabilities.
  • Support for multiple languages: The tool supports a range of programming languages, including Java, C, C++, Python, and more.
  • Customizable rule sets: The tool allows users to define custom rule sets to enforce specific coding standards and security policies.
  • Automated code review: Codiga can automate many aspects of code review, reducing the time and effort required for manual code review.

Dashboard showing technical debt

Figure: Codiga showing technical debt

Codiga during code review:

  • Pre-commit code analysis: Codiga can be integrated into the code review process to automatically analyze code changes before they are committed to the repository. This can help to identify code issues and security vulnerabilities before they become a problem.
  • Automated issue tracking: The tool can track issues found in code changes and provide a report of all issues, including their severity and recommended remediation steps.
  • Enforcing coding standards: Codiga can enforce coding standards and security policies by automatically checking code changes against predefined rule sets.
  • Automatically comment on PRs: The tool leaves comments on the pull request, directly at the right line, and gives you hints how to improve.

Codiga leaves a code review comment

Figure: Codiga leaves a code review comment

Conclusion

In conclusion, Codiga was a useful tool for automating code review and improving the security of code. By using advanced code analysis techniques and allowing custom rule sets, the tool can help developers identify code issues and security vulnerabilities and enforce coding standards and security policies.

Learn further about the 10 best code review tools, or about CodeQL, another static analysis tool that helps to automate the detection of security vulnerabilities.

This article first appeared on https://awesomecodereviews.com. Last updated: December 05, 2023

Profile picture of Michaela Greiler

Written by Dr. Michaela Greiler who is obsessed with making code reviews your superpower. Learn more about her workshops.