Open Code Review (Alibaba)

Canonical version: Open Code Review (Alibaba).

Open Code Review is an open-source, AI-powered CLI for automated code review from Alibaba. It was incubated from Alibaba's internal tooling after two years and tens of thousands of developers, then released to the community. Its distinguishing bet is a hybrid deterministic + agent architecture that fixes the failure modes of using a general-purpose agent for review.

Open-source & free ; battle-tested at Alibaba's scale.

The problem it targets

General-purpose agents make unreliable reviewers:

• Incomplete coverage ; they skip files on large changesets
• Position drift ; line numbers and file references go stale
• Unstable quality ; pure-LLM pipelines have no hard constraints, so results fluctuate

How it works

A split-responsibility design:

• Deterministic engineering handles the precision-critical steps ; file selection and bundling, rule matching via template engines, comment positioning, and a reflection module
• The agent handles the dynamic parts ; scenario-tuned review prompts and a purpose-built toolset (it can read full files, search the codebase, and inspect other changed files for context)

It reads git diffs (workspace changes, branch ranges via --from/--to, or a single commit), reviews files concurrently (default 8), and emits line-level comments. A built-in fine-tuned ruleset covers NPE, thread-safety, XSS, and SQL injection; custom rules are JSON, resolved through a four-layer priority chain (CLI > project > global > system). JSON/text output plus a WebUI session viewer.

Models & integration

Model-agnostic: works with OpenAI and Anthropic APIs (configure endpoint, key, model ; e.g. Claude Opus 4.6). Integrates with GitHub Actions and GitLab CI, installs into Claude Code / Codex as a skill or plugin, and supports OpenTelemetry for observability.

Stack & install

Primarily Go (with a TypeScript WebUI). Apache-2.0.

npm install -g @alibaba-group/open-code-review

Pre-built binaries (macOS/Linux/Windows, x86_64 + ARM64) and build-from-source are also available.

Where it fits

• vs a bare agent doing review (Claude Code Review and similar): Open Code Review wraps the LLM in deterministic guardrails for coverage and line-accuracy, trading some flexibility for reproducibility ; the same "optimize the tooling layer, not just the prompt" insight behind tools like RTK
• vs traditional linters / static analysis: those are deterministic but shallow; this adds LLM reasoning on top of the deterministic scaffolding

References

• GitHub: https://github.com/alibaba/open-code-review
• Site: https://alibaba.github.io/open-code-review/
• Documentation: https://alibaba.github.io/open-code-review/#/docs

Related

• Claude Code Review
• Claude Code
• Codex CLI
• GitHub Actions
• GitLab
• OpenAI
• Anthropic
• Go
• How Coding Agents Work

About Sébastien

I'm Sébastien Dubois, and I'm on a mission to help knowledge workers escape information overload. After 20+ years in IT and seeing too many brilliant minds drowning in digital chaos, I've decided to help people build systems that actually work. Through the Knowii Community, my courses, products & services and my Website/Newsletter, I share practical and battle-tested systems.

I write about Knowledge Work, Personal Knowledge Management, Note-taking, Lifelong Learning, Personal Organization, Productivity, and more. I also craft lovely digital products and tools.

If you want to follow my work, then become a member and join our community.

Ready to get to the next level?

If you're tired of information overwhelm and ready to build a reliable knowledge system:

• 📚 KM for Beginners — 10+ hours of structured video lessons
• 🚀 Obsidian Starter Kit — Ready-made vault with 40+ templates
• 💼 Knowledge Worker Kit — Complete guides + lifetime community
• 🦉 1-on-1 Coaching — Personalized guidance
• 🎯 Join Knowii — Community + ALL courses & tools