Intelligent code analysis with bring-your-own AI model support
An advanced VS Code extension that provides intelligent code review capabilities across multiple programming languages. Built with a modular AI provider system, it offers real-time code analysis, security vulnerability detection, performance optimization suggestions, and code quality improvements.
# Clone and install in one command
git clone https://github.com/yourusername/ai-code-reviewer.git
cd ai-code-reviewer
code --install-extension ai-code-reviewer-1.0.0.vsixThat's it! The extension is now installed and ready to use. Press Ctrl+Shift+P and type "AI Reviewer" to get started.
- Multi-Language Support: JavaScript, TypeScript, PHP (more languages coming soon!)
- Real-Time Analysis: Instant code review with detailed issue detection
- Security Focus: Identifies security vulnerabilities and best practices
- Performance Optimization: Suggests performance improvements including SQL N+1 issues
- Code Quality: Detects code smells and quality issues
- Cost Transparency: Tracks AI usage and provides cost estimates
- Security Vulnerabilities: SQL injection, XSS, unsafe functions, direct superglobal usage
- Performance Issues: Memory leaks, inefficient algorithms, SQL N+1 queries
- Code Quality: Best practices, maintainability, readability
- Framework Best Practices: JavaScript/TypeScript and PHP-specific recommendations
- Error Handling: Missing error handling and edge cases
- Database Issues: N+1 query problems, inefficient SQL patterns
- Beautiful Results Panel: Interactive webview with severity levels
- Command Palette Integration: Easy access via
Ctrl+Shift+P - Context Menu Integration: Right-click in editor/explorer
- Status Bar Integration: Shows extension status
- Keyboard Shortcuts: Quick access to common functions
-
Download the extension:
# Option A: Clone and use the included .vsix file git clone https://github.com/yourusername/ai-code-reviewer.git cd ai-code-reviewer # Option B: Download directly from releases (when published) # Download ai-code-reviewer-1.0.0.vsix from GitHub releases
-
Install via VS Code:
code --install-extension ai-code-reviewer-1.0.0.vsix
-
Or install via VS Code UI:
- Open VS Code
- Go to Extensions (
Ctrl+Shift+X) - Click "..." menu → "Install from VSIX..."
- Select the
ai-code-reviewer-1.0.0.vsixfile
-
Clone the repository:
git clone https://github.com/yourusername/ai-code-reviewer.git cd ai-code-reviewer -
Install dependencies:
npm install
-
Package the extension:
npm run package
-
Install the extension:
code --install-extension ai-code-reviewer-1.0.0.vsix
- Open any supported file (JavaScript, TypeScript, or PHP)
- Press
Ctrl+Shift+Pto open command palette - Type "AI Reviewer" to see available commands
- Select a command to start analysis
Note: Currently supports JavaScript, TypeScript, and PHP. More languages coming soon! Want to add support for your favorite language? Contribute to the project!
| Command | Description | Shortcut |
|---|---|---|
| Review Current File | Analyze the active file | Ctrl+Shift+R |
| Review Selection | Analyze selected code | Ctrl+Shift+Alt+R |
| Review Project | Analyze entire project | - |
| Setup AI Provider | Configure AI settings | - |
| Generate .reviewignore | Create ignore file | - |
| Cost Estimate | Show usage costs | - |
| Usage Statistics | Show review history | - |
// Example JavaScript file
function processData(data) {
var result = []; // ❌ Detected: Use of var keyword
for (var i = 0; i < data.length; i++) {
console.log(data[i]); // ❌ Detected: Console.log in production
if (data[i] == null) { // ❌ Detected: Loose equality
result.push("empty");
}
}
return result;
}AI Review Results:
- 🟡 Medium: Use of var keyword (Line 2)
- 🟡 Medium: Console.log found (Line 4)
- 🟡 Medium: Loose equality operator (Line 5)
<?php
// Example PHP file with issues
function getUserData($userId) {
$user = mysql_query("SELECT * FROM users WHERE id = " . $userId); // ❌ Critical: SQL injection + deprecated MySQL
var_dump($user); // ❌ Medium: Debug function in production
return $_GET['data']; // ❌ High: Direct superglobal usage
}
?>AI Review Results:
- 🔴 Critical: SQL injection vulnerability (Line 3)
- 🔴 High: Deprecated MySQL functions (Line 3)
- 🟡 Medium: Debug function found (Line 4)
- 🔴 High: Direct superglobal usage (Line 5)
- Console.log statement detection - Removes debug statements from production
- var keyword usage warnings - Suggests let/const for better scoping
- Loose equality operator (==) detection - Recommends strict equality (===)
- eval() usage security warnings - Identifies dangerous code execution
- setTimeout cleanup - Detects potential memory leaks
- Debug function detection - Finds var_dump(), print_r() in production code
- Deprecated MySQL function warnings - Alerts about mysql_* functions
- Direct superglobal usage - Warns about $_GET, $_POST without validation
- eval() usage critical security warnings - Identifies dangerous code execution
- Dynamic include/require security checks - Detects potential security risks
- SQL injection patterns - Identifies vulnerable database queries
- N+1 query detection - Finds inefficient database access patterns
- Python - Syntax and best practices analysis
- Java - Framework-specific recommendations
- C# - .NET best practices and patterns
- C/C++ - Memory management and performance
- SQL - Query optimization and N+1 detection
Want to add support for your favorite language? See our contributing guide or open an issue to request it!
The extension supports multiple AI providers:
{
"aiReviewer.provider": "deepseek",
"aiReviewer.apiKeys": {
"deepseek": "your-deepseek-api-key",
"openai": "your-openai-api-key",
"claude": "your-claude-api-key"
}
}| Provider | API Key Required | Cost | Best For |
|---|---|---|---|
| DeepSeek | ✅ | Low | General code review |
| OpenAI | ✅ | Medium | Advanced analysis |
| Claude API | ✅ | Medium | Security focus |
| Claude Desktop | ❌ | Free | Local analysis |
| Ollama | ❌ | Free | Self-hosted |
{
"aiReviewer.fileFilters": {
"maxFileSize": 100000,
"excludeBinary": true,
"excludeGenerated": true
}
}- Node.js 16.0.0 or higher
- VS Code 1.74.0 or higher
- Git for version control
-
Clone the repository:
git clone https://github.com/yourusername/ai-code-reviewer.git cd ai-code-reviewer -
Install dependencies:
npm install
-
Open in VS Code:
code . -
Run in debug mode:
- Press
F5to start debugging - Select "Run Extension" from the dropdown
- A new VS Code window will open with your extension
- Press
ai-code-reviewer/
├── src/
│ ├── providers/ # AI provider implementations
│ │ ├── simple-provider.js
│ │ ├── deepseek.js
│ │ ├── openai.js
│ │ └── claude-api.js
│ ├── ui/ # User interface components
│ │ ├── simple-results-panel.js
│ │ └── status-bar.js
│ ├── utils/ # Utility functions
│ │ ├── file-filter.js
│ │ ├── cost-calculator.js
│ │ └── error-handler.js
│ └── reviewers/ # Code review logic
│ ├── security.js
│ ├── performance.js
│ └── quality.js
├── extension.js # Main extension entry point
├── package.json # Extension manifest
└── README.md # This file
# Build the extension
npm run build
# Package for distribution
npm run package
# Install the packaged extension
npm run install-extension# Run module tests
npm test
# Test extension loading
node test-extension-load.js
# Test extension status
node test-extension-status.jsWe welcome contributions! Here's how you can help:
- 🐛 Bug Reports: Found a bug? Open an issue!
- 💡 Feature Requests: Have an idea? Let us know!
- 📝 Documentation: Help improve our docs
- 🔧 Code Contributions: Submit pull requests
- 🧪 Testing: Help us test on different platforms
- Fork the repository
- Create a feature branch:
git checkout -b feature/amazing-feature
- Make your changes
- Test thoroughly
- Commit your changes:
git commit -m "Add amazing feature" - Push to your fork:
git push origin feature/amazing-feature
- Open a Pull Request
- Use JavaScript (ES2020+)
- Follow VS Code extension conventions
- Add JSDoc comments for functions
- Include error handling
- Write descriptive commit messages
- Real AI Integration: Connect to actual AI providers (OpenAI, Claude, DeepSeek)
- Python Support: Add Python code analysis
- Java Support: Add Java code analysis
- Enhanced SQL Analysis: Better N+1 query detection
- Custom Rules: User-defined analysis rules
- C# Support: Add C# and .NET analysis
- C/C++ Support: Add C/C++ analysis
- Batch Processing: Review multiple files simultaneously
- Export Reports: PDF/HTML report generation
- CI/CD Integration: GitHub Actions, GitLab CI
- Large Files: Performance may be slow on files >100KB
- Binary Files: Not supported (by design)
- Network Issues: Requires internet for AI providers
- Memory Usage: May use significant memory on large projects
This project is licensed under the MIT License - see the LICENSE file for details.
Girish Prasad Sahu
- GitHub: https://github.com/girishsahu008
- Email: girish.sahu@gmail.com
- LinkedIn: https://www.linkedin.com/in/girishprsahu/
- VS Code Team for the excellent extension API
- OpenAI, Anthropic, DeepSeek for AI capabilities
- Contributors who help improve this project
- Community for feedback and suggestions
- Issues: GitHub Issues
- Discussions: GitHub Discussions
- Email: your.email@example.com
Made with ❤️ for the developer community
If you find this extension helpful, please consider giving it a ⭐ on GitHub!