Alibaba open-sources Open Code Review, an AI CLI for diffs

Alibaba has published Open Code Review, an open-source CLI that feeds Git diffs to an LLM agent for structured, line-level review comments. It supports OpenAI- and Anthropic-style setups, custom rules, CI integrations, and an optional local viewer.

Review
review cover

TL;DR

  • Open Code Review (OCR): Open-source CLI for automated code reviews; originated as an internal assistant
  • Diff-to-review pipeline: Reads Git diffs, sends changed files to configurable LLM, returns structured line-level comments
  • Hybrid architecture: Deterministic logic for file/rule/comment placement; agent prompts/tools for dynamic decisions and retrieval
  • Core commands: ocr review, ocr llm test, ocr config set, ocr rules check, ocr viewer, ocr version
  • Review options/output: Text or JSON; flags for repo, commit range, concurrency, timeout, custom rules/tools; workspace/branch/single-commit modes
  • Integrations and ops: npm/GitHub Releases installs; Anthropic-style/OpenAI-style configs; GitHub Actions/GitLab CI; localhost:5483 viewer with host-allowlist; optional OpenTelemetry telemetry including prompts/responses

Alibaba’s Open Code Review is an open-source CLI tool for automated code reviews that the project describes as having begun as an internal assistant before being released publicly. In the repository README, Alibaba claims the system has "served tens of thousands of developers" and identified "millions of code defects" over the past two years.

The tool reads Git diffs, sends changed files to a configurable LLM through an agent with tool-use capabilities, and returns structured review comments with line-level precision, according to the README. The project also positions itself as a hybrid of deterministic engineering and an agent layer: file selection, file bundling, rule matching, and comment positioning are handled through engineering logic, while prompts and tool use are reserved for dynamic review decisions and context retrieval.

The repository lists a handful of built-in entry points, including ocr review, ocr llm test, ocr config set, ocr rules check, ocr viewer, and ocr version. Review output can be generated in text or JSON, with flags for repo selection, commit range, concurrency, timeout, custom rules, and custom tool configuration. The README also notes that ocr review can run in workspace mode, on a branch range, or against a single commit.

Alibaba’s documentation says the package can be installed through npm or by downloading binaries from GitHub Releases, and that it supports LLM configuration through either interactive commands or environment variables. The project states it is compatible with Anthropic-style and OpenAI-style setups, and mentions support for Claude Code environment variables as well as CC-Switch proxy routing.

Beyond the CLI, the project includes a few integration paths for agent workflows and CI/CD pipelines. The README points to an open-code-review skill for coding agents, a Claude Code plugin, and example integrations for GitHub Actions and GitLab CI. It also describes a local viewer on localhost:5483 for session history, with a host-allowlist mechanism intended to limit exposure.

The repository further documents a four-layer review-rule priority chain, from an explicit --rule flag down to embedded system defaults. Rule files use JSON, and the README says matching is first-match-wins within each layer. Telemetry is optional and uses OpenTelemetry, with an option to include prompts and responses in exported data.

Source: GitHub repository

Continue the conversation on Slack

Did this article spark your interest? Join our community of experts and enthusiasts to dive deeper, ask questions, and share your ideas.

Join our community

Related Articles

Vercel OpenReview brings self-hosted AI code reviews to GitHub

Vercel OpenReview brings self-hosted AI code reviews to GitHub

Vercel has just rolled out OpenReview, bringing a self-hosted AI code review bot to GitHub pull requests. Trigger reviews by mentioning @openreview, get inline suggestions, and even let it commit fixes using Vercel Workflow and Sandbox.

1 shared tag
Kilo Code v7 regains control with human-in-the-loop updates

Kilo Code v7 regains control with human-in-the-loop updates

Brendan O’Leary details how Kilo Code is bringing developer oversight back after its v7 VS Code rewrite. Recent updates keep reasoning visible, surface diffs before approval, unify the Changes panel, and improve shell output, permissions, and checkpoint restores.

1 shared tag
Clawpatch automates code review with semantic units and patch loops

Clawpatch automates code review with semantic units and patch loops

Clawpatch has just rolled out an automated code review tool that maps repos into semantic work units, not just files. It runs an explicit patch-and-revalidate loop with guardrails, audit trails, and schema-checked provider responses. Defaults to the local Codex CLI.

1 shared tag