ReviewBot - AI-Powered Code Review, BOM & License Validator

Inspiration

As developers, we often face time crunches that result in quick code pushes without thorough reviews. These rushed submissions can lead to bugs, security issues and compliance risks — especially in multi-language codebases. We wanted to create a smart, automated assistant that ensures every piece of code meets high-quality standards, regardless of the developer’s expertise in that language.

What it Does

ReviewBot is an AI-powered assistant that:

Automatically does Code Reviews for bugs, vulnerabilities and refactoring opportunities.
Generates a Software Bill of Materials (SBOM) to list third-party and standard libraries used.
Performs License Validation to flag risky licenses like GPL/LGPL that might violate company policies.
Suggests improvements for documentation and code readability.
Supports multiple programming languages with the ability to switch between AI models (gpt 4.o, LLaMA).

How We Built It

We built ReviewBot using:

Python & Flask for the backend service.
OpenAI API and OllamaAPI for AI-based code analysis.
A clean and intuitive HTML/JS frontend to display analysis results.
License and dependency parsing logic to extract SBOM and license data.
Dockerized environment for easy deployment and local testing.

Challenges We Ran Into

Designing a consistent UI/UX that accommodates outputs from different AI models.
Handling language detection and mapping appropriate rules across languages.
Parsing deeply nested dependencies to detect indirect license risks.
Balancing model response time vs. accuracy while maintaining a smooth user experience.

Accomplishments That We're Proud Of

Successfully integrated multiple AI models into a single review pipeline.
Built a robust SBOM and license validator that flags both direct and indirect license issues.
Delivered a fully functional live demo with bug detection, code suggestions and visual diff.
Enabled multilingual support — a key advantage for diverse engineering teams.

What We Learned

The power and limitations of using LLMs for static code analysis.
The importance of clear UI/UX when presenting AI-generated code recommendations.
How licenses like GPL/LGPL can create legal concerns in enterprise software.
How to modularize code analysis tools to support multi-language compatibility.

What's Next for ReviewBot

Adding CI/CD pipeline integration to auto-analyze pull requests.
Supporting more languages like Go, Rust, and Swift.
Adding team-based dashboards for code quality trends over time.
Enhancing customization options for org-specific code rules and license policies.
Introducing self-learning capabilities using past reviews and corrections.

Built With

docker
flask
genai4.o
gitlab
llama
python
react
yaml

Created by

I led the design and development of the AI-powered code review assistant, ReviewBot (AI CodeMate). My contributions included:

Ideation & Problem Framing
Defined the core problem statement: improving code quality through automated reviews, license validation, and BOM generation across multi-language repositories.

UI/UX Development
Designed the user interface in Figma for a seamless developer experience, focusing on usability and clarity.

Frontend & Backend Development
Built the web application using Flask and integrated AI APIs (OpenAI, Ollama) for code analysis and recommendations.

AI Integration
Integrated multiple AI models to:

Detect bugs
Suggest improvements
Analyze licenses and dependencies
BOM

Containerization
Wrote the Dockerfile and docker-compose setup for local and cloud deployment.

Testing & Demo
Developed demo examples (e.g., buffer overflow in C++) and verified output accuracy from each model.

Presentation
Delivered the final pitch and live demo, clearly explaining the use case, workflow, and real-world impact.

Private user

Updates

Private user started this project — May 29, 2025 11:46 PM EDT

Leave feedback in the comments!

Log in or sign up for Devpost to join the conversation.