Vibinex: A privacy-first pull-request UX for better code reviews

Check Reference

Vibinex is an open-source project aimed at solving the code review problem that is rampant in all fast-moving software projects. It is designed to accumulate data from various sources, including the git history, server logs, tracing and business events, and use it to enrich the code review UX with the right information at the right place. This way, the reviewers would have all the context they need to assess the code changes.

In its current state, Vibinex provides pull request personalization for GitHub and Bitbucket. It offers automatic reviewer assignment, personalized line highlighting, and prioritization of pull requests. Vibinex Code Review aims to improve the quality of code reviews by reducing noise and focusing on what matters most.

The talk will have three sections:

  1. The Problem and the Solution
  2. Privacy considerations
  3. Frontend for the optimal UX

The Problem and the Solution

Most companies use a code-review interface provided by online or offline git clients, like GitHub (2008), Bitbucket (2008), GitLab (2011), Gerrit (2008) and SourceTree (2010), which are all more than a decade old. The code review experience has not improved much in the last decade, while the entire software development lifecycle has transformed. For instance, from annual release cycles, most companies have moved to weekly or more frequent release cycles, thanks to the powerful CI/CD/CT tools & processes. And with the increasing adoption of Generative AI for code generation, the problem of code review is only going to grow bigger.

The solution is to empower the technical expert with an interface that provides all the required context in the code review interface itself. This is not just static code analysis, instead, it is about understanding the history of the product and measuring or predicting the consequences of the proposed changes on the maintainability, performance and business impact of the project.

For example, the reviewer can see the parts of the PR that they have previously worked on, which parts have a high impact on the product's performance or users' experience and which changes lead to a security vulnerability.

Privacy considerations

Most data-centric tools, especially the ones that analyse code, ask for access to proprietary information. Vibinex has opted for an architecture that ensures that the user data never leaves their infrastructure (so they can ensure privacy and security using VPNs etc.) while maintaining the opportunity to implement federated machine learning and deliver data-powered features. In this talk, we will discuss the architecture of Vibinex that enables such high-quality privacy and discuss the constraints and opportunities that come with it.

Frontend for the optimal UX

We will discuss developer behaviour and its nuances and how those considerations have shaped the UX design of Vibinex. In the beginning, Vibinex has chosen to be a plugin that works alongside GitHub, Bitbucket etcetera because that is where most developers review most of their code. This frontend is implemented in two parts:

1. PR Comments & Notifications: (Commonly adopted solution)Using the code hosting provider's API, we can add information and context to the pull request. But this is very limited in power.

2. Browser extension: Instead of taking the user to a different website, the browser extension can modify the UI of GitHub/Bitbucket right where the developer is accustomed to for looking at the pull request.

In both these parts, Vibinex ensures that it does not disrupt the existing flow of developers while providing actional insights at the right place and on the right cue.

Want to discuss?
Post it here, our mentors will help you out.