> ## Documentation Index
> Fetch the complete documentation index at: https://docs.cloudthinker.io/llms.txt
> Use this file to discover all available pages before exploring further.

# Code Review

> Connect GitHub, GitLab, or Bitbucket repositories and get AI-powered code reviews on every pull request automatically.

## What You'll Set Up

By the end of this tutorial, every pull request in your connected repositories will automatically receive AI-powered code review comments — detecting bugs, security vulnerabilities, and best-practice violations before code reaches production.

<Steps>
  <Step title="Navigate to Code Review Settings">
    Go to **Settings** > **Code Review** in your CloudThinker workspace.

    You'll see options to connect **GitHub**, **GitLab**, or **Bitbucket** repositories.
  </Step>

  <Step title="Connect GitHub">
    Click **Connect GitHub** to install the CloudThinker GitHub App.

    <Note>
      You need **Organization Owner** permissions to install the GitHub App. If you don't have access, ask your org admin to approve the installation.
    </Note>

    1. Select the GitHub organization
    2. Choose which repositories to grant access (all or selected)
    3. Authorize the app

    The GitHub App requests read access to code and pull requests, and write access to post review comments.
  </Step>

  <Step title="Connect GitLab (Alternative)">
    For GitLab, you have two authentication options:

    **Option A: OAuth (recommended)**

    * Click **Connect GitLab**
    * Authorize via OAuth flow
    * Select projects to monitor

    **Option B: Access Token**

    * Generate a **Project Access Token** or **Group Access Token** in GitLab
    * Paste it in CloudThinker settings
    * Select the projects to monitor
  </Step>

  <Step title="Configure Repositories">
    After connecting, you'll see a list of available repositories. Toggle on the ones you want CloudThinker to review.

    For each repository, you can configure:

    * **Auto-review**: Automatically review every new PR (recommended)
    * **Review mode**: Choose between **Fast** (single-agent, quicker) or **Advanced** (multi-specialist deep analysis)
    * **Pipeline monitoring**: Toggle CI/CD failure analysis on or off
    * **Filters**: Include or exclude specific authors or branches from reviews
  </Step>

  <Step title="Open a Pull Request">
    Create or open a pull request in one of your connected repositories. CloudThinker will automatically:

    1. Detect the new PR
    2. Analyze the changed files
    3. Post inline review comments on specific lines
    4. Provide a summary comment with overall findings

    Comments include:

    * **Bug detection**: Logic errors, null references, race conditions
    * **Security vulnerabilities**: Injection risks, hardcoded secrets, insecure patterns
    * **Code quality**: Naming conventions, complexity, duplication
    * **Performance**: Inefficient queries, unnecessary allocations, N+1 patterns
  </Step>

  <Step title="Review and Act on Feedback">
    Each review comment includes:

    * **Severity level**: Critical, High, Medium, Low
    * **Explanation**: Why this is an issue
    * **Suggested fix**: Code snippet with the recommended change

    Address the feedback, push new commits, and CloudThinker will perform an **incremental review** — only analyzing the new changes, not the entire PR.
  </Step>
</Steps>

***

## How It Works

```
Developer opens PR → CloudThinker detects PR → AI analyzes diff
→ Posts inline comments → Developer fixes → Re-review on new commits
```

The review runs automatically on every PR — no manual triggers needed. Reviews typically complete within 1-2 minutes depending on the size of the diff.

***

## Track Team Performance with [Leaderboard](/guide/code-review/leaderboard)

Once your team has a few reviewed PRs, go to **Code Review** > **Leaderboard** to see how everyone is performing.

The [Leaderboard](/guide/code-review/leaderboard) scores each developer by balancing **Quality** (AI review scores) and **Impact** (code complexity) — so it rewards engineers who ship robust code, not just those who ship the most lines.

```
Contribution Score = (Normalized Quality + Normalized Impact) / 2
```

| Score  | Meaning                       |
| ------ | ----------------------------- |
| = 1.0  | Exactly at team average       |
| > 1.0  | Above average (top performer) |
| \< 1.0 | Below team average            |

### What to Look For

* **High Quality + High Impact**: Your top performers — ideal mentors and lead reviewers
* **High Impact + Low Quality**: Possible burnout signal — shipping fast but cutting corners
* **High Quality + Low Impact**: May be stuck on a hard problem or under-utilized
* **Uneven Impact distribution**: High "Bus Factor" risk — knowledge concentrated in one person

<Tip>
  Use the Leaderboard as a diagnostic tool, not just a ranking. It surfaces workload imbalances and quality trends that aren't visible from PR counts alone.
</Tip>

<Card title="Leaderboard Scoring Details" icon="trophy" href="/guide/code-review/leaderboard">
  Deep dive into the scoring formula, impact calculation, and example calculations
</Card>

***

## Tips

* **Start with a pilot repo**: Connect one active repository first to see the review quality before rolling out broadly
* **Use Fast mode for small PRs**: Switch to Advanced mode for critical repos where deeper specialist analysis is valuable
* **Enable pipeline monitoring**: Let CloudThinker analyze CI/CD failures and post root-cause suggestions automatically
* **Use filters to reduce noise**: Exclude bot authors or non-production branches from reviews
* **Skip reviews when needed**: Add `@cloudthinker:ignore` in a PR description to bypass the review
* **Review the Leaderboard weekly**: Track quality trends and workload balance across your team

***

## Next Step

<Card title="CloudKeepers" icon="radar" href="/guide/tutorial/cloudkeepers">
  Set up autonomous monitoring and compliance scanning
</Card>