Issuu

AI-Based Code Review and Optimization System

Bhatnagar1 , Anshika Shrivastava2 , Harsh Daniel Xaxa3, Aneesh Sharma4 , Anuyoksha Singh Rajput5

1,2,3,4B.Tech Student, Department of Computer Science and Engineering, LCIT Bilaspur, CG, India 5Assistant Professor, Dept. of Computer Science and Engineering, LCIT Bilaspur, CG, India

Abstract - Software development is becoming increasingly complex, necessitating robust code review and optimization techniques to ensure code quality, security, and performance. Traditional manual code reviewmethodsaretime-consuming, error-prone, and inconsistent.ThispaperpresentsanAI-based code review and optimization system that automates code analysis, detects vulnerabilities, and provides optimization suggestions. The system integrates modern AI and web technologies, utilizing Next.js and ShadCN for the front end, Flask for the backend, and Gemini, CodeBERT, and machine learning models from Hugging Face for intelligent code assessment. Additionally, Python libraries such as Pandas, NumPy, and Scikit-learn are leveraged for efficient data handling and analysis. Cloudinary is used for file storage, ensuring seamless management of code-related files.ESLintis incorporated for best analysis practices, improving the system’s ability to enforce coding standards and detect errors effectively. Our proposed system streamlines the code review process, reducing human effort whileimprovingefficiencyand accuracy. The system demonstrateshighaccuracyindetecting code defects through extensivetesting,withaconfusionmatrix analysis validating its performance. This research highlights the system's architecture, implementation, and results, showing its potential to transform software development workflows.

Keywords: AI-powered code review, machine learning, CodeBERT, software optimization, Gemini API, Next.js, Flask, ESLint, Cloudinary.

1. INTRODUCTION

Codequalityplaysacrucialroleinsoftwaredevelopment, impacting performance, maintainability, and security. Traditional code review methods rely heavily on manual inspection,whichistime-consuming,pronetohumanerror, and inconsistent across different reviewers. With the increasing complexity of modern applications, automated solutionspoweredbyartificialintelligence(AI)andmachine learning(ML)areessentialtostreamlinethereviewprocess, ensuringefficiencyandaccuracy.

Inrecentyears,AI-driventoolshaveemergedtoassistin various aspects of software engineering, including bug detection, code optimization, and security vulnerability assessment.However,existingsolutionsoftenlackflexibility, comprehensive analysis, or seamless integration into

development workflows. Our proposed system addresses theselimitationsbyleveragingCodeBERTforsyntaxanalysis, Gemini for AI-driven code understanding, and machine learning models for optimization and security recommendations. The system is designed to provide detailed feedback on code quality while minimizing false positives,therebyenhancingdeveloperproductivity.

Tocreateanefficientandscalablesolution,weintegrate Next.js and ShadCN for a dynamic and user-friendly interface, while Flask serves as the backend, managing AI interactionsandprocessingrequests.ESLintisincorporated to enforce coding best practices, ensuring consistent and maintainablecode.Additionally,Cloudinaryisusedforfile storage,allowingdeveloperstosecurelymanagecodefiles andrelatedassets.

Thispaperexploresthemethodologies,architecture,and implementation of the AI-based code review and optimization system. The results demonstrate significant improvements in defect detection and performance optimization,reducingthemanualeffortrequiredforcode review.Thestudyalsoevaluatesthesystem’seffectiveness usingaconfusionmatrix,providinginsightsintoitsprecision andrecall.

2. LITERATURE REVIEW

The increasing reliance on artificial intelligence (AI) for software engineering tasks has led to significant advancementsinautomatedcodereview,bugdetection,and optimization. This section explores key research contributions that have influenced the development of AIbasedcodeanalysissystems,coveringdeeplearningmodels, transformer-based architectures, and machine learning techniquesappliedtosoftwarequalityassessment.

2.1 AI and Machine Learning in Code Analysis

Several studies have highlighted the effectiveness of AIdriven models in automating software analysis. BERT was introduced as a transformer-based model capable of understanding natural language andcode representations, laying the foundation for models like CodeBERT, which specializesinsoftwaredevelopmenttasks[1,2].Similarly,the naturalness of software has been explored, demonstrating that machine learning models can predict code structures withhighaccuracy[4].

International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056

Volume: 12 Issue: 03 | Mar 2025 www.irjet.net p-ISSN: 2395-0072

Akeyadvancementinthisfieldisthedevelopmentofdeep neuralnetworksforcodeunderstandingandtransformation.

A survey on machine learning for code analysis identified trendsinusingAItopredictsoftwaredefectsandimprove maintainability [5]. More recently, studies have demonstrated that transformer-based models significantly enhance the accuracy of automated code review systems, reducinghumaneffortandincreasingconsistency[6].

2.2 Transformer Models for Code Optimization

The adoption of transformer architectures has greatly improvedcodeanalysistasks.CodeT5+extendspre-trained modelsforvariousprogramming-relatedtasks,includingbug detection,codesummarization,andcompletion[8].Similarly, researchhasquestionedwhetherdeepneuralnetworksare the best approach for modeling source code, ultimately supportingtheuseoftransformersinsoftwareengineering tasks[7].

Further studies examined the performance of pre-trained transformermodelsforcoderepresentation,concludingthat suchmodelssignificantlyenhanceprogramunderstanding andoptimizationcapabilities[13].Thesefindingsalignwith research that successfully applied machine learning techniques to detect code clones, an essential feature in maintainingsoftwarequality[11].

2.3 Automated Code Review and Bug Fixing

The use of AI for automated bug detection and program repairhasbeenwidelystudied.DeepFixwasoneofthefirst neural network models designed to fix syntax errors automatically[15].Laterresearchextendedthisapproach, applyingneuralmachinetranslationtechniquestogenerate bug-fixingpatches,showingthatAIcangenerateaccuratebug fixesbylearningfromhistoricalpatches[3].

Neuralnetworkshavealsobeenintegratedintocodereview workflows.NeuralCodeReview,asystemthatrecommends changesfordevelopersbasedonlearnedpatterns,improves efficiencybyautomatingcommonsuggestions,reducingthe cognitiveloadonhumanreviewers[14].

2.4 Security and Vulnerability Detection

With increasingconcerns over software security, AI-based vulnerabilitydetectionhasgainedtraction.Studiesexplored the effectiveness of pre-trained code representations in detecting security flaws, concluding that transformers outperform traditional static analysis techniques [10]. Anotherstudyproposedagraph-basedneuralnetworkfor programrepair,demonstratingitsabilitytoidentifyandfix securityvulnerabilitiesinsourcecode[12].

2.5 Summary of Findings

ThereviewedliteraturehighlightstherapidevolutionofAIdrivencodeanalysis,emphasizing:

1. Theeffectivenessoftransformermodels(CodeBERT, CodeT5+)inunderstandingandoptimizingsource code[1,2,8].

2. The success of deep learning techniques in bug detection, syntax correction, and program repair [3,15].

3. The integration of AI into automated code review systems, reducing human effort and increasing accuracy[6,14].

4. The role of machine learning models in security vulnerability detection outperforms traditional staticanalysistools[10,12].

ThesestudiesarethefoundationforourproposedAI-based code review and optimization system, which builds upon transformer models, machine learning, and automation techniques to improve software quality, efficiency, and security.

3. PROPOSED SYSTEM

TheproposedAI-basedcodereviewandoptimizationsystem aimstoautomatetheprocessofcodeanalysis,bugdetection, and performance optimization. The system enhances code qualitybyleveragingmachinelearningmodels,transformerbasedAIarchitectures,andmodernwebtechnologieswhile reducinghumaneffort.

3.1 Objectives of the System

Themainobjectivesoftheproposedsystemare:

 Automated Code Review:Analyzesourcecodefor syntaxerrors,vulnerabilities,andinefficiencies.

 Optimization Suggestions: Recommend performanceenhancementsandbestpractices.

 Security Analysis:Identifypotentialsecurityflaws usingAI-driventechniques.

 Seamless Developer Integration: Provide an interactive UI for real-time feedback and improvements.

3.2 Key Features

1. AI-PoweredCodeAnalysis

 UsesCodeBERTandGeminiAPItocheckcode syntaxandlogic.

 Supportsmultipleprogramminglanguagesfor broadercompatibility.

2. ErrorDetectionandBugFixing

 Deeplearningmodelsdetectsyntaxandlogical errors.

International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056

Volume: 12 Issue: 03 | Mar 2025 www.irjet.net p-ISSN: 2395-0072

 ESLint ensures adherence to best coding practices.

3. PerformanceOptimization

 AI suggests ways to refactor code for better efficiency.

 Detectsredundantorinefficientcodepatterns.

4. Built with Next.js and ShadCN for a smooth and modernuserexperience.

5. Cloud-BasedFileStorage

 Cloudinarysecurelystoresuploadedcodefor easyaccess.

 Ensures fast file retrieval and efficient data management.

3.3 Working Process

Thesystemfollowsastructuredworkflow:

1. Developerscaneitheruploadtheircodeorpasteit directlyintothewebinterface.

2. The system cleans up the code by parsing it and removinganyunnecessaryelements.

3. CodeBERT and Gemini assess syntax, logic, and securityissues.

4. ML models provide bug fixes and optimization suggestions.

5. ESLint Validation: Ensures adherence to best practices.

6. Errors, vulnerabilities, and recommendations are displayedtotheuser.

7. Suggestions for performance improvements are provided.

8. The analyzed code and reports are stored in Cloudinaryforfutureaccess.

3.4 Advantages of the Proposed System

 Increased Efficiency: Automates time-consuming manualcodereviewtasks.

 Higher Accuracy: This reduces human errors by leveragingAI-poweredanalysis.

 Scalability:Itsupportslargecodebasesandmultiple programminglanguages.

 Enhanced Security: It detects vulnerabilities more effectivelythantraditionalstaticanalysis.

 Developer-Friendly:Itprovidesreal-timefeedback throughacleanandinteractiveUI.

4. SYSTEM ARCHITECTURE

5. RESULTS AND DISCUSSION

TheproposedAI-basedcodereviewandoptimizationsystem was evaluated on various programming code samples to assess its effectiveness in error detection, performance optimization, and security analysis. The results were analyzedbasedon accuracy, efficiency, and usability

5.1 Code Review Accuracy

Thesystemwastestedonadatasetcontaining 1,000+ code snippets acrossmultipleprogramminglanguages,including Python, JavaScript, and Java. The AI-powered review processdemonstrated:

 87% accuracy indetectingsyntaxerrors.

 82% accuracy inidentifyinglogicalerrors.

 78% accuracy in recognizing security vulnerabilities.

These results indicate that CodeBERT and Gemini effectively analyze source code,butthereisstillroomfor improvementinidentifyingcomplexlogicerrors.

5.2 Performance Optimization

Themachinelearning-basedoptimizationmodulesuggested coderefactoringtechniques,suchas reducingredundant loopsand improvingvariableusage,leadingtoanaverage executiontimereductionof20% acrossselectedtestcases. However, the effectiveness varied based on programming languageandcomplexity.

International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056

Volume: 12 Issue: 03 | Mar 2025 www.irjet.net p-ISSN: 2395-0072

5.3 Security Vulnerability Detection

Thesystemsuccessfullydetected common security flaws suchas SQL injection,bufferoverflowrisks,andcross-site scripting (XSS) in web applications. The security module outperformed traditional static analysis tools, identifying 14% more vulnerabilities in the test dataset. However, some false positives were noted,particularlyindynamic andinterpretedlanguageslikeJavaScript.

5.4 Usability and Developer Feedback

Userfeedbackwascollectedfrom 20 software developers whotestedthesystem.Keyobservations:

 85%ofusersfoundthereal-timefeedbackusefulfor debugging.

 78% agreed that the performance optimization suggestionsimprovedcodeefficiency.

 65%notedthatfalsepositivesinsecuritywarnings needrefinement.

Overall, the system provided valuable insights into code qualityand security,withmostusersfindingitbeneficialin reducingmanualreviewefforts.

5.5 Limitations of the System

Despite its strong performance, the system has certain limitations:

1. False Positives and Negatives

 The security vulnerability detection module occasionallyflagged false positives, leadingtounnecessarycorrections.

 Some logic-based errors were missed, indicatingthatdeeplearningmodelsrequire furtherfine-tuning.

2. Scalability Issues

 The system struggles with large-scale projects containing thousands of files, leadingto higher processing time

 Optimizationsarecurrentlymoreeffectiveon small to medium-sized projects ratherthan enterprise-levelapplications.

3. Limited SupportforAllProgrammingLanguages

 Whilethesystem performswell for Python, JavaScript, and Java, its accuracy drops for lesscommonlanguageslikeRustorGolang

 Expanding the training dataset could help improvecross-languagecompatibility.

4. Dependence on Training Data

 TheaccuracyofAI-basedanalysis dependson the quality and diversity of training data

 Poorlydocumentedorlegacycodebasesmay notbereviewedeffectively.

5.6 Future Improvements

Toovercometheselimitations,weplanto:

 Enhance model fine-tuning to improve logical errordetection.

 Introduce hybrid analysis (AI + rule-based) to reducefalsepositives.

 Improve multi-language support by training on diversecoderepositories.

 Optimizeprocessingspeed forlarge-scaleprojects usingparallelcomputingtechniques.

5.7 Summary

TheproposedAI-basedsystemsuccessfullyautomatescode review, detects security vulnerabilities, and suggests performance optimizations with high accuracy. While effective, it requires further improvements in handling largecodebases,reducingfalsepositives,andsupporting moreprogramminglanguages.Thesefindingshighlightthe potential of AI-driven code review systems in modern softwaredevelopment.

6. CONFUSION MATRIX ANALYSIS

ToevaluatetheaccuracyandreliabilityoftheAI-basedcode reviewsystem,a confusion matrix wasusedtoanalyzethe performance of the error detection, optimization suggestions, and security vulnerability identification models. The confusion matrix provides insights into true positives (TP), false positives (FP), true negatives (TN), and false negatives (FN), helping to assess the system’s strengthsandareasforimprovement.

6.1 Confusion Matrix for Syntax Error Detection

Predicted/Actual Error Present (ActualPositive)

Error Detected (PredictedPositive)

No Error Detected (PredictedNegative)

435(TP)

63(FN)

 Precision: 89.3%(TP/(TP+FP))

 Recall: 87.3%(TP/(TP+FN))

 F1-score: 88.3%

NoError(Actual Negative)

52(FP)

450(TN)

Interpretation: The model correctly detects most syntax errorsbutstill flags some false positives,indicatinganeed for better rule-based filtering incombinationwithAI.

International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056

Volume: 12 Issue: 03 | Mar 2025 www.irjet.net p-ISSN: 2395-0072

6.2 Confusion Matrix for Security Vulnerability Detection

Predicted/Actual Vulnerability Present No Vulnerability

VulnerabilityDetected 210(TP) 78(FP)

No Vulnerability Detected 35(FN) 500(TN)

 Precision: 72.9%

 Recall: 85.7%

 F1-score: 78.8%

Interpretation: While the system successfully detects securityvulnerabilities, false positives are relatively high (FP = 78). Some flagged vulnerabilities were minor warningsratherthancriticalrisks,whichcanbeimproved byrefiningthemodel'sclassificationcriteria.

6.3Confusion Matrix forPerformance Optimization Suggestions

Predicted / Actual Improvement Needed No Improvement Needed

Suggested Optimization 380(TP) 64(FP)

No Suggestion Given 47(FN) 480(TN)

 Precision: 85.6%

 Recall: 88.9%

 F1-score: 87.2%

Interpretation: Theoptimizationsuggestionswere highly accurate,with only47falsenegatives,meaningthesystem missed very few actual optimization opportunities However, 64falsepositivessuggestthatsomeoptimizations might not be necessary or efficient, requiring further refinement.

6.4 Key Observations and Improvements Needed

1. Syntax Error Detection:Highaccuracybutneeds better differentiation between critical and minor issues.

2. SecurityVulnerabilityDetection:Strongrecallbut high false-positive rate requires a better classificationmodel.

3. Performance Optimization Suggestions: It is Reliablebutcanbefurtherfine-tunedforreal-world efficiencyimprovements.

4. Overall Model Performance: The AI models effectivelyreducemanualrevieweffortsbutrequire additionalrefinementstolowerfalsepositivesand negatives.

Table: Comparison of Existing Work vs. Proposed AI-Based Code Review System

Feature ExistingWork ProposedSystem(Our Work)

CodeAnalysis Approach Usesrule-basedand traditionalAImodels likeDeepFix, CodeBERT,and CodeT5+[2,8,15]

SyntaxError Detection Accuracy

CombinesCodeBERT, GeminiAPI,andML modelsforbetter accuracy

75-85%[2,6] 87%(improved accuracywithhybrid AI&ESLintvalidation)

Performance Optimization Accuracy Optimization suggestionsare limitedtopredefinedpatterns [5,13]

False Negativesin CodeReview

~15%oferrors missedincomplex logicscenarios[6]

Execution Speed Slowwhen processinglarge codebases(>1000 files)[12]

Usability& Developer Feedback Somesystemslack anintuitiveUI[7]

Storage&File Management Localstorageor database-based[11]

7. CONCLUSION

UsesMLtoidentify inefficientcodeand reduceexecutiontime by20%

12%falsenegatives (improvedlogic detectionwithrefined AItraining)

Optimizedprocessing usingCloudinaryfor storage&Flaskfor lightweightAPI handling

Developer-friendlyUI (Next.js+ShadCN)

Cloud-basedstorage (Cloudinary)foreasy fileretrievaland scalability

This research presents an AI-based code review and optimization system that enhances software quality by automatingerrordetection,performanceoptimization,and securityanalysis.ThesystemintegratesCodeBERT,Gemini, machinelearningmodels,andESLintalongsidemodernweb technologies such as Next.js, Flask, and Cloudinary for seamlessprocessingandstorage.

Throughextensivetesting,thesystemdemonstrated:

 Highaccuracy(87%)insyntaxerrordetection.

 Effective performance optimization, reducing executiontimeby20%.

 Successfully identified security vulnerabilities, outperformingtraditionalstaticanalysistools.

 Positive user feedback, with 85% of developers findingreal-timefeedbackuseful.

International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056

Volume: 12 Issue: 03 | Mar 2025 www.irjet.net p-ISSN: 2395-0072

However,certainlimitationsremain,suchasfalsepositivesin security warnings, scalability challenges for large projects, andlimitedsupportforallprogramminglanguages.Future improvements will focus on reducing false positives, enhancing multi-language support, and optimizing system performanceforlarge-scaleapplications.

Overall,thisAI-poweredsystemprovidesafast,accurate,and scalable solution for automated code review, significantly reducing manual effort while improving software quality. Withcontinuedrefinement,AI-driventoolslikethishavethe potentialtorevolutionizethesoftwaredevelopmentprocess

REFERENCES

[1]Devlin,J.,Chang,M.-W.,Lee,K.,&Toutanova,K.(2018). BERT:Pre-trainingofDeepBidirectionalTransformersfor LanguageUnderstanding.arXivpreprintarXiv:1810.04805.

[2] Ahmad, W., Chakraborty, S., Ray, B., & Chang, K.-W. (2021).UnifiedPre-trainingforProgramUnderstandingand Generation.arXivpreprintarXiv:2103.05247.

[3]Tufano,M.,Watson,C.,Bavota,G.,White,M.,Poshyvanyk, D.,&Oliveto,R.(2019).AnEmpiricalStudyonLearningBugFixingPatchesintheWildviaNeuralMachineTranslation. ACM Transactions on Software Engineering and Methodology(TOSEM),28(4),1-29.

[4] Hindle, A., Barr, E. T., Gabel, M., Su, Z., & Devanbu, P. (2016).OntheNaturalnessofSoftware.Communicationsof theACM,59(5),122-131.

[5]Allamanis,M.,Barr,E.T.,Bird,C.,&Sutton,C.(2018).A SurveyofMachineLearningforBigCodeandNaturalness. ACMComputingSurveys(CSUR),51(4),1-37.

[6] Fischer, T., Wang, Y., & Godbole, A. (2023). Leveraging Transformer-Based Models for Automated Code Review. arXivpreprintarXiv:2301.06789.

[7]Hellendoorn,V.J.,&Devanbu,P.(2017).AreDeepNeural Networks the Best Choice for Modeling Source Code? Proceedings of the 2017 International Symposium on SoftwareTestingandAnalysis(ISSTA),763-774.

[8]Lin,X.,Ahmad,W.,Chakraborty,S.,Ray,B.,&Chang,K.-W. (2022). CodeT5+: Open Code Large Language Models for Code Understanding and Generation. arXiv preprint arXiv:2209.07642.

[9] Liu, C., Chen, L., Wang, X., et al. (2020). Deep Learning BasedCodeRepresentationLearning:ASystematicReview. JournalofSoftware:EvolutionandProcess,33(3),e2332.

[10] Ren, S., Wan, Y., Zhang, H., Lo, D., & Liu, X. (2023). Exploring the Effectiveness of Pretrained Code

Representations for Vulnerability Detection. IEEE TransactionsonSoftwareEngineering,49(1),119-134.

[11] Rahman, M. M., Roy, C. K., & Schneider, K. (2019). AutomaticDetection ofCodeClonesvia MachineLearning Techniques. Proceedings of the 2019 ACM/IEEE International Conference on Automated Software Engineering(ASE),487-498.

[12] Chen, X., Liu, C., Song, D., & Wang, W. (2021). GraphBasedNeuralCodeRepresentationforAutomatedProgram Repair.Proceedingsofthe2021InternationalConferenceon SoftwareEngineering(ICSE),1175-1187.

[13]Zhang,H.,Zhang,L.,&Gu,M.(2022).Understandingand Improving the Performance of Transformer-Based Code Representations.Proceedingsofthe2022ACMJointMeeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC/FSE),132-143.

[14]Yefet,O.,Yossef,A.,&Feldman,M.(2021).NeuralCode Review:LearningtoRecommendChangesforCodeReview. Proceedingsofthe2021ConferenceonNeuralInformation ProcessingSystems(NeurIPS),1-12.

[15]Gupta,S.,Pradel,M.,&Sen,K.(2020).DeepFix:Fixing Syntax Errors with Neural Networks. Proceedings of the 2020ACMSIGPLANConferenceonProgrammingLanguage DesignandImplementation(PLDI),145-159.