Starting a code review with Amazon Q Developer - Amazon Q Developer
Review as you codeReview a file or project

Starting a code review with Amazon Q Developer

Amazon Q can review your entire codebase, or auto-review your code as you write it.

Before you get started, make sure you've installed Amazon Q in an IDE that supports code reviews. For more information, see Installing the Amazon Q Developer extension or plugin in your IDE.

Review as you code

Note

Amazon Q auto-reviews are only available with a Amazon Q Developer Pro subscription.

Auto-reviews are rule-based reviews powered by Amazon Q detectors . Amazon Q automatically reviews the file you are actively coding in, generating code issues as soon as they are detected in your code. When Amazon Q performs auto reviews, it doesn’t generate in-place code fixes.

Auto-reviews are enabled by default when you use Amazon Q. Use the following procedure to pause or resume auto-reviews.

Pause and resume auto-reviews

To pause auto-reviews, complete the following steps.

  1. Choose Amazon Q from the bottom of the IDE window.

    The Amazon Q task bar opens.

  2. Choose Pause Auto-Reviews. To resume auto-reviews, choose Resume Auto-Reviews.

Review a file or project

You can also initiate a review from the chat panel to have Amazon Q review a particular file or project. File and project reviews include both rule-based and generative AI-powered reviews. Code issues generated during file or project reviews can include in-place code fixes.

To start a file or project review, complete the following steps:

JetBrains

  1. Open a file or project you want to review in your IDE.

  2. Choose the Amazon Q icon to open the chat panel. Enter /review.

  3. A new chat tab opens. Amazon Q prompts you to choose a project or file to review. If you’re reviewing a file, the file you want to review must be open and active in the IDE. If you’re reviewing a project, the project must be open in the IDE.

  4. Choose the type of review you want to run. Amazon Q begins reviewing the project or file that you currently have open in the IDE.

  5. When the review is complete, the Code Issues tab opens above the chat panel with a list of the issues Amazon Q found.

  6. You can choose an issue to be redirected to the specific area of the file where the vulnerable or low-quality code was detected.

    To see more details about the issue, choose the magnifying glass icon to the right of the code issue name in the Code Issues tab. A Code Issue Details panel opens with information about the issue.

  7. To address your code issues, see Addressing code issues with Amazon Q Developer.

Visual Studio Code

  1. Open a file or project you want to review in your IDE.

  2. Choose the Amazon Q icon to open the chat panel.

  3. Using natural language, describe the type of code review you want to run. You can review only your recent code changes, or an entire file. Code changes are determined based on the output of the git diff command on your file.

    With your code project or file open in the IDE, you can enter things like:

    • Review my code changes

    • Run a code review on this file

  4. Amazon Q will begin reviewing your file or project. Once complete, it will summarize the highest priority issues and observations.

    If any issues were detected, the Code Issues panel opens above the chat panel with a list of the issues Amazon Q found.

  5. To learn more about a code issue, navigate to the Code Issues panel above the chat panel. From there, you can do the following:

    1. Select an issue to be redirected to the specific area of the file where the vulnerable or low-quality code was detected.

    2. To get an explanation of the code issue, choose the magnifying glass icon next to the name of the code issue. Amazon Q will provide details about the issue and suggest a remediation that you can insert into your code.

    3. To fix the code issue, choose the wrench icon next to the name of the code issue. Amazon Q will provide a brief explanation of the fix and then make an in-place fix in your code file. You will see the code change in your file, and have the option to undo the change from the chat panel.

  6. For more information about addressing code issues, see Addressing code issues with Amazon Q Developer.

Visual Studio

  1. Open up a file from the project you want to scan in Visual Studio.

  2. Choose the Amazon Q icon at the bottom of your file to open the Amazon Q task bar.

  3. From the task bar, choose Run Security Scan. Amazon Q begins scanning your project.

    In the following image, in Visual Studio, the user chooses the Amazon Q icon, prompting a task bar from which the user may choose Run Security Scan.

    Visual Studio with the Amazon Q task bar showing "Run Security Scan" as a choice

  4. The status of your scan is updated in the Visual Studio output pane. You're notified when the scan is complete.

    For information about viewing and addressing findings, see Addressing code issues with Amazon Q Developer.