Run code reviews with Amazon Q Developer Run code scans with Amazon Inspector

Amazon CodeGuru Reviewer availability change

Starting November 7, 2025, you will not be able to create new repository associations in Amazon CodeGuru Reviewer. After that point, you will only be able to use CodeGuru Reviewer with existing repository associations. If you would like to use the service, you can associate repositories prior to November 7, 2025.

Code analysis capabilities are also available through other AWS services. This page explains the ways you can use other services to review your code for security and quality issues. These services offer distinct code analysis capabilities, so review the following descriptions to determine which service meets your needs.

Run code reviews with Amazon Q Developer

Amazon Q Developer includes code review capabilities such as static code analysis for security vulnerabilities and best practices (SAST), secrets exposure detection, dependency vulnerability detection (SCA), and code quality issue detection.

You can review code with the IDE plugin, or in your GitHub and GitLab repositories. For more information on reviewing code in the IDE, see Reviewing code with Amazon Q Developer. For more information on reviewing code in GitHub, see Reviewing code with Amazon Q Developer in GitHub. For more information on reviewing for in GitLab Duo, see Getting started with GitLab Duo with Amazon Q.

Run code scans with Amazon Inspector

Amazon Inspector automatically discovers code repositories in GitHub and GitLab and scans them for software vulnerabilities and unintended network exposure.

For more information about scanning your code with Amazon Inspector, see Amazon Inspector Code Security.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

What is CodeGuru Reviewer?

How CodeGuru Reviewer works