How do I review AI-generated code before committing?

Question

Accepted Answer

## Why AI-generated code needs a dedicated review step Code produced by Copilot, Cursor, Claude, or any other AI tool can contain: - **Hallucinated APIs** — method names or parameters that look plausible but do not exist in the library version you are using - **Missing error handling** — happy-path logic with no consideration of network failures, nil values, or unexpected input - **Security issues** — SQL injection vectors, unvalidated user input, secrets hardcoded in strings - **Stale patterns** — code written to an older API version or a deprecated approach The AI does not run your tests or check your dependency versions. You have to. ## The review workflow ### Step 1: Stage your changes carefully ```bash git add -p # interactive staging: review each hunk as you stage git diff --staged # confirm exactly what you are about to commit ``` Using `git add -p` instead of `git add .` forces you to read every change before it is staged. ### Step 2: Paste the diff into an AI for review Copy the output of `git diff --staged` and use a prompt like this: ``` Review the following git diff for code I am about to commit. Identify: 1. Bugs or logic errors 2. Missing error handling 3. Security issues (injection, hardcoded secrets, unvalidated input) 4. Any API calls that look incorrect for this library 5. Edge cases the code does not handle ``` Ask for findings only — not rewrites. You want a checklist you can act on. ### Step 3: Fix issues before committing Fix anything flagged, re-stage, and repeat the diff check. Two minutes here prevents a follow-up fix commit later. ## Inline review in Copilot and Cursor - **GitHub Copilot**: Open the diff view in VS Code, select lines, and use `/fix` or `/explain` in the Copilot Chat panel - **Cursor**: Select the generated code block and press `Cmd+Shift+L` to open it in chat with full context ## Keep commits small when working with AI AI generates larger blocks of code faster than humans can review them. A commit touching five unrelated files is hard to review accurately. Aim for one logical change per commit. For a deeper look at building a reliable AI review workflow, see [deployhq.com/git/ai-code-review-before-committing](https://deployhq.com/git/ai-code-review-before-committing).