I Don’t Read Your Pull Requests Anymore

I always took code review seriously. I didn’t panic so much when pushing sensitive code (that means code which I’d not really understood or tested properly) because some other (more competent) human would at least run their eyes over the code before it went into production.

I don’t think that this happens anymore. I’m sure it doesn’t happen as much as it used to, because I’m not really reading pull requests anymore. I don’t think anyone is, and that’s a real problem for our industry.

The Old Way

There was a time when I took code reviews seriously, because it is a great way to learn about code (and how the business works generally).

Now I don’t feel like that is the case. Leadership say they can create pull requests “without ever looking at the code” and this filters down to all levels in the organization. If an author can’t be bothered to read and check code why should anyone else? This means that the checks and balances have gone from the software development process, and the quality certainly isn’t what it should be.

Instead of reading every line, questioning naming and thinking about architecture or edge cases I scroll. Sure, I look for things that are obviously terrifying but AI review usually picks that sort of thing up. There are automated checks, and I feel they’ll be able to check most of what matters and I can feel safe when I hit approve.

This makes it all better, right? Right?

It’s not because I’m lazy

I’d like to tell you that I’m overworked, that there are too many pull requests. I’d like to tell you that AI has made changes so large that proper reviews are impossible.

Yet those are just excuses. The real reason is much simpler.

I don’t care because nobody cares, and the incentives are wrong.

Suppose I spend an hour reviewing a complicated pull request. I spot a subtle concurrency bug, notice duplicated logic and suggest a simpler design. In past jobs the developer would ignore my suggestions and merge the code anyway, but suppose that they actually fix things. The reward is nothing, and nobody remembers. My performance review is certainly not going to remember my PR review, the person I “mentored” to better code doesn’t care.

The logical thing to do is to spend three minutes skimming over some code and approve it. Move onto the next ticket and the next happy day. People will appreciate that you’ve delivered your work and helped unblock others. People like you more, and if you have a 360 degree review process this means a great deal. It might even get you that next promotion.

Doing a bad job at code review makes you faster, makes others faster and means that you get your job done in short order. What’s the harm?

The Cost is Invisible

If I miss a bug, there’s a good chance nobody will ever know and scant evidence that I should have spotted it.

The responsibility for shipping great code belongs to “the team”. Incidents are simply learning exercises that we all benefit from. Pull requests disappear into history and are forgotten about. Accountability is something that sounds good, but has no real meaning after an interview where you tell people you are a responsible hard working developer.

Yet it doesn’t matter anymore. There is no incentive for developers to produce a great code review. They can only do so much, and their time is better spent actually writing code (or driving Claude). The time spent arguing over variable names is now better spent on … anything at all.

Merge more.

Ship faster.

Reduce cycle time.

AI has exposed what was already broken

People often blame AI for the things happening now in software development. The changing nature of the job.

The problem is when you have too much to do, pressure deadlines and lack of resource. AI does not alleviate the core issues that we face as software developers, it lowers the cost (and quality) of code.

The code review process has been broken for as long as I can remember. People scanning through code and hand waving approvals on reputation. That’s got worse as AI pull requests now have thousands of lines of generated code.

Code that is wrong but AI is “certain” that it’s right makes things worse, as developers stop checking their work themselves (some aren’t even bothering to build it anymore). Now that the volume has exploded, pretending everything is *fine* has become harder.

I’ve lowered my standards

This is the uncomfortable part, and I’ve nobody else to blame. I don’t review code properly anymore.

This isn’t about metrics. It’s not about AI. It’s not about deadlines.

I’m the one clicking approve. I’m the one who no longer thinks deeply like I used to. I’m unsure when I accepted that this is normal, acceptable or even within my own moral compass.

Yet I do know that some things are true. Spending an hour on a code review yields nothing, apart from making me look slower than everyone else.

My standards have slipped, and it’s been a gradual process. One pull request at a time, fitting into the incentives that I’ve been given and simply hoping things will be ok.

Conclusion

It’s all my fault. Not anyone else.

About The Author

Professional Software Developer “The Secret Developer” can be found on Twitter @TheSDeveloper and regularly publishes articles through Medium.com

The Secret Developer is in an introspective mood.

Next
Next

Is Anyone Learning to Code Anymore?