Reviewify.ai is an advanced, interactive, and premium web application designed to perform static vulnerability scanning and code reviews on the fly. Powered by the Google Gemini API (gemini-2.5-flash) and equipped with a local JavaScript sandboxed runtime, Reviewify.ai allows developers to write, inspect, scan, and refactor code inside a single glassmorphic workspace.
Key Features • Architecture • Tech Stack • Installation • API Documentation • Deployment
- 🔍 Real-Time Code Editor: A fully integrated editor built using
react-simple-code-editorandprismjssupporting syntax highlighting for multiple languages:- JavaScript, Python, C++, Java, CSS, and HTML.
- 🤖 Dual-Engine Error Detection:
- Programmatic Sandbox: Runs Node.js codes locally inside a custom native
vmexecution sandbox to isolate and format real-time JavaScript compilation issues. - AI Compiler Simulator: Detects syntax faults in other languages and produces high-fidelity console diagnostics.
- Programmatic Sandbox: Runs Node.js codes locally inside a custom native
- 🖥️ Simulated VS Code Terminal: Programmatic syntax error catcher (using a Node.js sandbox VM for JavaScript) and AI-simulated compiler output displayed in a classic dark terminal console.
- 📈 Dynamic Quality Dashboard:
- Quality Score Gauge: A beautiful SVG-based circular indicator presenting an automated score based on findings.
- Issues Tab: Highlights and categorizes scanned issues by severity (Critical ❌, Warnings
⚠️ , Info/Safe ✔️). - Refactored Code: Clean tab rendering optimized code suggestions with copy-to-clipboard access.
- Raw Markdown: Rich-text display of the full explanation from the AI reviewer.
- 📁 File Upload Support: Directly drag-and-drop or select scripts to import code, auto-detecting language formats.
- 📚 Interactive Templates & Presets: Loaded template bugs (e.g., Memory Leaks, Callback Hell, SQL Injection, Mutable Defaults, Out of Bounds, Resource Leaks) for immediate testing.
- 💾 Review History & Logs: Integrated review logs stored in a MongoDB database with a LocalStorage fallback to allow users to revisit, toggle, or clear past reviews.
Reviewify.ai decouples frontend interactions from code analysis through an optimized Express API layer:
[ Frontend Client ]
│
▼ (POST /ai/get-review)
[ Backend Express Controller ]
│
├─► [ Local VM Sandbox ] ──► (Catches JavaScript runtime & syntax errors)
│
├─► [ Gemini AI Engine ] ──► (Reviews patterns, scans security, formats fixes)
│
└─► [ MongoDB Instance ] ──► (Saves review output details & history log)
Below is the directory mapping of the project's source codebase:
- Backend Server Modules:
- server.js — Main entry point initiating database connections and hosting the Express application listener.
- app.js — Express app configuration, Middleware definitions, and CORS configuration.
- db.js — MongoDB client initialization using the native driver.
- ai.routes.js — Express routers mapping REST endpoints to controllers.
- ai.controller.js — Route controllers managing code reviews, history queries, VM sandboxing, and clear functions.
- ai.service.js — Generative AI Service configuring system prompts and interacting with the
@google/generative-aiAPI SDK.
- Frontend Dashboard UI:
- App.jsx — Main dashboard component rendering templates, code editor, history panel, quality gauges, and VS Code terminal simulator.
- App.css — Custom stylesheet providing premium glassmorphic properties, glowing tabs, and terminal font styles.
- index.css — Root layout setup, scrolling setups, and tailwind/custom configurations.
- main.jsx — Primary index runner rendering the App context.
| Tier | Component / Library | Purpose |
|---|---|---|
| Frontend | React 19 (Vite) | High-performance SPA view layer & routing |
| Prism.js | Tokenizer rendering real-time editor syntax styles | |
| React Markdown | Formats complex AI responses containing tables and blocks | |
| Axios | Manages API communication and asynchronous fetches | |
| Backend | Node.js (Express.js) | Server runtime supporting JSON payloads and API routing |
@google/generative-ai |
Integrates with Google Gemini API models | |
| Node VM Subsystem | Executes JavaScript scripts inside clean sandbox contexts | |
| MongoDB Native Driver | Retains logs and query records in collection documents |
Follow these steps to set up and run a local instance of Reviewify.ai.
- Node.js (v18.x or later recommended)
- MongoDB (local instance or MongoDB Atlas connection URI)
- Google Gemini API Key (obtain from Google AI Studio)
git clone https://github.com/NoumanAhmed01/AI-Code-Reviewer.git
cd AI-Code-Reviewer/AI-Code-Reviewer- Navigate to the backend directory:
cd Backend - Install all server dependencies:
npm install
- Set up environment configurations:
Create a
.envfile based on the provided template:Editcp .env.example .env
.envto include your configuration variables:PORT=3000 MONGODB_URI=mongodb://localhost:27017/reviewify GOOGLE_GEMINI_KEY=your_google_gemini_api_key GEMINI_MODEL=gemini-2.5-flash
- Run the backend server in development mode:
The server will start running on
npm run dev
http://localhost:3000.
- Open a new terminal pane and navigate to the frontend directory:
cd ../Frontend - Install client dependencies:
npm install
- Set up environment configurations:
Create a
.envfile based on the provided template:Set the API URL variable:cp .env.example .env
VITE_API_URL=http://localhost:3000
- Run the frontend development server:
Open your browser and navigate to
npm run dev
http://localhost:5173.
All endpoints are prefixed with the base /ai path.
- Endpoint:
POST /ai/get-review - Headers:
Content-Type: application/json - Request Body:
{ "code": "function checkUser(id) { const query = 'SELECT * FROM users WHERE id = ' + id; return db.execute(query); }", "language": "javascript" } - Success Response (200 OK):
{ "review": "### ❌ Issues\n1. **SQL Injection Vulnerability**: Direct string interpolation...", "error": null }
- Endpoint:
GET /ai/history - Success Response (200 OK):
[ { "id": "64c8d5a1b32f41a8a25c1b5a", "language": "javascript", "code": "function checkUser(id) { ... }", "review": "...", "error": null, "date": "10:35 PM - Jun 25" } ]
- Endpoint:
DELETE /ai/history - Success Response (200 OK):
{ "message": "History cleared successfully" }
To catch compilation and reference bugs before shipping scripts to the AI Engine, Reviewify.ai incorporates a dual validation layer:
- Native VM Sandbox: When a user requests review on a block of JavaScript code, the server passes it directly into the native Node.js
vmcore module:This catches syntactical compilation faults locally inside an isolated thread context without exposing the server environment.const vm = require("vm"); new vm.Script(code); // Throws SyntaxError on malformed structures
- AI Compiler Simulation: In non-JS formats, system prompt boundaries force Gemini to identify reference issues and format them inside predefined tags (
[TERMINAL_ERROR] ... [/TERMINAL_ERROR]). The controller intercepts these tags and maps them to the terminal console layout.
Deploy the Backend/ subdirectory. Ensure you set the following environment variables:
MONGODB_URI— Connection URI for database storage.GOOGLE_GEMINI_KEY— API credentials key.GEMINI_MODEL— Configured AI model version (defaults togemini-2.5-flash).
Deploy the Frontend/ subdirectory. Set the build settings to:
- Build Command:
npm run build - Output Directory:
dist - Environment Variable:
VITE_API_URLpointing to your deployed backend URL.
Contributions make the open-source community an amazing place to learn, inspire, and create. Any contributions you make are greatly appreciated.
- Fork the Project
- Create your Feature Branch (
git checkout -b feature/AmazingFeature) - Commit your Changes (
git commit -m 'Add some AmazingFeature') - Push to the Branch (
git push origin feature/AmazingFeature) - Open a Pull Request
Distributed under the MIT License. See LICENSE for more information.
Developed with ❤️ by the Reviewify Team using Google Gemini & React.