# ADR 044: Codex Code Review

- HTML version: https://robbiepalmer.me/projects/personal-site/adrs/044-codex-code-review
- Project: Personal Site (https://robbiepalmer.me/projects/personal-site.md)
- Status: Accepted
- Date: 2026-06-21

# Context

[ADR 009: CodeRabbit](/projects/personal-site/adrs/009-code-rabbit) records the core decision to use automated review. [ADR 041: Gemini Code Assist](/projects/personal-site/adrs/041-gemini-code-assist) and [ADR 042: Greptile](/projects/personal-site/adrs/042-greptile) record the value of independent reviewers, divergent feedback, and provider resilience. This ADR does not repeat that rationale.

[ADR 043: Codex](/projects/personal-site/adrs/043-codex) introduces a ChatGPT Plus subscription for agentic coding. That plan also includes **Codex code review in GitHub**, including automatic Pull Request reviews, without another subscription.

The current reviewers show why an additional implementation can be useful. Greptile has sometimes posted comments that are word-for-word identical to Gemini Code Assist, while also posting additional findings. CodeRabbit frequently produces a more divergent set of comments. This is strong operational evidence that the free Greptile review path may lean heavily on Gemini or a shared upstream review component, although Greptile does not publicly document enough about that path to establish the cause.

Foundation model diversity is only one source of diversity. Different review harnesses can retrieve different context, run different prompts and tools, apply different severity thresholds, and aggregate findings differently even when they share a model. **[Greptile](https://www.greptile.com/independence)** and **[CodeRabbit](https://www.coderabbit.ai/blog/coderabbit-supports-nvidia-nemotron-3-ultra)** both describe multi-model approaches, so product-level independence should not be treated as proof of foundation-model independence.

# Decision

I will enable **[Codex code review in GitHub](https://developers.openai.com/codex/integrations/github)** for automatic review of Pull Requests.

Codex code review follows repository guidance from `AGENTS.md`, posts a standard GitHub review, and focuses its default comments on P0 and P1 issues. This high-severity focus offers another review perspective without attempting to duplicate every summary, style suggestion, or lower-priority comment from the existing services.

GitHub reviews are metered as **Code Review usage**. OpenAI documents this separately from the shared five-hour allowance for local messages and cloud tasks. The review service is therefore treated as a distinct decision from using Codex to generate code.

# Alternatives

## Existing Reviewers Only

* **Pros**: Avoids another set of comments, configuration, and provider limits.
* **Cons**: Leaves an included review capability unused and misses an opportunity for a further independent, high-severity review pass.
* **Decision**: Rejected. Codex review is already included in the subscription adopted by ADR 043.

## On-Demand Codex Reviews

* **Pros**: Conserves the Code Review allowance and reduces comments on low-risk Pull Requests.
* **Cons**: Relies on remembering to request `@codex review`, weakening the consistency of the review workflow.
* **Decision**: Rejected as the default. On-demand review remains useful if automatic reviews consume the allowance too quickly.

# Consequences

## Positive

* **No Additional Subscription Cost**: Automatic GitHub review is included with ChatGPT Plus, which is already adopted for Codex coding work.
* **Independent Review Harness**: Codex adds another context, prompting, tooling, severity, and orchestration path to the existing reviewer mix, regardless of whether foundation models overlap.
* **High-Severity Focus**: Default GitHub comments are limited to P0 and P1 issues, which should reduce low-value noise.
* **Shared Repository Guidance**: Codex reads `AGENTS.md`, allowing the coding agent and reviewer to use the same project-specific expectations.
* **Automatic Coverage**: Every eligible Pull Request receives the review without a manual trigger.

## Negative

* **Additional Noise**: A fourth automated reviewer can duplicate or conflict with existing comments, even with Codex's high-severity threshold.
* **Finite Review Allowance**: Code Review usage has its own plan limit. Automatic review may exhaust it faster than selective `@codex review` requests.
* **Future Quota Coupling**: Current documentation distinguishes GitHub Code Review usage from general Codex usage. If OpenAI changes that policy, reviews could reduce capacity available for code generation and this decision must be revisited.
* **Correlated Findings**: Product diversity does not guarantee independent findings. Word-for-word overlap between Greptile and Gemini shows that some review paths can remain correlated, while Greptile and CodeRabbit's multi-model approaches can also overlap with Codex at the foundation-model level.
* **Security and Access**: Codex cloud must be connected to the repository and given sufficient GitHub access to read changes and post reviews.

---

Markdown index of this site: https://robbiepalmer.me/llms.txt