Small PR Rule Won't Survive AI (blog.quent.in)

Rootly has shifted its code review process in response to the increasing use of AI in software development, abandoning its two-year adherence to a strict small pull request (PR) policy. Traditionally, small PRs allowed for easier code review by human developers. However, as AI began to generate entire features—migrations, models, services, tests, and front-end components in one go—this approach became impractical. Reviewers found themselves overwhelmed, trying to piece together dependencies across multiple PRs, leading to increased cognitive load and confusion. Recognizing that AI code often requires a different context-focused review, Rootly has transitioned to a risk-based review system that prioritizes understanding the potential impact of changes rather than simply the size of the code. Instead of relying on small PRs, Rootly now evaluates each PR based on its risk profile, with labels such as risk:low, risk:medium, and risk:high guiding the review intensity. This new framework emphasizes the importance of feature flags and gradual rollouts, ensuring that code is merged safely but can be quickly retracted if issues arise. An internal AI reviewer aids in this process by assessing risk and compliance, allowing human reviewers to focus on critical code paths rather than every line. This shift from size to risk underscores the evolving nature of software development with AI, where ensuring reliable, rapid deployment takes precedence over traditional coding practices.