Code Review Was Never a Scalable Control Mechanism

Key takeaways

• AI-generated code is exposing a hidden weakness in traditional code review: it was never designed to absorb unlimited volume.

• The challenge is no longer just reviewing more code, but understanding whether that code actually makes sense.

• Quality control in software teams needs to move beyond approval flows and into stronger judgment, workflows, and evaluation.

Why traditional code review is no longer enough

Code review has long been treated as the central mechanism for ensuring software quality.

But it only worked because of a hidden assumption: that the amount of code being reviewed was manageable.

That assumption no longer holds.

The human limits of code review

Code review depends on human cognition.

And that has a hard ceiling.

According to Daz, code review effectiveness is limited to around:

• ~400 lines per hour

• a sharp drop in effectiveness after ~60 minutes

This limit didn’t matter when code volume was low.

Now it does.

How AI-Generated code exposes code review bottlenecks

AI didn’t create the constraint. It made it visible.

According to Faros AI, PR size increased by 154% and large PRs are not just longer. They’re harder to evaluate.

According to Anthropic, large PRs in real systems consistently produce multiple issues.

The system is now pushing more through review than it can process.

Why AI-Generated code creates more review complexity

AI doesn’t just increase volume. It changes the nature of the code.

According to CodeRabbit, AI-generated PRs showed:

• 1.7× more issues per PR

• +75% logical errors

• up to 8× performance issues

This shifts the reviewer’s job.

Before:

→ detect errors

Now:

→ determine if the code makes sense at all

How AI-Assisted development impacts long-term code quality

The long-term effects are already measurable.

According to GitClear, AI-assisted development showed:

• code duplication increased 8×

• refactoring dropped significantly

• churn increased

This is not noise.

It shows that the system is losing coherence over time.

Why maintainers absorb the cost of AI-Generated code

The imbalance becomes more visible outside the generation layer.

According to Daniel Stenberg’s writing on cURL and AI-generated contributions, open-source maintainers are facing:

• more noise

• more triage

• less usable signal

Review is no longer just improving code. It is absorbing system friction.

The illusion of quality control in modern code review

The most dangerous effect is subtle.

The process still exists:

• PRs are reviewed

• CI passes

• code is merged

But:

• approval ≠ understanding

• passing tests ≠ correct behavior

The system appears stable.

Its guarantees weaken.

Why AI code review tools are not enough

Using AI to review AI helps, but it doesn’t solve the problem.

According to Sonar, AI code review can help detect issues, but models still share structural weaknesses and require human oversight.

According to Cloudflare, multi-agent systems can improve code review workflows, but the strongest results still appear in controlled or structured environments.

There is no independent source of truth.

What software teams need beyond code review

Code review didn’t fail because it was poorly implemented. It failed because it was never designed to scale.

AI didn’t break it. It exposed its limits. And that creates a gap:

if review can’t absorb the load, control has to move somewhere else.