Language focus

AI code review for Kotlin

Kotlin blends null-safe types, coroutines, and JVM interop in Android apps and Spring services alike. CodeCritic reviews your diff with focus on suspension points, platform types from Java libraries, and sealed hierarchies that compile until an unhandled branch reaches production.

Android & KMPCoroutinesSpring KotlinPaste or GitHub PRFree tier

Online paste review · All languages

Review focus

What we look for in Kotlin changes

Kotlin compiler catches many null mistakes; it does not explain why a `GlobalScope.launch` loses structured concurrency or why a Java DTO nullability annotation lied. The model targets those integration gaps.

  • Coroutines: blocking calls on dispatcher threads, supervisor scopes that swallow child failures, `runBlocking` in production paths, and flows collected without lifecycle awareness.
  • Null safety at boundaries: platform types from Java APIs, unsafe `!!` after refactors, and `@JvmField` exposing nullable state to Java callers without checks.
  • Android-specific: lifecycle-aware collection missing, `remember` keys that reset state, WebView JS bridges without validation, and exported components lacking permission guards.
  • Spring Kotlin: `@Transactional` on open classes without `all-open`, Jackson deserialization into mutable data classes, and constructor injection cycles hidden by lateinit workarounds.
  • Data classes and copy: `copy` defaults that preserve sensitive fields, `equals`/`hashCode` on entities with lazy relations, and value classes boxed unexpectedly in generics.
  • Multiplatform: expect/actual drift between targets, `iosMain` code using APIs unavailable on older OS versions, and shared mutable state guarded only on one platform.

AI review does not replace Play Store policy review, penetration testing, or JVM/Android performance profiling. Use it as a fast second pass before owners approve merge.

Stacks

Common Kotlin codebases we see

Android apps

Navigation argument type safety, Room migrations without fallback, and WorkManager constraints that never run on metered networks when intended.

Server-side Kotlin

Ktor route authentication order, Exposed DSL transactions spanning network I/O, and Gradle version catalogs pinning mismatched kotlinx versions.

Java interop layers

Extension functions shadowing Java methods, SAM conversions hiding checked exceptions, and Kotlin collections exposed as mutable Java lists.

Workflow

Run a Kotlin review in minutes

Paste a ViewModel, repository, or service class to test signal, then connect GitHub when PR automation fits your release train.
  1. 1

    Paste or connect a repo

    Sign up, open a new review, and paste a coroutine-backed class or REST handler. Connect GitHub to target PRs with Kotlin changes.

  2. 2

    Let detection set context

    CodeCritic reads Android, Ktor, and Spring imports so findings reference the runtime you ship, not textbook Kotlin samples.

  3. 3

    Triage by severity

    Issues arrive grouped with short explanations. Fix concurrency and null-boundary risks before debating naming.

  4. 4

    Scale to PR comments

    Enable GitHub integration so the same engine comments on pull requests your team already merges through.

How to use it

Kotlin review without drowning in noise

Paste a vertical slice: a repository method with its DAO or API client, or a ViewModel with the use case it calls.

Keep detekt and Android Lint in CI. CodeCritic targets reasoning: "this flow collector outlives the lifecycle" beats import ordering.

When mixing Java and Kotlin in one diff, include the Java signature so reviewers understand platform type assumptions.

GitHub integration anchors comments on the diff your team already discusses in review threads.

Paid tiers add API automation when every push to a shared KMP module should trigger the same scan.

Validate coroutine and threading findings with a small instrumented test - AI can miss custom dispatchers installed in test fixtures only.

Details: Integrations, Limitations, Pricing.

Code patterns

Kotlin examples worth reviewing

Small slices from real PRs. Paste similar units in the browser or run on the GitHub diff that contains them.

Coroutine scope leak

fun load() {
  GlobalScope.launch { repo.fetchAll() }
}

Sample findings

Typical Kotlin review output

Should fix

GlobalScope survives lifecycle

Work continues after UI or request scope ends. Tie jobs to structured scope tied to caller lifecycle.

Before

GlobalScope.launch { repo.fetchAll() }

Suggested direction

viewModelScope.launch { repo.fetchAll() }

Illustrative patterns from real review categories. Your output depends on diff size, language, and context.

Before you merge Kotlin

  • Context size: Include coroutine scope owners and lifecycle bindings when the change introduces new async work.
  • Interop: Re-read Java-facing APIs for nullability annotations that do not match runtime behavior.
  • UI state: Trace state hoisting and `remember` keys so configuration changes do not resurrect stale data.
  • Human owner: Assign a reviewer who knows the min SDK and backend contract version the diff depends on.

FAQ

Kotlin code review FAQ

Yes. Reviews run on Kotlin source across JVM, Android, and multiplatform projects. Include framework imports for stack-specific feedback.

Try AI code review on your Kotlin

Start free in the browser, then connect GitHub when the team wants reviews on every pull request.

How it works