In today’s traditional code review processes, humans are a big part of how code is reviewed and ultimately committed to production. A person reads and comments on code to ensure it undergoes a peer review and is aligned with engineering processes and best practices.
The future of code reviews, like CI/CD and many other automated processes in engineering, should strive to reverse the paradigm with about 80% performed by tools and machines with 20% human validation and intervention.
By exposing security plans as code, the security gates that are now critical as part of the code review process are much easier to automate and ultimately resolve with minimal human intervention.
Manual code review processes can also be automated to handle the parts machines are better equipped to fix than humans.