Gitar tunes up to tighten strings on AI-generated code 

It’s a lose-lose situation

But, argues Ali-Reza Adl-Tabatabai, co-founder and CEO of Gitar, this creates a lose-lose situation i.e. teams that push code through without thorough validation see incidents and regressions rise. 

He suggests that teams that slow down to review everything see velocity and developer sentiment implode and what he calls ‘crater’ i.e. crumble downwards. 

Either way, the bottleneck compounds as AI-generated code volume grows.

“The industry has focused on accelerating code generation, but the real constraint is shipping that code safely,” said Adl-Tabatabai. “Developers today spend too much time acting as the integration layer between CI failures, logs, fixes and approvals. Gitar turns that process into an autonomous system that reviews and quality checks code, triages problems, diagnoses root causes and proposes fixes so engineers can focus on delivering software.”

In modern software pipelines, every change must pass through a validation phase before reaching production. This process typically involves manual code review, CI test results, security scans and approvals from multiple engineers.

As AI-generated code increases, these manual quality gates become a scaling problem. Larger pull requests, higher change throughput and inconsistent code quality create growing pressure on developers responsible for validating changes. Platform teams, typically under-resourced, absorb the growing support burden without additional headcount. The result: senior engineers become pipeline janitors, review quality erodes as teams rubber-stamp to keep up and CI failures pile up faster than anyone can diagnose them.

Pull request validation

“Gitar addresses this challenge by introducing agentic quality gates, which are AI systems that automate the workflows involved in pull request validation,” said Adl-Tabatabai and team.

Key capabilities of the Gitar platform include AI code review to detects bugs and vulnerabilities and surface high-signal findings; CI failure root-cause analysis, which de-duplicates and summarises CI failures to identify the underlying issue; there are also automated fixes, which generate code changes to address CI failures or review findings.

An interactive agent allows developers to query, update and fix code directly inside pull or merge requests; custom agents enable engineering platform teams to create custom agents for automating validation workflows.

Developer workflow integrations

Connections exist to with tools including GitHub, GitLab, Slack, Jira, Linear, CircleCI, Buildkite and Jenkins. 

For workflow analytics, the technology tracks validation outcomes, CI failures and agent decisions to identify recurring issues and opportunities to improve development workflows, helping platform teams steadily improve CI reliability and code quality.

“Together, these capabilities allow engineering teams to move from manually triaging pipeline failures to receiving approval-ready decisions about whether code is ready to merge,” said Adl-Tabatabai and team. “While most AI coding tools focus on generating code inside the IDE, Gitar targets the stage where that code must be validated before release.”

The platform integrates directly with GitHub and GitLab workflows and supports common CI systems such as CircleCI, Buildkite and Jenkins. It also connects with developer tools, including Slack, Jira and Linear, allowing teams to automate validation workflows across their existing development environments.

Automated complex validation

Gitar enables both developers and platform teams to automate complex validation workflows. Platform teams can also create custom agents using natural-language prompts to enforce company-specific checks, policies and CI automations.

The Computer Weekly Developer Network (CWDN) spoke to Adl-Tabatabai for more…

CWDN: How does Gitar avoid the false-positive problem that makes most automated code review tools noise generators?

Adl-Tabatabai: We’ve tuned Gitar to minimise false positives using a number of techniques such as context and memory management, model selection, specialised tools and sub-agents and others. To catch regressions and make sure we are always improving accuracy, we continuously measure the rate at which our users’ commits address Gitar feedback, which directly measures the accuracy of our code review findings. And we run internal evals and external benchmarks to maintain or improve false positive rates on every product update.

We dogfood our own product, allowing us to directly experience the accuracy. To keep noise levels to a minimum, we designed the user experience of the product to be clutter-free. Instead of posting a comment update on every review, we update a single dashboard comment and automatically resolve inline review comments as they get resolved with commits.

CWDN: How about CI root cause analysis – how does Gitar ensure accuracy of its CI root cause analysis?

Adl-Tabatabai: Like reviews, we strive to minimise noise introduced during CI failure analysis. Gitar is designed to not only analyse CI failures but also suggest and commit fixes. CI failures typically block merge, so if it gets the fix wrong, that fix won’t get merged because CI will continue to fail. Gitar continues to iterate until CI passes, ensuring only that proper fixes get committed. We have guardrails to ensure we handle any corner cases.

CWDN: How do custom agents keep platform teams from recreating the same brittle rule-based checks they already have?

Adl-Tabatabai: In our experience, platform teams spend a significant amount of time customising CI and code review using bespoke scripts, configurations and glue code that require constant maintenance as more corner cases are discovered, as tools evolve, and as business requirements change. We’ve discovered that AI agents are much less brittle because their training allows them to generalise naturally to cover corner cases and new tools. 

They also allow platform engineers to add checks and automations very quickly using prompts and integrations rather than bespoke scripts, configuration and glue code. And finally, they allow engineers to add checks and automations that are not simply not possible or practical to do without AI; for example, checking strings for internationalisation, finding and linking related Jira tasks, or keeping documentation up to date with code.