Skip to main content
HashnodeRida RahimRida Rahim

Command Palette

Search for a command to run...

From Hackathon to Production: Why I Built the Code Review Tool I Couldn't Find Anywhere Else

Updated
6 min read
From Hackathon to Production: Why I Built the Code Review Tool I Couldn't Find Anywhere Else
R
Rida
I'm Rida — a CS student, solo founder of TawakalStudio, and a builder who doesn't wait for permission. I write about what I'm actually making: dev tools, client work, shipping under pressure, and what it looks like to be a young woman carving space in tech one project at a time. No polish. Just the real thing.

I'm going into my third year as a CS student, a solo founder, and a woman in a field that still makes you feel like you have to prove you belong before you've even opened your laptop. I've learned to build fast, build real, and ship things that actually solve problems — not just things that look good in a README.

DeltaReview is one of those things. Here's how it got built and why it exists.

It Started With a Hackathon and a Vibe Coded Prototype

Earlier this year I built ReviewAI for the Codex Challenge on Handshake — an AI-powered code reviewer that analyzes any snippet in real time, flags bugs, security vulnerabilities, and performance issues, and outputs a Code Health Score. Judges from GEICO, Uber, and L'Oreal evaluated it. The stack was lean: Groq LLM API, Monaco Editor, vanilla HTML/CSS/JS, Node.js, Vercel.

ReviewAI was vibe coded. I had an idea, I moved fast, I leaned on AI to get it across the finish line. No shame in that — it shipped, it worked, it got judged by engineers at real companies.

But after submitting, I kept thinking about something ReviewAI couldn't do.

It could tell you your code had problems. It couldn't tell you what changed — and whether that change was what introduced those problems. So I sat down and hand coded something that could.

The Gap Nobody Was Filling

Vibe coding is mainstream. Junior devs, solo founders, non-technical builders — everyone is shipping AI-generated code faster than they can fully audit it. That's not slowing down.

But here's what I kept noticing: the existing tools in this space weren't built from a developer's perspective. They were built to look impressive in a demo. Log in, set up an integration, navigate a dashboard, wait for a report. There's a whole category of "AI code review" tools that add friction at every step and still don't answer the one question that actually matters before you deploy:

What changed, and is it safe to ship?

I looked at what was out there and kept coming back to the same frustration — none of them felt like they were made by someone who actually sits in the diff and feels the anxiety of shipping. They were made by people optimizing for enterprise contracts, not for the developer staring at two versions of a function at 11pm wondering if they just introduced a vulnerability.

That's the position I built DeltaReview from.

What DeltaReview Actually Does

DeltaReview takes a "before" and "after" version of your code and returns structured feedback before you deploy. No login. No setup. No friction. You paste, you analyze, you get answers.

Here's a real example of what the output looks like:

Risk Scores

  • Bug Risk: 20 (Low)

  • Security Risk: 10 (Low)

  • Performance: Neutral

  • Complexity: Increased

Key Findings

  • SQL injection vulnerability fixed by using parameterized queries in the getUserData function (High severity, Security)

  • Hardcoded credentials replaced with a secure authentication mechanism in the login function (High severity, Security)

  • Input validation added to prevent invalid user IDs and credentials across getUserData and login (Medium severity, Bug)

Suggested Commit Messages

  • Fixed SQL injection vulnerability in getUserData function

  • Implemented secure authentication mechanism in login function

Refactoring Suggestions

  • Consider adding additional validation for user input

  • Review database query performance to ensure optimal execution

It works across 23 languages — JavaScript, TypeScript, Python, Java, Go, Rust, SQL, and more — so it fits wherever you're already working.

Not vague summaries. Specific findings with locations, severity levels, suggested fixes, and commit messages you can actually copy and use.

The session saves your analysis history while you're on the page. Close the tab and it's gone — intentionally, no data stored. That's why there's an Export button: JSON if you want to pipe it somewhere, Markdown if you want to drop it into a PR or a doc.

How It's Different

Most AI code review tools fall into one of two buckets: heavyweight integrations that require repo access and a 15-minute setup, or lightweight chat wrappers that just prompt GPT with your code and call it a review.

DeltaReview is neither. A few things that actually differentiate it:

No login, no integration, no repo access. You don't connect anything. You paste two versions of code and get structured output in seconds. That's a deliberate product decision — remove every possible point of friction between a developer and an answer.

Structured output, not prose. Getting an LLM to return consistently structured analysis across wildly different codebases and diff sizes is a real engineering problem. The pipeline isn't just "send code to Groq and return the response." It's built around reliable structured output that can be read, exported, and acted on.

Built by a developer for the moment before deployment. Not for a code review process. Not for a team workflow. For the specific, high-stakes moment when you have two versions of something and you need to know if the second one is safer than the first.

Built with Next.js, TypeScript, Groq API, and Vercel serverless functions. The focus throughout was on fast analysis, clean output, and a workflow that fits how developers actually ship.

Why I'm Talking About This as a Woman in Tech

I'm not going to bury this.

Computer science is still a male-dominated field. I walk into rooms, join communities, and ship projects in a space where women are underrepresented at almost every level. I felt it when I started. I still feel it.

I built TawakalStudio, a web development and digital branding studio, and I built DeltaReview — not as a school project, not as a resume line, but as real things I own and run and iterate on. I'm writing this because I want younger women who are thinking about tech, or already in it, to see that this is possible. Not easy. Not without doubt. But possible.

You don't have to wait until you feel ready. You don't have to wait until the room looks different. You build the thing, you ship it, you figure it out — and you do it as yourself.

That's what I'm doing. That's what TawakalStudio is. That's what DeltaReview is.

Try It

delta-review.vercel.app — no login, no setup, paste and go.

If you're building something, working on a team, or just sick of shipping diffs you're not fully confident in, it's worth a few minutes.

Want to connect?

#webdev#programing#womenintech#buildinpublic#ai

Comments

Join the discussion

No comments yet. Be the first to comment.