Amazon CodeGuru (Preview)
Automate code reviews
Identify your most expensive lines of code
“The recommended fix worked perfectly and removed the thread contention warning which was using 55.97% of CPU time… a single host could now serve 700 TPS, which is around 7.5x more traffic than a single host could handle previously.”
Chris Butterfield, a software development engineer who works on a scheduling service for sellers on Amazon.in
“After following CodeGuru Profiler’s recommendation to remove these cloned values, we saw huge reductions in CPU utilization – a 40% reduction on the synchronous fleet and 67% reduction on the asynchronous fleet.”
Rajesh Konatham, a senior software development engineer who works on the catalog management service for Amazon.com
“CodeGuru Reviewer allowed us to catch a long-standing race condition lurking in a critical piece of code. A human reviewer would have missed it as it was outside of the areas of the code I had changed… It was great to have something there to improve our code quality without requiring setup or getting in the way.”
Mike Thompson, a senior software development engineer who works on AWS builder tools
Trained on decades of knowledge and experience
CodeGuru’s machine learning models are trained on Amazon’s code bases comprising hundreds of thousands of internal projects, as well as over 10,000 open source projects in GitHub. Tens of thousands of Amazon developers have contributed to CodeGuru’s training based on decades of experience in code review and application profiling. For example, CodeGuru Reviewer is trained using rule mining and supervised machine learning models that use a combination of logistic regression and neural networks. During training to detect deviation from best practices, it mines Amazon code bases for pull requests that include AWS API calls. It looks at code changes and cross-references them against documentation data, which it also mines in parallel. This creates new models for best practices that Reviewer uses when it reviews your code to provide recommendations. CodeGuru Profiler is also trained by Amazon performance engineers and used to profile tens of thousands of services used internally at Amazon. You can decide whether to accept each recommendation CodeGuru offers – the more feedback you give it, the better its recommendations get.
Find your most expensive lines of code
CodeGuru Profiler is always searching for application performance optimizations, identifying your most “expensive” lines of code and recommending ways to fix them to reduce CPU utilization, cut compute costs, and improve application performance. CodeGuru Profiler provides specific recommendations so you can take action immediately on issues such as excessive recreation of expensive objects, expensive deserialization, usage of inefficient libraries, and excessive logging. CodeGuru Profiler runs continuously in production, consuming minimal CPU capacity so it does not significantly impact application performance. You can begin profiling your application by installing a small agent using code that CodeGuru provides and configuring it in the CodeGuru console.
When it sees opportunities to optimize application performance, Amazon CodeGuru Profiler explains why it is recommending a change, what’s causing the issue, how to resolve it, and where in the code this issue is impacting your application.
Amazon CodeGuru Reviewer scans your pull requests and gives you recommendations against your source code in Github or AWS CodeCommit, together with a description of what’s causing the issue and how you can remediate it.
Catch the code issue today – don't wait to get paged
CodeGuru Reviewer looks for the things that keep you awake at night, and recommends how to remediate them. It detects deviation from best practices for using AWS APIs and SDKs, flagging common issues that can lead to production issues, such as detection of missing pagination or error handling with batch operations. It detects concurrency issues such as atomicity violations and the use of classes that are not thread-safe, which are difficult to find even for experienced programmers. It detects when resources are incorrectly closed, creating latency issues and outages. It also identifies correct input validation, where un-sanitized inputs can lead to issues such as injection attacks or denial of service. You can associate existing code repositories on GitHub or AWS CodeCommit with CodeGuru to begin reviewing code.
Inexpensive enough to use for every code review and application
CodeGuru is inexpensive enough to use for every code review and application you run. It has simple, pay-as-you-go monthly pricing based on the number of lines of code reviewed and sampling hours per application profile. For example, if you have a typical pull request with 500 lines of code, it would only cost $3.75 to run CodeGuru Reviewer on it. Try it for free for the first 90 days. After that, CodeGuru costs $0.005 per sampling hour per application profile and $0.75 per 100 lines of code per month. See pricing »
What developers say about Amazon CodeGuru
Chris Butterfield, a software development engineer who works on a scheduling service for sellers on Amazon.in:
“After running CodeGuru Profiler and seeing its recommendations, I realized that we needed to update our service to fix a bug related to CPU locking. The recommended fix worked perfectly and removed the thread contention warning which was using 55.97% of CPU time. After the fix, I completed load testing and found that a single host could now serve 700 TPS, which is around 7.5x more traffic than a single host could handle previously. We were able to reduce our number of instances by around 75% after load testing while still handling the same traffic."
Rajesh Konatham, a senior software development engineer who works on the catalog management service for Amazon.com:
“We had just disabled a few software-related configurations to improve server startup time and reduce profile clutter. We used CodeGuru Profiler to understand the impact of this change and realized that our workflow system was cloning documents each time it executed branches, even when it was not required. Because of this, we were spending 15% of CPU capacity cloning values unnecessarily. After following CodeGuru Profiler’s recommendation to remove these cloned values, we saw huge reductions in CPU utilization – a 40% reduction on the synchronous fleet and 67% reduction on the asynchronous fleet. Far more than the 15% reduction in CPU utilization we were expecting! The additional reduction was due to reduced Garbage Collection activity as the clones were no longer taking up heap memory.”
Neeraj Kumar, a senior software development engineer who works on Amazon CloudWatch:
“We ran CodeGuru Profiler and found that most of our CPU capacity was being used to sign the Amazon S3 request using SHA-2. We were using the JDK-provided implementation for SHA-2, but CodeGuru Profiler recommended that we use Amazon Corretto Crypto Provider instead. We followed the recommendation, which allowed us to implement some of these crypto algorithms more quickly. Corretto Crypto Provider matches JDK’s behavior, so onboarding was simple. After deployment we saw an approximately 30% CPU reduction in several AWS Regions."
Mike Thompson, a senior software development engineer who works on AWS builder tools:
“CodeGuru Reviewer allowed us to catch a long-standing race condition lurking in a critical piece of code. A human reviewer would have missed it as it was outside of the areas of the code I had changed. CodeGuru Reviewer provided enough context around the bug, a clear explanation on why it was bad, and an example of how to fix it. Making the required change was very easy and only required a few minutes. It was great to have something there to improve our code quality without requiring setup or getting in the way.”
Danish Bashar, a software development engineer who works on AWS DynamoDB:
“I was downloading a file from Amazon S3 and wasn’t aware that it was a stream, which created a resource leak. Unit testing would not have caught this issue because it ran fine. Since I had not explicitly written the object type I didn’t notice it, and I am pretty sure anyone code reviewing me would not have noticed it either. It took CodeGuru Reviewer a few minutes to look at the semantics of the code and it caught the resource leak relatively quickly. CodeGuru Reviewer recommended I use a try-with-resources to close the resource, and I implemented it immediately. +1.”
Geetika Vasudeo, a software development engineer who works on AWS DynamoDB:
“We were using an Amazon DynamoDB table in a way that we don’t typically use and we missed this in the code review. CodeGuru Reviewer identified that the operation was returning paginated results instead of all results. We were doing scans and only fetching results on the first page, which wasn’t a problem now, but as the table grew over time we would end up only seeing the first page and missing the rest of the results. Not handled correctly, this could have become a major bug in our code. Great catch and great recommendation.”
Visit the features page.
Instantly get access to the AWS Free Tier.
Get started building with Amazon CodeGuru in the AWS Management Console.