How to review a commit with Codex

Commit-level reviews isolate a single change set so feedback stays focused and easier to act on, which is ideal for hotfixes, backports, and cherry-picks. Narrowing the scope to one SHA also reduces noise compared to reviewing an entire branch.

The codex review command targets Git history directly, producing findings from the diff introduced by a specific commit. Passing a commit identifier with --commit tells Codex to evaluate only that change set and report potential problems, risky patterns, and improvement suggestions.

The target commit must exist in the local repository, so fetch the branch that contains it before running the review. Rebasing or amending rewrites commit SHAs, so re-check the SHA after history edits to avoid reviewing an outdated object. Use the full 40-character SHA to avoid ambiguity when short SHAs resolve to multiple commits.

Steps to review a commit with Codex:

Open a terminal in the Git repository containing the commit to review.
```
$ git rev-parse --show-toplevel
/home/user/projects/example-repo
```

List recent commits to locate the target change.

$ git log --oneline -n 5
e5ae13c Add audit logging flag
eacaa6a Add API client timeout helper
a20d03d Initial commit

Resolve the full commit SHA for the selected commit.
```
$ git rev-parse eacaa6a
eacaa6aea60e4a09703687d249dcc0753bce7344
```
If git rev-parse fails with unknown revision, fetch the branch that contains the commit before retrying.

Confirm the selected SHA refers to the expected commit.

$ git show --no-patch --oneline eacaa6aea60e4a09703687d249dcc0753bce7344
eacaa6a Add API client timeout helper

Review the file-level diff summary for context before running the review.

$ git show --stat eacaa6aea60e4a09703687d249dcc0753bce7344
commit eacaa6aea60e4a09703687d249dcc0753bce7344
Author: User Example <user@example.net>
Date:   Mon Jan 19 11:30:37 2026 +0800

    Add API client timeout helper

 src/api/client.ts | 3 +++
 src/api/types.ts  | 4 ++++
 2 files changed, 7 insertions(+)

Run a review against the commit SHA using Codex.
```
$ codex review --commit eacaa6aea60e4a09703687d249dcc0753bce7344
The commit only adds two small exports without any evident functional or correctness issues.
```
Save the report by redirecting output to a file (example: codex review --commit eacaa6aea60e4a09703687d249dcc0753bce7344 > codex-review.txt).

Author: Mohd Shakir Zakaria
Mohd Shakir Zakaria is a cloud architect with deep roots in software development and open-source advocacy. Certified in AWS, Red Hat, VMware, ITIL, and Linux, he specializes in designing and managing robust cloud and on-premises infrastructures.