---
title: Code Review vs Validation
slug: code-review-vs-validation
type: comparison
created: 2026-06-17
updated: 2026-06-17
status: active
tags:
  - code-review
  - validation
  - gates
  - security
sources:
  - dan-shapiro-you-dont-write-code-2026-02-13
  - jleechanorg-dark-factory-repo
  - jleechanorg-agent-orchestrator-repo
related:
  - dark-factory
  - digital-twin-universe
  - cxdb
  - healer
confidence: medium-high
contradictions:
  - Human code review catches design and security issues that tests may miss; dark factory systems try to move that assurance into automated gates and independent review.
bead_refs:
  - dark-factory-rr4
---

# Code Review vs Validation

Code review asks humans or reviewers to inspect code changes directly. Validation asks systems to prove the change satisfies behavior, safety, policy, and evidence requirements.

## Factory Shift

In a [[dark-factory]], human diff review is treated as the bottleneck. The replacement is not blind trust. It is validation infrastructure:

- public tests and sealed holdouts;
- adversarial independent review;
- structural isolation from evaluator internals;
- CI and evidence gates;
- telemetry through [[cxdb]];
- diagnosis through [[healer]];
- human escalation for judgment-heavy cases.

## Boundary

`inference:` Validation can replace routine diff reading only where acceptance criteria, threat models, and evidence standards are strong enough. For novel architecture, security posture, or ambiguous product behavior, human review remains a necessary gate.
