Code review is often treated as a gate at the end of development. By the time a pull request is opened, the implementation path is largely fixed and feedback tends to focus on correctness rather than intent. This works for small changes, but it is less effective for design-heavy or security-sensitive work, where early alignment matters more than late approval.
HackMD fits into this gap by providing a shared space where code can be reviewed before it becomes rigid. Because the document is collaborative and persistent, review becomes part of the thinking process rather than a reaction to a finished result.
Reviewing code before it becomes code
When teams review early-stage code in HackMD, they are usually reviewing ideas rather than diffs. A document can start with pseudocode, partial implementations, or even rough sketches of an API. Because multiple people can edit the same document at the same time, review often happens as a working session rather than a comment thread.
Real-time collaboration matters here. As one engineer explains a design, another can adjust the example inline, while a third adds written context explaining tradeoffs or assumptions. This keeps discussion focused and avoids the fragmented back-and-forth common in asynchronous pull request reviews.
Collaboratively reviewing an API design
Consider a team proposing a new user service interface. Instead of implementing it immediately, they draft it in a HackMD document and share it with reviewers.
interface UserService { createUser(email: string, password: string): Promise<User>; getUserById(id: string): Promise<User | null>; deleteUser(id: string): Promise<boolean>; }
Because HackMD supports syntax-highlighted code blocks inside Markdown, the example is readable without any tooling setup. Reviewers can leave inline comments on the surrounding text, or directly edit the code to propose alternatives.
As the discussion unfolds, a reviewer may suggest grouping inputs into a value object to make validation and future changes easier. Another reviewer might question whether a boolean return value provides enough information on failure.
Rather than debating these points abstractly, the document evolves to include a revised interface directly beneath the original.
interface CreateUserInput { email: string; password: string; } interface UserService { createUser(input: CreateUserInput): Promise<User>; }
HackMD’s revision history allows the team to keep both versions while deciding which direction to take. If the revised approach is rejected later, the original proposal and its rationale are still accessible. The review process produces not just a decision, but a record of how that decision was reached.
Security-Focused review with shared context
Security reviews benefit from slow, deliberate reasoning. HackMD supports this by allowing code, explanation, and discussion to live together in one document rather than being scattered across inline comments.
Here is a simple authentication function proposed for review.
async function authenticate(email, password) { const user = await db.findUserByEmail(email); if (!user) { return null; } const isValid = await compare(password, user.passwordHash); return isValid ? user : null; }
In HackMD, reviewers can annotate the surrounding text to explain why certain patterns may be risky, such as early returns that could introduce timing differences. Because comments are not bound to a specific commit, reviewers can discuss the logic holistically rather than line by line.
A safer alternative can be written immediately below the original, with accompanying explanation.
async function authenticate(email, password) { const user = await db.findUserByEmail(email); const hash = user?.passwordHash ?? DUMMY_HASH; const isValid = await compare(password, hash); if (!user || !isValid) { return null; } return user; }
The benefit here is not just visibility, but persistence. Future readers can see both implementations, the reasoning behind the change, and the security considerations that influenced the final decision. This kind of documented review is especially valuable in regulated or security-conscious environments.
From collaborative review to pull request
HackMD does not replace Git-based review. Instead, it changes what reaches the pull request stage. Teams can align on design and approach in HackMD, then sync those decisions directly to GitHub, keeping documentation and code review context connected as implementation begins. This makes development more straightforward and pull requests easier to review from the start.
By the time code is committed, reviewers already understand the intent and tradeoffs because that context has been established earlier and preserved alongside the repository. Pull request comments tend to focus on edge cases, tests, and correctness rather than re-litigating decisions, resulting in a more efficient workflow without introducing additional process overhead.
Code review in 2026
HackMD works well for code review because it supports how engineers actually think. Decisions are rarely made line by line. They emerge through discussion, experimentation, and revision.
By embedding code examples, explanations, and collaboration into a single shared document, HackMD allows teams to review not just what the code does, but why it exists in the first place.
