In December 2025, Graphite announced a definitive agreement to join Cursor, and Cursor published a matching announcement. Graphite said the product will continue operating as an independent brand (subject to closing). (Graphite announcement, Cursor announcement)
If you're choosing review tooling, the interesting question is not whether Graphite is “gone”. It's what happens when the surfaces where we write code and the surfaces where we review it start to merge.
The pattern: review is moving closer to where code is written
PR review still matters, but it is increasingly treated as a feature of broader platforms. IDEs, coding assistants, and Git hosts already see the diff and the surrounding context. Adding an AI reviewer is a natural extension.
Integrated review can be a win: lower adoption friction, fewer moving parts, and a reviewer that shares the same context as the developer.
The tradeoff is leverage versus lock-in. Integrated workflows are convenient. But they can also pull your team toward a single ecosystem for writing, reviewing, and merging code. Some orgs will embrace that. Others will prefer tools that stay decoupled.
What this means if you're picking tools
The Graphite news changes the calculus in a few ways.
Vendor risk is real. When critical workflows depend on a vendor, ownership changes can change roadmap priorities. Even if the product continues independently, integrations and long-term direction can shift.
PR review is becoming table stakes. Diff-based review fits neatly into existing platforms. If your goal is better incremental review, you will have many options. The standalone tool only makes sense if it offers something the platforms don't.
The interesting question is scope. PR review examines diffs – the lines that changed in a single pull request. That's valuable for catching issues in new code. But it doesn't tell you anything about the hundreds of thousands of lines that were already there. The code that was written before your current team arrived. The architectural decisions nobody has revisited. The patterns that accumulated over years without anyone stepping back to evaluate the whole picture.
That's a different problem, and it's not one that PR review tools – standalone or platform-integrated – are designed to solve.
A different lane
VibeRails exists in a category that doesn't overlap with what Graphite was doing or what Cursor is building. We don't do PR review. We do full-codebase audit: point an AI at your entire project, read every file, and produce a structured inventory of issues across security, performance, complexity, dead code, architectural inconsistencies, and more.
This isn't a feature that IDEs are adding. It's not something that shows up in a PR workflow. It's a separate activity – closer to hiring a senior consultant to read through your entire codebase than to adding a bot to your pull requests.
The model is different too. VibeRails is a desktop application. It runs locally and orchestrates your existing Claude Code or Codex CLI installation – the BYOK (Bring Your Own Key) model. Your code goes directly from your machine to the AI provider you already use. We don't run a cloud backend, we don't store your source code, and we don't proxy your requests.
Pricing reflects that architecture. Because we don't pay for your AI compute, there's no AI markup in the licence fee. VibeRails is $299 per developer for a lifetime licence, or $19/mo per developer if you prefer monthly. One licence, one machine. There's a free tier with up to 5 issues per review session, no signup required.
We're not a VC-funded company optimizing for acquisition. We're a small studio building a sustainable product. Nobody is going to announce that VibeRails is "joining" a larger platform, because that's not what we're building toward.
Two kinds of review
The Graphite news clarifies something useful: there are two fundamentally different activities that both get called "code review."
PR review checks what changed. It's incremental, continuous, and increasingly commoditized. Your IDE, your Git host, and your coding assistant can all do it. The standalone tools in this lane are consolidating because the platform players offer it for free or bundled.
Full-codebase review checks what's there. It's periodic, deep, and still a gap in most teams' workflows. No IDE does it. No PR bot does it. The only way to do it before was to hire expensive consultants or hope someone on your team had time to read through everything. Most teams just never did it.
If you need PR review, you have many good options and the list is growing. If you need someone – or something – to read your entire codebase and tell you what's wrong, that's a different tool for a different job.
Sources: Graphite announcement and Cursor announcement.
Limits and tradeoffs
- It can miss context. Treat findings as prompts for investigation, not verdicts.
- False positives happen. Plan a quick triage pass before you schedule work.
- Privacy depends on your model setup. If you use a cloud model, relevant code is sent to that provider; local models can keep inference on your own hardware.