MySeniorDev

Gemma 4 Challenge: Build With Gemma 4 Submission Gemma 4 挑战赛：Build with Gemma 4 参赛作品

This is a submission for the Gemma 4 Challenge: Build with Gemma 4. 这是我为 Gemma 4 挑战赛提交的作品：Build with Gemma 4。

What I Built 我的作品

MySeniorDev is a local-first AI code reviewer powered by Gemma 4 E2B. You paste any file from your project and get an honest, specific code review — the kind a senior developer gives in a real pull request. MySeniorDev 是一款由 Gemma 4 E2B 驱动的“本地优先”AI 代码审查工具。你可以粘贴项目中的任何文件，并获得诚恳、具体的代码审查意见——就像资深开发者在真实的 Pull Request 中给出的建议一样。

Three review modes: 三种审查模式：

• Security — finds hardcoded secrets, missing validation, exposed API keys, auth holes.
  • 安全性 — 查找硬编码的密钥、缺失的验证、暴露的 API 密钥以及身份验证漏洞。
• Architecture — flags god files, mixed concerns, patterns that won’t scale.
  • 架构 — 标记“上帝对象”（God files）、职责混杂以及无法扩展的代码模式。
• General — full review across security, structure, and code quality.
  • 综合 — 对安全性、结构和代码质量进行全面审查。

After the review you can ask follow-up questions. Gemma 4 holds your full file in context for the entire conversation. 审查结束后，你可以进行追问。Gemma 4 会在整个对话过程中保持对你完整文件的上下文理解。

Built for self-taught developers who have never had a mentor or senior developer to learn from. In Nigeria, India, Indonesia — anywhere bootcamps are expensive and code reviews are not accessible. 该工具专为那些从未有过导师或资深开发者指导的自学型开发者而设计。在尼日利亚、印度、印度尼西亚等地区，编程训练营费用高昂且代码审查资源匮乏，这款工具能填补这一空白。

Demo Code 演示代码

GitHub — VEND321/MySeniorDev

The core of the project lives in two places: 该项目的核心逻辑位于以下两个部分：

• The system prompt — backend/services/prompt.js

  • 系统提示词 — backend/services/prompt.js This is where the real intelligence is. Gemma 4 is instructed to behave like a senior developer doing a real pull request review — direct, specific, always referencing the actual code, never giving generic advice. 这是真正的智能所在。Gemma 4 被设定为像一位正在进行真实 Pull Request 审查的资深开发者——直接、具体、始终引用实际代码，绝不给出泛泛而谈的建议。

• The Ollama integration — backend/services/ollama.js

  • Ollama 集成 — backend/services/ollama.js Sends code to Gemma 4 E2B running locally via Ollama at http://localhost:11434. Falls back to Google AI Studio automatically if Ollama is unavailable. 通过 Ollama 将代码发送至本地运行的 Gemma 4 E2B（地址：http://localhost:11434）。如果 Ollama 不可用，则自动回退到 Google AI Studio。

How I Used Gemma 4 我是如何使用 Gemma 4 的

Model chosen: Gemma 4 E2B via Ollama 模型选择：通过 Ollama 运行的 Gemma 4 E2B

I chose E2B for one reason: it runs on hardware most developers in the world actually own. 8GB RAM. No GPU. Consumer laptop. That is the target user’s machine and the model had to match. Gemma 4 is doing real work at three layers: 我选择 E2B 的原因只有一个：它能在全球大多数开发者实际拥有的硬件上运行。8GB 内存、无独立显卡、普通消费级笔记本电脑。这就是目标用户的设备，模型必须与之匹配。Gemma 4 在三个层面发挥了实际作用：

1. Code Understanding: The model reads entire files pasted by the user and reasons about them structurally — not just syntax, but design patterns, security implications, and architectural concerns. This requires the kind of contextual reasoning Gemma 4 handles well. 代码理解： 模型会读取用户粘贴的整个文件，并从结构上进行推理——不仅是语法，还包括设计模式、安全隐患和架构问题。这需要 Gemma 4 擅长的上下文推理能力。

2. Plain Language Translation: The system prompt instructs Gemma 4 to explain every technical term it uses in the same sentence. A beginner reading “SQL injection vulnerability” immediately gets “that means an attacker can type code into your form and your database will execute it.” That translation layer is entirely prompt-driven — Gemma 4 does it consistently without being explicitly told each time. 通俗语言翻译： 系统提示词要求 Gemma 4 在使用每个技术术语时，在同一句话中进行解释。初学者看到“SQL 注入漏洞”时，会立即得到解释：“这意味着攻击者可以在你的表单中输入代码，而你的数据库会执行它。”这一翻译层完全由提示词驱动——Gemma 4 无需每次被明确提醒，就能始终如一地执行。

3. Conversational Memory: Gemma 4’s context window holds the full file across the follow-up conversation. When a user asks “how do I fix the auth issue you flagged?” the model still knows their exact code. It answers specifically, not generically. 对话记忆： Gemma 4 的上下文窗口在后续对话中保留了完整的文件内容。当用户问“我该如何修复你标记的身份验证问题？”时，模型依然清楚用户的具体代码，并给出针对性的回答，而非泛泛而谈。

Why local matters for this use case: 为什么本地运行对这个用例至关重要：

Every other AI code review tool sends your code to a server. For a beginner pasting real production files with real API keys and real secrets, that is a genuine security risk most beginners don’t know exists. MySeniorDev runs Gemma 4 entirely on the user’s machine. Code goes from their editor to their RAM and back. Nothing else. That’s not just a technical choice. That’s the reason this tool should exist. 其他所有的 AI 代码审查工具都会将你的代码发送到服务器。对于粘贴包含真实 API 密钥和机密信息的生产环境文件的初学者来说，这存在大多数初学者未曾察觉的严重安全风险。MySeniorDev 完全在用户的机器上运行 Gemma 4。代码从编辑器进入内存，处理完后返回，不会流向任何其他地方。这不仅仅是一个技术选择，更是这款工具存在的意义。

Built by @VEND321 开发者：@VEND321 YouTube: darkshard Location: Nigeria 地点： 尼日利亚 Hardware: 8GB RAM, no GPU, consumer laptop 硬件： 8GB 内存，无 GPU，消费级笔记本电脑 Model: Gemma 4 E2B via Ollama 模型： 通过 Ollama 运行的 Gemma 4 E2B