What WhatTheDiff Does
WhatTheDiff is a focused AI assistant for pull requests: it reads the diff, writes an English description of the change, sends summarized notifications for non-technical stakeholders, and can help refactor minor issues during review. The official homepage and pricing page describe GitHub and GitLab support through the platforms' APIs, unlimited repositories on the listed plans, and a token-based model where large diffs consume more budget. That positioning is narrower than CodeRabbit or Greptile, but it is also easier to understand: make pull requests more readable and keep reviewers, managers, and adjacent teams aligned without turning every PR into a deep security audit.
This narrowness is a feature for many buyers. A team that mainly needs pull-request descriptions, release-note-like summaries, Slack or webhook notifications, and lightweight refactor suggestions should not necessarily pay for a heavyweight AI review platform. WhatTheDiff is closer to a communication layer for code changes than a full defect-hunting system. It is especially relevant for teams where engineers spend time translating diffs for product managers, QA, support, or customer-facing stakeholders, and where clearer descriptions can reduce review latency even if the tool never finds a complex bug.
Token Economics and Plan Math
The pricing page is unusually concrete for this category. The Free plan is listed at $0 with 25,000 tokens per month, approximately 10 pull requests, no credit card requirement, unlimited repositories, inline code refactoring, and rate limits. The Pro 200k plan is listed at $19 per month with 200,000 tokens per month, approximately 40 pull requests, priority email support, instant code refactoring, and Slack, webhook, and email notifications. The same page explains that average pull requests are around 2,300 tokens, which gives buyers a rough planning model before installing the app.
That model is both transparent and limiting. If a team opens many small PRs, 200,000 monthly tokens may be enough for a meaningful review-assistance layer at low cost. If the team regularly ships large generated diffs, monorepo migrations, dependency bumps, or agent-written feature branches, token burn can spike quickly. Buyers should estimate volume from actual pull-request sizes rather than from PR counts alone. The free tier is excellent for proving whether summaries help the workflow, while the paid tier should be judged by how often token limits or rate limits interrupt the review cadence.
GitHub, GitLab, and Setup Fit
Official copy says WhatTheDiff uses the GitHub and GitLab APIs to get the diff of a pull request and then uses an AI model to generate a description of the changes. It also states that the service does not store your code. That combination is attractive for mixed GitHub/GitLab teams that do not want separate review assistants per platform. The GitHub Marketplace listing was live during write-time refresh and showed the publisher as verified with 5,714 installs, which provides useful adoption signal even though marketplace installs are not a quality guarantee.
The setup story should still go through normal permission review. Any pull-request assistant needs repository access, comment permissions, and enough metadata to create useful summaries. WhatTheDiff's narrower scope may make that approval easier than a tool that indexes the whole codebase or connects to production telemetry, but security teams should still review OAuth scopes, code-retention language, organization-level installation settings, and notification destinations. The strongest fit is a team that wants quick rollout and clear spend controls, not a team that needs self-hosted review infrastructure or custom policy automation.
Who Should Use It — and Who Should Skip
Choose WhatTheDiff when the review bottleneck is explanation rather than deep analysis. Product-heavy teams, agencies, and distributed engineering groups often lose time because pull requests are written for authors rather than reviewers. A good generated summary can make intent, risk, and changed surfaces visible faster. WhatTheDiff's pricing page also mentions simplified and translated summaries, which can help when non-engineering stakeholders need to follow change streams without reading code. In that workflow, the tool can pay for itself by reducing coordination friction rather than by replacing senior review.
Skip it if your primary requirement is finding subtle security vulnerabilities, enforcing merge policy, tracing cross-file architecture breaks, or approving AI-generated code at scale. Those jobs belong to tools with deeper codebase analysis, explicit governance rules, SAST integration, or security-oriented models. WhatTheDiff can sit alongside CodeRabbit, Greptile, Mergify, or native GitHub rules, but it should not be confused with them. Its value is strongest when buyers keep the scope honest: summaries, notifications, and refactor hints with token budgeting.
Alternatives and Pairing
CodeRabbit is the better choice when a team wants a broader AI code review platform with deeper comments and a more mature review-bot posture. Ellipsis is a stronger fit when the team wants the assistant to produce tested fixes and implementation work, not just summarize diffs. Greptile fits complex repositories where full-codebase context matters more than price transparency. WhatTheDiff pairs well with those systems when stakeholders still need digestible PR descriptions and notifications, but teams should avoid paying twice for the same comment surface if a broader reviewer already produces acceptable summaries.
The Bottom Line
WhatTheDiff is a strong lightweight buy for teams that want PR narration, stakeholder summaries, GitHub/GitLab support, and predictable token-based entry pricing. Its $0 free plan and $19 Pro 200k tier make evaluation easy, and the official token math gives buyers a practical way to estimate usage. It is not the right tool if the evaluation rubric is security depth, policy governance, or full-codebase bug hunting. Treat it as a communication and review-assistance layer: excellent when clearer pull requests speed up collaboration, insufficient when the organization expects an AI reviewer to act like a senior security engineer.