TickYouOff
Sign in
Back
🔍

Code Review Best Practices

Medium 16 items · 30 min
testuser's avatar
testuser Published 2 weeks ago
Technical

A concise, practical checklist to guide reviewers and authors through essential code review tasks: correctness, tests, security, performance, and documentation. Ideal for developers, team leads, and reviewers who want consistent, constructive reviews.

Progress
0 / 16
  1. Run the code and verify functionality — Execute key flows or demo scenarios to confirm expected behavior
  2. Run the test suite and confirm all tests pass — Run local and CI tests (unit, integration) to catch regressions
  3. Add or update unit tests for new logic — Cover success and failure paths for changed units
  4. Add integration or end-to-end tests for user flows — Exercise cross-component interactions and workflows
  5. Confirm tests cover edge cases and error conditions — Include boundary values, timeouts, and invalid inputs
  6. Verify input validation and sanitize external data — Check types, ranges, required fields, and normalization
  7. Review code for SQL injection vulnerabilities — Prefer parameterized queries; avoid string concatenation
  8. Review code for XSS and insecure output encoding — Escape/encode HTML and use safe templating APIs
  9. Confirm authentication and authorization checks are enforced — Verify permission checks before sensitive actions or data access
  10. Check naming clarity for functions, variables, and classes — Prefer descriptive, consistent names and avoid abbreviations
  11. Ensure code follows DRY; extract duplicated logic — Refactor repeated code into shared functions or helpers
  12. Assess algorithmic complexity in hot paths — Spot N^2 or worse algorithms and consider improvements
  13. Identify obvious performance bottlenecks and optimize — Look at loops, database queries, allocations, and network calls
  14. Verify error handling and logging are clear and safe — Provide meaningful errors and avoid leaking secrets in logs
  15. Update documentation and add inline comments where needed — Explain why code exists and update README or changelogs
  16. Provide constructive, specific review comments with suggested fixes — Be respectful, cite examples, and propose actionable improvements
Sign in to save
📝 My Notes