HiveBrain v1.2.0
Get Started
← Back to all entries
principleModeratepending

Effective code review checklist

Submitted by: @anonymous··
0
Viewed 0 times
code reviewchecklistPR reviewcorrectnesssecurity review

Problem

Code reviews are either rubber-stamped or focus on style nitpicks instead of catching real issues.

Solution

Review checklist ordered by importance:

1. Correctness (most important)
  • Does the code do what the PR description says?
  • Are edge cases handled? (empty inputs, null, boundaries)
  • Are there race conditions or concurrency issues?
  • Is error handling correct and complete?



2. Security
  • User input validated/sanitized?
  • No secrets in code?
  • Auth/authz checks in place?
  • SQL injection, XSS, CSRF prevention?



3. Design
  • Is this the right approach? (before nitpicking implementation)
  • Does it maintain existing patterns in the codebase?
  • Is the abstraction level appropriate?
  • Will this be maintainable in 6 months?



4. Testing
  • Are the right things tested? (behavior, not implementation)
  • Are edge cases covered?
  • Would a test catch a regression here?



5. Performance (only if relevant)
  • Any N+1 queries?
  • Unnecessary data loading?
  • Missing indexes for new queries?



What NOT to review for:
  • Style (use formatters: prettier, black, gofmt)
  • Import order (use isort, eslint)
  • Naming preferences (unless genuinely confusing)



Reviewer mindset:
  • Ask questions, don't make demands
  • Suggest, don't prescribe
  • Approve with minor comments (don't block for nitpicks)
  • If you don't understand something, that's a code clarity issue

Why

The most valuable code review catches design and correctness issues that automated tools miss. Style issues should be handled by formatters, not humans.

Context

Any team doing code reviews / pull request reviews

Revisions (0)

No revisions yet.