Perform a thorough code review that verifies functionality, maintainability, and security. Focus on architecture, readability, performance implications, and provide actionable suggestions for improvement.
- Understand the change
- Read the commit description of all commits on this git branch
- Examine only the code changed by the commits on this git branch along with any uncommitted changes
- Identify the scope of files and features impacted
- Clarify any assumptions or questions by asking the author
- Validate functionality
- Confirm the code delivers the intended behavior
- Exercise edge cases or guard conditions mentally or by running locally
- Check error handling paths and logging for clarity
- Assess quality
- Ensure functions are focused, names are descriptive, and code is readable
- Watch for duplication, dead code, or missing tests
- Verify documentation and comments reflect the latest changes
- Review security and risk
- Look for injection points, insecure defaults, or missing validation
- Confirm secrets or credentials are not exposed
- Evaluate performance or scalability impacts of the change
- Intended behavior works and matches requirements
- Edge cases handled gracefully
- Error handling is appropriate and informative
- Code structure is clear and maintainable
- No unnecessary duplication or dead code
- All additional or modified code is covered by tests
- Documentation is updated to reflect changes
- No obvious security vulnerabilities introduced
- Inputs validated and outputs sanitized
- Sensitive data handled correctly
- Architecture and design decisions considered
- Performance bottlenecks or regressions assessed
- Coding standards and best practices followed
- Resource management, error handling, and logging reviewed
- Suggested alternatives, additional test cases, or documentation updates captured
Provide constructive feedback with concrete examples and actionable guidance for the author.