Important questions for good code reviews

The goal of doing code review is to end up with better code, and more well rounded software developers who are familiar with more parts of a project.

Here is the order of things that I consider when I do code reviews. Not every point needs to be covered all the time, but this is where I start.

1. Does the code meet the task requirements?

If there is a user interface, do all the elements function as the user expects them to? If there is an element state, can it be toggled back and forth multiple times? Do API endpoints return the expected data?

2. Is the code secure and stable?

Does the code handle unexpected / empty values and fail gracefully? Could this code introduce any new security holes or bugs? Is it possible that other parts of the application could be affected unintentionally?

3. Is the code easily understandable?

Do variable names make sense by themselves? Can another developer figure out what a function does just by reading it’s name and parameters? Do we need to refactor any scary nested conditionals / loops / callbacks?

4. Is performance reasonable?

Given the size and scale of the application you are working on, will end users experience any change in performance? Could this code be contributing to a subtle, slippery slope to performance degradation?

5. Is code organized into re-usable components?

Has the Single Responsibility Principle been followed? Does this new code create or worsen any code duplication? Are parts of this code ready to be re-used easily in the near future?

6. Have automated tests been written?

Are there some tests both to verify correct functionality, as well as to verify bad input does not cause unexpected side effects? If using code coverage, has the expected level of coverage been met?

7. Does code follow language standards?

Does code conform to the style guide for the project, if applicable? Have components been used properly according to standards for the language?

8. Will the next developers love it or hate it?

If you continue to commit code that looks like this, will someone one day delete everything and refactor it? Could you show this code as an example of your best work?


Have I missed anything? What do you think are important things to explore when doing code reviews? Let me know in the comments below.