Reviews Should Improve Code and People
Not just find bugs.
For Reviewers
Be kind:
// Bad
"This is wrong"
// Good
"This might cause issues because... Consider..."
Explain why:
// Bad
"Use const instead of let"
// Good
"Since this value never changes, const makes that intent clear"
Ask questions:
"What happens if user is null here?"
"Could this race with the other update?"
For Authors
Keep PRs small:
- Under 400 lines ideally
- One logical change per PR
- Split refactoring from features
Write good descriptions:
## What
Add pagination to user list
## Why
Page was timing out with 10k+ users
## Testing
- Tested with 50k users locally
- Added unit tests for edge cases
What to Look For
- Logic errors - Edge cases, off-by-one
- Security - Injection, auth bypass
- Performance - N+1, missing indexes
- Readability - Naming, complexity
- Tests - Coverage, edge cases
Automate the Boring Stuff
Don't argue about style. Use tools:
- Linting: ESLint, PHP CS Fixer
- Formatting: Prettier
- Types: TypeScript, PHPStan
# Run automatically on PR
- npm run lint
- npm run test
- npm run typecheck
Approve and Move On
Perfect is the enemy of good. If it:
- Works correctly
- Has tests
- Doesn't introduce debt
Ship it. Iterate later.