Skip to article frontmatterSkip to article content

This section presents some checklists for both the coder and the reviewer, as part of a formal review process. The reviewer checklists are split into two categories: one for the whole program, and one for individual files or proposed changes.

The lists are created with a focus on good software engineering practice and are intended to be a source of inspiration. When assessing the checklists, it is recommended to consider to what extent the item mentioned is implemented. Some items on the lists may not apply to your project or programming language, in which case they should be disregarded.

In all cases, the goal is to use your programming experience to figure out how to make the code better.

For the coder

For the reviewer

Program level checklist

Here is a list of things to consider when looking at the program as a whole, rather than when looking at an individual file or change.

Documentation

Documentation is a prerequisite for using, developing, and reviewing the program. Someone who isn’t involved with your project should understand what your code does, and what approach you’re taking. Here are some things to check for.

Architecture

These items are mainly important for larger programs, but may still be good to consider for small ones as well.

Security

If you’re making software that is accessible to the outside world (for example a web application), then security becomes important. Security issues are defects, but not all defects are security issues. A security-conscious design can help mitigate the security impact of defects.

As a developer, you should pay attention to the legal rights of the creators of the code you’re using. Here are some things to check. When in doubt, ask someone experienced in licensing for advice.

File/Change level checklist

When you’re checking individual changes or files in a pull request, the code itself becomes the subject of scrutiny. Depending on the language, files may contain interfaces, classes or other type definitions, and functions. All these should be checked.

Interfaces

Note that most of the following items assume an object-oriented programming style, which may not be relevant to the code you’re looking at.

Classes and types

Function/Method declarations

Function/Method definitions

Security of new codes

Tests