Backend Code Review Checklist
#programming#backend#softwareengineering#productivity
Mark Adel

Mark Adel @markadel

About: Backend Developer

Joined:
Nov 12, 2017

Backend Code Review Checklist

Publish Date: Mar 30 '24
100 18

I have put together this checklist, which I believe will be applicable to most backend code reviews.

Some of these checks, such as Code Style, should ideally be enforced and detected in the CI pipeline. However, I have included them here for the sake of completeness.

You can use this checklist as a starting point and customize it to suit your specific needs.

Code Style

  • Verify that the code adheres to the agreed-upon coding style guidelines.

Code Maintainability

  • Verify that the code adheres to the clean code principles (or any other agreed-upon principles).

Requirements

  • Verify that the code fulfills the specified requirements.
  • Verify that new code doesn't break any existing functionality.

API Design

  • Verify that any new APIs adhere to the agreed-upon API design guidelines.

Documentation and Comments

  • Verify that complex logic or non-obvious decisions are covered by clear comments.
  • Verify that any required internal or external code documentation is provided, depending on your agreed-upon documentation processes.

Error Handling

  • Verify that exceptions are handled correctly and that error messages are informative.

Security

  • Verify that inputs are validated properly.
  • Verify that sensitive data (passwords, tokens) are securely stored and aren't leaked to logs.
  • Examine the code for potential security vulnerabilities, such as SQL injection or authentication issues.

Dependencies

  • Verify that dependencies are up-to-date and don't have known security vulnerabilities.
  • Verify that any breaking changes are handled when updating dependencies.

Logging

  • Verify that critical places in the code are covered by logs that are useful for debugging.
  • Verify that logging adheres to the agreed-upon logging guidelines.

Testing

  • Verify that the code is covered by the appropriate types of automated tests.

Performance

  • Evaluate the code for performance issues (memory, CPU, network).
  • Verify that database queries are optimized.

Version Control

  • Verify that the agreed-upon version control workflow and practices are followed.

Spelling

  • Verify that the spelling is correct, as this makes the code more searchable.

Conclusion

I hope you found this checklist useful. Please feel free to suggest additional checks that you think are necessary.

Comments 18 total

  • Vivek Kumar Sah
    Vivek Kumar Sah Apr 1, 2024

    Great explanation

  • Rajneesh Rai
    Rajneesh RaiApr 3, 2024

    Good article.

  • softwarepanda
    softwarepandaApr 3, 2024

    Very informative article indeed.

  • Qhoirul Anwar
    Qhoirul AnwarApr 5, 2024

    Please also share about front end Code Review Checklist

    • Mark Adel
      Mark AdelApr 5, 2024

      Of course. Thanks for the suggestion.

  • Raheem Miah
    Raheem MiahApr 5, 2024

    This is really helpful, thank you.

    • Mark Adel
      Mark AdelApr 5, 2024

      Thanks a lot. I'm glad you found it helpful.

  • Hilary Emmanuel
    Hilary EmmanuelApr 9, 2024

    Good article

  • Andres Gonzalez
    Andres GonzalezApr 11, 2024

    This article is really helpful, thank you!

  • Jordan Snow
    Jordan SnowApr 12, 2024

    Excellent checkllist, I'll be using this as a template moving forward! Thanks for sharing!

    • Mark Adel
      Mark AdelApr 15, 2024

      Thanks a lot! I'm glad you found it useful.

  • Juan Vega
    Juan VegaMay 10, 2024

    I would add a side note: automate as much as possible each step in your CI, to ensure reviewers are focused on most valuable aspects. A good example would be the code style or the version control. What do you think!

    • Mark Adel
      Mark AdelMay 10, 2024

      Definitely! And I did mention that in the second paragraph.

Add comment