As a reviewer, it's your sole responsibility to enforce the coding standards and continue to hold the team code quality to a high standard always...
Link Merce Cunnigham said, "The only way to learn it is to do it."
A reviewer usually checks on the following elements:
1. Code formatting
Check If the code is well-formatted and more readable
Check if there are proper naming conventions used (SnakeCase, CamelCase, etc.)
Remove the commented code as this is always the blocker.
2. Architecture:
Make sure the code is more aligned with the existing patterns
Review to see if the appropriate design pattern is used after understanding the problem or context.
Check if the code is split in a proper layer as per requirements (Presentation, Business, and Data Layer)
3. Coding Best Practices:
No hardcoded values, use constants or configuration variables.
Avoid using multiple if-else blocks.
Use of existing package or feature whenever possible instead of writing custom code.
Comment on the code should explain why you are doing it instead of what you are doing. Also mentioned, if you use any hacks or workaround or temp fixes, please specify. Plus, mention pending tasks in your to-do comments, which can be tracked easily.
Non Functional requirements
Reusability:
Your code should not be repeated twice. Use the DRY ( Do not Repeat Yourself) Principle.
Consider using generic functions and classes
Consider reusable packages or services.
Reliability
Check if the code is reliable, meaning handling the exception and cleaning up the resources.
Extensibility
We should easily be able to add new features with minimal changes to the existing code. One component should be easily replaceable with a better component.
Security
Authorization, Authentication input data validation against security threats such as SQL injections and Cross Site Scripting (XSS), encrypting the sensitive data (passwords, credit card information, etc.)
Scalability
Consider if it supports a large user base or data?
Usability
Think like you are an end-user if the user interface or API is easy to understand and use. If you are not convinced about the user interface design, start discussing your ideas with the author and designer.
Tools for Code Reviews
If you want to perform code analysis of the entire project, then you can use the following tools:
Conclusion
The above code review process is not extensive but gives some direction to the reviewer to conduct productive code reviews and deliver quality code. If you want to become an expert code reviewer, the above checklist will be a great starting point.
