CODE REVIEW CHECKLIST ============================== PR: [TITLE / NUMBER] Author: [NAME] Reviewer: [NAME] Date: [DATE] Branch: [feature/branch] -> [main/develop] VERDICT: Approve / Request Changes / Comment FUNCTIONALITY ------------------------------ [ ] Code does what the PR description says [ ] Edge cases are handled [ ] No obvious logic errors [ ] Existing tests still pass [ ] New tests added for new functionality [ ] Test coverage is adequate CODE QUALITY ------------------------------ [ ] Code is readable and self-documenting [ ] Functions have single responsibility [ ] No unnecessary code duplication (DRY) [ ] No magic numbers or unexplained constants [ ] Naming is clear and consistent [ ] Comments explain WHY, not WHAT [ ] Dead code removed SECURITY ------------------------------ [ ] No secrets or API keys in code [ ] Inputs validated and sanitised [ ] SQL uses parameterised queries [ ] Auth and authorisation checks in place [ ] Sensitive data not logged [ ] Dependencies from trusted sources PERFORMANCE ------------------------------ [ ] No N+1 query problems [ ] DB queries indexed appropriately [ ] No unnecessary expensive operations [ ] Caching used where appropriate ERROR HANDLING ------------------------------ [ ] Errors caught and handled gracefully [ ] User-friendly error messages [ ] Logging sufficient for debugging REVIEWER COMMENTS ------------------------------ Must fix (blocking): - [Comment] Should fix (non-blocking): - [Comment] Suggestion: - [Comment]