Skip to main content

Code Review Process

Code reviews are a critical part of our development process at Kirana Labs. They help maintain code quality, share knowledge, and catch bugs before they reach production.

Purpose of Code Reviews

Code reviews serve multiple purposes:

  • Quality Assurance: Identify bugs, logic errors, and edge cases
  • Knowledge Sharing: Spread knowledge of the codebase across the team
  • Maintainability: Ensure code is readable, maintainable, and follows standards
  • Consistency: Maintain consistent practices and patterns
  • Mentorship: Provide learning opportunities for both reviewer and author

Before Requesting a Review

Before submitting your code for review, ensure:

  • All tests pass
  • The code meets our coding standards
  • Debugging code has been removed (e.g., console.log)
  • Linting and formatting tools have been run
  • You've performed a self-review

Pre-Review Checklist

  • The PR has a clear, descriptive title
  • The PR description explains what changes were made and why
  • Related issue(s) are linked
  • Code is properly commented
  • New code has appropriate test coverage
  • Documentation has been updated (if applicable)
  • No sensitive information is exposed
  • No unnecessary console logs or debugging statements
  • No commented-out code blocks

Review Process

1. Automated Checks

All PRs undergo automated checks:

  • CI Pipeline: Runs tests, linting, and type checking
  • AI PR Review: Automated suggestions for code improvements
  • Coverage Reports: Ensure test coverage meets standards
  • Static Code Analysis: Check for potential bugs and code smells

2. Peer Review

At least one team member must review the code. For significant changes or critical components, the Tech Lead must also approve the PR.

Reviewer Responsibilities

Reviewers should focus on:

  • Code Quality and Readability:

    • Is the code clear and easy to understand?
    • Are variable and function names descriptive?
    • Is there appropriate abstraction and encapsulation?

  • Adherence to Coding Standards:

    • Does the code follow our style guidelines?
    • Are the naming conventions consistent?
    • Is there consistent formatting?

  • Functionality:

    • Does the code fulfill the requirements?
    • Are edge cases handled properly?
    • Is error handling appropriate?

  • Performance:

    • Are there any performance concerns?
    • Could any operations be optimized?
    • Are there any potential memory leaks?

  • Security:

    • Are there any security vulnerabilities?
    • Is user input properly validated and sanitized?
    • Are secrets and sensitive data handled securely?

  • Test Coverage:

    • Are there appropriate tests?
    • Do tests cover the main functionality and edge cases?
    • Are there any scenarios that should be tested but aren't?

Review Comments

  • Be Specific: Point to exact lines and explain your concerns
  • Be Constructive: Offer solutions, not just criticisms
  • Be Kind: Focus on the code, not the person
  • Ask Questions: Use questions to understand decisions rather than assuming
  • Provide Context: Explain why a change would be beneficial

Examples:

// Good comment
Line 45: This loop might be more efficient using a for...of loop instead of forEach. This would allow us to use 'break' when we find the item, rather than processing the entire array.

// Bad comment
This code is inefficient.
// Good comment
Could we add some validation here to handle cases when the user enters a negative number? We've had bugs with this before.

// Bad comment
This doesn't work properly.

3. Addressing Feedback

When receiving review comments:

  • Respond to all comments, even with just an acknowledgment
  • Make requested changes or explain why you've taken a different approach
  • Request re-review once you've addressed all feedback
  • Be open to suggestions and alternate solutions
  • Ask for clarification if you don't understand a comment

4. Merging

Once the PR is approved:

  • Squash and merge the PR into the target branch
  • Ensure the commit message follows our standards
  • Delete the feature branch after merging
  • Update the relevant tasks in Plane

Code Review Tools

We use the following tools to facilitate code reviews:

  • GitHub Pull Requests: Primary platform for code reviews
  • GitHub Actions: Automated checks and tests
  • Biome: Static analysis and code formatting
  • ESLint: JavaScript/TypeScript linting
  • TypeScript: Type checking
  • Jest/Testing Library: Automated testing

Special Review Scenarios

Large Pull Requests

For PRs with many changes:

  • Break it down into smaller, related changes if possible
  • Consider doing a pre-review walkthrough with the team
  • Use GitHub's PR draft feature for early feedback

Critical Components

For code that affects critical components:

  • Require at least two reviewers, including the Tech Lead
  • Consider pair programming for the implementation
  • Add extra test coverage
  • Document the changes thoroughly

Learning From Code Reviews

Code reviews are learning opportunities:

  • Keep a log of common issues found in reviews to discuss in team meetings
  • Review patterns that emerge from code reviews to improve coding standards
  • Share best practices discovered during reviews
  • Update documentation based on learnings

Code Review Metrics

We track the following metrics to measure our code review process:

  • Average time to first review
  • Number of review comments per PR
  • Number of iterations per PR
  • Code review coverage (percentage of changed lines reviewed)
  • Defects found during review vs. later in the process

Conclusion

Effective code reviews are a collaborative process that improves code quality and helps the team grow. By following these guidelines, we ensure that code reviews are constructive, efficient, and beneficial for everyone involved.