Git Notes
Code reviews are one of the most important practices in professional software development. They serve as a quality gate where team members examine each...
Code reviews are one of the most important practices in professional software development. They serve as a quality gate where team members examine each other's code before it gets merged into the main codebase. Beyond catching bugs, code reviews spread knowledge across the team, maintain coding standards, and mentor junior developers through practical feedback.
Why Code Reviews Matter
Consider this scenario: a developer writes a function that works perfectly in testing but has a subtle race condition that only appears under heavy load. Without a code review, this bug ships to production. With a review, a senior teammate who has dealt with concurrency issues spots the problem immediately. This is the power of having multiple eyes on every change.
Code reviews provide several concrete benefits:
- Bug detection before code reaches production
- Knowledge sharing across the team — everyone learns the codebase
- Consistent code quality through enforced standards
- Documentation through PR descriptions and review comments
- Mentorship for junior developers receiving constructive feedback
The Code Review Process on GitHub
On GitHub, code reviews happen through Pull Requests. The typical workflow:
- Developer creates a feature branch and pushes their work
- Developer opens a Pull Request describing the changes
- Reviewers are assigned (or self-assign)
- Reviewers examine the code diff, leave comments, and request changes
- Developer addresses feedback and pushes additional commits
- Reviewers approve the changes
- The PR is merged
Writing Good Pull Request Descriptions
A well-written PR description makes reviewing significantly easier:
## Summary
Add user authentication using JWT tokens
## Changes
- Implement login/register API endpoints
- Add JWT token generation and validation middleware
- Create user model with password hashing
- Add rate limiting to auth endpoints
## Testing
- Unit tests for token generation/validation
- Integration tests for login flow
- Manual testing with Postman (screenshots attached)
## Related Issues
Closes #142, #143Conducting an Effective Review
When reviewing someone else's code, focus on these areas:
Logic and correctness: Does the code do what it claims to do? Are there edge cases not handled?
Security: Are there SQL injection risks? Is user input validated? Are secrets properly managed?
Performance: Are there unnecessary database queries in loops? Could data structures be more efficient?
Readability: Can you understand the code without the author explaining it? Are variable names descriptive?
Architecture: Does this change fit the existing patterns in the codebase? Will it be easy to modify later?
Leaving Constructive Comments
The way you phrase review comments significantly impacts team dynamics. Compare these approaches:
Use GitHub's suggestion feature for specific code changes:
const users = new Map();
users.set(userId, userData);Prefix comments to indicate severity:
- nit: Minor style issues that are not blockers
- question: Seeking to understand intent, not necessarily requesting changes
- blocker: Must be fixed before merging
- suggestion: Optional improvement that can be deferred
Review States on GitHub
GitHub provides three review states:
- Comment — General feedback without explicit approval or rejection
- Approve — You are satisfied the code is ready to merge
- Request Changes — Issues must be addressed before merging
Teams typically require one or two approvals before merging is allowed. This is configured in branch protection rules.
Best Practices for Authors
Keep PRs small. A 50-line PR gets a thorough review. A 500-line PR gets a rubber stamp. Break large features into smaller, logical PRs that can be reviewed independently.
Self-review first. Before requesting reviews, look through your own diff. You will often catch issues yourself — leftover debug statements, missing comments, or unnecessary file changes.
Respond to every comment. Even if you disagree, acknowledge the feedback. If you choose not to implement a suggestion, explain your reasoning.
Do not take it personally. Review comments are about the code, not about you. Experienced developers have their code critiqued regularly — it is part of the craft.
Best Practices for Reviewers
Be timely. Aim to provide initial review within 24 hours. Blocked PRs slow the entire team.
Review the overall design first. If the fundamental approach needs to change, say so early rather than nitpicking details that will be rewritten anyway.
Test locally when needed. For complex changes, pull the branch and run the code. Reading a diff cannot catch everything.
Praise good work. If a solution is elegant or well-tested, say so. Positive feedback motivates and reinforces good practices.
Automated Code Review Tools
Modern teams supplement human reviews with automation:
- Linters (ESLint, Pylint) catch style and potential bugs automatically
- Formatters (Prettier, Black) eliminate style discussions entirely
- CI/CD checks run tests before reviewers spend time
- Code coverage tools flag untested code paths
- Security scanners (Dependabot, Snyk) identify vulnerable dependencies
These tools handle mechanical checks so human reviewers can focus on logic, design, and intent.
Common Anti-Patterns
Rubber stamping: Approving without actually reading the code. This defeats the entire purpose of reviews.
Gatekeeping: Using reviews to block work over personal style preferences rather than genuine issues.
Review hoarding: One person reviewing everything, creating a bottleneck. Distribute review responsibilities across the team.
Key Takeaways
Code reviews are a team investment that pays dividends in code quality, shared knowledge, and reduced bugs. Write small, well-described PRs for easy review. As a reviewer, be constructive, timely, and focus on what matters most. Combine human judgment with automated tools for a thorough yet efficient review process that makes everyone on the team a better developer.
Exam Focus
Revise definitions, diagrams, examples, and short-answer points for Code Reviews.
Interview Use
Prepare one clear explanation, one practical example, and one common mistake for this Git & GitHub topic.
Search Terms
git-github, git & github, git, github, collaboration, code, reviews, code reviews
Related Git & GitHub Topics