= Code Review Guidelines== General [ ] The code works [ ] The code is easy

1. = Code Review Guidelines
2.  
3. == General
4. [ ] The code works
5. [ ] The code is easy to understand
6. [ ] Follows coding conventions
7. [ ] DTOs (no domain) are returned from Controller/Service
8. [ ] Names are simple and if possible short
9. [ ] Names are spelt correctly
10. [ ] DTOs format variable names using snake_case
11. [ ] Names contain units where applicable
12. [ ] Enums are used instead of int constants where applicable
13. [ ] There are no usages of 'magic numbers'
14. [ ] All variables are in the smallest scope possible
15. [ ] All class, variable, and method modifiers are correct.
16. [ ] There is no commented out code
17. [ ] There is no dead code (inaccessible at Runtime)
18. [ ] No code can be replaced with library functions
19. [ ] Required logs are present
20. [ ] Frivolous logs are absent
21. [ ] Debugging code is absent
22. [ ] No System.out.println or similar calls exist
23. [ ] No stack traces are printed
24. [ ] Variables are not accidentally used with null values
25. [ ] Variables are immutable where possible
26. [ ] Code is not repeated or duplicated
27. [ ] No complex/long boolean expressions
28. [ ] No negatively named boolean variables
29. [ ] Catch clauses are fine grained and catch specific exceptions
30. [ ] Exceptions are not eaten if caught, unless explicitly documented otherwise
31. [ ] APIs and other public contracts check input values and fail fast
32. [ ] Files/Sockets/Cursors and other resources are properly closed even when an exception occurs in using them
33. [ ] StringBuilder is used to concatenate strings
34. [ ] Loops have a set length and correct termination conditions
35. [ ] Blocks of code inside loops are as small as possible
36. [ ] Order/index of a collection is not modified when it is being looped over
37. [ ] No methods with boolean parameters
38. [ ] Design patterns if used are correctly applied
39. [ ] Law of Demeter is not violated
40. [ ] Methods return early without compromising code readability
41. [ ] No use of Object class, use generics instead
42. [ ] Uses final modifier to prevent mistaken assignments
43.  
44. == Database
45. [ ] ChangeLog only contains changes related to current PR
46. [ ] Sequences include startValue & increment
47. [ ] PKs don't have auto-increment
48. [ ] OneToMany & ManyToOne bidirectional links are in place where separate Join table is not required
49. [ ] Historic data taken into account for new columns with NotNull
50.  
51. == Documentation
52. [ ] All methods are commented in clear language.
53. [ ] Comments exist and describe rationale or reasons for decisions in code
54. [ ] All public methods/interfaces/contracts are commented describing usage
55. [ ] All edge cases are described in comments
56. [ ] All unusual behaviour or edge case handling is commented
57. [ ] Data structures and units of measurement are explained
58.  
59. == Threading
60. [ ] Objects accessed by multiple threads are accessed only through a lock, or synchronized methods.
61. [ ] Race conditions have been handled
62. [ ] Locks are acquired and released in the right order to prevent deadlocks, even in error handling code.
63. [ ] StringBuffer is used to concatenate strings in multi-threaded code
64.  
65. == Security
66. [ ] All data inputs are checked (for the correct type, length/size, format, and range)
67. [ ] Invalid parameter values handled such that exceptions are not thrown
68. [ ] No sensitive information is logged or visible in a stacktrace
69. [ ] Endpoint security config is at appropriate granular level