How To Conduct Code Reviews Effectively

Most of us review code in the wrong order. We spot a missing test or a style inconsistency before even asking whether the code is correct. We should think about it differently. The first question should always be: Does this code do what it is supposed to do? If the answer is no, nothing else matters. Style, structure, tests - all secondary to correctness. Once you are confident it is correct, ask if it is clear. Can someone else (or you, six months from now) understand what is happening and why? Clarity in code helps ensure it does not become a liability. Then check whether it matches the style and conventions, because inconsistencies add cognitive load for everyone who reads the codebase afterward. After that, look for duplication. Is this solving a problem that is already solved somewhere else? Could this be a shared utility? Finally, ask whether it is well tested. Not just "are there tests" (non-sensical ones), but do the tests actually cover the meaningful cases? Correctness. Clarity. Style. Deduplication. Tests. In that order, every time. Hope this helps.

100 lines of code: reviewed in 10 minutes. 1000 lines of code: reviewed never. Code reviews exist to catch bugs, improve maintainability, and help teams write better software together. But most engineers treat them like assignments to pass instead of collaborative checkpoints. That mindset kills the process before it starts. ➧ When you're submitting a PR: 1. Keep it small Aim for 10-100 lines of code per pull request. Past 100 lines, reviewers start skimming. Past 500, they stop caring entirely. Large PRs are harder to review, take longer to approve, and make it nearly impossible to catch real bugs. Break your work into isolated, logical chunks. Yes, it's more work upfront. But it ships faster. 2. Write a description Give context. Always. Your reviewer might be on a different team, in a different timezone, or new to the codebase. Don't make them guess what you're solving. If you're fixing a bug, explain what broke and link to the ticket. If it's a visual change, add before/after screenshots. If you ran a script that generated code, paste the exact command you used. Context turns a confusing diff into a clear story. 3. Leave preemptive comments If part of your diff looks unrelated to the main logic, explain it before your reviewer asks. "Fixed a typing issue here while working on the main feature." "This file got reformatted by the linter, no logic changes." These small clarifications save back-and-forth and show you're thinking about the reviewer's experience. ➧ When you're reviewing a PR: 1. Be overwhelmingly clear Unclear comments leave people stuck. If you're making a suggestion but don't feel strongly, say it: "This could be cleaner, but use your judgment." If you're just asking a question, mark it: "Sanity check, is this intentional? Non-blocking, just curious." Over-communicate your intent. Especially with remote teams or people you don't know well. 2. Establish approval standards with your team Decide as a team when to approve vs. block a PR. At Amazon and now at Nielsen, we approve most PRs even with 10+ comments because we trust teammates to address feedback. The only exception: critical bugs that absolutely can't go to production. Without clear standards, people feel blocked by style comments and approvals feel arbitrary. Talk to your team. Set the rules. Stick to them. 3. Know when to go offline Some conversations don't belong in PR comments. If the code needs a major rewrite, if there's a design disagreement, or if you're about to write a paragraph, stop. Ping your teammate directly. Have a quick call. Save everyone time. Leave a comment like "Let's discuss this offline" so they know you're not ignoring it.

In the last 11 years of my career, I’ve participated in code reviews almost daily. I’ve sat through 100s of review sessions with seniors and colleagues. Here’s how to make your code reviews smoother, faster and easier: 1. Start with Small, Clear Commits    - Break your changes into logical, manageable chunks. This makes it easier for reviewers to focus and catch errors quickly. 2. Write Detailed PR Descriptions    - Always explain the “why” behind the changes. This provides context and helps reviewers understand your thought process. 3. Self-Review Before Submitting    - Take the time to review your own code before submitting. You'll catch a lot of your own mistakes and improve your review quality. 4. Ask for Specific Feedback    - Don’t just ask for a “review”—be specific. Ask for feedback on logic, structure, or potential edge cases. 5. Don’t Take Feedback Personally    - Code reviews are about improving the code, not critiquing the coder. Be open to constructive criticism and use it to grow. 6. Prioritize Readability Over Cleverness    - Write code that’s easy to understand, even if it’s less “fancy.” Simple, clear code is easier to maintain and review. 7. Focus on the Big Picture    - While reviewing, look at how changes fit into the overall system, not just the lines of code. Think about long-term maintainability. 8. Encourage Dialogue    - Reviews shouldn’t be a one-way street. Engage in discussions and collaborate with reviewers to find the best solution. 9. Be Explicit About Non-Blocking Comments    - Mark minor suggestions as “nitpicks” to avoid confusion. This ensures critical issues get addressed first. 10. Balance Praise and Criticism    - Acknowledge well-written code while offering suggestions for improvement. Positive feedback encourages better work. 11. Always Follow Up    - If you request changes or leave feedback, follow up to make sure the feedback is understood and implemented properly. It shows you’re invested in the process. -- P.S: What would you add from your experience?

Code reviews aren't about finding bugs. If that's all you're doing in reviews, you've already lost. I've seen teams spend hours debating variable names and missing the actual problem: the code works, but nobody else can maintain it. Here's what code reviews actually catch: The junior engineer who hard-coded a feature that should be configurable. Not a bug. But you just locked yourself into technical debt that'll take 6 months to fix. The senior engineer who built something clever. Too clever. It works perfectly but breaks the moment someone else touches it. The architect who designed a system only they understand. No tests. No docs. Just "trust me, it works." Then they go on vacation and the system breaks. These aren't bugs. They're decisions that will hurt you later. Good code reviews ask different questions: • Can someone else debug this at 2am? • Will this still make sense in 6 months? • What happens when we scale 10x? • Are we building the right thing? Most teams optimize code reviews for finding syntax errors. Your IDE already does that. The real value is catching the decisions that look fine today but become disasters tomorrow. If your code reviews only find bugs, you're using them wrong. What's the worst "it works but..." code you've caught in review? #SoftwareEngineering #CodeReview #EngineeringLeadership

3:47 AM on a Tuesday. My phone buzzes. PagerDuty alert. The system is down. I scramble to my laptop. Database connections maxed out. API timeouts everywhere. Users can't access the service. We get it back up. Block the offending caller. System stabilizes. The post-mortem hits differently. Two experienced engineers reviewed the PR. Tests passed. Code worked exactly as specified. But nobody asked one question: "How would someone abuse this?" That single question would have saved us. One line of code. Five minutes. Crisis prevented. Here's what I learned after years of causing (and fixing) production incidents: Code review isn't about what to check. It's about how you think. Most engineers do one of two things: • Rubber-stamp with "LGTM" • Spend hours arguing about formatting Both miss the real problems. I tried comprehensive checklists. Ran formal review sessions. Eventually everyone burned out. Then I found something that actually works. Three focused passes. Each with a different persona. Each asking different questions. Pass 1: Does it work and make sense? Pass 2: Can we live with this code in six months? Pass 3: How would I break this? I wrote the full breakdown of the three-pass system, including exactly what to look for in each pass and how AI can help. https://lnkd.in/ehSMw8ka

if (!high_Quality_Code_Review) { code_Quality.suffers(); } The biggest challenge when it comes to code reviews is time. We all want to provide thoughtful feedback that improves the codebase without spending endless hours dissecting lines of code. – Deliver high-quality feedback. – Do it efficiently. – Minimize the back-and-forth between the author and reviewer. Here’s how to do it: 1. Start with the Change Description Always start with the PR (Pull Request) Description: ↳Understand the Goal: What problem is this change solving? Why is it necessary now? Does it align with the product or technical vision? ↳ Key Design Insights: Look for architectural decisions and trade-offs. Is the proposed solution justified, or are there better alternatives? ↳ Clarity Check: If the PR description needs to be more specific or complete, request the author to refine it. It’s better to clarify the intent than to misunderstand the implementation. 2. Focus on the Interface First Now, move on to the interface, not the implementation. ↳Abstraction: Does the interface present a clean abstraction? Is it intuitive for others to use? A good abstraction hides unnecessary details and provides a natural way for other parts of the system to interact with the component. ↳ Naming Conventions: Are the names of methods, classes, or variables clear and self-explanatory? Names should reflect their purpose without needing additional comments. ↳Contracts: -Does the interface define clear inputs, outputs, and side effects? - Inputs and Preconditions: What does the function or class expect? - Outputs and Postconditions: What does it guarantee? - Side Effects: Are there implicit changes, such as modifying global state? 3. Review the Implementation and Tests Last Once the interface is solid, dive into the implementation. Here’s how to structure your review: ↳ Correctness: –Does the implementation meet the intended functionality? –Test it against the stated goals in the PR description. ↳Edge Cases: Does the code handle unexpected inputs gracefully? –What happens if something goes wrong (e.g., network issues, null inputs)? – Can someone unfamiliar with the change understand the logic quickly? –Use proper indentation, modularization, and logical flow. –Is the solution simpler than necessary? ↳Efficiency: Does the code perform well under expected load? - Are there any unnecessary loops or expensive operations? - Is memory or CPU usage optimized? ↳ Test Coverage Checklist - Do the tests cover all important scenarios, including edge cases? - Tests should be simple and obvious. Avoid abstracting tests too much, even if it involves repetition. - If this change fixes a bug, ensure there’s a regression test to prevent it from resurfacing. - For changes with performance implications, validate them under real-world conditions.

9 code review practices your team should follow to go from Good → Great projects. (these helped my team deliver 100s of projects without wasting hours fixing bugs) 🟢As a team: ➡️Establish goals and expectations beforehand: for example: + functional correctness + algorithmic efficiency + improving code quality + ensuring code standards are met ➡️Use code review tools Use: (GitHub PRs, GitLab MRs, and Atlassian Crucible). + easily track changes + streamline the review process ➡️Automate code checks:  It will help you to: + find syntax errors + avoid common issues + reduce code style violations and potential bugs. 🟡As a reviewer: ➡️Start early, review often:  do this to: + catch issues early + prevent technical debt + ensure that code meets project requirements. ➡️Keep reviews small and focused:  you get: + an easier process + shorter turnaround time. + better collaboration in the team ➡️Balance speed and thoroughness:  + do comprehensive reviews  + but avoid excessive nitpicking ➡️Give constructive feedback: always be: + specific, actionable, and respectful + focus on improvement rather than criticizing.  + make a space for open communication to answer questions & give clarifications. 🟠As a reviewee: ➡️follow up on feedback:  + don���t take the comments personally + actively work on feedback after the session + make necessary revisions and follow up to confirm ➡️Follow coding standards:  focus on improving: + readability + maintainability Remember - mutual respect during the code reviews is crucial for a great team culture! – P.S: If you’re a Sr. Software engineer looking to become a Tech Lead or manager. I’m doing a webinar soon. Stay tuned :)

Wish someone had told me this about code review etiquette 🚀 The goal is shipping reliable code, not winning arguments. 😊 𝐀𝐬 𝐚 𝐑𝐞𝐯𝐢𝐞𝐰𝐞𝐫: 𝐃𝐨'𝐬 ✅ ◾ Review the code within 24 hours — blocking teammates kills productivity ◾ Start with "What problem is this code solving?" ◾ Look for security vulnerabilities first, then architecture, then style ◾ Ask questions instead of making accusations ("What's the reason for...?" vs "This is wrong") ◾ Suggest alternatives with code examples when possible ◾ Acknowledge good patterns and clever solutions 𝐃𝐨𝐧'𝐭𝐬 ❌ ◾ Don’t nitpick about style if there's an automated linter ◾ Don’t rewrite the code in your preferred style ◾ Never make it personal, critique the code, not the coder ◾ Don’t approve without actually reviewing ◾ Don’t block PRs for minor issues 𝐀𝐬 𝐚 𝐂𝐨𝐝𝐞 𝐀𝐮𝐭𝐡𝐨𝐫: 𝐃𝐨'𝐬 ✅ ◾ Keep PRs small (under 400 lines when possible) ◾ Add context in PR description (screenshots for UI changes) ◾ Self-review before requesting others ◾ Break down large changes into smaller PRs ◾ Respond to comments within one business day ◾ Add tests for new code ◾ Document non-obvious decisions 𝐃𝐨𝐧'𝐭𝐬 ❌ ◾ Don’t take feedback personally ◾ Don’t push back without explanation ◾ Don’t mark conversations resolved without addressing them ◾ Don’t submit PRs without testing locally ◾ Don’t expect instant reviews for massive changes You can add more, based on your experience. 👍 But let me leave you with one final thought. Code reviews are still mostly manual, but the landscape around us is shifting fast. With tools like Cursor, Replit, Devin, and others, AI-generated code is becoming the norm. Teams are shipping faster, and the volume of code is growing. But our review processes haven’t caught up. And this gap is only going to widen. That’s why I find tools like Korbit AI interesting. Instead of reviewing PRs in isolation, it brings full codebase context into the review. It also helps engineering managers track things like security risks, code health, and developer insights, all of which get harder as AI-generated code scales. korbit.ai

AI has flipped the most important skill in engineering. It used to be writing code; now it's reviewing code... AI can generate code fast, but it's not safe to point an AI at a production code base and let it go to town. You need to review the code first (maybe even more than you need to review human-generated code!). 𝗦𝗼 𝘄𝗵𝗮𝘁 𝗺𝗮𝗸𝗲𝘀 𝗮 𝗴𝗼𝗼𝗱 𝗰𝗼𝗱𝗲 𝗿𝗲𝘃𝗶𝗲𝘄? 𝟭. 𝗘𝘅𝗲𝗰𝘂𝘁𝗲 𝘁𝗵𝗲 𝗰𝗼𝗱𝗲 𝗶𝗻 𝘆𝗼𝘂𝗿 𝗵𝗲𝗮𝗱 It sounds silly! But the best code review comes from deeply understanding how the code actually works, and you can only do that by mentally running the code. This helps find potential bugs, but that's not all it's about. Understanding a PR at this level lets you consider alternate architectures, catch undesirable performance characteristics, evaluate how the new code gels with the rest of the codebase, and more. 𝟮. 𝗖𝗼𝗺𝗺𝘂𝗻𝗶𝗰𝗮𝘁𝗲 𝗰𝗹𝗲𝗮𝗿𝗹𝘆 & 𝗸𝗶𝗻𝗱𝗹𝘆 Good reviews get to the point and are easy for the PR author to understand. And they are respectful: because text communication makes it hard to infer tone, best practice is to lean positive. Always try to include positive recognition where possible! 𝟯. 𝗗𝗼𝗻'𝘁 𝘄𝗮𝘀𝘁𝗲 𝘁𝗶𝗺𝗲 𝗼𝗻 𝘁𝗵𝗶𝗻𝗴𝘀 𝘁𝗵𝗮𝘁'𝘀 𝗱𝗼𝗻'𝘁 𝗺𝗮𝘁𝘁𝗲𝗿 Use Google's standard: accept code if it improves the codebase overall, even if it's not perfect. Don't waste time on things like spacing, bracket placement, or other nitpicks - use a linter or just let it be. (𝗕𝘆 𝘁𝗵𝗲 𝘄𝗮𝘆 - AI code review tools like Greptile or cubic (YC X25) are great at finding bugs and you should use them in addition to high quality human reviews!)