Hier eine Review Checkliste speziell für Cpp (C++) Projekte. Natürlich sollte dieses Checkliste an das jeweilige Projektangepasst werden . Sie ist im Mark-Down formatiert um sie universeller für den eigenen Gebrauch zu machen. Sie sollte schon bei der Programmierung beachtet werden und nicht nur am Ende zum Review.
# Code Review Checklist
## 1. Code Quality & Style
– [ ] Code follows project’s style guide and conventions
– [ ] Consistent naming conventions for variables, functions, and classes
– [ ] No magic numbers or hardcoded values without constants
– [ ] Complex logic is broken down into smaller, readable functions
– [ ] Functions and methods follow single responsibility principle
– [ ] No code duplication (DRY principle followed)
– [ ] Proper indentation and formatting
– [ ] Meaningful variable and function names that indicate purpose
– [ ] Comments explain „why“ not „what“ when needed
– [ ] No commented-out code
– [ ] Maximum function/method length follows team guidelines
### C++ Specific
– [ ] Appropriate use of const correctness
– [ ] Rule of 0/3/5 followed for classes
– [ ] Move semantics implemented where beneficial
– [ ] No implicit type conversions that could cause issues
– [ ] Proper use of references vs pointers
– [ ] Smart pointers used instead of raw pointers where appropriate
– [ ] Virtual destructors for base classes
– [ ] Override keyword used for virtual functions
– [ ] Proper initialization of member variables in constructors
– [ ] Member initialization lists used appropriately
– [ ] No unnecessary friend declarations
– [ ] Appropriate use of inline functions
## 2. Architecture & Design
– [ ] Follows SOLID principles where applicable
– [ ] Proper separation of concerns
– [ ] Appropriate design patterns used where beneficial
– [ ] No tight coupling between components
– [ ] Proper abstraction levels
– [ ] Configuration is externalized appropriately
– [ ] No circular dependencies
– [ ] Clear and logical file organization
– [ ] Consistent with existing architecture
– [ ] Interfaces are well-defined and documented
### C++ Specific
– [ ] RAII pattern followed for resource management
– [ ] Appropriate use of templates
– [ ] Template specializations properly implemented
– [ ] No virtual functions in constructors/destructors
– [ ] Proper handling of copy/move operations
– [ ] Appropriate use of public/protected/private
– [ ] Inheritance used appropriately (prefer composition)
– [ ] Abstract classes defined correctly
– [ ] Proper forward declarations to minimize includes
– [ ] Appropriate use of namespaces
## 3. Performance
– [ ] Efficient algorithms and data structures used
– [ ] No unnecessary loops or iterations
– [ ] Database queries are optimized
– [ ] Proper indexing considered for database operations
– [ ] Caching implemented where beneficial
– [ ] Resource cleanup in finally blocks or using proper disposal patterns
– [ ] No memory leaks
– [ ] Batch operations used where appropriate
– [ ] Pagination implemented for large data sets
– [ ] Async/await patterns used correctly
### C++ Specific
– [ ] Pass by const reference for large objects
– [ ] Move semantics used for expensive operations
– [ ] No unnecessary object copies
– [ ] Appropriate use of SSO (Small String Optimization)
– [ ] Proper memory alignment for data structures
– [ ] Efficient use of std::vector and other containers
– [ ] Reserve/resize used appropriately for containers
– [ ] No unnecessary virtual functions
– [ ] Complex objects pre-allocated when possible
– [ ] Proper use of std::unique_ptr vs std::shared_ptr
– [ ] Memory pooling considered for frequent allocations
– [ ] Cache-friendly data structures and access patterns
## 4. Security
– [ ] Input validation implemented
– [ ] Output encoding used to prevent XSS
– [ ] SQL injection prevention measures in place
– [ ] Sensitive data is encrypted
– [ ] Authentication and authorization checks present
– [ ] No sensitive information in logs or error messages
– [ ] Secure password handling
– [ ] CSRF protection where needed
– [ ] Rate limiting considered for APIs
– [ ] Proper error handling without information disclosure
### C++ Specific
– [ ] No buffer overflows possible
– [ ] Proper bounds checking on arrays/containers
– [ ] Secure handling of C-style strings
– [ ] No undefined behavior
– [ ] Safe conversions between types
– [ ] No uninitialized variables
– [ ] Exception guarantees maintained
– [ ] Proper cleanup in case of exceptions
– [ ] No memory leaks in exception paths
– [ ] Secure random number generation
## 5. Testing
– [ ] Unit tests cover critical paths
– [ ] Tests are readable and maintainable
– [ ] Mocking used appropriately
– [ ] Edge cases tested
– [ ] Error conditions tested
– [ ] Integration tests where necessary
– [ ] Test coverage meets team standards
– [ ] Tests follow arrange-act-assert pattern
– [ ] No flaky tests
– [ ] Test data is appropriate and anonymized
### C++ Specific
– [ ] Memory leak tests included
– [ ] Exception safety tested
– [ ] Boundary conditions tested
– [ ] Move semantics tested
– [ ] Template instantiations tested
– [ ] Different compiler optimizations tested
– [ ] Platform-specific behavior tested
– [ ] Threading safety tested where applicable
– [ ] Constructor/destructor behavior tested
– [ ] RAII behavior verified
## 6. Documentation
– [ ] API documentation complete and accurate
– [ ] README updated if needed
– [ ] Complex algorithms explained
– [ ] Dependencies documented
– [ ] Configuration changes documented
– [ ] Release notes updated
– [ ] Breaking changes highlighted
– [ ] Deployment requirements documented
– [ ] API changes reflected in OpenAPI/Swagger
– [ ] Architecture decisions documented (ADRs)
### C++ Specific
– [ ] Template parameters documented
– [ ] Exception specifications documented
– [ ] Memory ownership documented
– [ ] Threading requirements documented
– [ ] Platform-specific behavior documented
– [ ] Compiler requirements specified
– [ ] Performance characteristics documented
– [ ] RAII contracts documented
– [ ] Smart pointer ownership semantics documented
– [ ] Complex template metaprogramming explained
## 7. Error Handling
– [ ] Appropriate error types used
– [ ] Error messages are clear and actionable
– [ ] Errors logged with proper context
– [ ] No swallowed exceptions
– [ ] Proper error propagation
– [ ] Graceful degradation where appropriate
– [ ] User-facing error messages are friendly
– [ ] System remains in consistent state after errors
– [ ] Retry logic implemented where appropriate
– [ ] Circuit breakers implemented for external services
### C++ Specific
– [ ] Exception safety guarantees specified and maintained
– [ ] No exceptions thrown from destructors
– [ ] Proper use of noexcept
– [ ] RAII used for cleanup
– [ ] Error states handled properly
– [ ] Strong exception guarantee where possible
– [ ] Basic exception guarantee as fallback
– [ ] Exception neutral functions properly implemented
– [ ] Resources cleaned up in case of exceptions
– [ ] std::error_code used where appropriate
## 8. Memory Management
### C++ Specific
– [ ] No raw new/delete operations (use smart pointers)
– [ ] Proper cleanup in destructors
– [ ] No memory leaks in normal or error paths
– [ ] Resource acquisition is initialization (RAII)
– [ ] Appropriate container choice for data storage
– [ ] Custom allocators implemented correctly
– [ ] Memory alignment requirements met
– [ ] Proper handling of self-assignment
– [ ] Circular references handled properly
– [ ] Memory pools used where appropriate
– [ ] Stack vs heap allocation chosen appropriately
– [ ] Placement new used correctly if needed
## 9. Concurrency & Threading
### Cpp Specific
– [ ] Thread safety documented and implemented
– [ ] Proper use of mutexes and locks
– [ ] Deadlock prevention measures
– [ ] Race conditions addressed
– [ ] Atomic operations used appropriately
– [ ] Proper use of memory fences
– [ ] Thread-local storage used where needed
– [ ] Condition variables used correctly
– [ ] Async operations implemented properly
– [ ] Lock-free programming implemented correctly
– [ ] Thread pool implementation if needed
– [ ] Proper handling of thread lifecycle
## 10. Modern C++ Features
### Cpp Specific
– [ ] Appropriate use of auto
– [ ] Range-based for loops where applicable
– [ ] Lambda expressions used effectively
– [ ] Structured bindings used where appropriate
– [ ] constexpr used for compile-time computation
– [ ] std::optional used for optional values
– [ ] std::variant used instead of unions
– [ ] std::string_view used for string references
– [ ] Concepts used for template constraints (C++20)
– [ ] Modules used appropriately (C++20)
– [ ] Coroutines implemented correctly (C++20)
– [ ] Proper use of aggregate initialization
## 11. Version Control
– [ ] Commit messages are clear and follow conventions
– [ ] Branch naming follows team conventions
– [ ] No unnecessary files committed
– [ ] Large files handled appropriately
– [ ] Secrets and credentials not committed
– [ ] Branch is up to date with target branch
– [ ] No merge conflicts
– [ ] Changes are atomic and focused
– [ ] PR/MR description is complete
– [ ] Related issues/tickets referenced
## 12. Compatibility & Standards
– [ ] Browser compatibility considered
– [ ] Mobile responsiveness if applicable
– [ ] Accessibility standards followed
– [ ] Internationalization supported if required
– [ ] Backward compatibility maintained or breaking changes documented
– [ ] Industry standards followed
– [ ] Legal compliance considered
– [ ] License requirements met
– [ ] Third-party integration standards followed
– [ ] API versioning handled appropriately
## 13. Deployment & Operations
– [ ] Configuration changes documented
– [ ] Database migrations included
– [ ] Deployment dependencies identified
– [ ] Monitoring and logging adequate
– [ ] Health checks implemented
– [ ] Backup and restore procedures updated if needed
– [ ] Scale considerations addressed
– [ ] Feature flags used where appropriate
– [ ] Rollback plan documented
– [ ] Performance metrics captured