How to Approach Full-Stack Code Reviews

100 lines of code: reviewed in 10 minutes. 1000 lines of code: reviewed never. Code reviews exist to catch bugs, improve maintainability, and help teams write better software together. But most engineers treat them like assignments to pass instead of collaborative checkpoints. That mindset kills the process before it starts. ➧ When you're submitting a PR: 1. Keep it small Aim for 10-100 lines of code per pull request. Past 100 lines, reviewers start skimming. Past 500, they stop caring entirely. Large PRs are harder to review, take longer to approve, and make it nearly impossible to catch real bugs. Break your work into isolated, logical chunks. Yes, it's more work upfront. But it ships faster. 2. Write a description Give context. Always. Your reviewer might be on a different team, in a different timezone, or new to the codebase. Don't make them guess what you're solving. If you're fixing a bug, explain what broke and link to the ticket. If it's a visual change, add before/after screenshots. If you ran a script that generated code, paste the exact command you used. Context turns a confusing diff into a clear story. 3. Leave preemptive comments If part of your diff looks unrelated to the main logic, explain it before your reviewer asks. "Fixed a typing issue here while working on the main feature." "This file got reformatted by the linter, no logic changes." These small clarifications save back-and-forth and show you're thinking about the reviewer's experience. ➧ When you're reviewing a PR: 1. Be overwhelmingly clear Unclear comments leave people stuck. If you're making a suggestion but don't feel strongly, say it: "This could be cleaner, but use your judgment." If you're just asking a question, mark it: "Sanity check, is this intentional? Non-blocking, just curious." Over-communicate your intent. Especially with remote teams or people you don't know well. 2. Establish approval standards with your team Decide as a team when to approve vs. block a PR. At Amazon and now at Nielsen, we approve most PRs even with 10+ comments because we trust teammates to address feedback. The only exception: critical bugs that absolutely can't go to production. Without clear standards, people feel blocked by style comments and approvals feel arbitrary. Talk to your team. Set the rules. Stick to them. 3. Know when to go offline Some conversations don't belong in PR comments. If the code needs a major rewrite, if there's a design disagreement, or if you're about to write a paragraph, stop. Ping your teammate directly. Have a quick call. Save everyone time. Leave a comment like "Let's discuss this offline" so they know you're not ignoring it.

TIPS FOR YOUR INTERNSHIPS AND NEW GRAD POSITIONS - 2024 EDITION There are some things you learn better once the roles are reversed: I learned the importance of a good pull request (PR) once I started reviewing them myself. Here is a checklist you can refer to: 1. Getting your work reviewed doesn't shift the responsibility of catching issues to your reviewers. The prime responsibility of ensuring your work is defect-free and won't cause problems in prod is always on you, the author. The code review process is a guardrail, but don't treat it as a crutch: 'I'll have a senior engineer review my work, so I don't have to worry about testing the edge cases, they'll catch those.' This is the wrong mentality to create a PR with. If all your PRs involve reviewers pointing out edge cases, you're not doing your job diligently. 2. Document your PRs properly. Provide context, and don't take this for granted. Just because someone reviews your PR doesn't mean they'll have the complete background. Include the WHAT, WHY, and HOW. WHAT: Provide background on the issue. Example: this PR fixes an uncaught exception (include details about the exception). WHY - Why is this fix necessary? Example: the fix is needed because it helps prevent the app from crashing unexpectedly because of the uncaught exception. HOW - Example: It's fixed by encapsulating this block of code within a try-catch and logging the error. 3. Add instructions on how to reproduce the error and verify the fix locally. 4. For UI changes, including screenshots of before and after can be helpful. 5. Add tests! You'd be surprised how often this step is forgotten. 6. Keep the PR small, so it's easy to review. The usual guideline is less than 250 lines of code per PR. If it's too large, break it down into multiple PRs. 7. Review it first yourself. You'd be surprised by how many print statements you'll find that you forgot to clean up. 8. Assign the right reviewers. 9. Call out things you want to bring specific attention to, and you can cc specific people. 10. You don't have to necessarily agree with every piece of feedback provided - if there's something you feel strongly about, feel free to discuss it. If the discussion is getting too long, consider switching to a different medium - my goto is to jump on a quick call. 11. Give people enough time to review large PRs. If you're planning on merging a big feature on Friday afternoon (which isn't a great idea to begin with), don't create the PR on Thursday evening. There can be exceptions to this rule, but rushed reviews should be avoided. In the worst case, keep in mind that your PR could be reverted, which is why keeping the PR detailed is necessary. Got any more suggestions? Drop them in the comments below! #softwareengineering #technology

I don’t think the main primary purpose of code reviews is to catch bugs. Most dev do. They’ll tell you reviews are about quality control. But I disagree. The most valuable part of a code review is knowledge transfer. Here's why: - Developers usually test their code before opening a PR - Most teams already use linters, static analysis, and CI to catch issues What teams do not do enough of is share why the code was written a certain way and capture architectural decisions so future engineers understand the tradeoffs On a fast moving distributed team it is impossible for everyone to be in every call or track every ticket. Code reviews become the last line of defense for distributing knowledge Here are 4 ways to make code reviews a knowledge sharing superpower: 1. Always explain the “why” behind your code, not just the “what" 2. Document architectural decisions either in the PR itself or by linking to an ADR 3. Summarize the PR in plain English so anyone can quickly understand what changed and why 4. If a decision was made in Slack or a meeting, record it in the PR so it is not lost

"Hey… I rewrote the commit message, but I wasn't sure how to respond to the 'this makes no sense' comment." It wasn't my comment. But I knew exactly whose it was. And I knew how much it affected her willingness to submit the next PR. Here's the thing: Most engineers aren't avoiding code reviews because they don't care about quality. They're avoiding you. Or more specifically, how you make them feel. There's a massive difference between: • "Why would you do it this way?" vs • "Let's talk through what this is solving—there might be a clearer way." Critique should make someone's code feel challenged. Not their confidence. If your code reviews sound like rants, nags, or insults, dont be surprised when junior devs: • Delay shipping. • Ask fewer questions. • Avoid your name in the reviewer list. Want people to write better code? Try writing better comments. Here are some examples that actually work: • "This is clean—love the naming here." • "Could we simplify this even more?" • "Appreciate the test coverage here—nice work!" • "What do you think about extracting this into a helper function?" • "Good catch on handling that edge case." Code quality matters. But morale does too. The best engineers I know give feedback that makes people excited to improve, not afraid to try. Your code reviews aren't just about the code. They're about the person writing it. Encouragement isn't fluff. It's fuel.

In the last 11 years of my career, I’ve participated in code reviews almost daily. I’ve sat through 100s of review sessions with seniors and colleagues. Here’s how to make your code reviews smoother, faster and easier: 1. Start with Small, Clear Commits    - Break your changes into logical, manageable chunks. This makes it easier for reviewers to focus and catch errors quickly. 2. Write Detailed PR Descriptions    - Always explain the “why” behind the changes. This provides context and helps reviewers understand your thought process. 3. Self-Review Before Submitting    - Take the time to review your own code before submitting. You'll catch a lot of your own mistakes and improve your review quality. 4. Ask for Specific Feedback    - Don’t just ask for a “review”—be specific. Ask for feedback on logic, structure, or potential edge cases. 5. Don’t Take Feedback Personally    - Code reviews are about improving the code, not critiquing the coder. Be open to constructive criticism and use it to grow. 6. Prioritize Readability Over Cleverness    - Write code that’s easy to understand, even if it’s less “fancy.” Simple, clear code is easier to maintain and review. 7. Focus on the Big Picture    - While reviewing, look at how changes fit into the overall system, not just the lines of code. Think about long-term maintainability. 8. Encourage Dialogue    - Reviews shouldn’t be a one-way street. Engage in discussions and collaborate with reviewers to find the best solution. 9. Be Explicit About Non-Blocking Comments    - Mark minor suggestions as “nitpicks” to avoid confusion. This ensures critical issues get addressed first. 10. Balance Praise and Criticism    - Acknowledge well-written code while offering suggestions for improvement. Positive feedback encourages better work. 11. Always Follow Up    - If you request changes or leave feedback, follow up to make sure the feedback is understood and implemented properly. It shows you’re invested in the process. -- P.S: What would you add from your experience?

We were days away from D365 go-live. One code review question changed everything. 🚀 The code looked clean. It passed the base technical review. Then someone asked: "What happens when a sales order has multiple allowances?" Silence. That one question in the deeper code review uncovered a bug that would have stopped order processing on day one. Most code reviews focus on the technical: - Are tts blocks handled correctly? - Is error handling in place? - Are we using set-based operations? - Are there performance implications? - Are there hardcoded values that should be parameters? These matter. But they're not enough. 🔍 The deeper code reviews also challenge the code functionally: - Where could this break in real business scenarios? - What edge cases will users hit? - Does this actually solve the problem it was meant to? This is why technical resources who understand the business catch what others miss. We now include functional scenario questions in every code review. What's your code review process? Have you ever caught a critical bug just by asking the right question?

Most code reviews look productive… But it secretly costs teams weeks of engineering time. I learned this the hard way. Years ago, we shipped a feature that passed 4 code reviews, unit tests, and CI. Everything looked green. A tiny, silent failure took down reporting for an entire customer segment. The root cause? The review focused on style, not stability. That’s when I realized: - Formatting doesn’t break production. - Unhandled edge cases do. Since then, I look for 4 things in every review: 1. Functionality & correctness 2. Readability & clarity 3. Performance & efficiency 4. Security & stability (See the visual checklist attached 👇) Here’s the uncomfortable truth: If your feedback is mostly naming suggestions and spacing nitpicks, you’re not reviewing code… you’re formatting it. And if your review can’t answer: Will this break when traffic spikes 10x? Can we debug this at 2 AM? Is sensitive data protected? …you approved risk, not code. Great code reviews: ✅ prevent future outages ✅ reduce cognitive load ✅ scale with team growth ✅ make onboarding faster ✅ catch invisible regressions Bad reviews: - block velocity - create ego battles - confuse juniors - ship technical debt faster Remember: The goal isn’t to write perfect code. The goal is to ship code you can live with in production. Your turn: What’s the most underrated thing YOU look for in a code review? I’ll reply to every comment. P.S. If you want fewer escaped bugs and faster feedback loops, let's talk. 

Wish someone had told me this about code review etiquette 🚀 The goal is shipping reliable code, not winning arguments. 😊 𝐀𝐬 𝐚 𝐑𝐞𝐯𝐢𝐞𝐰𝐞𝐫: 𝐃𝐨'𝐬 ✅ ◾ Review the code within 24 hours — blocking teammates kills productivity ◾ Start with "What problem is this code solving?" ◾ Look for security vulnerabilities first, then architecture, then style ◾ Ask questions instead of making accusations ("What's the reason for...?" vs "This is wrong") ◾ Suggest alternatives with code examples when possible ◾ Acknowledge good patterns and clever solutions 𝐃𝐨𝐧'𝐭𝐬 ❌ ◾ Don’t nitpick about style if there's an automated linter ◾ Don’t rewrite the code in your preferred style ◾ Never make it personal, critique the code, not the coder ◾ Don’t approve without actually reviewing ◾ Don’t block PRs for minor issues 𝐀𝐬 𝐚 𝐂𝐨𝐝𝐞 𝐀𝐮𝐭𝐡𝐨𝐫: 𝐃𝐨'𝐬 ✅ ◾ Keep PRs small (under 400 lines when possible) ◾ Add context in PR description (screenshots for UI changes) ◾ Self-review before requesting others ◾ Break down large changes into smaller PRs ◾ Respond to comments within one business day ◾ Add tests for new code ◾ Document non-obvious decisions 𝐃𝐨𝐧'𝐭𝐬 ❌ ◾ Don’t take feedback personally ◾ Don’t push back without explanation ◾ Don’t mark conversations resolved without addressing them ◾ Don’t submit PRs without testing locally ◾ Don’t expect instant reviews for massive changes You can add more, based on your experience. 👍 But let me leave you with one final thought. Code reviews are still mostly manual, but the landscape around us is shifting fast. With tools like Cursor, Replit, Devin, and others, AI-generated code is becoming the norm. Teams are shipping faster, and the volume of code is growing. But our review processes haven’t caught up. And this gap is only going to widen. That’s why I find tools like Korbit AI interesting. Instead of reviewing PRs in isolation, it brings full codebase context into the review. It also helps engineering managers track things like security risks, code health, and developer insights, all of which get harder as AI-generated code scales. korbit.ai

9 code review practices your team should follow to go from Good → Great projects. (these helped my team deliver 100s of projects without wasting hours fixing bugs) 🟢As a team: ➡️Establish goals and expectations beforehand: for example: + functional correctness + algorithmic efficiency + improving code quality + ensuring code standards are met ➡️Use code review tools Use: (GitHub PRs, GitLab MRs, and Atlassian Crucible). + easily track changes + streamline the review process ➡️Automate code checks:  It will help you to: + find syntax errors + avoid common issues + reduce code style violations and potential bugs. 🟡As a reviewer: ➡️Start early, review often:  do this to: + catch issues early + prevent technical debt + ensure that code meets project requirements. ➡️Keep reviews small and focused:  you get: + an easier process + shorter turnaround time. + better collaboration in the team ➡️Balance speed and thoroughness:  + do comprehensive reviews  + but avoid excessive nitpicking ➡️Give constructive feedback: always be: + specific, actionable, and respectful + focus on improvement rather than criticizing.  + make a space for open communication to answer questions & give clarifications. 🟠As a reviewee: ➡️follow up on feedback:  + don’t take the comments personally + actively work on feedback after the session + make necessary revisions and follow up to confirm ➡️Follow coding standards:  focus on improving: + readability + maintainability Remember - mutual respect during the code reviews is crucial for a great team culture! – P.S: If you’re a Sr. Software engineer looking to become a Tech Lead or manager. I’m doing a webinar soon. Stay tuned :)

Code reviews aren't about finding bugs. If that's all you're doing in reviews, you've already lost. I've seen teams spend hours debating variable names and missing the actual problem: the code works, but nobody else can maintain it. Here's what code reviews actually catch: The junior engineer who hard-coded a feature that should be configurable. Not a bug. But you just locked yourself into technical debt that'll take 6 months to fix. The senior engineer who built something clever. Too clever. It works perfectly but breaks the moment someone else touches it. The architect who designed a system only they understand. No tests. No docs. Just "trust me, it works." Then they go on vacation and the system breaks. These aren't bugs. They're decisions that will hurt you later. Good code reviews ask different questions: • Can someone else debug this at 2am? • Will this still make sense in 6 months? • What happens when we scale 10x? • Are we building the right thing? Most teams optimize code reviews for finding syntax errors. Your IDE already does that. The real value is catching the decisions that look fine today but become disasters tomorrow. If your code reviews only find bugs, you're using them wrong. What's the worst "it works but..." code you've caught in review? #SoftwareEngineering #CodeReview #EngineeringLeadership