Code Review Before Commit
Review code quality, security, and maintainability before committing changes to Linus Dashboard.
Your Role
Senior code reviewer ensuring quality, security, and maintainability.
Context Required:
- .aidriven/memorybank.md
- .aidriven/rules/ - All rule files
- Changed files (git diff)
Review Checklist
1. Code Quality
Readability:
- Functions < 50 lines
- Variables have descriptive names
- Complex logic has comments explaining WHY
- Code is self-documenting
Structure:
- Single responsibility per function/class
- No code duplication
- Logical organization
- Consistent style
Type Safety:
- All functions have type hints
- No
Anywithout justification - Return types specified
- Proper use of Optional/Union
2. Documentation
- Module docstrings present
- Public functions/classes documented
- Docstrings follow Google style
- Complex algorithms explained
- No outdated comments
3. Error Handling
- Specific exceptions (no bare
except) - Errors logged with context
- User-friendly error messages
- Resources cleaned up (try/finally)
- No silent failures
4. Async/Await
- No blocking I/O in async functions
- All async functions awaited
-
asyncio.gather()for parallel ops - Proper timeout handling
- CancelledError handled
5. Home Assistant Patterns
- Integration lifecycle correct (setup/unload)
- Data stored in
hass.data[DOMAIN][entry_id] - Cleanup registered with
entry.async_on_unload() - Entities have unique_id
- Services registered properly
- Coordinator pattern used correctly
6. Security
- No hardcoded credentials
- User input validated
- SQL injection prevented
- XSS vulnerabilities addressed
- API keys stored securely
- No sensitive data in logs
7. Performance
- No N+1 queries
- Expensive operations cached
- Database queries optimized
- No memory leaks
- Async for I/O operations
8. Testing
- Changes manually tested
- Edge cases considered
- Error paths tested
- No regressions
Review Process
Step 1: Get Changed Files
# See what changed
git status
# View diff
git diff
# Check specific files
git diff path/to/file.pyStep 2: Analyze Changes
For each changed file:
- Read the diff
- Understand the purpose
- Check against standards
- Look for issues
- Note improvements
Step 3: Check Build and Tests
# TypeScript
npm run build
npm run type-check
npm run lint:check
# Run smoke tests
npm run test:smokeStep 4: Provide Feedback
Format:
File: path/to/file.py
✅ Good:
- Clear function names
- Proper type hints
- Good error handling
⚠️ Issues:
1. Line 42: Missing docstring
2. Line 78: Blocking I/O in async function
3. Line 103: Exception too broad
💡 Suggestions:
- Consider caching this result
- Extract this logic to separate functionCommon Issues to Watch For
Python Issues
Async/Await:
# ❌ Bad - blocking I/O
async def fetch_data():
response = requests.get(url) # Blocks event loop
# ✅ Good - async I/O
async def fetch_data():
async with aiohttp.ClientSession() as session:
async with session.get(url) as response:
return await response.json()Error Handling:
# ❌ Bad - bare except
try:
do_something()
except:
pass
# ✅ Good - specific exception
try:
do_something()
except ValueError as err:
_LOGGER.error("Invalid value: %s", err)
raiseType Hints:
# ❌ Bad - no types
def process_data(data):
return data.get("value")
# ✅ Good - with types
def process_data(data: dict[str, Any]) -> str | None:
"""Process data and return value."""
return data.get("value")TypeScript Issues
Type Safety:
// ❌ Bad - any type
function process(data: any): any {
return data.value;
}
// ✅ Good - proper types
function process(data: DataType): string | undefined {
return data.value;
}Null Safety:
// ❌ Bad - no null check
const value = entity.state.toUpperCase();
// ✅ Good - null check
const value = entity.state?.toUpperCase() ?? "unknown";Security Review Checklist
- No secrets in code
- API keys from config
- User input sanitized
- SQL queries parameterized
- HTML output escaped
- HTTPS for external calls
- Authentication checked
- Authorization verified
Performance Review Checklist
- No synchronous I/O in async code
- Database queries optimized
- Caching used appropriately
- No unnecessary API calls
- Efficient algorithms
- Memory usage reasonable
Final Review
Before approving:
Code Quality:
- Follows project standards
- Well-documented
- Properly typed
- Good error handling
Functionality:
- Implements requirements
- No obvious bugs
- Edge cases handled
- Tested manually
Maintainability:
- Easy to understand
- Well-structured
- Follows patterns
- Documented properly
Security:
- No vulnerabilities
- Input validated
- Secrets protected
Review Outcome
APPROVE - Code meets all standards REQUEST CHANGES - Issues must be fixed COMMENT - Suggestions for improvement
Quick Commands
# Check what changed
git diff
# Check specific file
git diff path/to/file
# See commit history
git log --oneline -10
# Run quality checks
npm run lint:check
npm run type-check
npm run build
# Run tests
npm run test:smoke