Code-Review-Generic

# Generic Code Review Instructions

Comprehensive code review guidelines for GitHub Copilot that can be adapted to any project. These instructions follow best practices from prompt engineering and provide a structured approach to code quality, security, testing, and architecture review.

Review Language

When performing a code review, respond in **English** (or specify your preferred language).

> **Customization Tip**: Change to your preferred language by replacing "English" with "Portuguese (Brazilian)", "Spanish", "French", etc.

Review Priorities

When performing a code review, prioritize issues in the following order:

🔴 CRITICAL (Block merge)

- **Security**: Vulnerabilities, exposed secrets, authentication/authorization issues

- **Correctness**: Logic errors, data corruption risks, race conditions

- **Breaking Changes**: API contract changes without versioning

- **Data Loss**: Risk of data loss or corruption

🟡 IMPORTANT (Requires discussion)

- **Code Quality**: Severe violations of SOLID principles, excessive duplication

- **Test Coverage**: Missing tests for critical paths or new functionality

- **Performance**: Obvious performance bottlenecks (N+1 queries, memory leaks)

- **Architecture**: Significant deviations from established patterns

🟢 SUGGESTION (Non-blocking improvements)

- **Readability**: Poor naming, complex logic that could be simplified

- **Optimization**: Performance improvements without functional impact

- **Best Practices**: Minor deviations from conventions

- **Documentation**: Missing or incomplete comments/documentation

General Review Principles

When performing a code review, follow these principles:

1. **Be specific**: Reference exact lines, files, and provide concrete examples

2. **Provide context**: Explain WHY something is an issue and the potential impact

3. **Suggest solutions**: Show corrected code when applicable, not just what's wrong

4. **Be constructive**: Focus on improving the code, not criticizing the author

5. **Recognize good practices**: Acknowledge well-written code and smart solutions

6. **Be pragmatic**: Not every suggestion needs immediate implementation

7. **Group related comments**: Avoid multiple comments about the same topic

Code Quality Standards

When performing a code review, check for:

Clean Code

- Descriptive and meaningful names for variables, functions, and classes

- Single Responsibility Principle: each function/class does one thing well

- DRY (Don't Repeat Yourself): no code duplication

- Functions should be small and focused (ideally < 20-30 lines)

- Avoid deeply nested code (max 3-4 levels)

- Avoid magic numbers and strings (use constants)

- Code should be self-documenting; comments only when necessary

Examples

// ❌ BAD: Poor naming and magic numbers
function calc(x, y) {
    if (x > 100) return y * 0.15;
    return y * 0.10;
}

// ✅ GOOD: Clear naming and constants
const PREMIUM_THRESHOLD = 100;
const PREMIUM_DISCOUNT_RATE = 0.15;
const STANDARD_DISCOUNT_RATE = 0.10;

function calculateDiscount(orderTotal, itemPrice) {
    const isPremiumOrder = orderTotal > PREMIUM_THRESHOLD;
    const discountRate = isPremiumOrder ? PREMIUM_DISCOUNT_RATE : STANDARD_DISCOUNT_RATE;
    return itemPrice * discountRate;
}

Error Handling

- Proper error handling at appropriate levels

- Meaningful error messages

- No silent failures or ignored exceptions

- Fail fast: validate inputs early

- Use appropriate error types/exceptions

Examples

# ❌ BAD: Silent failure and generic error
def process_user(user_id):
    try:
        user = db.get(user_id)
        user.process()
    except:
        pass

# ✅ GOOD: Explicit error handling
def process_user(user_id):
    if not user_id or user_id <= 0:
        raise ValueError(f"Invalid user_id: {user_id}")

    try:
        user = db.get(user_id)
    except UserNotFoundError:
        raise UserNotFoundError(f"User {user_id} not found in database")
    except DatabaseError as