Back to Details

code-review

Compare original and translation side by side

🇺🇸

Original

English
🇨🇳

Translation

Chinese

Sentry Code Review

Sentry代码审查

Follow these guidelines when reviewing code for Sentry projects.
在审查Sentry项目代码时,请遵循以下指南。

Review Checklist

审查检查清单

Identifying Problems

问题识别

Look for these issues in code changes:
  • Runtime errors: Potential exceptions, null pointer issues, out-of-bounds access
  • Performance: Unbounded O(n²) operations, N+1 queries, unnecessary allocations
  • Side effects: Unintended behavioral changes affecting other components
  • Backwards compatibility: Breaking API changes without migration path
  • ORM queries: Complex Django ORM with unexpected query performance
  • Security vulnerabilities: Injection, XSS, access control gaps, secrets exposure
在代码变更中查找以下问题:
  • 运行时错误:潜在异常、空指针问题、越界访问
  • 性能:无限制的O(n²)操作、N+1查询、不必要的内存分配
  • 副作用:影响其他组件的意外行为变更
  • 向后兼容性:无迁移路径的破坏性API变更
  • ORM查询:查询性能超出预期的复杂Django ORM
  • 安全漏洞:注入攻击、XSS、访问控制缺口、密钥泄露

Design Assessment

设计评估

  • Do component interactions make logical sense?
  • Does the change align with existing project architecture?
  • Are there conflicts with current requirements or goals?
  • 组件交互逻辑是否合理?
  • 变更是否与现有项目架构一致?
  • 是否与当前需求或目标存在冲突?

Test Coverage

测试覆盖率

Every PR should have appropriate test coverage:
  • Functional tests for business logic
  • Integration tests for component interactions
  • End-to-end tests for critical user paths
Verify tests cover actual requirements and edge cases. Avoid excessive branching or looping in test code.
每个PR都应具备适当的测试覆盖率:
  • 业务逻辑的功能测试
  • 组件交互的集成测试
  • 关键用户路径的端到端测试
验证测试是否覆盖实际需求和边缘情况。避免在测试代码中出现过多分支或循环。

Long-Term Impact

长期影响

Flag for senior engineer review when changes involve:
  • Database schema modifications
  • API contract changes
  • New framework or library adoption
  • Performance-critical code paths
  • Security-sensitive functionality
当变更涉及以下内容时,标记需要资深工程师审查:
  • 数据库架构修改
  • API契约变更
  • 新框架或库的采用
  • 性能关键代码路径
  • 安全敏感功能

Feedback Guidelines

反馈指南

Tone

语气

  • Be polite and empathetic
  • Provide actionable suggestions, not vague criticism
  • Phrase as questions when uncertain: "Have you considered...?"
  • 保持礼貌和同理心
  • 提供可操作的建议,而非模糊的批评
  • 不确定时以提问的方式表达:“您是否考虑过……?”

Approval

批准

  • Approve when only minor issues remain
  • Don't block PRs for stylistic preferences
  • Remember: the goal is risk reduction, not perfect code
  • 仅存在小问题时即可批准
  • 不要因风格偏好阻止PR合并
  • 记住:目标是降低风险,而非追求完美代码

Common Patterns to Flag

需要标记的常见模式

Python/Django

Python/Django

python
undefined
python
undefined

Bad: N+1 query

Bad: N+1 query

for user in users: print(user.profile.name) # Separate query per user
for user in users: print(user.profile.name) # Separate query per user

Good: Prefetch related

Good: Prefetch related

users = User.objects.prefetch_related('profile')
undefined
users = User.objects.prefetch_related('profile')
undefined

TypeScript/React

TypeScript/React

typescript
// Bad: Missing dependency in useEffect
useEffect(() => {
  fetchData(userId);
}, []);  // userId not in deps

// Good: Include all dependencies
useEffect(() => {
  fetchData(userId);
}, [userId]);
typescript
// Bad: Missing dependency in useEffect
useEffect(() => {
  fetchData(userId);
}, []);  // userId not in deps

// Good: Include all dependencies
useEffect(() => {
  fetchData(userId);
}, [userId]);

Security

安全

python
undefined
python
undefined

Bad: SQL injection risk

Bad: SQL injection risk

cursor.execute(f"SELECT * FROM users WHERE id = {user_id}")
cursor.execute(f"SELECT * FROM users WHERE id = {user_id}")

Good: Parameterized query

Good: Parameterized query

cursor.execute("SELECT * FROM users WHERE id = %s", [user_id])
undefined
cursor.execute("SELECT * FROM users WHERE id = %s", [user_id])
undefined

References

参考资料