# Code Review Checklist

## Security
- [ ] No hardcoded secrets or credentials
- [ ] Input validation and sanitization
- [ ] SQL injection prevention (parameterized queries)
- [ ] XSS prevention
- [ ] CSRF protection
- [ ] Authentication/authorization checks
- [ ] Rate limiting considerations
- [ ] Error messages don't leak sensitive info

## Code Quality
- [ ] Code follows project style guide
- [ ] Functions are single-purpose and well-named
- [ ] No code duplication (DRY principle)
- [ ] Proper error handling
- [ ] Comments added for complex logic
- [ ] No commented-out code (unless with explanation)

## Testing
- [ ] Unit tests added/updated
- [ ] Integration tests added/updated (if applicable)
- [ ] E2E tests added/updated (if applicable)
- [ ] Tests pass locally
- [ ] Edge cases covered

## Performance
- [ ] No N+1 queries
- [ ] Database queries optimized
- [ ] Caching used where appropriate
- [ ] No unnecessary re-renders (React)
- [ ] Large files handled efficiently

## Documentation
- [ ] JSDoc comments for public APIs
- [ ] README updated if needed
- [ ] API documentation updated
- [ ] Breaking changes documented

## Dependencies
- [ ] New dependencies justified
- [ ] Security vulnerabilities checked
- [ ] Version updates safe

---

**Reviewer**: _____________  
**Date**: _____________