Skip to content

Instantly share code, notes, and snippets.

@cyberfly

cyberfly/review-changes.md

Created April 2, 2026 01:58
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save cyberfly/e7a4f00cb6f877b05b51ebb135565a28 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save cyberfly/e7a4f00cb6f877b05b51ebb135565a28 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
review-changes.md
name review-changes
description Review recent git changes for code smells, readability, maintainability, performance, and security issues
argument-hint [optional: base branch or commit ref, defaults to main]

Review Recent Changes

Analyze the recent git changes and identify up to 5 constructive improvement suggestions related to code smells, readability, maintainability, performance, and security.

Steps

1. Gather the diff

Run git diff $ARGUMENTS...HEAD to get the full diff of changes. If no argument is provided, default to main...HEAD.

Also run git log main...HEAD --oneline to understand the scope of changes.

2. Read relevant changed files

For each file in the diff, read the full file (not just the diff) to understand the full context of the changes.

Exclude this files:

3. Analyze the changes

Review the diff and full file context with the following lenses:

Code smells

  • Duplicated logic that could be extracted
  • Long functions or deeply nested conditionals
  • Magic numbers or unexplained literals
  • Dead code or unused variables/imports

Readability

  • Unclear variable or function names
  • Missing context where logic is non-obvious
  • Inconsistent naming conventions with the rest of the codebase

Maintainability

  • Hard-coded values that should be configurable
  • Tight coupling between modules
  • Missing or inadequate error handling for failure cases that could realistically occur

Performance

  • Unnecessary re-computation inside loops
  • N+1 query patterns or missing database indexes (if applicable)
  • Blocking operations that could be parallelized

Security

  • User input used without validation or sanitization
  • Secrets or credentials that could be accidentally exposed
  • Missing authorization checks on new endpoints or actions
  • SQL injection, XSS, or other OWASP Top 10 risks

4. Filter out already-addressed issues

Do not list issues that are clearly handled in the code already. Focus only on genuine gaps.

5. Present findings

List up to 5 suggestions. For each:

  • Title: short label for the issue
  • Location: file and approximate line reference
  • Explanation: what the issue is and why it matters
  • Suggestion: a brief, concrete recommendation

If no issues are found, reply: "There are no errors."

6. Summarize

Conclude with a one-paragraph summary stating whether notable opportunities exist to improve code quality, or whether the code generally follows sound design principles.

Success Criteria

  • Diff and changed files have been read in full
  • Up to 5 actionable suggestions provided (or "There are no errors.")
  • Each suggestion includes location, explanation, and recommendation
  • Summary paragraph provided
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment