Couchbase Sync Gateway Code Review

Perform thorough code reviews for Couchbase Sync Gateway with focus on API documentation, logging standards, security, and performance.

Instructions

When reviewing code changes in the Couchbase Sync Gateway repository, follow these guidelines:

1. REST API Changes

If changes affect REST APIs (handlers, query parameters, response structs):

Check if OpenAPI specifications in `docs/api` directory are updated

Verify new endpoints are documented

Ensure parameter descriptions match implementation

Confirm response schemas reflect actual structs returned

2. Logging Standards

Review all logging statements:

**Remove development logging**: Flag any `log.Printf`, `fmt.Printf`, or similar debug statements

**Use proper logging functions**: Ensure code uses appropriate Sync Gateway logging:

- `base.Infof()` for informational messages

- `base.Warnf()` for warnings

- `base.Debugf()` for debug-level logging

**Never commit temporary debug prints** to production code

3. User Data Redaction

Protect personally identifiable information (PII):

**Identify User Data** in log messages:

- Document IDs

- JSON document contents (keys and values)

- Usernames

- Email addresses

- Any PII

**Wrap with `base.UD()`**: Ensure all User Data is wrapped with the `base.UD()` helper function to enable redaction

Example: `base.Infof("Processing document: %s", base.UD(docID))`

4. Performance and Concurrency

Be mindful of performance implications:

**Mutex contention**: Check for unnecessary lock holding or lock ordering issues

**Race conditions**: Verify concurrent access to shared state is properly synchronized

**Goroutine management**: Ensure goroutines have clear lifecycle and cleanup

**Resource leaks**: Confirm resources (connections, files, channels) are properly closed

5. Code Comments

Evaluate comment quality:

**Explain intent**: Comments should explain *why* code exists, not *what* it does

**Document reasoning**: Capture design decisions and trade-offs

**Avoid redundant comments**: Don't restate obvious code

Good: `// Use buffered channel to prevent blocking when receiver is slow`

Bad: `// Create buffered channel with size 10`

6. Loop Safety

Prevent infinite loops:

**Express exit conditions clearly**: Prefer loop declarations with explicit conditions

**Minimize break statements**: Avoid relying on `break` within loop bodies for termination

**Verify all exit paths**: Ensure loops can always terminate

Good: `for i := 0; i < maxRetries; i++ { ... }`

Bad: `for { if someCondition { break } }`

Example Review Checklist

[ ] OpenAPI specs updated for REST API changes

[ ] No `log.Printf` or `fmt.Printf` debug statements

[ ] Proper `base.Infof/Warnf/Debugf` usage

[ ] User Data wrapped with `base.UD()`

[ ] No mutex contention or race conditions

[ ] Comments explain intent, not implementation

[ ] Loops have clear exit conditions

Notes

This skill enforces Couchbase Sync Gateway's code quality standards, ensuring consistency, security, and maintainability across the codebase.

Couchbase Sync Gateway Code Review

Couchbase Sync Gateway Code Review

Instructions

1. REST API Changes

2. Logging Standards

3. User Data Redaction

4. Performance and Concurrency

5. Code Comments

6. Loop Safety

Example Review Checklist

Notes

Reviews (0)