Salesforce Code review checklist

In this post, we will talk about the Salesforce code review checklist and how a customer, Project manager, administrator, and developer ensure that the code written for their uses follows Apex coding standards and avoids vulnerabilities and Security issues. Before discussing the Apex Best Practices Checklist, let’s see why we need code review.

What is Code Review in Salesforce?

Code review (sometimes called peer review) is a software quality assurance activity in which one or several people check a program mainly by viewing and reading parts of its source code. At least one of the persons must not be the code’s author. The persons performing the checking are called “reviewers.”

Why do we need Code Review?

Let us understand why we need standards and best practices for Code Review.

1. Project Cost: 40%–80% of the lifetime cost of a piece of software goes to maintenance.
2. Maintenance: Hardly any software is maintained for its whole life by the original author.
3. Code readability: Code conventions improve the readability of the software, allowing engineers to understand new code more quickly and thoroughly. Enhance code-readability to anybody wanting to do so in the future, reducing efforts for code maintenance. If you ship your source code as a product, you must ensure it is as well packaged and clean as any other product you create.
4. Consistency: Introduce consistency to coding practices across the length and breadth of implementations.
5. Code-reusability: Introduce code-reusability to repeatable processes and procedures.
6. Significantly reduce development time and effort, improving productivity.
7. Minimize POFs (point of failure) during implementations.
8. Tech dept: It helps in tech debt prevention.

Basic Code Review

Let’s see what code reviewers view in code normally

1. I can understand the code.
2. Is the Class/Method is too big?
3. DML/SOQL inside for loop
4. Code coverage is 75+
5. Code formatting & Naming Conventions
6. Is code following standards/ Guidelines?

Expert Code Review

Let’s see what an expert code reviewer thinks about doing a code review. Here is the expert-level code review checklist.

Code review checklist

Here is the Salesforce code review checklist every project should have.

1. Is code is following Standard Guidelines
   1. Naming convention in Salesforce
   2. Code Layouts and Formatting Salesforce.
   3. Keep your methods short
   4. Don’t repeat yourself
   5. Methods should do just one thing
2. Is code following Defined Architecture?
   1. Order of Execution : Be aware of the order of executions.
   2. Exception Handling & Logging Framework: Look into the logging framework.
   3. Trigger Framework is appropriately implemented.
3. Is the code meet the Non-Functional Requirement?
   1. Is the code Scalable to support the huge number of users?
   2. Is the Performance accepted with hug data?
   3. Is Security taken care of?
   4. Is the Code Maintainable easily?
4. Apex Best Practices: Prefer clicks over code wherever possible
   1. Avoid Hardcoding IDs
   2. Bulkify your Code
   3. No DML/SOQL inside for Loop
   4. Create one Trigger per object
   5. Apex Test class Best Practices
      • Write meaningful tests with assertions.
      • One assert per method.
      • Follow Test Driven Development.
      • Focus on 100% code coverage.
      • Writing Test Methods to Verify Large Datasets
      • Use TestDataFactory for data creation.
   6. Utilize Map for queries.
   7. Use of the Limits Apex Methods to Avoid Hitting Governor Limits
5. OOAD ( Object Oriented Analysis & Design)
   1. Separation of Concerns
   2. DRY Principle
   3. SOLID Principle
      • Single-responsibility principle: A piece of logic should only have a single responsibility….and the class, module, or function should entirely encapsulate responsibility.
      • Open-closed principle: “Software entities … should be open for extension but closed for modification.”
      • Dependency inversion principle: “Depend on abstractions and not concretions.”
   4. Dependency Injection
6. Static Code Analysis : Use the tool to avoid spending too much time on code review, which the tool can do.
7. Follow Integration Pattern & Best Practices

Code Review in Salesforce Video

Clean code should follow below best practices

• Easy to understand by other developers : readable by developers other than the one who developed it.
• Easy to maintain : lower chances of accidentally introducing bugs
• Modified without fear of breaking anything : Lot of developers take great pride in making the code compact – trying to do multiple things on one line – which might be impressive, but makes the code much harder to read and understand

Code Review Best Practices

Code review is one of the critical processes in any software development. It should be adequately documented so the team can follow code review best practices. Let’s see some of the code review best practices in Salesforce.

1. Automate as much as possible using PMD or other tools
2. Decide on code review goals
3. Follow a standard checklist when submitting for review.
4. During review
   1. Respond in a timely fashion
   2. Set clear expectations
   3. Aim to resolve the review quickly.
5. Compile your review: Be respectful and frame feedback as request, not comments.
6. Be open to follow-up

Further Learning

• Please check Clean Code in Salesforce recording.

Summary

If you like this post, please add a comment. I would like to have some more tips on this topic. Feel free to add some Tips and best practices in a comment. I will try to add to the post.