This is a draft cheat sheet. It is a work in progress and is not finished yet.
Structure
Does the code conform to the coding standards? |
Is the code well-structured, consisten in style, and consistently formatted? |
Are there any uncalled or unneeded procedures or unreachable or commented code? |
Are there any leftover stubs or test routines in the code? |
Can any code be replaced by calls to external reusable components? |
Are there any blocks of repeated code that could be condensed into a single procedure? |
Are any modules excessivley complex and should be restructured? |
Are names of artifacts consistent? |
Documentation
Is the code clearly and adequately documented? |
Is the comment format/style consistent across the code? |
Are unnecessary system.debug calls in the code? |
Are the methods including a description, @param & @return? |
Variables
Are all variables properly defined with meaningful, consistent, and clear names? |
Is the Java capitalization (camelCase) standard used? |
Are there any redundant or unused variables? |
Are all the variables correctly initialized? |
Arithmetic operations |
Are divisors tested for zero or noise? |
Loops
Are loop termination conditions obvious and invariably achievable? |
Are indexes or subscripts properly initialized, just prior to the loop? |
Can any statements that are enclosed within loops be placed outside the loops? |
Are DML operations placed inside a loop? |
Are SOQL or SOSL queries palced inside a loop? |
Are future method invocations placed inside a loop? |
Are Describe methods invoked inside a loop? |
Are emails sent from a loop? |
Are Batch Apex jobs executed from a loop? |
Are methods invoked from a loop that end up making a query, dml operation, sending an email, invoking a async method? |
Data Access & Manipulation
Are methods bulkified? |
Does the code provide a proper exception handler? |
Does the code prevent SOQL and SOSL injection attacks by using static queries, binding variables or the escapeSingleQuotes method? |
Does the code use the enhanced SOQL for loop to query larg data sets? |
Are IDs hardcoded? |
Is record type information accessed by making queries? |
When usign custom settings, are custom settings validated for null values? |
Are queries returning a single record instead of a list? |
Are checks to avoid null pointer exceptions performed? |
Are indexes properly used when accessing collections (to avoid index out of bounds exception)? |
Triggers
Are triggers bulkified? |
Do triggers have logic inside? |
Are there more than one trigger per object? |
Does the code have validations to execute the code under the right conditions? |
Visualforce
Is the DOM id property defined for all elements? |
Is there any inline javascript? |
Is there any inline CSS? |
Are javaScript or CSS in the page? |
Are there any lists displayed in the page that may impact the view state? |
Controllers
Is there any SOQL or SOSL query inside the controller? |
|
