14 - Git + Code Review Mechanics (Evaluator Workflow)

Question 1

Deck 14 - Git + Code Review Mechanics (Evaluator Workflow) (objective)

Answer 1

Goal: evaluate PRs like a senior: read diffs fast, spot risk, write high-signal review comments, and propose safe next steps.
You learn: what/why (under the hood), common traps, and evaluator-grade wording.
Output style: PASS/PARTIAL/FAIL + 2-3 issues + fix approach / review comment.

Question 2

Mental model: what is a commit?

Answer 2

A commit is a snapshot of your repo + metadata (author, message, parent pointers).
Why: history is a graph; rewriting history changes commit IDs.

Question 3

Mental model: branch vs commit.

Answer 3

A branch is a movable pointer to a commit.
Why: merging/rebasing moves pointers; commits are the history nodes.

Question 4

Mental model: HEAD and detached HEAD.

Answer 4

HEAD points to your current branch (or a commit in detached mode).
Detached HEAD means commits are not on a named branch unless you create one.

Question 5

Mental model: working tree vs index (staging).

Answer 5

Working tree: files on disk. Index: what goes into next commit.
Why: you can stage parts of files; staging defines the commit snapshot.

Question 6

Mental model: merge vs rebase.

Answer 6

Merge keeps both histories and creates a merge commit.
Rebase replays commits onto a new base, creating new commit IDs.

Question 7

When to prefer merge vs rebase (practical).

Answer 7

Feature branches: rebase locally to keep clean history; merge/squash when integrating.
Shared branches: avoid rebasing after push unless workflow allows it.

Question 8

Fast-forward merge (what it is).

Answer 8

If target branch has not diverged, Git can move the branch pointer forward without a merge commit.
Why: linear history.

Question 9

Squash merge (tradeoff).

Answer 9

Squash combines multiple commits into one.
Pros: clean history; Cons: less granular bisecting and story.

Question 10

Cherry-pick (what/when).

Answer 10

Cherry-pick applies a single commit onto another branch.
Use for backports/isolated fixes; watch for duplicated changes.

Question 11

Revert vs reset (critical).

Answer 11

revert creates a new commit that undoes changes (safe for shared history).
reset moves branch pointer (rewrites history) and is risky after push.

Question 12

Force push safety rule.

Answer 12

Never force-push to shared branches unless explicitly allowed.
If needed, use –force-with-lease to avoid overwriting newer remote work.

Question 13

Stash (what it is).

Answer 13

Stash stores uncommitted changes temporarily.
Use to switch contexts; prefer small WIP branches over long stash chains.

Question 14

Bisect (why it matters).

Answer 14

git bisect finds the commit that introduced a bug via binary search.
Small commits and good messages make bisect effective.

Question 15

Unified diff basics.

Answer 15

+ lines are additions, - lines are removals.
Context lines show surrounding code; reviewers focus on behavior changes.

Question 16

Review triad: correctness, safety, maintainability.

Answer 16

Correctness: does it work? Safety: edge cases/security/races. Maintainability: can others change it safely?
Perf matters most on hotspots.

Question 17

What to look for first in a PR (triage).

Answer 17

1) Security/data boundaries
2) Correctness/edge cases
3) Async/race/cancel
4) Maintainability
5) Performance hotspots
6) Style/nits

Question 18

Lockfiles and dependency diffs (why noisy).

Answer 18

Lockfiles can change many lines for one package bump.
Review intent (which deps) + major version bumps + CI status.

Question 19

Formatting churn (review rule).

Answer 19

Mass reformatting hides real changes.
Best practice: separate formatting/refactor PRs from behavior changes.

Question 20

Code owners / required reviewers (concept).

Answer 20

Some paths require domain owners.
Why: reduces risk and enforces ownership/compliance.

Question 21

What makes a review comment high signal?

Answer 21

1) Impact (bug/security/UX)
2) Evidence (where/why)
3) Recommendation (specific fix/options)
4) Priority (blocker vs suggestion)

Question 22

Must-fix vs nice-to-have (rule).

Answer 22

Must-fix: correctness, security, data loss, crashes, a11y blockers.
Nice-to-have: refactors, naming, micro-optimizations, stylistic nits.

Question 23

Blocking comment template.

Answer 23

BLOCKER: <impact>. Evidence: <where/why>. Recommendation: <specific>.</specific></impact>

Question 24

Non-blocking suggestion template.

Answer 24

SUGGESTION: <improvement>. Rationale: <why>. Optional approach: <example>.</example></why></improvement>

Question 25

How to request tests (wording).

Answer 25

Please add coverage for: + + . Reason: prevents regressions and clarifies expected behavior.

Question 26

Diff reading heuristic for risk.

Answer 26

Scan for auth, input validation, async flows, state transitions, data transforms, and removed guards. Also watch changed defaults and error handling.

Question 27

Refactor vs behavior change (review).

Answer 27

Mixing refactor + feature change increases risk. Recommendation: split PRs or add tests that isolate behavior diffs.

Question 28

Large PR strategy.

Answer 28

Ask for summary: intent + key files + risk areas + test plan. Review in passes: architecture, correctness, edge cases, tests, style.

Question 29

Commit hygiene: why small commits matter.

Answer 29

Small commits are easier to review, revert, and bisect. They reduce hidden behavior changes.

Question 30

Commit messages: what good looks like.

Answer 30

Short subject + optional body with WHY. Example: fix(auth): prevent token refresh race - brief rationale.

Question 31

Squash vs preserve commits guidance.

Answer 31

Preserve commits if they tell a story and aid bisect. Squash if commits are noisy/WIP and the final change is coherent.

Question 32

Merge conflicts: reviewer risk.

Answer 32

Conflict resolution can introduce subtle changes. Re-review resolved sections and ensure tests pass afterward.

Question 33

Rebase after review (pitfall).

Answer 33

Rewriting history can invalidate prior review comments. If you rebase, note what changed and avoid in strict workflows.

Question 34

Renames/moves pitfall.

Answer 34

Tools may show delete+add. Confirm whether change is only a move or includes hidden logic changes.

Question 35

Generated code/snapshots review strategy.

Answer 35

Confirm intent, run tests, and spot-check key cases. Keep snapshots minimal; avoid reviewing huge diffs line-by-line.

Question 36

Lockfile review strategy.

Answer 36

Confirm which deps changed and why (security/feature). Watch major bumps; ensure CI is green; run audit with context.

Question 37

Config change review strategy (tsconfig/eslint).

Answer 37

Config changes can silently change type checking and lint behavior. Ask for rationale and verify CI/build impact.

Question 38

Security review trigger areas.

Answer 38

Auth, cookies/tokens, redirects, uploads, HTML injection, CORS, user-generated content. Raise bar for validation and tests.

Question 39

Performance review: when to block.

Answer 39

Block when change adds heavy work on hot paths (render loops, big lists, request storms). Otherwise prioritize correctness/clarity.

Question 40

Accessibility review: what is blocking.

Answer 40

Keyboard nav breakage, missing labels, removed focus styles, incorrect roles are blockers. Minor ARIA/nits may be follow-up unless severe.

Question 41

Command: view history graph.

Answer 41

git log --oneline --decorate --graph

Question 42

Command: inspect a commit.

Answer 42

git show

Question 43

Command: see current changes.

Answer 43

git status

Question 44

Command: stage hunks.

Answer 44

git add -p

Question 45

Command: unstage (keep work).

Answer 45

git reset

Question 46

Command: discard local changes (danger).

Answer 46

git restore

Question 47

Command: revert safely.

Answer 47

git revert

Question 48

Command: interactive rebase (local cleanup).

Answer 48

git rebase -i (avoid on shared history)

Question 49

Command: conflict resolution workflow.

Answer 49

Edit -> git add -> rebase --continue OR commit -> run tests

Question 50

Command: bisect bug commit.

Answer 50

git bisect start (mark good/bad until culprit)

Question 51

Command: compare branches.

Answer 51

git diff main..feature

Question 52

Command: update feature with main.

Answer 52

git fetch origin; git rebase origin/main (or merge per workflow)

Question 53

Command: safer force push.

Answer 53

git push --force-with-lease

Question 54

Command: blame for context.

Answer 54

git blame

Question 55

Command: ignore whitespace noise in diff.

Answer 55

git diff -w

Question 56

Gotcha: force push to shared branch.

Answer 56

FAIL - Can erase teammates' work. Use feature branches; if forced, use --force-with-lease and communicate.

Question 57

Gotcha: refactor + feature mixed in one PR.

Answer 57

PARTIAL - Hard to review and risky. Split PRs or add tests isolating behavior changes.

Question 58

Gotcha: lockfile update with no explanation.

Answer 58

PARTIAL - Reviewer cannot confirm intent. Add summary listing upgraded deps and why.

Question 59

Gotcha: 'fix lint' commit changes behavior.

Answer 59

FAIL - Lint-only commits should not change runtime behavior. Separate concerns or add tests proving behavior is unchanged.

Question 60

Gotcha: conflict resolution hidden changes.

Answer 60

FAIL - Conflicts can introduce regressions. Re-review resolved sections and verify CI/tests.

Question 61

Gotcha: vague commit message 'updates'.

Answer 61

PARTIAL - Low signal. Use messages describing what + why.

Question 62

Gotcha: PR has no test plan.

Answer 62

PARTIAL - Add test plan (manual steps + automated tests) to build reviewer confidence.

Question 63

Gotcha: risky change with no tests.

Answer 63

FAIL - For auth/data transforms/async/state changes, require tests for key cases.

Question 64

Gotcha: approving with unresolved blockers.

Answer 64

FAIL - Do not approve if blockers remain. If comments are non-blocking, mark them explicitly.

Question 65

Gotcha: rename + logic change together.

Answer 65

PARTIAL - Move+edit hides diffs. Split rename and logic change or provide targeted diff links.

Question 66

Gotcha: nitpicking style over correctness.

Answer 66

PARTIAL - Focus on correctness/security/tests first. Style nits should not block unless they hide bugs.

Question 67

Gotcha: requiring heavy tests for trivial change.

Answer 67

PARTIAL - Match rigor to risk. Avoid unnecessary process drag.

Question 68

Gotcha: UI PR with no screenshots.

Answer 68

PARTIAL - Ask for before/after screenshots or a short clip to validate UX changes.

Question 69

Gotcha: shipping debug logs.

Answer 69

PARTIAL - Remove or gate logs; logs can leak data and clutter observability.

Question 70

Gotcha: dependency bump without CI green.

Answer 70

FAIL - Do not merge without passing CI/tests; dependency changes can break builds.

Question 71

Mini-drill: write a blocking comment for missing tests.

Answer 71

BLOCKER: Change affects critical behavior but lacks test coverage. Add tests for happy path + edge case + failure case to prevent regressions.

Question 72

Mini-drill: write a review summary (2 sentences).

Answer 72

Summary: . Risk: . Validation: .

Question 73

Mini-drill: decide revert vs fix forward.

Answer 73

Revert when production is broken or risk is high and fix is non-trivial. Fix forward when change is correctable quickly with low risk.

Question 74

Mini-drill: verdict on PR with 5k lines of formatting changes.

Answer 74

PARTIAL - Formatting churn hides behavior diffs. Split formatting-only PR from functional changes; re-run tests.

Question 75

Mini-drill: what to ask for on a large PR.

Answer 75

Ask for PR summary, test plan, risk areas, and breakdown of major files. Consider splitting PR to reduce review risk.

Question 76

Mini-drill: high-signal comment structure (example).

Answer 76

BLOCKER: . Evidence: . Recommendation: . (Optional) Test plan: .

Question 77

Mini-drill: when to request a split PR.

Answer 77

Request split when unrelated changes (formatting/refactor/features) are combined and it increases review risk or hides behavior changes.

Question 78

Mini-drill: how to handle review disagreements.

Answer 78

Clarify goals and constraints, propose alternatives, and align on must-fix vs follow-up. Escalate to owner if needed.

Question 79

Mini-drill: reviewer wording for lockfile bump.

Answer 79

SUGGESTION: Please summarize which dependencies changed and why (security/feature). Also confirm CI is green and note any major version bumps.

Question 80

Mini-drill: reviewer wording for missing test plan.

Answer 80

SUGGESTION: Please add a short test plan (manual steps + automated tests) so reviewers can validate expected behavior.