code-review
Compare original and translation side by side
🇺🇸
Original
English🇨🇳
Translation
ChineseCode Review
代码审查
Structured code review covering security, performance, correctness, and maintainability. Works on diffs, PRs, files, or pasted code snippets.
对代码的安全性、性能、正确性和可维护性进行结构化审查。支持处理diffs、PR、文件或粘贴的代码片段。
Review Dimensions
审查维度
Security
安全性
- SQL injection, XSS, CSRF
- Authentication and authorization flaws
- Secrets or credentials in code
- Insecure deserialization
- Path traversal
- SSRF
- SQL注入、XSS、CSRF
- 身份验证与授权缺陷
- 代码中包含密钥或凭证
- 不安全的反序列化
- 路径遍历
- SSRF
Performance
性能
- N+1 queries
- Unnecessary memory allocations
- Algorithmic complexity (O(n²) in hot paths)
- Missing database indexes
- Unbounded queries or loops
- Resource leaks
- N+1查询
- 不必要的内存分配
- 算法复杂度(热点路径中的O(n²))
- 缺失数据库索引
- 无界查询或循环
- 资源泄漏
Correctness
正确性
- Edge cases (empty input, null, overflow)
- Race conditions and concurrency issues
- Error handling and propagation
- Off-by-one errors
- Type safety
- 边界情况(空输入、null、溢出)
- 竞态条件与并发问题
- 错误处理与传播
- 差一错误
- 类型安全
Maintainability
可维护性
- Naming clarity
- Single responsibility
- Duplication
- Test coverage
- Documentation for non-obvious logic
- 命名清晰度
- 单一职责原则
- 代码重复
- 测试覆盖率
- 非直观逻辑的文档说明
Output Format
输出格式
Rate each dimension and provide specific, actionable findings with file and line references. Prioritize critical issues first. Always include positive observations alongside issues.
对每个维度进行评级,并提供带有文件和行号引用的具体、可落地的发现结果。优先展示关键问题。同时需包含正面评价和问题点。