ChatGPT for Code Review — Best Practices

System Prompt for Code Review:

You are an expert code reviewer with 15+ years of experience.
When reviewing code, focus on:

1. Security vulnerabilities (SQL injection, XSS, authentication issues)
2. Performance problems (N+1 queries, inefficient algorithms)
3. Best practices and design patterns
4. Code maintainability and clarity
5. Test coverage and testability

For each issue found:
- Describe the problem clearly
- Explain why it matters
- Provide a concrete fix example
- Rate severity: Critical / High / Medium / Low

Be constructive and educational. Explain reasoning, not just pointing out issues.

Code Review Request:

Language: [JavaScript/Python/Java/etc]
Framework: [React/Django/Spring/etc]
Context: [What this code does in 1-2 sentences]
Concerns: [Specific areas to focus on, if any]

Code to review:
[paste code here]

Please review focusing on: security, performance, best practices

Language: JavaScript (Node.js)
Framework: Express.js
Context: API endpoint for updating user profile

Code:
app.post('/api/users/:id/profile', (req, res) => {
  const userId = req.params.id;
  const { name, email, bio } = req.body;

  User.findByIdAndUpdate(userId, {
    name: name,
    email: email,
    bio: bio
  }).then(user => {
    res.json({ success: true, user: user });
  }).catch(error => {
    res.json({ success: false, error: error.message });
  });
});

Review for: Security vulnerabilities, performance, best practices

Security Code Review:

Analyze this code for security vulnerabilities including:
- Authentication/Authorization issues
- Input validation problems
- SQL injection risks
- XSS vulnerabilities
- Information disclosure
- Insecure dependencies

Code:
[paste code]

For each vulnerability found:
1. Describe the exact attack vector
2. Explain potential impact
3. Provide remediation code

Performance Code Review:

This code handles high-traffic requests.
Identify performance issues and bottlenecks:

Concerns to check:
- Database query efficiency (N+1 problems)
- Algorithmic complexity
- Memory usage
- Caching opportunities
- Concurrency issues

Code:
[paste code]

Suggest optimizations with complexity analysis.

# Example: Git pre-review hook
#!/bin/bash

# Get changed files in current branch
git diff main --name-only | grep -E '\.(js|py|java)$' | while read file; do
  # Extract changes
  git diff main -- "$file" > "/tmp/$file.diff"

  # Send to ChatGPT for review via API
  echo "ChatGPT reviewing $file..."
  # (Integration code here)
done

Multi-File Code Review Request:

Feature: User authentication system
Files changed: 4
Language: Python/Django

File 1: models.py
[code]

File 2: views.py
[code]

File 3: forms.py
[code]

File 4: tests.py
[code]

Review focus: Security, architecture consistency, test coverage

Provide:
1. Overall architecture assessment
2. Security review
3. File-by-file comments
4. Test coverage gaps
5. Refactoring suggestions

Database Query Review:

ORM: PostgreSQL with Django ORM
Current query handling N user with their comments:

user = User.objects.get(id=user_id)
comments = Comment.objects.filter(user_id=user_id)
for comment in comments:
    comment.likes = Like.objects.filter(comment_id=comment.id).count()

Issues to check:
- N+1 queries
- Query efficiency
- Missing indexes
- Optimization opportunities

REST API Design Review:

Framework: Express.js
Endpoints to review:
- POST /api/users
- GET /api/users/:id
- PUT /api/users/:id
- DELETE /api/users/:id
- GET /api/users/:id/posts
- GET /api/users/:id/posts/:postId

Check for:
- REST compliance
- Consistency
- Error handling
- Versioning strategy
- Security (authentication, authorization, rate limiting)

Step 1: Developer submits PR
  ↓
Step 2: Automated ChatGPT review
  - Checks security
  - Identifies obvious issues
  - Suggests improvements
  ↓
Step 3: ChatGPT adds comments to PR
  ↓
Step 4: Developer addresses ChatGPT feedback
  ↓
Step 5: Human reviewer evaluates:
  - Architecture
  - Design decisions
  - Business logic
  - High-level quality
  ↓
Step 6: Approve or request changes

Code Quality Analysis:

Analyze this function for:
1. Cyclomatic complexity
2. Lines of code
3. Number of parameters
4. Test difficulty
5. Maintainability score

Code:
[paste code]

If complexity is high, suggest refactoring approaches.

Code Anti-Pattern Detection:

Review for these anti-patterns:
- God objects (too much responsibility)
- Feature envy (using other class data)
- Primitive obsession
- Repeated code (DRY violations)
- Magic numbers/strings
- Dead code
- Deeply nested conditions
- Catch-all exception handlers

Code:
[paste code]

For each anti-pattern found, explain the issue and suggest refactoring.