====== Core Checklist ======
**Merge Gate** - This checklist is applied to **every** change.
Code with violations against this checklist will **not** be accepted.
===== Production-Ready (Zero Tolerance) =====
==== Forbidden Patterns ====
^ Forbidden ^ Required ^
| ''%%// TODO:%%'' comments | Complete implementation |
| ''%%// FIXME:%%'' comments | Fixed code |
| Stub functions | Real implementations |
| Mock implementations | Production code |
| Placeholder values | Real values |
| ''raise ENotImplemented'' | Working code |
==== Checklist ====
[ ] No TODO comments in production code
[ ] No FIXME comments in production code
[ ] No stub or placeholder functions
[ ] No mock implementations
[ ] Every function fully implemented
[ ] All error cases handled
[ ] All edge cases covered
===== General Quality =====
[ ] No duplicated code (DRY principle)
[ ] No magic numbers (use named constants)
[ ] Consistent formatting throughout file
[ ] All public methods have meaningful error messages
==== Example: Magic Numbers ====
(* FORBIDDEN - Magic number *)
if Length(Name) > 64 then
raise EValidationError.Create('Name too long');
(* CORRECT - Named constant *)
const
MAX_NAME_LENGTH = 64;
if Length(Name) > MAX_NAME_LENGTH then
raise EValidationError.Create(Format(rsNameTooLong, [MAX_NAME_LENGTH]));
===== Error Handling Baseline =====
[ ] No empty catch/except blocks
[ ] Errors logged BEFORE handling
[ ] Specific exceptions before general ones
[ ] Stack trace preserved on re-throw
[ ] Resources released deterministically (try-finally)
==== Example: Correct Error Handling ====
(* FORBIDDEN - Empty exception handler *)
try
DoSomething;
except
// Do nothing - FORBIDDEN!
end;
(* FORBIDDEN - General exception first *)
try
DoSomething;
except
on E: Exception do // Too general!
HandleError(E);
on E: EFileNotFound do // Never reached!
HandleFileNotFound(E);
end;
(* CORRECT - Specific, logged, resources freed *)
var
Resource: TResource;
begin
Resource := TResource.Create;
try
try
DoSomething;
except
on E: EFileNotFound do
begin
Logger.Error(rsFileNotFound, [E.Message]); (* Log first *)
raise; (* Then re-throw - preserve stack trace *)
end;
on E: EAccessDenied do
begin
Logger.Error(rsAccessDenied, [E.Message]);
raise;
end;
end;
finally
Resource.Free; (* ALWAYS free *)
end;
end;
===== Logging Baseline =====
[ ] Logging format and verbosity follow policy
[ ] No secrets or sensitive data in logs
[ ] Structured format: [Timestamp] [Level] [Source] Message
==== Log Level Guidelines ====
^ Level ^ Usage ^
| ''DEBUG'' | Debug build only, detailed flow info |
| ''INFO'' | Normal operations, important milestones |
| ''WARN'' | Unexpected but recoverable situations |
| ''ERROR'' | Errors affecting functionality |
==== Forbidden in Logs ====
(* FORBIDDEN - Sensitive data *)
Logger.Info('User authenticated with token: %s', [Token]);
Logger.Debug('Password: %s', [Password]);
Logger.Info('API Key: %s', [ApiKey]);
(* CORRECT - No sensitive data *)
Logger.Info('User %s authenticated successfully', [Username]);
Logger.Debug('Processing request for user %s', [Username]);
===== Project Structure =====
[ ] Project structure follows WvdS baseline
[ ] Build configuration correct
[ ] Documentation triad exists (README, API, CHANGELOG)
===== Quick Checklist for Copy/Paste =====
Review Checklist (Core):
Production-Ready:
- [ ] No TODO comments
- [ ] No FIXME comments
- [ ] No stub functions
- [ ] No mock implementations
- [ ] All functions complete
Quality:
- [ ] No duplicated code (DRY)
- [ ] No magic numbers
- [ ] Consistent formatting
Error Handling:
- [ ] No empty except blocks
- [ ] Errors logged before handling
- [ ] Specific before general exceptions
- [ ] Resources freed in finally
Logging:
- [ ] No sensitive data in logs
- [ ] Structured log format
===== See also =====
* [[.:qualitaetssicherung|Quality Assurance Overview]]
* [[.:audit-sicherheit|Security Checklist]]
* [[.:audit-codequalitaet|Code Quality Checklist]]
* [[.:debugging|Debugging]]