- Secure models have validations and specs
- validate presence
- validate range
- Secure models have associations and specs
- Scopes must be tested
- Provide localization when necessary (Globalize)
- Implement support for ActiveAdmin's Resource if necessary
- Move logic to Services
- Use Presenters whenever possible
- If results must be ordered, secure they are ordered under specific conditions (
if params[:foo] ...
)
- Commit only schema.rb lines that changed in current pr
- Remove filters on large tables (users, ...)
- Explicitly define all actions
- Do not query large table in form (use
field_id
or ajax autocompletes)
- Avoid unnecessary loops
- Check the goddamned spaces / blank lines
- Remove all binding.pry
- Remove commented code blocks
- Test everything with production data, when possible