ldy26098
/
BMAD-METHOD
mirror of https://github.com/bmad-code-org/BMAD-METHOD.git
1
0
Fork 0
Code Packages Projects Releases Wiki Activity
BMAD-METHOD/expansion-packs/bmad-technical-writing/tasks/technical-review-chapter.md

316 lines
8.4 KiB
Markdown
Raw Blame History

<!-- Powered by BMAD™ Core -->
# Technical Review Chapter
---
task:
id: technical-review-chapter
name: Technical Review Chapter
description: Comprehensive technical accuracy review with fact-checking, code validation, security audit, and best practices assessment
persona_default: technical-reviewer
inputs: - chapter-draft - chapter-number - subject-area-expertise
steps: - Read chapter draft completely for overview - Verify technical accuracy against official documentation - Review all code examples for correctness and best practices - Test code examples to ensure they run properly - Check for security vulnerabilities in code - Assess performance implications of recommendations - Identify outdated information or deprecated features - Note factual errors or misconceptions - Compile findings into structured review report - Assign severity levels to issues (Critical/Major/Minor) - Provide constructive recommendations with sources - Run execute-checklist.md with technical-accuracy-checklist.md - Run execute-checklist.md with security-best-practices-checklist.md - Run execute-checklist.md with performance-considerations-checklist.md - Use template technical-review-report-tmpl.yaml with create-doc.md
output: reviews/technical-review-chapter-{{chapter_number}}.md
---
## Purpose
This task performs a rigorous technical review to ensure all content is accurate, current, secure, and follows best practices. Technical reviewers act as subject matter experts validating the chapter's technical correctness before publication.
## Prerequisites
- Chapter draft completed
- Access to official documentation for technologies covered
- Subject matter expertise in chapter topics
- Code testing environment available
- Access to technical-writing-standards.md knowledge base
## Workflow Steps
### 1. Read Chapter Draft Completely
Get the full context before detailed review:
- Read entire chapter without stopping to take notes
- Understand the learning objectives
- Note the target audience level
- Identify all technologies and concepts covered
- Get a sense of overall quality
**Purpose:** Understand context before nitpicking details.
### 2. Verify Technical Accuracy
Check all technical claims against authoritative sources:
**For Each Technical Claim:**
- Is this factually correct?
- Is it current (not outdated)?
- Can it be verified in official documentation?
- Are version numbers specified correctly?
**Sources to Check:**
- Official language documentation (Python.org, MDN, etc.)
- Framework official docs
- RFCs and standards specifications
- API documentation
- Release notes
**Document Issues:**
- Location (section, page, paragraph)
- Incorrect statement
- Correct information
- Source reference
- Severity (Critical if wrong, Minor if imprecise)
**Use:** technical-accuracy-checklist.md
### 3. Review Code Examples for Correctness
Validate all code in the chapter:
**For Each Code Example:**
**Syntax and Logic:**
- Does the code have syntax errors?
- Will it run as shown?
- Does it produce the claimed results?
- Are there logic errors?
**Completeness:**
- Are all imports shown?
- Are dependencies clear?
- Is setup code included or explained?
- Can a reader actually run this?
**Accuracy:**
- Does the code use APIs correctly?
- Are parameters in the right order?
- Are return types correct?
- Is error handling appropriate?
**Action:** Copy code to test environment and run it!
### 4. Check Best Practices
Assess whether code follows current best practices:
**Code Quality:**
- Follows language style guides (PEP 8, ESLint, etc.)
- Uses meaningful variable names
- Includes appropriate comments
- Avoids deprecated features
- Handles errors properly
**Design Patterns:**
- Uses appropriate patterns
- Avoids anti-patterns
- Demonstrates scalable approaches
- Shows proper separation of concerns
**Modern Approaches:**
- Uses current language features
- Leverages modern libraries
- Follows framework conventions
- Demonstrates industry standards
**Note:** Balance teaching clarity with production quality - sometimes simple is better for learning.
### 5. Identify Security Concerns
Review for security vulnerabilities:
**Critical Issues:**
- Hardcoded credentials or API keys
- SQL injection vulnerabilities
- XSS (Cross-Site Scripting) risks
- Insecure authentication
- Missing input validation
- Unsafe deserialization
**Best Practices:**
- HTTPS/TLS usage
- Password hashing (bcrypt, Argon2)
- JWT secret management
- API rate limiting
- Logging security events
- Principle of least privilege
**For Each Security Issue:**
- Describe the vulnerability
- Explain potential impact
- Provide secure code example
- Reference security standard (OWASP, CWE)
- Mark severity (Critical for exploitable issues)
**Use:** security-best-practices-checklist.md
### 6. Assess Performance Implications
Consider performance and scalability:
**Inefficiencies:**
- O(n²) algorithms where O(n) is possible
- N+1 query problems
- Missing database indexes
- Unnecessary iterations or computations
- Memory leaks or excessive allocation
**Scalability:**
- Will this approach scale to production?
- Are there resource constraints?
- Is caching appropriate?
- Are there blocking operations in async code?
**Recommendations:**
- Better algorithms or data structures
- Optimization techniques
- Profiling suggestions
- When optimization matters vs premature optimization
**Use:** performance-considerations-checklist.md
### 7. Note Outdated Information
Check currency of all technical content:
**Deprecated Features:**
- Language features no longer recommended
- Framework APIs deprecated
- Tools superseded by newer alternatives
**Version Issues:**
- Library versions outdated or EOL
- Examples using old syntax
- Missing modern alternatives
**Update Recommendations:**
- Current best practices
- Modern equivalents
- Migration paths
- Version updates needed
**Example:** "Using React class components; recommend hooks-based functional components (current standard since React 16.8)"
### 8. Compile Findings into Review Report
Create structured technical review report:
**Use template:** technical-review-report-tmpl.yaml
**Report Sections:**
- Executive summary (overall assessment)
- Technical accuracy findings
- Code quality issues
- Security concerns
- Performance considerations
- Best practices assessment
- Outdated information
- Positive findings (what worked well)
- Prioritized recommendations
**Assign Severity:**
- **Critical:** Must fix (factual errors, security issues, broken code)
- **Major:** Should fix (best practice violations, performance issues)
- **Minor:** Nice to fix (style improvements, optimization suggestions)
### 9. Provide Constructive Recommendations
For each issue, provide actionable guidance:
**Good Feedback Format:**
```
Location: Section 2.3, page 12, code example
Issue: Using `collections.MutableMapping` which is deprecated
Severity: Major
Recommendation: Use `collections.abc.MutableMapping` instead (Python 3.3+)
Source: https://docs.python.org/3/library/collections.abc.html
Fixed Code:
from collections.abc import MutableMapping
class MyDict(MutableMapping):
...
```
**Be Constructive:**
- Explain why it's wrong
- Show how to fix it
- Provide source reference
- Offer example code where helpful
**Avoid:**
- Vague criticism ("this is bad")
- Nitpicking without explaining why
- Rewriting the entire chapter
- Focusing only on negatives
### 10. Run Technical Checklists
Validate against standard checklists:
**Execute:**
- technical-accuracy-checklist.md
- security-best-practices-checklist.md
- performance-considerations-checklist.md
**Document** any checklist items that fail.
## Output
Technical review report should include:
- Clear severity ratings for all issues
- Specific locations for every finding
- Actionable recommendations with examples
- Source references for claims
- Overall assessment (Ready/Needs Revision/Major Rework)
- Estimated effort to address issues
## Quality Standards
Effective technical review:
✓ Verifies every technical claim
✓ Tests all code examples
✓ Identifies security vulnerabilities
✓ Provides constructive feedback
✓ Includes source references
✓ Prioritizes issues by severity
✓ Offers concrete solutions
✓ Maintains respectful, professional tone
## Next Steps
After technical review:
1. Deliver review report to author
2. Author addresses issues based on priority
3. Re-review critical fixes (optional)
4. Approve chapter to proceed to copy editing
5. May participate in final publication review
View Git Blame Copy Permalink