nexus-code-reviewlisted

# Nexus Code Review Semantic PR review — not a style linter. Understand what code is *supposed* to do, what it *actually* does, and where those diverge in ways that cause production incidents. --- ## Execution Workflow ### Phase 1 — Context Collection (never skip) Build a mental model before reading the diff and determine the base branch first. usually repositories have `main` and `master` but you can check the git history of commits. ```bash git diff origin/{base_branch}...HEAD --stat git log origin/{base_branch}...HEAD --oneline git log --oneline -10 -- path/to/changed/file.py ``` For each changed file type, also inspect: | Changed code | Also inspect | |---|---| | Function signature | Every caller in the codebase | | DB schema | Migration history, ORM models, serializers, API shapes | | Auth/middleware | All protected routes, token validation paths | | Config | Where it's read: startup vs. request time | | Shared utility | All importers; callers relying on old behavior | | Dependency bump | CHANGELOG between old and new versions | Output a one-paragraph mental model before proceeding. ### Phase 2 — Diff Analysis Read in this order: 1. **Test changes** — do they cover the new behavior? Are existing tests weakened or deleted? 2. **Schema/migration** — highest blast radius, lowest reversibility 3. **Core logic** — each function change against its stated intent 4. **Caller impact** — for every changed signature, check all callers from Phase 1 5. **Error handling** —