Production Readiness Review
The pre-ship gate: environment, errors, data safety, performance, and the go/no-go checklist.
The route
5 steps to Done
- 01
Audit environment and config
Dev leftovers are the classic production faceplant.
Preview prompt + verify gate ▾ Hide ▴
Audit environment readiness. Check: no hardcoded localhost/dev URLs or ports in frontend or backend code (all from env vars); secrets only in environment config, none in the repo or bundle; debug modes/verbose logging off for production; CORS configured for the real origin; error pages not exposing stack traces; dependency lockfiles consistent. Fix every finding and list file-by-file changes.
- ✓ No localhost/hardcoded URLs remain
- ✓ Secrets absent from code and bundle
- ✓ Debug/verbose modes disabled
- 02
Test failure resilience
Production means things fail - force failures and watch the UX.
Preview prompt + verify gate ▾ Hide ▴
Force failures and verify graceful degradation. Tests: kill/mock backend down while browsing (frontend must show error states, not white-screen); slow network throttling on core paths (loading states appear); a failing third-party dependency (feature degrades with a message, app survives); invalid routes and expired sessions (clean redirects/messages). Fix every ungraceful result and re-force the same failures.
- ✓ Backend-down was actually simulated
- ✓ No white screens or infinite spinners
- ✓ Third-party failure degrades politely
- 03
Verify data safety
Real users mean real data - check what happens to it.
Preview prompt + verify gate ▾ Hide ▴
Verify data readiness. Check: all test/dummy data removed from production-visible collections (or a clean production database prepared); server-side validation on every write; deletion/destructive actions require confirmation and behave correctly; user data isolation re-verified with two accounts; a backup/restore posture stated (even if simple - what would we do if the database was lost today?); any seed scripts safe to re-run (idempotent).
- ✓ No test data visible to users
- ✓ Two-account isolation re-verified
- ✓ A backup answer exists
- 04
Performance sanity pass
Not optimization - just catching the embarrassing slowness.
Preview prompt + verify gate ▾ Hide ▴
Run the performance sanity pass. Measure: initial load of core pages (target under ~3s on normal connections - report actuals); obviously oversized assets (unoptimized images, huge bundles - list the top offenders); backend endpoints doing per-item queries in loops (N+1s) on list pages; missing pagination on unbounded lists. Fix the worst offenders only (biggest wins), and re-measure to show the delta.
- ✓ Actual load numbers reported
- ✓ Top asset/bundle offenders addressed
- ✓ Unbounded lists paginated
- 05
Go/no-go decision
Ship on evidence: the final gate with named risks.
Preview prompt + verify gate ▾ Hide ▴
Produce the go/no-go review. Compile: the checklist across all previous steps with final statuses; open issues classified BLOCKER (do not ship) / RISK (ship with mitigation) / MINOR (backlog); mitigation notes per RISK; the monitoring answer (how will we know if it breaks post-ship - even simple: error logs to check, a health endpoint); and the rollback answer (what do we do if a bad ship happens). End with an explicit GO or NO-GO and the reasoning.
- ✓ Every open issue is classified
- ✓ Monitoring and rollback have answers
- ✓ The decision is explicit with reasoning