Skip to content

QA Launch Gate

Run before any "this is ready to ship" claim. Skip nothing. If a check is N/A, write N/A: <reason> instead of leaving blank.

1. Code hygiene

  • node -c (or equivalent syntax check) on every modified JS file
  • Brace/tag balance in HTML/JSX
  • No console.log / print debug leftovers
  • No hardcoded secrets, API keys, or localhost URLs
  • No commented-out blocks left in for "just in case"

2. Build + deploy

  • Build succeeds locally (or CI green)
  • Deploy command run AND verified (not just push — see kindredpics gotcha)
  • Live URL serves new build (curl headers; check etag/timestamp)
  • CDN cache purged if applicable

3. Behavior

  • Smoke: golden path works end-to-end on prod URL
  • Smoke: one common edge case
  • Mobile width works (Chrome DevTools or real device)
  • No console errors in browser on fresh load

4. Auth + data

  • Auth flows work for new + returning user
  • Middleware allowlists updated if new public route added
  • DB writes go to the right table (audit ALL consumers, not just the one you touched)
  • RLS policies cover new table/column

5. Observability

  • Errors surface in logs (Sentry / CF / Supabase logs)
  • Billing-sensitive paths metered (AWS, Anthropic, R2 egress)

6. Rollback plan

  • One-liner to revert (commit sha + deploy command)
  • No destructive DB migration without backup snapshot

7. Comms

  • If user-visible: changelog / email / social drafted (Devin sends)
  • If breaking: existing users warned