5 Questions to Ask Yourself Before Filing a Bug Report

Monday morning, 9:15 AM. A support ticket arrives: "Users can't log in — getting an error." No screenshot. No error message. No user ID. Just a panicked subject line.

Three engineers dropped everything. We checked auth service logs, database connections, deployment status. After 90 minutes, someone noticed the error actually said "rate limit exceeded" — a customer had hit our API 300 times in a minute. A five-minute fix. Three hours wasted.

That day I wrote a personal checklist. Over the years it evolved into the five questions I now ask before filing any bug report. It's saved me — and the engineers I work with — hundreds of hours.

Vague reports are the enemy. "The app crashed" is useless. "Clicked 'Save' on the invoice form, got a 500 error with correlation ID abc-123" is actionable.

Write down the exact steps, in order. Include input values, button names, and any error codes. If it's an API, include the exact curl command or request payload. If it's a UI, include the browser version, OS, and whether it happens in incognito mode.

Here's a minimal template I use:

If you can reproduce it every time, great — skip ahead. But if it's intermittent, that's the most valuable detail you can provide.

Intermittent bugs are often caused by race conditions, caching, or specific data combinations. Document the frequency (e.g., 'happens 1 in 20 attempts') and any pattern you notice (e.g., 'only when the user's account has more than 10 invoices').

I once saw a bug that only happened on Tuesdays — turned out a cron job restarted a service that cleared an in-memory cache. Without that frequency note, the engineer would never have looked at the cron schedule.

Most bugs are introduced by a recent change. Check the deployment history of the affected service. Look at the commit log for the last 24 hours. Did a colleague push a change? Was a feature flag toggled? Did a third-party API update their SDK?

In one memorable incident, a payment integration broke silently because the payment gateway deprecated an API endpoint. The developer who made the change had left a note in Slack but no one saw it. A simple check of the changelog would have saved a day of debugging.

Include any relevant change details in your report. If you can identify the exact commit that caused the regression, you're a hero.

A bug report without logs, screenshots, or network traces is a guess. Before hitting submit, gather as much evidence as you can:

- Screenshots or screen recordings (highlight the error)

- Browser developer console output (network tab, console errors)

- Server logs (if you have access)

- Correlation IDs or request IDs

- The exact time the bug occurred (UTC preferred)

If it's a backend bug, include the request headers, payload, and response. If you're using a tool like curl, paste the exact command. If it's a mobile app, include the device model, OS version, and app version.

Before filing, ask yourself: could this be expected behavior? Maybe the feature works as designed, but the UI is confusing. Maybe the documentation says the limit is 100, but you expected 1000.

Check the documentation. Look at the existing tests. Ask a colleague quickly. I once filed a bug about missing data, only to discover a filter was enabled by default. The filter was intentional. I wasted an hour of an engineer's time.

If you're unsure, phrase it as a question: 'Is it expected that...?' That invites a conversation, not a fire drill.

Here's the template I use now. It forces me to answer all five questions before submitting:

After I started using these five questions, the number of follow-up comments on my bug reports dropped to near zero. Engineers started thanking me. My bugs got fixed in hours instead of days. And I stopped being the person who triggered a 3-hour incident for a rate limit error.

Next time you encounter a bug, take five minutes to run through this checklist. Your future self — and the engineer on the other end — will thank you.