Tools

Tips for Code Review Success

by on September 23, 2013 9:52 am

I’ve had the opportunity to be involved in various group peer code reviewing scenarios and sometimes I find myself wondering – is this worth it? (This is often followed by my drifting mind wondering if the cafeteria in whatever building has any more cookies, while a 20-minute-long off-topic conversation on the review sadly ensures that the cookies will be gone.)

Personally I think that yes, code reviews are often important to both help maintain a quality code base and, by doing so, also help limit production issues. Reviews aren’t always to find mistakes but also help find a better way (more reuse, more efficiency, more readability) to solve the issue, which improves the overall quality of the code. In addition to enhanced quality, an equally great goal of reviews is to help spread knowledge about the code base to the whole team.

Note: There are lots of arguments as to whether they are not needed in a pure Agile environment and I’m not really addressing that here. I’m assuming a team where some aspects of Agile may be used, but not for example pair programming, which limits the need greatly.

All of this is good, but code reviews can be costly in terms of developer time, so while in the right situations they can be great, it’s also important to keep them on task and limit the scope up front.

Here are some items to focus on to help make your code reviews effective:

Prep work should take place People should make a practice of already following the written coding standards for the team so that not too much time is taken up by worrying about things like project-specific naming conventions. It’s important that these are met and occasionally finding them in review makes sense, but can too much emphasis can pull everyone off task (there are not unlimited cookies people, seriously).

Focusing on things like formatting is also a sign that things are not on task. If there is a way to standardize something automatically in your IDE, then everyone should absolutely be doing that. It shouldn’t need to be mentioned in the review.

In addition, making it a practice to use static code analysis tools like FindBugs and code coverage tools like Cobertura to ensure test coverage will help find issues that may have been missed and help keep reviews short and focused. This leaves the reviewers to focus on more subtle logic and design issues, etc.

Keep it short and frequent Reviewing takes a great deal of concentration and longer periods can lead tiring and missing issues. Plus, it does take away from development time, so of course it’s helpful to stay quick and on task.

It’s best to have the changes fresh in everyone’s head. There are lots of ways to do reviews and what is best is going to vary by team and project, but whether you do over the shoulder, pair, send your code for review by tool or do a more formal review in a group, it is best to keep them frequent and small. Doing them more often means that major issues can be resolved before they have gone too far.

Everyone plays Even the most advanced architect or super star developer can make mistakes. It’s so much better to catch them here. Plus, again, it’s a learning opportunity for more junior people and people that are newer to the application.

Constructive Input General comments like “more comments” are generally, well, less than helpful. An interface with no comments might be an exception here, and documentation is good, but if you see something that doesn’t make sense this is the time to figure out why it’s confusing and determine if the design can be improved or if an error in the logic exists.

Focus on truly understanding what the code does and ensuring that if someone else needs to maintain it, they can understand it.

Tools Use tools designed for code reviews to speed and ease the process. For example, Crucible is the popular Atlassian code review tool which provides a lot of great reviewing features.

Checklists There is probably no need to go overboard on these or to be too structured, but if certain issues keep cropping up, having a checklist can be a handy tool.

Positive Environment However many people are involved, make it a positive team effort to share information and create the best application possible.

Happy reviewing. Now, go get that cookie and get back to developing.

— Adrienne Gessler, asktheteam@keyholesoftware.com

  • Share:

6 Responses to “Tips for Code Review Success”

  1. Dave says:

    You touch on a lot of good points, especially the prep work and positive environment. This is a good article for those groups starting to implement code review, or those looking to re-evaluate their current code review process.

    To supplement your comprehensive article, I would mention only two other things.

    First, only programmers should be in the code review. Management can hear these sorts of discussions as a set of imminent crises. Give them a summary afterward.

    Second, code reviews should stay positive and no individual should feel attacked. It hurts the constructive nature of the review. For example, I know of one shop that used code reviews as a means to analyze developer performance. Sure, it’s really easy to go through Crucible and determine how many comments each person has on their review and try to use that as a yardstick. Not only is it largely inaccurate (are all the comments valid or even issues? etc.), but it ultimately discourages the team from doing code reviews.

    Thanks!

  2. Lou Mauget says:

    This helpful post is timely for my current project at Railinc. I’ve forwarded it to our developers. David’s two points are excellent too.

  3. Tash Mahmood says:

    You have made a great case for code reviews. I like your point about Fisheye/Crucible, but I would add that we have used the code quality platform “Sonar” for our code reviews. It allows us to do automated as well as manual code reviews. Coding and reviewing are components of a cyclical process. Violations of standards should not only come from a peer code review, but it can be identified at any time. You can add these violations to an automated code review so that Best Practices of App Dev are always considered.

    Additionally, Whereas management is not involved in the code review itself, but it needs to be aware of the tasks that come out of a code review. Management MUST take interest in code quality!

Leave a Reply

Things Twitter is Talking About
  • Reddit's ExplainLikeImFive has good discussion brewing - "How does a coding language get 'coded' in the first place?" http://t.co/tXj3dISHCi
    September 30, 2014 at 11:10 AM
  • Each dev language has its own way of working with random number generation. See how #JavaScript & #Java stack up: http://t.co/QENl4kGVIs
    September 30, 2014 at 10:43 AM
  • .@TheGrisExplores: there's a new comment on your Dependency Injection Options for Java blog post - http://t.co/vs897t7bHd (Just FYI :-) )
    September 29, 2014 at 1:48 PM
  • Don't miss Vince Pendergrass' first post on the Keyhole blog - Don’t just randomize, truly randomize! http://t.co/QENl4kGVIs #cryptography
    September 29, 2014 at 9:57 AM
  • .@manohart Thank you for reading! Post author Alok Pandey has answered your question here - http://t.co/Uhn9Bv9L1a
    September 26, 2014 at 11:33 AM
  • Tech Night is now! @zachagardner & @lukewpatterson are presenting to the team on #Docker Code-Along style. Great discussions to be had!
    September 25, 2014 at 5:15 PM
  • Neat - A #JavaScript promise is an I.O.U. to return a value in the future. Here's a quick overview of promises: http://t.co/6wCz9aP4Qn
    September 25, 2014 at 11:35 AM
  • A huge welcome to Matthew Brown who joins the Keyhole team today!
    September 24, 2014 at 4:30 PM
  • RT @darrellpratt: A Journey From Require.js to Browserify http://t.co/t6N7Db1I4A
    September 24, 2014 at 11:54 AM
  • Creating a UI Designer for Quick Development - http://t.co/pNrayNFs5T http://t.co/hvqOaD6Wfq
    September 24, 2014 at 10:40 AM
  • We are under construction! Knocking down walls & expanding our offices in Leawood, KS this week. http://t.co/ph6JElh8lr
    September 23, 2014 at 9:46 AM
  • Did you know? Today in 1986 it was ruled that computer code is protected under copyright law - http://t.co/mCmWPvKOBE
    September 22, 2014 at 4:30 PM
  • Don't miss Alok Pandey's very first post on the Keyhole blog - Creating a UI Designer for Quick Development http://t.co/dWYMCOO3rf
    September 22, 2014 at 2:43 PM
  • If you're a Java dev, you're likely familiar with Annotations. But have you created your own #Java Annotations? Ex - http://t.co/mf1F3eIDY3
    September 21, 2014 at 5:15 PM
  • Check out a quick intro to Functional Reactive Programing and #JavaScript - http://t.co/4LSt6aPJvG
    September 20, 2014 at 11:15 AM
  • In Part 2 of our series on creating your own #Java annotations, learn about processing them with the Reflection API - http://t.co/E1lr3RmjI7
    September 19, 2014 at 12:15 PM
  • The life of a Keyhole consultant - A Delicate Balance: It’s What We Do http://t.co/ToRpWY3aix Blog as true today as the day it was written.
    September 19, 2014 at 9:50 AM
  • 7 Things You Can Do to Become a Better Developer - http://t.co/llPNMUN8nQ
    September 19, 2014 at 8:43 AM
  • .@jessitron Good luck, you'll do great! Our team really enjoyed your KCDC14 talks.
    September 18, 2014 at 10:19 AM
  • RT @woodwardjd: 7 deadly sins of programming. I think I did all of this last week. #strangeloop http://t.co/f7QFq1SpqW
    September 18, 2014 at 10:03 AM
Keyhole Software
8900 State Line Road, Suite 455
Leawood, KS 66206
ph: 877-521-7769
© 2014 Keyhole Software, LLC. All rights reserved.