Tools

Tips for Code Review Success

by on September 23, 2013 9:52 am

I’ve had the opportunity to be involved in various group peer code reviewing scenarios and sometimes I find myself wondering – is this worth it? (This is often followed by my drifting mind wondering if the cafeteria in whatever building has any more cookies, while a 20-minute-long off-topic conversation on the review sadly ensures that the cookies will be gone.)

Personally I think that yes, code reviews are often important to both help maintain a quality code base and, by doing so, also help limit production issues. Reviews aren’t always to find mistakes but also help find a better way (more reuse, more efficiency, more readability) to solve the issue, which improves the overall quality of the code. In addition to enhanced quality, an equally great goal of reviews is to help spread knowledge about the code base to the whole team.

Note: There are lots of arguments as to whether they are not needed in a pure Agile environment and I’m not really addressing that here. I’m assuming a team where some aspects of Agile may be used, but not for example pair programming, which limits the need greatly.

All of this is good, but code reviews can be costly in terms of developer time, so while in the right situations they can be great, it’s also important to keep them on task and limit the scope up front.

Here are some items to focus on to help make your code reviews effective:

Prep work should take place People should make a practice of already following the written coding standards for the team so that not too much time is taken up by worrying about things like project-specific naming conventions. It’s important that these are met and occasionally finding them in review makes sense, but can too much emphasis can pull everyone off task (there are not unlimited cookies people, seriously).

Focusing on things like formatting is also a sign that things are not on task. If there is a way to standardize something automatically in your IDE, then everyone should absolutely be doing that. It shouldn’t need to be mentioned in the review.

In addition, making it a practice to use static code analysis tools like FindBugs and code coverage tools like Cobertura to ensure test coverage will help find issues that may have been missed and help keep reviews short and focused. This leaves the reviewers to focus on more subtle logic and design issues, etc.

Keep it short and frequent Reviewing takes a great deal of concentration and longer periods can lead tiring and missing issues. Plus, it does take away from development time, so of course it’s helpful to stay quick and on task.

It’s best to have the changes fresh in everyone’s head. There are lots of ways to do reviews and what is best is going to vary by team and project, but whether you do over the shoulder, pair, send your code for review by tool or do a more formal review in a group, it is best to keep them frequent and small. Doing them more often means that major issues can be resolved before they have gone too far.

Everyone plays Even the most advanced architect or super star developer can make mistakes. It’s so much better to catch them here. Plus, again, it’s a learning opportunity for more junior people and people that are newer to the application.

Constructive Input General comments like “more comments” are generally, well, less than helpful. An interface with no comments might be an exception here, and documentation is good, but if you see something that doesn’t make sense this is the time to figure out why it’s confusing and determine if the design can be improved or if an error in the logic exists.

Focus on truly understanding what the code does and ensuring that if someone else needs to maintain it, they can understand it.

Tools Use tools designed for code reviews to speed and ease the process. For example, Crucible is the popular Atlassian code review tool which provides a lot of great reviewing features.

Checklists There is probably no need to go overboard on these or to be too structured, but if certain issues keep cropping up, having a checklist can be a handy tool.

Positive Environment However many people are involved, make it a positive team effort to share information and create the best application possible.

Happy reviewing. Now, go get that cookie and get back to developing.

– Adrienne Gessler, asktheteam@keyholesoftware.com

  • Share:

6 Responses to “Tips for Code Review Success”

  1. Dave says:

    You touch on a lot of good points, especially the prep work and positive environment. This is a good article for those groups starting to implement code review, or those looking to re-evaluate their current code review process.

    To supplement your comprehensive article, I would mention only two other things.

    First, only programmers should be in the code review. Management can hear these sorts of discussions as a set of imminent crises. Give them a summary afterward.

    Second, code reviews should stay positive and no individual should feel attacked. It hurts the constructive nature of the review. For example, I know of one shop that used code reviews as a means to analyze developer performance. Sure, it’s really easy to go through Crucible and determine how many comments each person has on their review and try to use that as a yardstick. Not only is it largely inaccurate (are all the comments valid or even issues? etc.), but it ultimately discourages the team from doing code reviews.

    Thanks!

  2. Lou Mauget says:

    This helpful post is timely for my current project at Railinc. I’ve forwarded it to our developers. David’s two points are excellent too.

  3. Tash Mahmood says:

    You have made a great case for code reviews. I like your point about Fisheye/Crucible, but I would add that we have used the code quality platform “Sonar” for our code reviews. It allows us to do automated as well as manual code reviews. Coding and reviewing are components of a cyclical process. Violations of standards should not only come from a peer code review, but it can be identified at any time. You can add these violations to an automated code review so that Best Practices of App Dev are always considered.

    Additionally, Whereas management is not involved in the code review itself, but it needs to be aware of the tasks that come out of a code review. Management MUST take interest in code quality!

Leave a Reply

Things Twitter is Talking About
  • #HTML5 is a viable technology for the enterprise & a must-know for single page applications. Learn how - http://t.co/VlOjRiWZ25 #tutorial
    April 24, 2014 at 4:19 PM
  • JSF components can be used to quickly bring up a user interface. Here's a quick example using #ICEFaces: http://t.co/5YCOtIy2HE
    April 24, 2014 at 11:35 AM
  • Signed up for Keyhole's free monthly tech newsletter yet? Latest resources compiled to a quick email. Sign up here: http://t.co/F8h0NSiicZ
    April 24, 2014 at 10:35 AM
  • code smell: dev practices that leave a stench of inexperience. Avoid it in method implementation with these tips - http://t.co/b7A884BnXb
    April 23, 2014 at 9:20 PM
  • Tech Night is now! Mark D is presenting to the group on #Grunt 101. Good technology talk, food & team makes for a fantastic night.
    April 23, 2014 at 5:10 PM
  • Single Page Application architectures allow for rich, responsive UIs. #JavaScript is a must-know for SPA - http://t.co/6sfk3kt1k3 #tutorial
    April 23, 2014 at 2:15 PM
  • Vacuole #Encapsulation aims to minimize the code necessary for routinely verbose data tasks -http://t.co/fJQzz731rZ
    April 23, 2014 at 9:45 AM
  • DYK? We translate our hands-on experience to custom courses to train your dev teams. Our new course on #AngularJS: http://t.co/Bf3UuClj4Z
    April 23, 2014 at 8:45 AM
  • Interested in #Backbone & #Marionette but not sure where to start? Check out the Marionette-Require-Boilerplate: http://t.co/XDj43BwSS3 #SPA
    April 22, 2014 at 4:50 PM
  • Responsive Design can help in giving your users a consistent app experience across devices. Quick tutorial - http://t.co/BDrT5LvgRo
    April 22, 2014 at 2:31 PM
  • Tips & tricks to save time in the #Eclipse IDE - http://t.co/uGgCkchwNk (keystroke combos, navigation, time tracking & more)
    April 22, 2014 at 8:40 AM
  • Join us! Looking to add to our team a developer w/ advanced #JavaScript & #NodeJS exp (& love of tech variety). Info: http://t.co/cC9CU1RCF9
    April 21, 2014 at 7:35 PM
  • Looking into #ExtJS but don't know where to start? Check out our video tutorial series to find your way around - http://t.co/XFYDT6YNWA
    April 21, 2014 at 4:35 PM
  • We've been tinkering with JS library Famo.us since its public release 4/10. What we've learned so far via a POC app - http://t.co/S77TSKHDKd
    April 21, 2014 at 2:03 PM
  • RT @CompSciFact: Rivest, Shamir, and Adleman published the RSA public key cryptography algorithm in 1978.
    April 21, 2014 at 11:13 AM
  • DYK? When we share/RT/blog/etc, it doesn't mean that Keyhole endorses it - we just like variety of opinions! Info: http://t.co/MXhB9lE9tV
    April 19, 2014 at 3:01 PM
  • A huge welcome to Justin Graber who joined the Keyhole team this week!
    April 18, 2014 at 3:25 PM
  • Pssst... @kc_dc early bird pricing ends on Sunday. Shoot us a note if you want to save 10% off of your ticket with our sponsor promo code!
    April 18, 2014 at 2:49 PM
  • Join our team! Looking for a developer w/ advanced #JavaScript & #NodeJS experience (& love of tech variety). Info: http://t.co/cC9CU1RCF9
    April 18, 2014 at 11:21 AM
  • .@befamous has huge potential to make HTML5/JS/CSS web pages feel as native apps. Here's our inital tech takeaways - http://t.co/S77TSKHDKd
    April 18, 2014 at 9:50 AM
Keyhole Software
8900 State Line Road, Suite 455
Leawood, KS 66206
ph: 877-521-7769
© 2013 Keyhole Software, LLC. All rights reserved.