Code Review
-
Upload
lukas-rypl -
Category
Technology
-
view
296 -
download
2
description
Transcript of Code Review
![Page 1: Code Review](https://reader033.fdocuments.us/reader033/viewer/2022052822/554f58ebb4c905b9508b526b/html5/thumbnails/1.jpg)
Code Review
Lukas RyplTwitter: @LukasRypl
01/2014
![Page 2: Code Review](https://reader033.fdocuments.us/reader033/viewer/2022052822/554f58ebb4c905b9508b526b/html5/thumbnails/2.jpg)
What is code review?
● Systematic examination of source code ● Goals
– Identification of defects
– Better code quality
– Sharing of knowledge
● Also known as code inspection
![Page 3: Code Review](https://reader033.fdocuments.us/reader033/viewer/2022052822/554f58ebb4c905b9508b526b/html5/thumbnails/3.jpg)
How does it fit in our process
● After implementation, before testing● Dedicated task state in issue tracker● Author assigns it to different person
– We do not have any hierarchy, CR should be evenly shared among all team members
![Page 4: Code Review](https://reader033.fdocuments.us/reader033/viewer/2022052822/554f58ebb4c905b9508b526b/html5/thumbnails/4.jpg)
How should I do it?
● Notification from issue tracker● Check related svn commits
– (linked via refs #1234)
● See changes context in IDE
● Change reviewed code● Add @TODO CR● Add comments in issue tracker
● Assign it back to the author
![Page 5: Code Review](https://reader033.fdocuments.us/reader033/viewer/2022052822/554f58ebb4c905b9508b526b/html5/thumbnails/5.jpg)
Why we do it?
Software testing alone has limited effectiveness - the average defect detection rate is only 25 percent for unit testing, 35 percent for function testing, and 45 percent for integration testing. In contrast, the average effectiveness of design and code inspections are 55 and 60 percent.
(S. McConnell: Code Complete)
![Page 6: Code Review](https://reader033.fdocuments.us/reader033/viewer/2022052822/554f58ebb4c905b9508b526b/html5/thumbnails/6.jpg)
I believe that peer code reviews are the single biggest thing you can do to improve your code.
(J. Atwood: http://www.codinghorror.com/blog/2006/01/code-reviews-just-do-it.html)
![Page 7: Code Review](https://reader033.fdocuments.us/reader033/viewer/2022052822/554f58ebb4c905b9508b526b/html5/thumbnails/7.jpg)
Quality
![Page 8: Code Review](https://reader033.fdocuments.us/reader033/viewer/2022052822/554f58ebb4c905b9508b526b/html5/thumbnails/8.jpg)
Less Bugs
http://eugenedvorkin.com/engineering-culture-and-why-it-is-matter-for-business/
![Page 9: Code Review](https://reader033.fdocuments.us/reader033/viewer/2022052822/554f58ebb4c905b9508b526b/html5/thumbnails/9.jpg)
Better “Bus Factor”
● More people know the code
http://www.amazon.com/Tomorrow-Heres-Replace-Toilet-Paper/dp/1607552647
![Page 10: Code Review](https://reader033.fdocuments.us/reader033/viewer/2022052822/554f58ebb4c905b9508b526b/html5/thumbnails/10.jpg)
Code Review Types
● Formal● Tool-assisted● Email/VCS● Informal● Pair programming
![Page 11: Code Review](https://reader033.fdocuments.us/reader033/viewer/2022052822/554f58ebb4c905b9508b526b/html5/thumbnails/11.jpg)
Formal Code Review
● M. E. Fagan (IBM)● Code preparation → code review acceptance
criteria → committee with moderator → individual preparation for CR → review meeting → report with list of defects
● Group review finds only about 4% more defects than individual reviews [Cohen 2006]
● See http://en.wikipedia.org/wiki/Fagan_inspection
![Page 12: Code Review](https://reader033.fdocuments.us/reader033/viewer/2022052822/554f58ebb4c905b9508b526b/html5/thumbnails/12.jpg)
Tool-assisted review
● Github pull requests, Gerrit, Crucible, Review Board, SmartBear Code Collaborator …
● Comments attached to code, history
![Page 13: Code Review](https://reader033.fdocuments.us/reader033/viewer/2022052822/554f58ebb4c905b9508b526b/html5/thumbnails/13.jpg)
Email / VCS
● Please review the attached patch ….
● Better than nothing :)
![Page 14: Code Review](https://reader033.fdocuments.us/reader033/viewer/2022052822/554f58ebb4c905b9508b526b/html5/thumbnails/14.jpg)
Over-the-shoulder review
● Informal method● Suitable for small snippets
![Page 15: Code Review](https://reader033.fdocuments.us/reader033/viewer/2022052822/554f58ebb4c905b9508b526b/html5/thumbnails/15.jpg)
Pair programming
● Is it 100% code review?● Both are authors (inside the box)● Third pair of eyes should do CR
![Page 16: Code Review](https://reader033.fdocuments.us/reader033/viewer/2022052822/554f58ebb4c905b9508b526b/html5/thumbnails/16.jpg)
Any drawbacks?
![Page 17: Code Review](https://reader033.fdocuments.us/reader033/viewer/2022052822/554f58ebb4c905b9508b526b/html5/thumbnails/17.jpg)
Watch out! Feeling too safe?
http://www.bonkersworld.net/code-reviews/
![Page 18: Code Review](https://reader033.fdocuments.us/reader033/viewer/2022052822/554f58ebb4c905b9508b526b/html5/thumbnails/18.jpg)
Tips
![Page 19: Code Review](https://reader033.fdocuments.us/reader033/viewer/2022052822/554f58ebb4c905b9508b526b/html5/thumbnails/19.jpg)
Tip 1: Find the right person
http://www.jasonawesome.com/2010/06/01/executing-a-php-code-review/
![Page 20: Code Review](https://reader033.fdocuments.us/reader033/viewer/2022052822/554f58ebb4c905b9508b526b/html5/thumbnails/20.jpg)
Tip 2: Right amount of code
● max 200 lines of code, 60-90 minutes
http://smartbear.com/SmartBear/media/pdfs/best-kept-secrets-of-peer-code-review.pdf p.50
![Page 21: Code Review](https://reader033.fdocuments.us/reader033/viewer/2022052822/554f58ebb4c905b9508b526b/html5/thumbnails/21.jpg)
Tip 2: Right amount of code (cont.)
● Tradeoff – Smaller fragments hide systemic failures
– Very hard to detect defective details in larger pieces
![Page 22: Code Review](https://reader033.fdocuments.us/reader033/viewer/2022052822/554f58ebb4c905b9508b526b/html5/thumbnails/22.jpg)
Tip 3: Build your checklist
● Know your weak spots●
![Page 23: Code Review](https://reader033.fdocuments.us/reader033/viewer/2022052822/554f58ebb4c905b9508b526b/html5/thumbnails/23.jpg)
Tip 4: Be positive
● Review is about code● It is not about people who wrote it● Goal is overall improvement● No blame
![Page 24: Code Review](https://reader033.fdocuments.us/reader033/viewer/2022052822/554f58ebb4c905b9508b526b/html5/thumbnails/24.jpg)
http://vunvulearadu.blogspot.cz/2013/06/code-review-and-under-stress.html
![Page 25: Code Review](https://reader033.fdocuments.us/reader033/viewer/2022052822/554f58ebb4c905b9508b526b/html5/thumbnails/25.jpg)
Tip 5: Accepting Code Review
● Do not worry, everyone makes mistakes● Do not take it personally, it is only about code● Say Thank you :)
– maybe it saved you some unpleasant fixing of production code
![Page 26: Code Review](https://reader033.fdocuments.us/reader033/viewer/2022052822/554f58ebb4c905b9508b526b/html5/thumbnails/26.jpg)
More tips:
● If you don't understand the code, ask the author (and then write a comment/rename)
● Finding things that are missing is the hardest part (e.g. race condition)
● The sooner CR is done the better● Explain why something is bad (provide
reference)● Use FindBugs, Sonar
![Page 27: Code Review](https://reader033.fdocuments.us/reader033/viewer/2022052822/554f58ebb4c905b9508b526b/html5/thumbnails/27.jpg)
References
● Jason Cohen (2006). Best Kept Secrets of Peer Code Review (Modern Approach. Practical Advice.).
Available at Smartbearsoftware.com