Effective code reviews
-
Upload
sebastian-marek -
Category
Technology
-
view
12.629 -
download
2
description
Transcript of Effective code reviews
Sebastian Marek
EFFECTIVE CODE REVIEWS
Sebas1an Marek, So8ware Architect
@proofek
• a Pole living in Sheffield • over 12 years in
development • Pascal, C++, PHP, perl,
python, Java • co-‐author of 2 PHP books • big fan of process
automaBon • TDD and CI • occasionally contributes to
open source projects • wants to be a knight
h?ps://joind.in/7056
Who does code reviews?
Disclaimer
All characters appearing in this presentation are fictitious. Any resemblance to real persons, living or dead, is purely coincidental.
The Team
Harry “Just Get It Done” – The Manager
Tom “I Need It Now” – The Owner
The Team
Adam “The Night Coder” – developer
Kris “Hackety Hack” – master code reviewer
Bruno “It Will Work” – apprentice reviewer
Scenario 1
How much time do we need to get this project done?
Well, design, coding, code reviews, testing…
Do we really need to code review the code? You surely know how to code, and you have tested it and it works… Right?
Scenario 2
Hmmm… all the developers are busy, we have no one spare. Let's skip it and get it straight into QA…
We're nearly done, just need to get this code reviewed.
Scenario 3
Hello Harry, I need John to review my code.
John is busy, you can have Rob.
But Rob is a junior developer, and he doesn't know this system.
You want it code reviewed or not? Rob is all we've got!
Scenario 4
We do all these code review, spend a lot of time on this, but the code that hits production is still buggy. It's a waste of time!
Code review
Adam The Developer to Kris The Reviewer
9:31 PM (0 minutes ago)
Kris, I got this code I need you to review. Can you do it for me please? The code is in my repository on problem-fix branch. Thanks --- Adam
Click here to Reply or Forward
Raising a code review
No (e)mail!
Raising a code review
Bug tracking systems -‐ JIRA -‐ Bugtrak -‐ ManBs Code review tools -‐ Crucible/Fisheye -‐ Gerrit -‐ Github
Code review
Adam The Developer to Kris The Reviewer
9:31 PM (13 minutes ago)
Kris, I got this code I need you to review. Can you do it for me please? The code is in my repository on problem-fix branch. Thanks --- Adam
Click here to Reply or Forward
Kris The Reviewer to Adam The Developer
9:44 PM (0 minutes ago)
Adam, No problem at all, but where did you branch the code from? I can’t identify the change set without it. --- Kris
What to review
Version control • Specific change sets • avoid specific commits
• Reviewing patches risky, unless automated
Code review
Adam The Developer 9:31 PM (25 minutes ago)
Kris, I got this code I need you to review. Can you do it for me please? …
Kris The Reviewer to Adam The Developer
9:44 PM (12 minutes ago)
Adam, No problem at all, but where did you branch the code from? I can’t identify the change set without it. --- Kris
Adam The Developer to Kris The Reviewer
9:56 PM (0 minutes ago)
Kris, Ah yes. Sorry. It’s branched from my master branch. --- Adam
The purpose of the review
What and Why?
One way of doing things…
Bruno “It will work”
• Makes sense • Works • SyntacBcally correct • Approved
Usual feedback produced:
Being smarter…
Kris “The Master Reviewer”
• PHP linter • PHP Code Sniffer • PHPUnit • phpDocumentor • PHP Depend • PHP Mess Detector • Sonar
Tools used:
Speed up with automation
$ php -l Libraries/Action.class.php No syntax errors detected in Libraries/Action.class.php
$ php -l Libraries/Action.class.php Errors parsing Libraries/Action.class.php
$ phpcs –standard=Zend Libraries/Action.class.php FILE: /Volumes/git/modules/AccountChange/Libraries/Action.class.php --------------------------------------------------------------------------------
FOUND 2 ERROR(S) AND 1 WARNING(S) AFFECTING 3 LINE(S) -------------------------------------------------------------------------------- 44 | ERROR | Protected member variable "arrOptions" must contain a leading
| | underscore 66 | WARNING | Line exceeds 80 characters; contains 82 characters 97 | ERROR | Line exceeds maximum limit of 120 characters; contains 135 | | characters
-------------------------------------------------------------------------------- Time: 0 seconds, Memory: 5.75Mb
Verify whether the code works
$ phpunit PHPUnit 3.6.12 by Sebastian Bergmann. Configuration read from phpunit.xml.dist
..................IIII................IIIIIIIIIIIIIIIIIIIIIII.. 63 / 240 ( 26%) .............................................I.....I........... 126 / 240 ( 52%)
............................................................... 189 / 240 ( 78%)
................................................... Time: 02:01, Memory: 26.75Mb
OK, but incomplete or skipped tests! Tests: 240, Assertions: 514, Incomplete: 29.
Static analysis and code quality
PHP_Depend 0.10.6 by Manuel PichlerParsing source files:.................... 20Executing CyclomaticComplexity-Analyzer:............. 261Executing ClassLevel-Analyzer:............ 247Executing CodeRank-Analyzer:. 28Executing Coupling-Analyzer:............. 267Executing Hierarchy-Analyzer:............ 246Executing Inheritance-Analyzer:. 30Executing NPathComplexity-Analyzer:.............. 283Executing NodeCount-Analyzer:........ 174Executing NodeLoc-Analyzer:.......... 205Generating pdepend log files, this may take a moment.Time: 00:05; Memory: 25.50Mb
Static analysis and code quality
Static analysis and code quality
…by looking at things all important
Kris “The Master Reviewer”
Things checked: • clarity • performance • excessive complexity • impact on other systems • does the soluBon solves the problem
• duplicaBons • code quality • potenBal deployment issues • design flaws
The benefits of a code review – they are for you!
• Knowledge sharing • Mentoring new starters • Find bugs/design flaws early • Improve overall code quality • Fostering collecBve code
ownership
The soft side - developers
• Understand and accept that you will make mistakes.
• You are not your code.
• No maZer how much "karate" you know, someone else will always know more.
• Don't rewrite code without consultaBon. D
EVEL
OPE
RS
The soft side – code reviewers
• The only true authority stems from knowledge, not from posiBon.
• CriBque code instead of people
CO
DE
REV
IEW
ERS
Summary - what include in the code review
• LocaBon of your changes – Repository name, branch name, branch base
• Subject of your changes – What have you changed
• Reason for the change – Why have you change it
WH
AT?
Summary - who assign the code review to?
• Seek the experts – If you're not sure ask around
• QuesBon the soluBon – Make sure it fits the purpose
WH
O?
Summary – where to raise a code review?
• Make it traceable – Bug trucking system, ie. Jira, Trac, ManBs, etc – Code review tool, ie. Fisheye/Crucible, gerrit
• ConversaBon/Pair programming – Just make sure outcome is captured
WH
ERE?
Summary - how to perform a good code review?
• Use tools, don’t be a tool • Check for duplicaBons/complexity • Asses impact on other systems • Make sure code is clear and self-‐descripBve
HO
W?
Credits…
hZp://www.flickr.com/photos/dawgbyte77/3058349367/ hZp://www.flickr.com/photos/zzpza/3269784239/ hZp://www.flickr.com/photos/toolmanBm/6170448143/ hZp://www.flickr.com/photos/coyau/7630782996/ hZp://www.flickr.com/photos/73885983@N02/6729908421/
hZp://www.atlassian.com/angrynerds/
…and references
The Ten Commandments of Egoless Programming: hZp://alturl.com/q4dpa The Code review: hZp://www.soulbroken.co.uk/blog/2010/07/the-‐code-‐review/ Fisheye/Crucible: hZp://www.atlassian.com/sokware/crucible/overview Gerrit: hZp://code.google.com/p/gerrit/ Github: hZps://github.com/ PHPUnit: hZp://phpunit.de PHP CodeSniffer: hZp://pear.php.net/PHP_CodeSniffer PHP Depend: hZp://pdepend.org/ PHP Mess Detector: hZp://phpmd.org/ Sonar: hZp://www.sonarsource.org/
Q&A
Ques1ons?
h?ps:// /7056