Modern Code Review
31
…………… …………… “This Ain’t Your Granddaddy’s Code Review…” Building Better Code Reviews
-
Upload
excella-consulting -
Category
Documents
-
view
1.506 -
download
1
description
A look at current code review best practices and some proposed ways to improve the overall process at your client site.
Transcript of Modern Code Review
……………
……………
“This Ain’t Your Granddaddy’s Code Review…”
Building Better Code Reviews
……………
……………
Overview
» What is Code Review and Why Do I Care?
» Why Is Our Traditional Process Broken?
» How Do We Make Code Review Better?
……………
……………
Why Do I Care?
» Cost of Fixing Defects
……………
……………
Where Does Code Review Fit In?
• Common Mistakes• Coding Style /
Standards
• ???
• UI functionality• Application
Behavior (high-level)
• User Experience
• Tests the modular function
• Individual Pieces • Can be automated
Unit Testing
QA / UAT
Static Code Analysis
(e.g. SONAR)
Code Reviews
Tools for Finding Defects
……………
……………
Why Do I Care?
Code Review
Logic / Runtime Errors
Learning Opportunities / Redesign
“Tribal Knowledge”
Stupid Mistakes
String zero = "" + 0;
We’re going to keep you up at night and waste your weekends!!!
……………
……………
Case Study
Source: Best Kept Secrets In Code Review
Code Review At CISCO Systems
……………
……………
What Is Code Review?
» Types of Code Review• Informal
• Over-the-Shoulder• Email Pass-around• Pair Programming
• Formal• Formal Inspection• Tool Assisted
……………
……………
Formal Inspection
Plan a Review
• Determine files to review
• Book meeting room, projector, send invites
Review Meeting
• Reviewers inspect files
• Identify defects
• Log issues
Fix Defects
• Author reviews defects
• Makes changes as needed
Repeat Weekly
……………
……………
Best Practices
» How Much?• 200 – 400 lines of code per session
» How Fast?• 300 – 500 LoC / hour
» How Long?• 60-90 minutes
function expireUserSession(){ var userResponse = window.confirm("You will be logged out unless you click OK"); if(userResponse === true){ setTimeout('expireUserSession', 30*60*1000); } else { window.location = 'logout.action'; }}dojo.addOnLoad(function(){ setTimeout('expireUserSession', 30*60*1000);});
OMG, Super Wrong*!!!
Slow Down…72 seconds
* Super wrong is a technical term. This will not work at all!
……………
……………
Best Practices
» Foster a good code review culture• Finding defects is a good thing!• Learning opportunity for developers• Managers must understand metrics
» Use Anti-pattern Checklists• Code Review Bingo
• Example: Avoid “Tableception”!
Your HTML Page
Best Practice: Avoid “Tableception” (Tables within Tables)
……………
……………
How Can We Do This Better???
……………
……………
Roadblocks to Better Code Review
» Time Commitment• 60 - 90 minutes?• Different Schedules• Remote Workers
» Accountability / Enforcement• Ensuring that defects get fixed
» Reporting• Can we ship this feature to production?
» Automation• Every step is manual, requires a lot of effort
……………
……………
Better Code Review
» Time Commitment• Asynchronous reviews
» Accountability• Associate Features with Reviews
» Reporting• Transparency to Managers• Out of the box functionality from Collaborator!
» Automation• Remove manual steps, make the CI Server work for us!
……………
……………
Better Code Review
Hurray!
Ugh!
*
* This is harder if you’re using ClearCase, but other VCS this should be easy
……………
……………
Demo Time
……………
……………
What do Developers See: Action Items
From the Web UI
What do I need to Review?
……………
……………
What do Developers See: Action Items
From Email
……………
……………
Reviews
……………
……………
Reviews
……………
……………
……………
……………
……………
……………
……………
……………
Recap: Why Is This Better?
» Reviews Automatically Created» Clear Action Items for Developers» Notification System» Fast Comparison Tool
• Support for your favorite external tool too!» Real-time Chats / Comments» Easy to Identify “Reworked” Files» Generate Reports
……………
……………
The Catch
» Collaborator Costs• $499 / named license
» No support for IntelliJ» Alternatives
• Crucible• Good price• No support for rework• No Automation Support / Metrics
• Review Board• Great options for cloud hosting!• Only supports pre-commit model• Setup a bit of a pain
……………
……………
Questions?
……………
……………
Material That Didn’t Make it Into The Presentation
……………
……………
Pre-Commit vs. Post-Commit
» Post-Commit Model• Reviews Created After Check-in to VCS• Advantages
• Can Utilize CI Server for Automation• Easier to Adopt
• Disadvantages• No way to ensure all code is reviewed before production
……………
……………
Pre-Commit vs. Post-Commit
» Pre-Commit Model• Only check in code after completing a review• Advantages
• Code doesn’t “pollute” VCS• Enforcement
• Disadvantages• Against best practice: “Commit Early and Often”• Requires manual work from developers to create reviews
……………
……………
Pre-Commit vs. Post-Commit
» GIT: Post-Commit, Pre-Push Model• Use local branch to commit, but review must be completed
before push to “gold repository”
……………
……………
Benefits of Code Review
» Identify and Fix Bugs Earlier• Difficult to diagnose issues
» Mentoring / Career Development
» Knowledge Transfer
» More Maintainable Code
» Shorter Development / Test Cycles
……………
……………
Other Thoughts On Formal Inspection
» Team Size: 3 – 6 people» Roles
• Author: Wrote the code• Reviewer: Developers, appraise the code• Moderator: Facilitates discussion, settles ties. Usually the lead
developer• Observer: BA or other non-technical, provides SME• “Reader”: Looks at code purely for readability
