15 March 2019

TECHNICAL: CODE REVIEW

Code review is the systematic examination (sometimes referred to as peer review) of Computer source code. The general goal of code review is to find and fix mistakes overlooked in the initial development phase, improving both the overall quality of software and the developers’ skills.

How code review works?

A code review process involves at least two roles that are always present:
1. Author is the person responsible for creating the code being reviewed.
2. Reviewer is the person responsible for examining the code and reporting the feedback to the author, both negative and positive.
When a developer is finished working on an issue, the reviewer(s), look over the code and considers questions like:

  • Are there any obvious logic errors in the code?
  • Looking at the requirements, are all cases fully implemented?
  • Does the new code conform to existing style guidelines and coding standards?
  • Is it possible that the new code will generate any performance or security issues?
  • Are the new automated tests sufficient for the new code? Do existing automated tests need to be rewritten to account for changes in the code?

    • Main benefits

    As each software project it’s unique and it has its own particularities, it is hard to give a list of benefits that will apply to all projects. We will try to enumerate the most common benefits of continuous code review process: ➔ The final product is of a good quality as bad code doesn’t accumulate; ➔ Problems in the code are detected and corrected right away; ➔ Every member of the team, not just the author of the code is responsible for its quality; ➔ Sharing knowledge happens much faster and more effectively, helping Junior developers ➔ Developers know well not only their own code, but the code of the whole project; ➔ The code of a new developer on the project is no threat to the overall quality of code.

    Tools

    In the recent years, we are witnessing that collaborative, lightweight code review is increasingly becoming the default mechanism for integrating changes, in both collocated and distributed development. Effectively, the pull request (in various forms) is becoming the atomic unit of software change. But the pull request is not the only method. There are also a large number of specialized tools that can be used in the code review process.
    1. Pull request based tools
    a. GitLab Use merge requests as a tool to do code review.
    b. Github Git hosting and pioneer of the "Pull Request".
    c. BitBucket gives teams one place to plan projects, collaborate on code, test, and deploy.
    2. Specialized tools
    a. Azure DevOps offers a wide array of functionalities, including requirement management, planning, code management via git, build/release pipelines, test management, etc.
    b. Crucible Atlassian's on-premise code review tool.
    c. Collaborator Peer code review and document review tool by SmartBear.
    d. Upsource JetBrain's on-premise git/mercurial/perforce/svn code review tool.
    e. Phabricator Open source git/mercurial/svn code review tool originating out of Facebook.

    Why implementing Code Review?

    While tools that automate the evaluation of many tasks that the developers do to determine quality (e.g. code style analyzers, test coverage, metrics for software quality, impact analysis etc.) do exist, most developers go little beyond testing and continuous integration. We can’t automate everything.
    Every team can benefit from code reviews regardless of development methodology. Agile teams, however, can realize huge benefits because work is decentralized across the team. No one is the only person who knows a specific part of the code base. Simply put, code reviews help facilitate knowledge sharing across the code base and across the team.