code review: how and when
TRANSCRIPT
Father of Code Review
http://ieeexplore.ieee.org/xpl/articleDetails.jsp?arnumber=5388086&filter%3DAND%28p_IS_Number%3A5388084%29
aka Fagan Inspections
Fagan Inspections
https://en.wikipedia.org/wiki/Fagan_inspection
Lightweight Code Reviews
https://en.wikipedia.org/wiki/Code_review
Code Review Tool Resources• github reviews - https://github.com/universe-2016#reviews
• video demo - https://www.youtube.com/watch?v=HW0RPaJqm4g
• reviewable - https://reviewable.io/ • demo - https://reviewable.io/reviews/Reviewable/demo/1
• gerrit code review - https://www.gerritcodereview.com • tutorial - http://www.vogella.com/tutorials/Gerrit/article.html
• VSTS Code Review (TFVC) - https://www.visualstudio.com/en-us/docs/tfvc/get-code-reviewed-vs • walk through - https://www.visualstudio.com/en-us/docs/tfvc/day-life-
alm-developer-suspend-work-fix-bug-conduct-code-review
• Review Assistant - https://www.devart.com/review-assistant/ • comparison - https://www.devart.com/review-assistant/learnmore/
visual-studio-vs-review-assistant.html
• Crucible - https://www.atlassian.com/software/crucible • video demo - https://www.youtube.com/watch?v=UFNPgfQFJHk
• Collaborator - https://smartbear.com/product/collaborator/overview/ • video demo - https://www.youtube.com/watch?v=1MBb21DgRYg
• FogBugz Dev Hub - http://www.fogcreek.com/fogbugz/devhub • demo - http://www.joelonsoftware.com/items/2011/02/03.html
Code Review Tool Resources
Reviewer: Focus on the code
Don’t say: “You didn’t name these variables well!”
Instead: “I don’t understand these variable names, can you help me understand them?”
“ “The objective is for everyone to find defects, including the author, not to
prove the work product has no defects. People exchange work products to review, with the expectation that as
authors, they will produce errors, and as reviewers, they will find errors.
Everyone ends up learning from their own mistakes and other people’s
mistakes.” – Jerry Weinberg, “The Psychology of
Computer Programming”, 1971
Less Than 60 Minutes
http://www.news.illinois.edu/news/11/0208focus_AlejandroLleras.html
Daily Code Review
http://blog.fogcreek.com/effective-code-reviews-9-tips-from-a-converted-skeptic/
Always Use A Checklist
http://www.codeproject.com/Articles/593751/Code-Review-Checklist-and-Guidelines-for-Csharp-De
Developer Checklist• Does my code compile without errors and run without exceptions in
“happy path” conditions?
• Have I checked this code to see if it triggers compiler or static analysis warnings?
• Have I covered this code with appropriate tests, and are those test currently green?
• Have I run our performance/load/smoke tests to make sure nothing I’ve introduced is a performance killer?
http://blog.smartbear.com/code-review/creating-your-code-review-checklist/
Reviewer Checklist• Does this code read like prose?
• Do the methods do what the name of the method claims that they’ll do? Same for classes?
• Can I get an understanding of the desired behavior just by doing quick scans through unit and acceptance tests?
• Is anything here a re-implementation of existing functionality the developer may not be aware of?
http://blog.smartbear.com/code-review/creating-your-code-review-checklist/
Static Code Analysis Resources• JSLint - http://www.jslint.com
• video demo - https://www.youtube.com/watch?v=QWjMZBoSBtQ
• JSHint - http://jshint.com • video demo - https://www.youtube.com/watch?v=MvV6fljX538
• ESLint - http://eslint.org • video demo - https://www.youtube.com/watch?v=L6vMey4FtQ0
• StyleCop - https://stylecop.codeplex.com • video demo - https://www.youtube.com/watch?v=6v8_PdePM7M
• Visual Studio Code Analysis - https://msdn.microsoft.com/en-us/library/3z0aeatx.aspx • walkthrough - https://msdn.microsoft.com/en-us/library/ms182066.aspx
• ReSharper - https://www.jetbrains.com/resharper/ • demo - https://www.youtube.com/watch?v=jq1JDlIiRmg
“ “…the average defect detection rate is only 25 percent for unit testing, 35 percent for function testing, and 45 percent for integration testing.
In contrast, the average effectiveness of design and code
inspections are 55 and 60 percent.” - Steve McConnell, Code
Complete, 2004
“ “The aim is to catch what mistakes you can and to get better – not to attempt perfection.”
- Erik Dietrich, “Creating Your Code
Review Checklist”, 2015
Review
• No more than 60 mins • No more than 200 lines of code • Use Static Code Analysis • Use Check Lists • Use A Code Review Tool