Effective code reviews
5 likes2,756 views
The document discusses the importance and challenges of code reviews in software development, highlighting various scenarios where code reviews may be bypassed or not conducted effectively. It emphasizes using tools for improving code quality and outlines best practices, benefits of code reviews, and the roles of developers and reviewers. Additionally, it mentions specific code review tools and offers guidance on conducting effective reviews.
Effective code reviews
- 1. code reviews Effective ct h ite rc eA ar ftw So - k re Ma n s ti a ba Se
- 2. • a Pole living in Sheffield • over 12 years in development • Pascal, C++, PHP, perl, python, Java • co-author of 2 PHP books • big fan of process automation • TDD and CI • occasionally contributes to open source projects • wants to be a knight https://joind.in/6947 @proofek
- 3. Who does code reviews?
- 4. All characters appearing in this presentation are fictitious. Any resemblance to real persons, living or dead, is purely coincidental. Disclaimer
- 5. Tom “I Need It Now” – The Owner Harry “Just Get It Done” – The Manager The Team
- 6. Adam “The Night Coder” – developer Kris “Hackety Hack” – master code reviewer Bruno “It Will Work” – apprentice reviewer The Team
- 7. How much time do we need to get this project done? Well, design, coding, code reviews, testing… Do we really need to code review the code? You surely know how to code, and you have tested it and it works… Right? Scenario 1
- 8. We're nearly done, just need to get this code reviewed. Hmmm… all the developers are busy, we have no one spare. Let's skip it and get it straight into QA… Scenario 2
- 9. Hello Harry, I need John to review my code. John is busy, you can have Rob. But Rob is a junior developer, and he doesn't know this system. You want it code reviewed or not? Rob is all we've got! Scenario 3
- 10. We do all these code review, spend a lot of time on this, but the code that hits production is still buggy. It's a waste of time! Scenario 4
- 11. Code review Adam The Developer 9:31 PM (0 minutes ago) to Kris The Reviewer Kris, I got this code I need you to review. Can you do it for me please? The code is in my repository on problem-fix branch. Thanks --- Adam Click here to Reply or Forward
- 12. No (e)mail! Raising a code review
- 13. Bug tracking systems - JIRA - Bugtrak - Mantis Code review tools - Crucible/Fisheye - Gerrit - Github Raising a code review
- 14. Code review Adam The Developer 9:31 PM (13 minutes ago) to Kris The Reviewer Kris, I got this code I need you to review. Can you do it for me please? The code is in my repository on problem-fix branch. Thanks --- Adam Kris The Reviewer 9:44 PM (0 minutes ago) to Adam The Developer Adam, No problem at all, but where did you branch the code from? I can’t identify the change set without it. --- Kris Click here to Reply or Forward
- 15. Version control • Specific change sets • avoid specific commits • Reviewing patches risky, unless automated What to review
- 16. Code review Adam The Developer 9:31 PM (25 minutes ago) Kris, I got this code I need you to review. Can you do it for me please? … Kris The Reviewer 9:44 PM (12 minutes ago) to Adam The Developer Adam, No problem at all, but where did you branch the code from? I can’t identify the change set without it. --- Kris Adam The Developer 9:56 PM (0 minutes ago) to Kris The Reviewer Kris, Ah yes. Sorry. It’s branched from my master branch. --- Adam
- 17. What and Why? The purpose of the review
- 18. Bruno “It will work” Usual feedback produced: • Makes sense • Works • Syntactically correct • Approved One way of doing things…
- 19. Kris “The Master Reviewer” Tools used: • PHP linter • PHP Code Sniffer • PHPUnit • phpDocumentor • PHP Depend • PHP Mess Detector • Sonar Being smarter…
- 20. $ php -l Libraries/Action.class.php No syntax errors detected in Libraries/Action.class.php $ php -l Libraries/Action.class.php Errors parsing Libraries/Action.class.php $ phpcs –standard=Zend Libraries/Action.class.php FILE: /Volumes/git/modules/AccountChange/Libraries/Action.class.php -------------------------------------------------------------------------------- FOUND 2 ERROR(S) AND 1 WARNING(S) AFFECTING 3 LINE(S) -------------------------------------------------------------------------------- 44 | ERROR | Protected member variable "arrOptions" must contain a leading | | underscore 66 | WARNING | Line exceeds 80 characters; contains 82 characters 97 | ERROR | Line exceeds maximum limit of 120 characters; contains 135 | | characters -------------------------------------------------------------------------------- Time: 0 seconds, Memory: 5.75Mb Speed up with automation - PHP linter and PHP CodeSniffer
- 21. $ phpunit PHPUnit 3.6.12 by Sebastian Bergmann. Configuration read from phpunit.xml.dist ..................IIII................IIIIIIIIIIIIIIIIIIIIIII.. 63 / 240 ( 26%) .............................................I.....I........... 126 / 240 ( 52%) ............................................................... 189 / 240 ( 78%) ................................................... Time: 02:01, Memory: 26.75Mb OK, but incomplete or skipped tests! Tests: 240, Assertions: 514, Incomplete: 29. Verify whether the code works with PHPUnit
- 22. PHP_Depend 0.10.6 by Manuel Pichler Parsing source files: .................... 20 Executing CyclomaticComplexity-Analyzer: ............. 261 Executing ClassLevel-Analyzer: ............ 247 Executing CodeRank-Analyzer: . 28 Executing Coupling-Analyzer: ............. 267 Executing Hierarchy-Analyzer: ............ 246 Executing Inheritance-Analyzer: . 30 Executing NPathComplexity-Analyzer: .............. 283 Executing NodeCount-Analyzer: ........ 174 Executing NodeLoc-Analyzer: .......... 205 Generating pdepend log files, this may take a moment. Time: 00:05; Memory: 25.50Mb Static analysis and code quality with PHP Depend
- 23. Static analysis and code quality with PHP Mess Detector
- 24. Static analysis and code quality with Sonar
- 25. Static analysis and code quality with Sonar
- 26. Static analysis and code quality with Sonar
- 27. Static analysis and code quality with Sonar
- 28. Static analysis and code quality with Sonar
- 29. Static analysis and code quality with Sonar
- 30. Kris “The Master Reviewer” Things checked: • clarity • duplications • performance • code quality • excessive complexity • potential deployment • impact on other issues systems • design flaws • does the solution solves the problem …by looking at things all important
- 31. • Knowledge sharing • Mentoring new starters • Find bugs/design flaws early • Improve overall code quality • Fostering collective code ownership The benefits of a code review – they are for you!
- 32. DEVELOPERS • Understand and accept that you will make mistakes. • You are not your code. • No matter how much "karate" you know, someone else will always know more. • Don't rewrite code without consultation. The soft side - developers
- 33. CODE REVIEWERS • The only true authority stems from knowledge, not from position. • Critique code instead of people The soft side – code reviewers
- 34. • Location of your changes WHAT? – Repository name, branch name, branch base • Subject of your changes – What have you changed • Reason for the change – Why have you change it Summary - what include in the code review
- 35. WHO? • Seek the experts – If you're not sure ask around • Question the solution – Make sure it fits the purpose Summary - who assign the code review to?
- 36. WHERE? • Make it traceable – Bug trucking system, ie. Jira, Trac, Mantis, etc – Code review tool, ie. Fisheye/Crucible, gerrit • Conversation/Pair programming – Just make sure outcome is captured Summary – where to raise a code review?
- 37. • Use tools, don’t be a tool • Check for duplications/ HOW? complexity • Asses impact on other systems • Make sure code is clear and self-descriptive Summary - how to perform a good code review?
- 39. http://www.atlassian.com/angrynerds/ http://georgegant.deviantart.com/art/Angry-Nerds-217554774 http://www.flickr.com/photos/dawgbyte77/3058349367/ http://www.flickr.com/photos/zzpza/3269784239/ http://www.flickr.com/photos/toolmantim/6170448143/ http://www.flickr.com/photos/coyau/7630782996/ http://www.flickr.com/photos/73885983@N02/6729908421/ http://www.osnews.com/story/19266/WTFs_m Credits…
- 40. The Ten Commandments of Egoless Programming: http://alturl.com/ q4dpa The Code review: http://www.soulbroken.co.uk/blog/2010/07/the-code- review/ Fisheye/Crucible: http://www.atlassian.com/software/crucible/overview Gerrit: http://code.google.com/p/gerrit/ Github: https://github.com/ PHPUnit: http://phpunit.de PHP CodeSniffer: http://pear.php.net/PHP_CodeSniffer PHP Depend: http://pdepend.org/ PHP Mess Detector: http://phpmd.org/ Sonar: http://www.sonarsource.org/ …and references
- 41. Questions? https:// /6947 Q&A