Effective code reviews
24 likes24,687 views
The document discusses effective code reviews, emphasizing their importance in software development despite common challenges such as personnel availability and time constraints. It outlines scenarios that illustrate the pitfalls of neglecting code reviews and highlights the benefits, including improved code quality and knowledge sharing among developers. Various tools and practices for conducting thorough code reviews are also presented, along with guidance on their implementation.
Effective code reviews
- 1. EFFECTIVE CODE REVIEWS Sebas1an Marek, So8ware Architect Sebastian Marek
- 2. • a Pole living in Sheffield • over 12 years in development • Pascal, C++, PHP, perl, python, Java • co-‐author of 2 PHP books • big fan of process automaBon • TDD and CI • occasionally contributes to open source projects • wants to be a knight h?ps://joind.in/7056 @proofek
- 3. Who does code reviews?
- 4. All characters appearing in this presentation are fictitious. Any resemblance to real persons, living or dead, is purely coincidental. Disclaimer
- 5. Tom “I Need It Now” – The Owner Harry “Just Get It Done” – The Manager The Team
- 6. Adam “The Night Coder” – developer Kris “Hackety Hack” – master code reviewer Bruno “It Will Work” – apprentice reviewer The Team
- 7. How much time do we need to get this project done? Well, design, coding, code reviews, testing… Do we really need to code review the code? You surely know how to code, and you have tested it and it works… Right? Scenario 1
- 8. We're nearly done, just need to get this code reviewed. Hmmm… all the developers are busy, we have no one spare. Let's skip it and get it straight into QA… Scenario 2
- 9. Hello Harry, I need John to review my code. John is busy, you can have Rob. But Rob is a junior developer, and he doesn't know this system. You want it code reviewed or not? Rob is all we've got! Scenario 3
- 10. We do all these code review, spend a lot of time on this, but the code that hits production is still buggy. It's a waste of time! Scenario 4
- 11. Code review Adam The Developer 9:31 PM (0 minutes ago) to Kris The Reviewer Kris, I got this code I need you to review. Can you do it for me please? The code is in my repository on problem-fix branch. Thanks --- Adam Click here to Reply or Forward
- 12. No (e)mail! Raising a code review
- 13. Bug tracking systems -‐ JIRA -‐ Bugtrak -‐ ManBs Code review tools -‐ Crucible/Fisheye -‐ Gerrit -‐ Github Raising a code review
- 14. Code review Adam The Developer 9:31 PM (13 minutes ago) to Kris The Reviewer Kris, I got this code I need you to review. Can you do it for me please? The code is in my repository on problem-fix branch. Thanks --- Adam Kris The Reviewer 9:44 PM (0 minutes ago) to Adam The Developer Adam, No problem at all, but where did you branch the code from? I can’t identify the change set without it. --- Kris Click here to Reply or Forward
- 15. Version control • Specific change sets • avoid specific commits • Reviewing patches risky, unless automated What to review
- 16. Code review Adam The Developer 9:31 PM (25 minutes ago) Kris, I got this code I need you to review. Can you do it for me please? … Kris The Reviewer 9:44 PM (12 minutes ago) to Adam The Developer Adam, No problem at all, but where did you branch the code from? I can’t identify the change set without it. --- Kris Adam The Developer 9:56 PM (0 minutes ago) to Kris The Reviewer Kris, Ah yes. Sorry. It’s branched from my master branch. --- Adam
- 17. What and Why? The purpose of the review
- 18. Bruno “It will work” Usual feedback produced: • Makes sense • Works • SyntacBcally correct • Approved One way of doing things…
- 19. Kris “The Master Reviewer” Tools used: • PHP linter • PHP Code Sniffer • PHPUnit • phpDocumentor • PHP Depend • PHP Mess Detector • Sonar Being smarter…
- 20. $ php -l Libraries/Action.class.php No syntax errors detected in Libraries/Action.class.php $ php -l Libraries/Action.class.php Errors parsing Libraries/Action.class.php $ phpcs –standard=Zend Libraries/Action.class.php FILE: /Volumes/git/modules/AccountChange/Libraries/Action.class.php -------------------------------------------------------------------------------- FOUND 2 ERROR(S) AND 1 WARNING(S) AFFECTING 3 LINE(S) -------------------------------------------------------------------------------- 44 | ERROR | Protected member variable "arrOptions" must contain a leading | | underscore 66 | WARNING | Line exceeds 80 characters; contains 82 characters 97 | ERROR | Line exceeds maximum limit of 120 characters; contains 135 | | characters -------------------------------------------------------------------------------- Time: 0 seconds, Memory: 5.75Mb Speed up with automation
- 21. $ phpunit PHPUnit 3.6.12 by Sebastian Bergmann. Configuration read from phpunit.xml.dist ..................IIII................IIIIIIIIIIIIIIIIIIIIIII.. 63 / 240 ( 26%) .............................................I.....I........... 126 / 240 ( 52%) ............................................................... 189 / 240 ( 78%) ................................................... Time: 02:01, Memory: 26.75Mb OK, but incomplete or skipped tests! Tests: 240, Assertions: 514, Incomplete: 29. Verify whether the code works
- 22. PHP_Depend 0.10.6 by Manuel Pichler Parsing source files: .................... 20 Executing CyclomaticComplexity-Analyzer: ............. 261 Executing ClassLevel-Analyzer: ............ 247 Executing CodeRank-Analyzer: . 28 Executing Coupling-Analyzer: ............. 267 Executing Hierarchy-Analyzer: ............ 246 Executing Inheritance-Analyzer: . 30 Executing NPathComplexity-Analyzer: .............. 283 Executing NodeCount-Analyzer: ........ 174 Executing NodeLoc-Analyzer: .......... 205 Generating pdepend log files, this may take a moment. Time: 00:05; Memory: 25.50Mb Static analysis and code quality
- 23. Static analysis and code quality
- 24. Static analysis and code quality
- 25. Kris “The Master Reviewer” Things checked: • clarity • duplicaBons • performance • code quality • excessive complexity • potenBal deployment issues • impact on other systems • design flaws • does the soluBon solves the problem …by looking at things all important
- 26. • Knowledge sharing • Mentoring new starters • Find bugs/design flaws early • Improve overall code quality • Fostering collecBve code ownership The benefits of a code review – they are for you!
- 27. DEVELOPERS • Understand and accept that you will make mistakes. • You are not your code. • No maZer how much "karate" you know, someone else will always know more. • Don't rewrite code without consultaBon. The soft side - developers
- 28. CODE REVIEWERS • The only true authority stems from knowledge, not from posiBon. • CriBque code instead of people The soft side – code reviewers
- 29. • LocaBon of your changes WHAT? – Repository name, branch name, branch base • Subject of your changes – What have you changed • Reason for the change – Why have you change it Summary - what include in the code review
- 30. WHO? • Seek the experts – If you're not sure ask around • QuesBon the soluBon – Make sure it fits the purpose Summary - who assign the code review to?
- 31. WHERE? • Make it traceable – Bug trucking system, ie. Jira, Trac, ManBs, etc – Code review tool, ie. Fisheye/Crucible, gerrit • ConversaBon/Pair programming – Just make sure outcome is captured Summary – where to raise a code review?
- 32. • Use tools, don’t be a tool HOW? • Check for duplicaBons/complexity • Asses impact on other systems • Make sure code is clear and self-‐ descripBve Summary - how to perform a good code review?
- 33. hZp://www.atlassian.com/angrynerds/ hZp://www.flickr.com/photos/dawgbyte77/3058349367/ hZp://www.flickr.com/photos/zzpza/3269784239/ hZp://www.flickr.com/photos/toolmanBm/6170448143/ hZp://www.flickr.com/photos/coyau/7630782996/ hZp://www.flickr.com/photos/73885983@N02/6729908421/ Credits…
- 34. The Ten Commandments of Egoless Programming: hZp://alturl.com/q4dpa The Code review: hZp://www.soulbroken.co.uk/blog/2010/07/the-‐code-‐review/ Fisheye/Crucible: hZp://www.atlassian.com/sokware/crucible/overview Gerrit: hZp://code.google.com/p/gerrit/ Github: hZps://github.com/ PHPUnit: hZp://phpunit.de PHP CodeSniffer: hZp://pear.php.net/PHP_CodeSniffer PHP Depend: hZp://pdepend.org/ PHP Mess Detector: hZp://phpmd.org/ Sonar: hZp://www.sonarsource.org/ …and references
- 35. Ques1ons? h?ps:// /7056 Q&A