If there is a possibility of several things going wrong the one that will cause the most damage will be the one to go wrong. – Murphy
Code without defects does not exist. No matter how skilled and experienced a developer is, there will always be errors in the code. Only way to mitigate
So what are code reviews?
Code reviews are methodical assessments of code designed to identify bugs, increase code quality, and help developers learn the source code.
Why do we need to do code reviews?
Firstly, to catch errors that are not noticed in the static analysis, unit tests, code format, code coverage, etc. Furthermore, to discuss the readability of the code. Also for the sake of the developers, in order to know the other parts of the system better. Finally, for the developers to be able to learn from each other.
After a software developer has completed coding, a code review is an important step in the software development process. It provides a second opinion on the solution and implementation before it’s merged.
What are the typical mistakes in code reviews?
Focusing on errors that can be picked up in static analysis, unit tests, etc. Another mistake is overfocusing on secondary issues. There also might be too much code to review or the code might be accepted without checking.
There is also a psychological factor as a developer might be taking the review personally which might lead to quarrels and accusations.
But, how useful is code review? Just look at the chart below.
Defect density refers to the number of defects identified in a software component or code segment, divided by the size of that component. This measurement is typically expressed as defects per line of code (DPL)
Defect density plays a crucial role in software development. Firstly, it provides an objective measure of software quality that can be compared across different projects and teams. Secondly, defect density helps identify areas of the codebase that require further attention. Finally, defect density enables organizations to track and monitor the effectiveness of software development processes and quality improvement over time.
So, what should be our focus while reviewing code?
- Whether the code meets the requirements
- Whether the code is consistent with the overall design
- Whether there are e.g. some hardware limitations
- Whether the author had taken into account some edge cases
- Whether the code is readable
- Whether there are any concurrency issues
- Whether there are any memory issues
- Whether the code is duplicated
So, a checklist of things to do while reviewing code might look something like the below and include potential problems that can occur. Also, it needs to be up to date with the most common issues.
Checklist:
- Most common issues
- Verified feature requirements
- Code readability
- Coding Style
- Clear naming
- Code duplication
- Tests
- Documentation
Is there something else that could make the code review more efficient?
There are some things we can do, for example ask the author of the code to comment on it and obviously review it before handing it over to other developers. Another good idea is to have the code accepted by at least two reviewers. This should make the whole process much easier.
- https://smartbear.com/learn/code-review/best-practices-for-peer-code-review/
- https://linearb.io/blog/code-review-checklist/
- https://ucgosu.pl/2018/06/code-review-prosty-sposob-na-poprawienie-jakosci-kodu/
- https://about.gitlab.com/topics/version-control/what-is-code-review/