SlideShare une entreprise Scribd logo

Code review guidelines

Télécharger en tant que DOCX, PDF
Lalit Kale
Lalit Kale

General Code review Guidelines about how to take code reviews,what to look for in code reviews,roles and responsibilities

BusinessTechnologie
1  sur  5
Code Review Guidelines What is a code Review? A code review is a detailed review of code and the end of the feature implementation or at logical intervals for validating the design and implementation of features/patches. Why Reviews are important? 1. To spot and fix defects early in the process. 2. Better-shared understanding of the code base as team members learn from each other 3. Helps to maintain a level of consistency in design and implementation. 4. It is more affordable and can be more effective than testing process. 5. Helps to identify common defects across the team thus reducing rework. 6. Builds confidence of stakeholders about technical quality of the execution. 7. Uniformity in understanding will help interchangeability of team members in case of non- availability of any one of them. 8. In case third party reviews code doesn’t get adverse comments. Before we commit any code to source control, we review it for compliance with the list below: General Unit Testing Comment and Coding Conventions Error Handling Resource Leaks Thread Safety Control Structures Performance Functionality Security Roles and Responsibilities 1. Developer: is the person who has written the code to be reviewed and has initiated the review request. 2. Reviewer/s: are the people who are going to review the code and report the findings to the developer. Tips for the Developer: 1. The primary reviewer is the author i.e. YOU.
2. Create a checklist for yourself of the things that the code reviews tend to focus on. Some of this checklist should be easy to put together. It should follow the outline of the coding standards document. Because it's your checklist, you can focus on the thing that you struggle with and skip the things that you rarely, if ever, have a problem with. Run through your code with the checklist and fix whatever you find. Not only will you reduce the number of things that the team finds, you'll reduce the time to complete the code review meeting—and everyone will be happy to spend less time in the review. 3. You are not your code. Remember that the entire point of a review is to find problems, and problems will be found. Don't take it personally when one is uncovered. 4. Understand and accept that you will make mistakes. The point is to find them early, before they make it into production. Fortunately, except for the few of us developing rocket guidance software at JPL, mistakes are rarely fatal in our industry, so we can, and should, learn, laugh, and move on. 5. No matter how much "karate" you know, someone else will always know more. Such an individual can teach you some new moves if you ask. Seek and accept input from others, especially when you think it's not needed. 6. Don't rewrite code without consultation. There's a fine line between "fixing code" and "rewriting code." Know the difference, and pursue stylistic changes within the framework of a code review, not as a lone enforcer. 7. The only constant in the world is change. Be open to it and accept it with a smile. Look at each change to your requirements, platform, or tool as a new challenge, not as some serious inconvenience to be fought. 8. Fight for what you believe, but gracefully accept defeat. Understand that sometimes your ideas will be overruled. Even if you do turn out to be right, don't take revenge or say, "I told you so" more than a few times at most, and don't make your dearly departed idea a martyr or rallying cry. 9. Don't be "the guy in the room." Don't be the guy coding in the dark office emerging only to buy cola. The guy in the room is out of touch, out of sight, and out of control and has no place in an open, collaborative environment. 10. Please note that Review meetings are NOTproblem solving meetings. 11. Help to maintain the coding standards. Offer to add to the coding standards for things discussed that aren't in the coding standards. One of the challenges that a developer has in an organization with combative code review practices is that they frequently don't know where the next problem will come from. If you document each issue into the coding standards, you can check for it with your checklist the next time you come up for code reviews. It also will help
cement the concept into your mind so that you're less likely to miss opportunities to use the feedback. Tips for the Reviewer 1. Critique code instead of people – be kind to the coder, not to the code. As much as possible, make all of your comments positive and oriented to improving the code. Relate comments to local standards, program specs, increased performance, etc. 2. Treat people who know less than you with respect, deference, and patience. Nontechnical people who deal with developers on a regular basis almost universally hold the opinion that we are prima donnas at best and crybabies at worst. Don't reinforce this stereotype with anger and impatience. 3. The only true authority stems from knowledge, not from position. Knowledge engenders authority, and authority engenders respect – so if you want respect in an egoless environment, cultivate knowledge. 4. Please note that Review meetings are NOT problem solving meetings. 5. Ask questions rather than make statements. A statement is accusatory. "You didn't follow the standard here" is an attack—whether intentional or not. The question, "What was the reasoning behind the approached you used?" is seeking more information. Obviously, that question can't be said with a sarcastic or condescending tone; but, done correctly, it can often open the developer up to stating their thinking and then asking if there was a better way. 6. Avoid the "Why" questions. Although extremely difficult at times, avoiding the"Why" questions can substantially improve the mood. Just as a statement is accusatory—so is a why question. Most "Why" questions can be reworded to a question that doesn't include the word "Why" and the results can be dramatic. For example, "Why didn't you follow the standards here..." versus "What was the reasoning behind the deviation from the standards here..." 7. Remember to praise. The purposes of code reviews are not focused at telling developers how they can improve, and not necessarily that they did a good job. Human nature is such that we want and need to be acknowledged for our successes, not just shown our faults. Because development is necessarily a creative work that developers pour their soul into, it often can be close to their hearts. This makes the need for praise even more critical. 8. Make sure you have good coding standards to reference. Code reviews find their foundation in the coding standards of the organization. Coding standards are supposed to be the shared agreement that the developers have with one another to produce quality, maintainable code. If you're discussing an item that isn't in your coding standards, you have some work to do to get
the item in the coding standards. You should regularly ask yourself whether the item being discussed is in your coding standards. 9. Remember that there is often more than one way to approach a solution. Although the developer might have coded something differently from how you would have, it isn't necessarily wrong. The goal is quality, maintainable code. If it meets those goals and follows the coding standards, that's all you can ask for. 10. You shouldn't rush through a code review- but also, you need to do it promptly. Your coworkers are waiting for you. Assign Severity to Review Finding The severity to find issues with code should go as below. Reviewer must focus on issues with High severity first and then to Medium severity and then Low severity issues. 1. Naming Conventions and Coding style = Low 2. Control Structures and Logical issues = Medium or High 3. Redundant Code = High 4. Performance Issues =High 5. Security Issues = High 6. Scalability Issues= High 7. Functional Issues =High 8. Error Handling = High 9. Reusability = Medium How to do code review Before going for code review, please see the following checklist. This checklist should be stringently followed by the developer who is requesting the code review. 1. Does review Meeting should be scheduled prior to at least one day before the review requested? Y/N 2. Does meeting Request should contain following items. (All items are mandatory)  Objective of review (This can be decided in consultation of respective project manager/Tech lead/architect/reviewers)  Work Item/s of review (e.g. Use Case /User story number)  Unit testing for work item/s done? Y/N  Has the code committed to source control repository? Y/N
 Does Code complies and runs on another developer’s machine without errors or warnings? Y/N 3. Reviewer gets request for review and s/he goes from work Items that has to be reviewed. 4. In Review meeting, if reviewer has any findings beforehand, then s/he shares it with the developers. 5. Then, developer explains the functional requirement in brief and also gives walk through of code. 6. Reviewer document the review findings along with some explanation and action plan for developer. 7. After the meeting, developer corrects the findings and eliminates the issues. 8. Developer again unit test the code. 9. Developer conveys the reviewer that all issues have been resolved and waits for the acknowledgement email from the reviewer. 10. Reviewer re-checks the code modifications in source control repository and sends the acknowledgement email to developer stating the work items and their status whether they are closed or still open. If items are open then developer has to follow all the steps from step 6. References: 1. http://www.codinghorror.com/blog/2006/05/the-ten-commandments-of-egoless- programming.html 2. http://www.developer.com/java/other/article.php/3579756 3. http://www.smartbear.com/docs/BestPracticesForPeerCodeReview.pdf

Recommandé

Code Review
Code ReviewCode Review
Code ReviewMikalai Alimenkou
 
Code Review Best Practices
Code Review Best PracticesCode Review Best Practices
Code Review Best PracticesTrisha Gee
 
How to successfully grow a code review culture
How to successfully grow a code review cultureHow to successfully grow a code review culture
How to successfully grow a code review cultureNina Zakharenko
 
Code review
Code reviewCode review
Code reviewAleksey Solntsev
 
Track code quality with SonarQube
Track code quality with SonarQubeTrack code quality with SonarQube
Track code quality with SonarQubeDmytro Patserkovskyi
 
Test Driven Development
Test Driven DevelopmentTest Driven Development
Test Driven DevelopmentSachithra Gayan
 
Test-Driven Development
Test-Driven DevelopmentTest-Driven Development
Test-Driven DevelopmentJohn Blum
 
Writing clean code in C# and .NET
Writing clean code in C# and .NETWriting clean code in C# and .NET
Writing clean code in C# and .NETDror Helper
 

Recommandé

Code Review
Code ReviewCode Review
Code ReviewMikalai Alimenkou
 
Code Review Best Practices
Code Review Best PracticesCode Review Best Practices
Code Review Best PracticesTrisha Gee
 
How to successfully grow a code review culture
How to successfully grow a code review cultureHow to successfully grow a code review culture
How to successfully grow a code review cultureNina Zakharenko
 
Code review
Code reviewCode review
Code reviewAleksey Solntsev
 
Track code quality with SonarQube
Track code quality with SonarQubeTrack code quality with SonarQube
Track code quality with SonarQubeDmytro Patserkovskyi
 
Test Driven Development
Test Driven DevelopmentTest Driven Development
Test Driven DevelopmentSachithra Gayan
 
Test-Driven Development
Test-Driven DevelopmentTest-Driven Development
Test-Driven DevelopmentJohn Blum
 
Writing clean code in C# and .NET
Writing clean code in C# and .NETWriting clean code in C# and .NET
Writing clean code in C# and .NETDror Helper
 
Code coverage
Code coverageCode coverage
Code coverageReturn on Intelligence
 
Code coverage & tools
Code coverage & toolsCode coverage & tools
Code coverage & toolsRajesh Kumar
 
Track code quality with SonarQube - short version
Track code quality with SonarQube - short versionTrack code quality with SonarQube - short version
Track code quality with SonarQube - short versionDmytro Patserkovskyi
 
Git 101: Git and GitHub for Beginners
Git 101: Git and GitHub for Beginners Git 101: Git and GitHub for Beginners
Git 101: Git and GitHub for Beginners HubSpot
 
Continuous Inspection of Code Quality: SonarQube
Continuous Inspection of Code Quality: SonarQubeContinuous Inspection of Code Quality: SonarQube
Continuous Inspection of Code Quality: SonarQubeEmre Dündar
 
Fixing Dockerfile Smells: An Empirical Study (ICSME 2022)
Fixing Dockerfile Smells: An Empirical Study (ICSME 2022)Fixing Dockerfile Smells: An Empirical Study (ICSME 2022)
Fixing Dockerfile Smells: An Empirical Study (ICSME 2022)Giovanni Rosa
 
Code Review Tool Evaluation
Code Review Tool EvaluationCode Review Tool Evaluation
Code Review Tool EvaluationKate Semizhon
 
Sonarqube
SonarqubeSonarqube
SonarqubePeerapat Asoktummarungsri
 
Dependency Injection
Dependency InjectionDependency Injection
Dependency InjectionKnoldus Inc.
 
GitHub Presentation
GitHub PresentationGitHub Presentation
GitHub PresentationBrianSchilder
 
SonarQube - The leading platform for Continuous Code Quality
SonarQube - The leading platform for Continuous Code QualitySonarQube - The leading platform for Continuous Code Quality
SonarQube - The leading platform for Continuous Code QualityLarry Nung
 
Jenkins
JenkinsJenkins
JenkinsMohanRaviRohitth
 
Jenkins Overview
Jenkins OverviewJenkins Overview
Jenkins OverviewAhmed M. Gomaa
 
TDD refresher
TDD refresherTDD refresher
TDD refresherKerry Buckley
 
SonarQube Presentation.pptx
SonarQube Presentation.pptxSonarQube Presentation.pptx
SonarQube Presentation.pptxSatwik Bhupathi Raju
 
Sonarqube
SonarqubeSonarqube
SonarqubeKalkey
 
An Introduction to Test Driven Development
An Introduction to Test Driven Development An Introduction to Test Driven Development
An Introduction to Test Driven Development CodeOps Technologies LLP
 
Introduction to docker
Introduction to dockerIntroduction to docker
Introduction to dockerFrederik Mogensen
 
Introduction to Git and GitHub
Introduction to Git and GitHubIntroduction to Git and GitHub
Introduction to Git and GitHubBioinformatics and Computational Biosciences Branch
 
Saving Time By Testing With Jest
Saving Time By Testing With JestSaving Time By Testing With Jest
Saving Time By Testing With JestBen McCormick
 
Code-Review-Principles-Process-and-Tools (1)
Code-Review-Principles-Process-and-Tools (1)Code-Review-Principles-Process-and-Tools (1)
Code-Review-Principles-Process-and-Tools (1)Aditya Bhuyan
 
Effective code reviews
Effective code reviewsEffective code reviews
Effective code reviewsSebastian Marek
 

Contenu connexe

Tendances

Code coverage & tools
Code coverage & toolsCode coverage & tools
Code coverage & toolsRajesh Kumar
 
Track code quality with SonarQube - short version
Track code quality with SonarQube - short versionTrack code quality with SonarQube - short version
Track code quality with SonarQube - short versionDmytro Patserkovskyi
 
Git 101: Git and GitHub for Beginners
Git 101: Git and GitHub for Beginners Git 101: Git and GitHub for Beginners
Git 101: Git and GitHub for Beginners HubSpot
 
Continuous Inspection of Code Quality: SonarQube
Continuous Inspection of Code Quality: SonarQubeContinuous Inspection of Code Quality: SonarQube
Continuous Inspection of Code Quality: SonarQubeEmre Dündar
 
Fixing Dockerfile Smells: An Empirical Study (ICSME 2022)
Fixing Dockerfile Smells: An Empirical Study (ICSME 2022)Fixing Dockerfile Smells: An Empirical Study (ICSME 2022)
Fixing Dockerfile Smells: An Empirical Study (ICSME 2022)Giovanni Rosa
 
Code Review Tool Evaluation
Code Review Tool EvaluationCode Review Tool Evaluation
Code Review Tool EvaluationKate Semizhon
 
Dependency Injection
Dependency InjectionDependency Injection
Dependency InjectionKnoldus Inc.
 
SonarQube - The leading platform for Continuous Code Quality
SonarQube - The leading platform for Continuous Code QualitySonarQube - The leading platform for Continuous Code Quality
SonarQube - The leading platform for Continuous Code QualityLarry Nung
 
Sonarqube
SonarqubeSonarqube
SonarqubeKalkey
 
An Introduction to Test Driven Development
An Introduction to Test Driven Development An Introduction to Test Driven Development
An Introduction to Test Driven Development CodeOps Technologies LLP
 
Saving Time By Testing With Jest
Saving Time By Testing With JestSaving Time By Testing With Jest
Saving Time By Testing With JestBen McCormick
 

Tendances (20)

Code coverage
Code coverageCode coverage
Code coverage
 
Code coverage & tools
Code coverage & toolsCode coverage & tools
Code coverage & tools
 
Track code quality with SonarQube - short version
Track code quality with SonarQube - short versionTrack code quality with SonarQube - short version
Track code quality with SonarQube - short version
 
Git 101: Git and GitHub for Beginners
Git 101: Git and GitHub for Beginners Git 101: Git and GitHub for Beginners
Git 101: Git and GitHub for Beginners
 
Continuous Inspection of Code Quality: SonarQube
Continuous Inspection of Code Quality: SonarQubeContinuous Inspection of Code Quality: SonarQube
Continuous Inspection of Code Quality: SonarQube
 
Fixing Dockerfile Smells: An Empirical Study (ICSME 2022)
Fixing Dockerfile Smells: An Empirical Study (ICSME 2022)Fixing Dockerfile Smells: An Empirical Study (ICSME 2022)
Fixing Dockerfile Smells: An Empirical Study (ICSME 2022)
 
Code Review Tool Evaluation
Code Review Tool EvaluationCode Review Tool Evaluation
Code Review Tool Evaluation
 
Sonarqube
SonarqubeSonarqube
Sonarqube
 
Dependency Injection
Dependency InjectionDependency Injection
Dependency Injection
 
GitHub Presentation
GitHub PresentationGitHub Presentation
GitHub Presentation
 
SonarQube - The leading platform for Continuous Code Quality
SonarQube - The leading platform for Continuous Code QualitySonarQube - The leading platform for Continuous Code Quality
SonarQube - The leading platform for Continuous Code Quality
 
Jenkins
JenkinsJenkins
Jenkins
 
Jenkins Overview
Jenkins OverviewJenkins Overview
Jenkins Overview
 
TDD refresher
TDD refresherTDD refresher
TDD refresher
 
SonarQube Presentation.pptx
SonarQube Presentation.pptxSonarQube Presentation.pptx
SonarQube Presentation.pptx
 
Sonarqube
SonarqubeSonarqube
Sonarqube
 
An Introduction to Test Driven Development
An Introduction to Test Driven Development An Introduction to Test Driven Development
An Introduction to Test Driven Development
 
Introduction to docker
Introduction to dockerIntroduction to docker
Introduction to docker
 
Introduction to Git and GitHub
Introduction to Git and GitHubIntroduction to Git and GitHub
Introduction to Git and GitHub
 
Saving Time By Testing With Jest
Saving Time By Testing With JestSaving Time By Testing With Jest
Saving Time By Testing With Jest
 

En vedette

Code-Review-Principles-Process-and-Tools (1)
Code-Review-Principles-Process-and-Tools (1)Code-Review-Principles-Process-and-Tools (1)
Code-Review-Principles-Process-and-Tools (1)Aditya Bhuyan
 
Code Review
Code ReviewCode Review
Code Reviewrantav
 
Java Code Review Checklist
Java Code Review ChecklistJava Code Review Checklist
Java Code Review ChecklistMahesh Chopker
 
Code review for secure web applications
Code review for secure web applicationsCode review for secure web applications
Code review for secure web applicationssilviad74
 
Simplified Security Code Review Process
Simplified Security Code Review ProcessSimplified Security Code Review Process
Simplified Security Code Review ProcessSherif Koussa
 
Project audit & review checklist
Project audit & review checklistProject audit & review checklist
Project audit & review checklistRam Srivastava
 
Coding and testing in Software Engineering
Coding and testing in Software EngineeringCoding and testing in Software Engineering
Coding and testing in Software EngineeringAbhay Vijay
 
The OWASP Top 10 Most Critical Web App Security Risks - TdT@Cluj #20
The OWASP Top 10 Most Critical Web App Security Risks - TdT@Cluj #20The OWASP Top 10 Most Critical Web App Security Risks - TdT@Cluj #20
The OWASP Top 10 Most Critical Web App Security Risks - TdT@Cluj #20Tabăra de Testare
 
Security asp.net application
Security asp.net applicationSecurity asp.net application
Security asp.net applicationZAIYAUL HAQUE
 
Deploying Static Application Security Testing on a Large Scale
Deploying Static Application Security Testing on a Large ScaleDeploying Static Application Security Testing on a Large Scale
Deploying Static Application Security Testing on a Large ScaleAchim D. Brucker
 
Microsoft asp.net identity security
Microsoft asp.net identity securityMicrosoft asp.net identity security
Microsoft asp.net identity securityrustd
 
Security Code Review: Magic or Art?
Security Code Review: Magic or Art?Security Code Review: Magic or Art?
Security Code Review: Magic or Art?Sherif Koussa
 
Beefing Up Security In ASP.NET Dot Net Bangalore 3rd meet up on May 16 2015
Beefing Up Security In ASP.NET Dot Net Bangalore 3rd meet up on May 16 2015Beefing Up Security In ASP.NET Dot Net Bangalore 3rd meet up on May 16 2015
Beefing Up Security In ASP.NET Dot Net Bangalore 3rd meet up on May 16 2015gmaran23
 

En vedette (20)

Code-Review-Principles-Process-and-Tools (1)
Code-Review-Principles-Process-and-Tools (1)Code-Review-Principles-Process-and-Tools (1)
Code-Review-Principles-Process-and-Tools (1)
 
Effective code reviews
Effective code reviewsEffective code reviews
Effective code reviews
 
Code Review
Code ReviewCode Review
Code Review
 
Java Code Review Checklist
Java Code Review ChecklistJava Code Review Checklist
Java Code Review Checklist
 
Code Review for iOS
Code Review for iOSCode Review for iOS
Code Review for iOS
 
Code review for secure web applications
Code review for secure web applicationsCode review for secure web applications
Code review for secure web applications
 
Null meet Code Review
Null meet Code ReviewNull meet Code Review
Null meet Code Review
 
Simplified Security Code Review Process
Simplified Security Code Review ProcessSimplified Security Code Review Process
Simplified Security Code Review Process
 
Project audit & review checklist
Project audit & review checklistProject audit & review checklist
Project audit & review checklist
 
Coding and testing in Software Engineering
Coding and testing in Software EngineeringCoding and testing in Software Engineering
Coding and testing in Software Engineering
 
Unit tests benefits
Unit tests benefitsUnit tests benefits
Unit tests benefits
 
The OWASP Top 10 Most Critical Web App Security Risks - TdT@Cluj #20
The OWASP Top 10 Most Critical Web App Security Risks - TdT@Cluj #20The OWASP Top 10 Most Critical Web App Security Risks - TdT@Cluj #20
The OWASP Top 10 Most Critical Web App Security Risks - TdT@Cluj #20
 
Code review
Code reviewCode review
Code review
 
Code Quality Management iOS
Code Quality Management iOSCode Quality Management iOS
Code Quality Management iOS
 
Security asp.net application
Security asp.net applicationSecurity asp.net application
Security asp.net application
 
Deploying Static Application Security Testing on a Large Scale
Deploying Static Application Security Testing on a Large ScaleDeploying Static Application Security Testing on a Large Scale
Deploying Static Application Security Testing on a Large Scale
 
Microsoft asp.net identity security
Microsoft asp.net identity securityMicrosoft asp.net identity security
Microsoft asp.net identity security
 
Security Code Review: Magic or Art?
Security Code Review: Magic or Art?Security Code Review: Magic or Art?
Security Code Review: Magic or Art?
 
Beefing Up Security In ASP.NET Dot Net Bangalore 3rd meet up on May 16 2015
Beefing Up Security In ASP.NET Dot Net Bangalore 3rd meet up on May 16 2015Beefing Up Security In ASP.NET Dot Net Bangalore 3rd meet up on May 16 2015
Beefing Up Security In ASP.NET Dot Net Bangalore 3rd meet up on May 16 2015
 
Secure coding in C#
Secure coding in C#Secure coding in C#
Secure coding in C#
 

Similaire à Code review guidelines

code_review_checklist_6_actions_to_improve_the_quality_of_your_reviews.pdf
code_review_checklist_6_actions_to_improve_the_quality_of_your_reviews.pdfcode_review_checklist_6_actions_to_improve_the_quality_of_your_reviews.pdf
code_review_checklist_6_actions_to_improve_the_quality_of_your_reviews.pdfsarah david
 
Code review best practice
Code review best practiceCode review best practice
Code review best practiceOren Digmi
 
code_review_checklist_6_actions_to_improve_the_quality_of_your_reviews.pptx
code_review_checklist_6_actions_to_improve_the_quality_of_your_reviews.pptxcode_review_checklist_6_actions_to_improve_the_quality_of_your_reviews.pptx
code_review_checklist_6_actions_to_improve_the_quality_of_your_reviews.pptxsarah david
 
10 Faulty Behaviors of Code Review - Developer Summit Istanbul 2018
10 Faulty Behaviors of Code Review - Developer Summit Istanbul 201810 Faulty Behaviors of Code Review - Developer Summit Istanbul 2018
10 Faulty Behaviors of Code Review - Developer Summit Istanbul 2018Lemi Orhan Ergin
 
Greythorn Whiteboard Interview Guide
Greythorn Whiteboard Interview GuideGreythorn Whiteboard Interview Guide
Greythorn Whiteboard Interview GuideVaco Seattle
 
Markus Clermont - Surviving in an Agile Environment - Google - SoftTest Ireland
Markus Clermont - Surviving in an Agile Environment - Google - SoftTest IrelandMarkus Clermont - Surviving in an Agile Environment - Google - SoftTest Ireland
Markus Clermont - Surviving in an Agile Environment - Google - SoftTest IrelandDavid O'Dowd
 
How to successfully grow a code review culture
How to successfully grow a code review cultureHow to successfully grow a code review culture
How to successfully grow a code review cultureDanylenko Max
 
[DevDay2018] Let’s all get along. Clean Code please! - By: Christophe K. Ngo,...
[DevDay2018] Let’s all get along. Clean Code please! - By: Christophe K. Ngo,...[DevDay2018] Let’s all get along. Clean Code please! - By: Christophe K. Ngo,...
[DevDay2018] Let’s all get along. Clean Code please! - By: Christophe K. Ngo,...DevDay.org
 
Code Review
Code ReviewCode Review
Code ReviewRavi Raj
 
The View - 30 proven Lotuscript tips
The View - 30 proven Lotuscript tipsThe View - 30 proven Lotuscript tips
The View - 30 proven Lotuscript tipsBill Buchan
 
Introduction to Software Review
Introduction to Software ReviewIntroduction to Software Review
Introduction to Software ReviewPhilip Johnson
 
Let's review it: What designers can learn from (code) review
Let's review it: What designers can learn from (code) reviewLet's review it: What designers can learn from (code) review
Let's review it: What designers can learn from (code) reviewIda Aalen
 
A Systematic Approach to Design Critique
A Systematic Approach to Design CritiqueA Systematic Approach to Design Critique
A Systematic Approach to Design CritiqueTryMyUI
 
Clean Code Software Engineering
Clean Code Software Engineering Clean Code Software Engineering
Clean Code Software Engineering Inocentshuja Ahmad
 
Developer + tester = quality++
Developer + tester = quality++Developer + tester = quality++
Developer + tester = quality++Mikalai Alimenkou
 
An Introduction To Software Development - Implementation
An Introduction To Software Development - ImplementationAn Introduction To Software Development - Implementation
An Introduction To Software Development - ImplementationBlue Elephant Consulting
 

Similaire à Code review guidelines (20)

code_review_checklist_6_actions_to_improve_the_quality_of_your_reviews.pdf
code_review_checklist_6_actions_to_improve_the_quality_of_your_reviews.pdfcode_review_checklist_6_actions_to_improve_the_quality_of_your_reviews.pdf
code_review_checklist_6_actions_to_improve_the_quality_of_your_reviews.pdf
 
Code review best practice
Code review best practiceCode review best practice
Code review best practice
 
code_review_checklist_6_actions_to_improve_the_quality_of_your_reviews.pptx
code_review_checklist_6_actions_to_improve_the_quality_of_your_reviews.pptxcode_review_checklist_6_actions_to_improve_the_quality_of_your_reviews.pptx
code_review_checklist_6_actions_to_improve_the_quality_of_your_reviews.pptx
 
10 Faulty Behaviors of Code Review - Developer Summit Istanbul 2018
10 Faulty Behaviors of Code Review - Developer Summit Istanbul 201810 Faulty Behaviors of Code Review - Developer Summit Istanbul 2018
10 Faulty Behaviors of Code Review - Developer Summit Istanbul 2018
 
Greythorn Whiteboard Interview Guide
Greythorn Whiteboard Interview GuideGreythorn Whiteboard Interview Guide
Greythorn Whiteboard Interview Guide
 
Best pratice
Best praticeBest pratice
Best pratice
 
While You Are Coding
While You Are CodingWhile You Are Coding
While You Are Coding
 
Markus Clermont - Surviving in an Agile Environment - Google - SoftTest Ireland
Markus Clermont - Surviving in an Agile Environment - Google - SoftTest IrelandMarkus Clermont - Surviving in an Agile Environment - Google - SoftTest Ireland
Markus Clermont - Surviving in an Agile Environment - Google - SoftTest Ireland
 
How to successfully grow a code review culture
How to successfully grow a code review cultureHow to successfully grow a code review culture
How to successfully grow a code review culture
 
[DevDay2018] Let’s all get along. Clean Code please! - By: Christophe K. Ngo,...
[DevDay2018] Let’s all get along. Clean Code please! - By: Christophe K. Ngo,...[DevDay2018] Let’s all get along. Clean Code please! - By: Christophe K. Ngo,...
[DevDay2018] Let’s all get along. Clean Code please! - By: Christophe K. Ngo,...
 
Code Review
Code ReviewCode Review
Code Review
 
The View - 30 proven Lotuscript tips
The View - 30 proven Lotuscript tipsThe View - 30 proven Lotuscript tips
The View - 30 proven Lotuscript tips
 
Introduction to Software Review
Introduction to Software ReviewIntroduction to Software Review
Introduction to Software Review
 
Let's review it: What designers can learn from (code) review
Let's review it: What designers can learn from (code) reviewLet's review it: What designers can learn from (code) review
Let's review it: What designers can learn from (code) review
 
Software coding and testing
Software coding and testingSoftware coding and testing
Software coding and testing
 
A Systematic Approach to Design Critique
A Systematic Approach to Design CritiqueA Systematic Approach to Design Critique
A Systematic Approach to Design Critique
 
Clean Code Software Engineering
Clean Code Software Engineering Clean Code Software Engineering
Clean Code Software Engineering
 
Developer + tester = quality++
Developer + tester = quality++Developer + tester = quality++
Developer + tester = quality++
 
Code quality
Code quality Code quality
Code quality
 
An Introduction To Software Development - Implementation
An Introduction To Software Development - ImplementationAn Introduction To Software Development - Implementation
An Introduction To Software Development - Implementation
 

Plus de Lalit Kale

Serverless microservices
Serverless microservicesServerless microservices
Serverless microservicesLalit Kale
 
Develop in ludicrous mode with azure serverless
Develop in ludicrous mode with azure serverlessDevelop in ludicrous mode with azure serverless
Develop in ludicrous mode with azure serverlessLalit Kale
 
For Business's Sake, Let's focus on AppSec
For Business's Sake, Let's focus on AppSecFor Business's Sake, Let's focus on AppSec
For Business's Sake, Let's focus on AppSecLalit Kale
 
Introduction To Microservices
Introduction To MicroservicesIntroduction To Microservices
Introduction To MicroservicesLalit Kale
 
Dot net platform and dotnet core fundamentals
Dot net platform and dotnet core fundamentalsDot net platform and dotnet core fundamentals
Dot net platform and dotnet core fundamentalsLalit Kale
 
Code refactoring
Code refactoringCode refactoring
Code refactoringLalit Kale
 
Application Security Tools
Application Security ToolsApplication Security Tools
Application Security ToolsLalit Kale
 
Threat Modeling And Analysis
Threat Modeling And AnalysisThreat Modeling And Analysis
Threat Modeling And AnalysisLalit Kale
 
Application Security-Understanding The Horizon
Application Security-Understanding The HorizonApplication Security-Understanding The Horizon
Application Security-Understanding The HorizonLalit Kale
 
Coding guidelines
Coding guidelinesCoding guidelines
Coding guidelinesLalit Kale
 
State management
State managementState management
State managementLalit Kale
 
Implementing application security using the .net framework
Implementing application security using the .net frameworkImplementing application security using the .net framework
Implementing application security using the .net frameworkLalit Kale
 
Data normailazation
Data normailazationData normailazation
Data normailazationLalit Kale
 
Versioning guidelines for product
Versioning guidelines for productVersioning guidelines for product
Versioning guidelines for productLalit Kale
 
Bowling Game Kata by Robert C. Martin
Bowling Game Kata by Robert C. MartinBowling Game Kata by Robert C. Martin
Bowling Game Kata by Robert C. MartinLalit Kale
 
Domain Driven Design
Domain Driven DesignDomain Driven Design
Domain Driven DesignLalit Kale
 
Web 2.0 concept
Web 2.0 conceptWeb 2.0 concept
Web 2.0 conceptLalit Kale
 
Jump Start To Ooad And Design Patterns
Jump Start To Ooad And Design PatternsJump Start To Ooad And Design Patterns
Jump Start To Ooad And Design PatternsLalit Kale
 
How To Create Strategic Marketing Plan
How To Create Strategic Marketing PlanHow To Create Strategic Marketing Plan
How To Create Strategic Marketing PlanLalit Kale
 

Plus de Lalit Kale (20)

Serverless microservices
Serverless microservicesServerless microservices
Serverless microservices
 
Develop in ludicrous mode with azure serverless
Develop in ludicrous mode with azure serverlessDevelop in ludicrous mode with azure serverless
Develop in ludicrous mode with azure serverless
 
For Business's Sake, Let's focus on AppSec
For Business's Sake, Let's focus on AppSecFor Business's Sake, Let's focus on AppSec
For Business's Sake, Let's focus on AppSec
 
Introduction To Microservices
Introduction To MicroservicesIntroduction To Microservices
Introduction To Microservices
 
Dot net platform and dotnet core fundamentals
Dot net platform and dotnet core fundamentalsDot net platform and dotnet core fundamentals
Dot net platform and dotnet core fundamentals
 
Code refactoring
Code refactoringCode refactoring
Code refactoring
 
Application Security Tools
Application Security ToolsApplication Security Tools
Application Security Tools
 
Threat Modeling And Analysis
Threat Modeling And AnalysisThreat Modeling And Analysis
Threat Modeling And Analysis
 
Application Security-Understanding The Horizon
Application Security-Understanding The HorizonApplication Security-Understanding The Horizon
Application Security-Understanding The Horizon
 
Coding guidelines
Coding guidelinesCoding guidelines
Coding guidelines
 
State management
State managementState management
State management
 
Implementing application security using the .net framework
Implementing application security using the .net frameworkImplementing application security using the .net framework
Implementing application security using the .net framework
 
Data normailazation
Data normailazationData normailazation
Data normailazation
 
Opps
OppsOpps
Opps
 
Versioning guidelines for product
Versioning guidelines for productVersioning guidelines for product
Versioning guidelines for product
 
Bowling Game Kata by Robert C. Martin
Bowling Game Kata by Robert C. MartinBowling Game Kata by Robert C. Martin
Bowling Game Kata by Robert C. Martin
 
Domain Driven Design
Domain Driven DesignDomain Driven Design
Domain Driven Design
 
Web 2.0 concept
Web 2.0 conceptWeb 2.0 concept
Web 2.0 concept
 
Jump Start To Ooad And Design Patterns
Jump Start To Ooad And Design PatternsJump Start To Ooad And Design Patterns
Jump Start To Ooad And Design Patterns
 
How To Create Strategic Marketing Plan
How To Create Strategic Marketing PlanHow To Create Strategic Marketing Plan
How To Create Strategic Marketing Plan
 

Dernier

8447779800, Low rate Call girls in Saket Delhi NCR
8447779800, Low rate Call girls in Saket Delhi NCR8447779800, Low rate Call girls in Saket Delhi NCR
8447779800, Low rate Call girls in Saket Delhi NCRashishs7044
 
APRIL2024_UKRAINE_xml_0000000000000 .pdf
APRIL2024_UKRAINE_xml_0000000000000 .pdfAPRIL2024_UKRAINE_xml_0000000000000 .pdf
APRIL2024_UKRAINE_xml_0000000000000 .pdfRbc Rbcua
 
Flow Your Strategy at Flight Levels Day 2024
Flow Your Strategy at Flight Levels Day 2024Flow Your Strategy at Flight Levels Day 2024
Flow Your Strategy at Flight Levels Day 2024Kirill Klimov
 
Market Sizes Sample Report - 2024 Edition
Market Sizes Sample Report - 2024 EditionMarket Sizes Sample Report - 2024 Edition
Market Sizes Sample Report - 2024 EditionMintel Group
 
Memorándum de Entendimiento (MoU) entre Codelco y SQM
Memorándum de Entendimiento (MoU) entre Codelco y SQMMemorándum de Entendimiento (MoU) entre Codelco y SQM
Memorándum de Entendimiento (MoU) entre Codelco y SQMVoces Mineras
 
Digital Transformation in the PLM domain - distrib.pdf
Digital Transformation in the PLM domain - distrib.pdfDigital Transformation in the PLM domain - distrib.pdf
Digital Transformation in the PLM domain - distrib.pdfJos Voskuil
 
FULL ENJOY Call girls in Paharganj Delhi | 8377087607
FULL ENJOY Call girls in Paharganj Delhi | 8377087607FULL ENJOY Call girls in Paharganj Delhi | 8377087607
FULL ENJOY Call girls in Paharganj Delhi | 8377087607dollysharma2066
 
Investment in The Coconut Industry by Nancy Cheruiyot
Investment in The Coconut Industry by Nancy CheruiyotInvestment in The Coconut Industry by Nancy Cheruiyot
Investment in The Coconut Industry by Nancy Cheruiyotictsugar
 
MAHA Global and IPR: Do Actions Speak Louder Than Words?
MAHA Global and IPR: Do Actions Speak Louder Than Words?MAHA Global and IPR: Do Actions Speak Louder Than Words?
MAHA Global and IPR: Do Actions Speak Louder Than Words?Olivia Kresic
 
Independent Call Girls Andheri Nightlaila 9967584737
Independent Call Girls Andheri Nightlaila 9967584737Independent Call Girls Andheri Nightlaila 9967584737
Independent Call Girls Andheri Nightlaila 9967584737Riya Pathan
 
Traction part 2 - EOS Model JAX Bridges.
Traction part 2 - EOS Model JAX Bridges.Traction part 2 - EOS Model JAX Bridges.
Traction part 2 - EOS Model JAX Bridges.Anamaria Contreras
 
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCRashishs7044
 
2024 Numerator Consumer Study of Cannabis Usage
2024 Numerator Consumer Study of Cannabis Usage2024 Numerator Consumer Study of Cannabis Usage
2024 Numerator Consumer Study of Cannabis UsageNeil Kimberley
 
Intro to BCG's Carbon Emissions Benchmark_vF.pdf
Intro to BCG's Carbon Emissions Benchmark_vF.pdfIntro to BCG's Carbon Emissions Benchmark_vF.pdf
Intro to BCG's Carbon Emissions Benchmark_vF.pdfpollardmorgan
 
Youth Involvement in an Innovative Coconut Value Chain by Mwalimu Menza
Youth Involvement in an Innovative Coconut Value Chain by Mwalimu MenzaYouth Involvement in an Innovative Coconut Value Chain by Mwalimu Menza
Youth Involvement in an Innovative Coconut Value Chain by Mwalimu Menzaictsugar
 
Ms Motilal Padampat Sugar Mills vs. State of Uttar Pradesh & Ors. - A Milesto...
Ms Motilal Padampat Sugar Mills vs. State of Uttar Pradesh & Ors. - A Milesto...Ms Motilal Padampat Sugar Mills vs. State of Uttar Pradesh & Ors. - A Milesto...
Ms Motilal Padampat Sugar Mills vs. State of Uttar Pradesh & Ors. - A Milesto...ShrutiBose4
 
8447779800, Low rate Call girls in Rohini Delhi NCR
8447779800, Low rate Call girls in Rohini Delhi NCR8447779800, Low rate Call girls in Rohini Delhi NCR
8447779800, Low rate Call girls in Rohini Delhi NCRashishs7044
 
Kenya Coconut Production Presentation by Dr. Lalith Perera
Kenya Coconut Production Presentation by Dr. Lalith PereraKenya Coconut Production Presentation by Dr. Lalith Perera
Kenya Coconut Production Presentation by Dr. Lalith Pereraictsugar
 
Case study on tata clothing brand zudio in detail
Case study on tata clothing brand zudio in detailCase study on tata clothing brand zudio in detail
Case study on tata clothing brand zudio in detailAriel592675
 

Dernier (20)

8447779800, Low rate Call girls in Saket Delhi NCR
8447779800, Low rate Call girls in Saket Delhi NCR8447779800, Low rate Call girls in Saket Delhi NCR
8447779800, Low rate Call girls in Saket Delhi NCR
 
APRIL2024_UKRAINE_xml_0000000000000 .pdf
APRIL2024_UKRAINE_xml_0000000000000 .pdfAPRIL2024_UKRAINE_xml_0000000000000 .pdf
APRIL2024_UKRAINE_xml_0000000000000 .pdf
 
Flow Your Strategy at Flight Levels Day 2024
Flow Your Strategy at Flight Levels Day 2024Flow Your Strategy at Flight Levels Day 2024
Flow Your Strategy at Flight Levels Day 2024
 
Market Sizes Sample Report - 2024 Edition
Market Sizes Sample Report - 2024 EditionMarket Sizes Sample Report - 2024 Edition
Market Sizes Sample Report - 2024 Edition
 
No-1 Call Girls In Goa 93193 VIP 73153 Escort service In North Goa Panaji, Ca...
No-1 Call Girls In Goa 93193 VIP 73153 Escort service In North Goa Panaji, Ca...No-1 Call Girls In Goa 93193 VIP 73153 Escort service In North Goa Panaji, Ca...
No-1 Call Girls In Goa 93193 VIP 73153 Escort service In North Goa Panaji, Ca...
 
Memorándum de Entendimiento (MoU) entre Codelco y SQM
Memorándum de Entendimiento (MoU) entre Codelco y SQMMemorándum de Entendimiento (MoU) entre Codelco y SQM
Memorándum de Entendimiento (MoU) entre Codelco y SQM
 
Digital Transformation in the PLM domain - distrib.pdf
Digital Transformation in the PLM domain - distrib.pdfDigital Transformation in the PLM domain - distrib.pdf
Digital Transformation in the PLM domain - distrib.pdf
 
FULL ENJOY Call girls in Paharganj Delhi | 8377087607
FULL ENJOY Call girls in Paharganj Delhi | 8377087607FULL ENJOY Call girls in Paharganj Delhi | 8377087607
FULL ENJOY Call girls in Paharganj Delhi | 8377087607
 
Investment in The Coconut Industry by Nancy Cheruiyot
Investment in The Coconut Industry by Nancy CheruiyotInvestment in The Coconut Industry by Nancy Cheruiyot
Investment in The Coconut Industry by Nancy Cheruiyot
 
MAHA Global and IPR: Do Actions Speak Louder Than Words?
MAHA Global and IPR: Do Actions Speak Louder Than Words?MAHA Global and IPR: Do Actions Speak Louder Than Words?
MAHA Global and IPR: Do Actions Speak Louder Than Words?
 
Independent Call Girls Andheri Nightlaila 9967584737
Independent Call Girls Andheri Nightlaila 9967584737Independent Call Girls Andheri Nightlaila 9967584737
Independent Call Girls Andheri Nightlaila 9967584737
 
Traction part 2 - EOS Model JAX Bridges.
Traction part 2 - EOS Model JAX Bridges.Traction part 2 - EOS Model JAX Bridges.
Traction part 2 - EOS Model JAX Bridges.
 
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR
 
2024 Numerator Consumer Study of Cannabis Usage
2024 Numerator Consumer Study of Cannabis Usage2024 Numerator Consumer Study of Cannabis Usage
2024 Numerator Consumer Study of Cannabis Usage
 
Intro to BCG's Carbon Emissions Benchmark_vF.pdf
Intro to BCG's Carbon Emissions Benchmark_vF.pdfIntro to BCG's Carbon Emissions Benchmark_vF.pdf
Intro to BCG's Carbon Emissions Benchmark_vF.pdf
 
Youth Involvement in an Innovative Coconut Value Chain by Mwalimu Menza
Youth Involvement in an Innovative Coconut Value Chain by Mwalimu MenzaYouth Involvement in an Innovative Coconut Value Chain by Mwalimu Menza
Youth Involvement in an Innovative Coconut Value Chain by Mwalimu Menza
 
Ms Motilal Padampat Sugar Mills vs. State of Uttar Pradesh & Ors. - A Milesto...
Ms Motilal Padampat Sugar Mills vs. State of Uttar Pradesh & Ors. - A Milesto...Ms Motilal Padampat Sugar Mills vs. State of Uttar Pradesh & Ors. - A Milesto...
Ms Motilal Padampat Sugar Mills vs. State of Uttar Pradesh & Ors. - A Milesto...
 
8447779800, Low rate Call girls in Rohini Delhi NCR
8447779800, Low rate Call girls in Rohini Delhi NCR8447779800, Low rate Call girls in Rohini Delhi NCR
8447779800, Low rate Call girls in Rohini Delhi NCR
 
Kenya Coconut Production Presentation by Dr. Lalith Perera
Kenya Coconut Production Presentation by Dr. Lalith PereraKenya Coconut Production Presentation by Dr. Lalith Perera
Kenya Coconut Production Presentation by Dr. Lalith Perera
 
Case study on tata clothing brand zudio in detail
Case study on tata clothing brand zudio in detailCase study on tata clothing brand zudio in detail
Case study on tata clothing brand zudio in detail
 

Code review guidelines

  • 1. Code Review Guidelines What is a code Review? A code review is a detailed review of code and the end of the feature implementation or at logical intervals for validating the design and implementation of features/patches. Why Reviews are important? 1. To spot and fix defects early in the process. 2. Better-shared understanding of the code base as team members learn from each other 3. Helps to maintain a level of consistency in design and implementation. 4. It is more affordable and can be more effective than testing process. 5. Helps to identify common defects across the team thus reducing rework. 6. Builds confidence of stakeholders about technical quality of the execution. 7. Uniformity in understanding will help interchangeability of team members in case of non- availability of any one of them. 8. In case third party reviews code doesn’t get adverse comments. Before we commit any code to source control, we review it for compliance with the list below: General Unit Testing Comment and Coding Conventions Error Handling Resource Leaks Thread Safety Control Structures Performance Functionality Security Roles and Responsibilities 1. Developer: is the person who has written the code to be reviewed and has initiated the review request. 2. Reviewer/s: are the people who are going to review the code and report the findings to the developer. Tips for the Developer: 1. The primary reviewer is the author i.e. YOU.
  • 2. 2. Create a checklist for yourself of the things that the code reviews tend to focus on. Some of this checklist should be easy to put together. It should follow the outline of the coding standards document. Because it's your checklist, you can focus on the thing that you struggle with and skip the things that you rarely, if ever, have a problem with. Run through your code with the checklist and fix whatever you find. Not only will you reduce the number of things that the team finds, you'll reduce the time to complete the code review meeting—and everyone will be happy to spend less time in the review. 3. You are not your code. Remember that the entire point of a review is to find problems, and problems will be found. Don't take it personally when one is uncovered. 4. Understand and accept that you will make mistakes. The point is to find them early, before they make it into production. Fortunately, except for the few of us developing rocket guidance software at JPL, mistakes are rarely fatal in our industry, so we can, and should, learn, laugh, and move on. 5. No matter how much "karate" you know, someone else will always know more. Such an individual can teach you some new moves if you ask. Seek and accept input from others, especially when you think it's not needed. 6. Don't rewrite code without consultation. There's a fine line between "fixing code" and "rewriting code." Know the difference, and pursue stylistic changes within the framework of a code review, not as a lone enforcer. 7. The only constant in the world is change. Be open to it and accept it with a smile. Look at each change to your requirements, platform, or tool as a new challenge, not as some serious inconvenience to be fought. 8. Fight for what you believe, but gracefully accept defeat. Understand that sometimes your ideas will be overruled. Even if you do turn out to be right, don't take revenge or say, "I told you so" more than a few times at most, and don't make your dearly departed idea a martyr or rallying cry. 9. Don't be "the guy in the room." Don't be the guy coding in the dark office emerging only to buy cola. The guy in the room is out of touch, out of sight, and out of control and has no place in an open, collaborative environment. 10. Please note that Review meetings are NOTproblem solving meetings. 11. Help to maintain the coding standards. Offer to add to the coding standards for things discussed that aren't in the coding standards. One of the challenges that a developer has in an organization with combative code review practices is that they frequently don't know where the next problem will come from. If you document each issue into the coding standards, you can check for it with your checklist the next time you come up for code reviews. It also will help
  • 3. cement the concept into your mind so that you're less likely to miss opportunities to use the feedback. Tips for the Reviewer 1. Critique code instead of people – be kind to the coder, not to the code. As much as possible, make all of your comments positive and oriented to improving the code. Relate comments to local standards, program specs, increased performance, etc. 2. Treat people who know less than you with respect, deference, and patience. Nontechnical people who deal with developers on a regular basis almost universally hold the opinion that we are prima donnas at best and crybabies at worst. Don't reinforce this stereotype with anger and impatience. 3. The only true authority stems from knowledge, not from position. Knowledge engenders authority, and authority engenders respect – so if you want respect in an egoless environment, cultivate knowledge. 4. Please note that Review meetings are NOT problem solving meetings. 5. Ask questions rather than make statements. A statement is accusatory. "You didn't follow the standard here" is an attack—whether intentional or not. The question, "What was the reasoning behind the approached you used?" is seeking more information. Obviously, that question can't be said with a sarcastic or condescending tone; but, done correctly, it can often open the developer up to stating their thinking and then asking if there was a better way. 6. Avoid the "Why" questions. Although extremely difficult at times, avoiding the"Why" questions can substantially improve the mood. Just as a statement is accusatory—so is a why question. Most "Why" questions can be reworded to a question that doesn't include the word "Why" and the results can be dramatic. For example, "Why didn't you follow the standards here..." versus "What was the reasoning behind the deviation from the standards here..." 7. Remember to praise. The purposes of code reviews are not focused at telling developers how they can improve, and not necessarily that they did a good job. Human nature is such that we want and need to be acknowledged for our successes, not just shown our faults. Because development is necessarily a creative work that developers pour their soul into, it often can be close to their hearts. This makes the need for praise even more critical. 8. Make sure you have good coding standards to reference. Code reviews find their foundation in the coding standards of the organization. Coding standards are supposed to be the shared agreement that the developers have with one another to produce quality, maintainable code. If you're discussing an item that isn't in your coding standards, you have some work to do to get
  • 4. the item in the coding standards. You should regularly ask yourself whether the item being discussed is in your coding standards. 9. Remember that there is often more than one way to approach a solution. Although the developer might have coded something differently from how you would have, it isn't necessarily wrong. The goal is quality, maintainable code. If it meets those goals and follows the coding standards, that's all you can ask for. 10. You shouldn't rush through a code review- but also, you need to do it promptly. Your coworkers are waiting for you. Assign Severity to Review Finding The severity to find issues with code should go as below. Reviewer must focus on issues with High severity first and then to Medium severity and then Low severity issues. 1. Naming Conventions and Coding style = Low 2. Control Structures and Logical issues = Medium or High 3. Redundant Code = High 4. Performance Issues =High 5. Security Issues = High 6. Scalability Issues= High 7. Functional Issues =High 8. Error Handling = High 9. Reusability = Medium How to do code review Before going for code review, please see the following checklist. This checklist should be stringently followed by the developer who is requesting the code review. 1. Does review Meeting should be scheduled prior to at least one day before the review requested? Y/N 2. Does meeting Request should contain following items. (All items are mandatory)  Objective of review (This can be decided in consultation of respective project manager/Tech lead/architect/reviewers)  Work Item/s of review (e.g. Use Case /User story number)  Unit testing for work item/s done? Y/N  Has the code committed to source control repository? Y/N
  • 5.  Does Code complies and runs on another developer’s machine without errors or warnings? Y/N 3. Reviewer gets request for review and s/he goes from work Items that has to be reviewed. 4. In Review meeting, if reviewer has any findings beforehand, then s/he shares it with the developers. 5. Then, developer explains the functional requirement in brief and also gives walk through of code. 6. Reviewer document the review findings along with some explanation and action plan for developer. 7. After the meeting, developer corrects the findings and eliminates the issues. 8. Developer again unit test the code. 9. Developer conveys the reviewer that all issues have been resolved and waits for the acknowledgement email from the reviewer. 10. Reviewer re-checks the code modifications in source control repository and sends the acknowledgement email to developer stating the work items and their status whether they are closed or still open. If items are open then developer has to follow all the steps from step 6. References: 1. http://www.codinghorror.com/blog/2006/05/the-ten-commandments-of-egoless- programming.html 2. http://www.developer.com/java/other/article.php/3579756 3. http://www.smartbear.com/docs/BestPracticesForPeerCodeReview.pdf