Effective code reviews

2,793 views

Published on

It’s not easy to perform a good code review. Often done in a hurry just to get it done, it only makes things worse. People treat it as an obstacle, not a helpful thing. I am gonna tell you why code reviews are important and how they can help you maintain good quality code. I will not only tell who are the code reviews for, how to raise a useful code review, but also how to perform a good code review in the quickest time possible.

Published in: Technology
0 Comments
3 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
2,793
On SlideShare
0
From Embeds
0
Number of Embeds
415
Actions
Shares
0
Downloads
35
Comments
0
Likes
3
Embeds 0
No embeds

No notes for slide

Effective code reviews

  1. 1. code reviews Effective ct h ite rc eA ar ftw So - k re Ma n s ti a ba Se
  2. 2. • a Pole living in Sheffield• over 12 years in development• Pascal, C++, PHP, perl, python, Java• co-author of 2 PHP books• big fan of process automation• TDD and CI• occasionally contributes to open source projects• wants to be a knight https://joind.in/6947@proofek
  3. 3. Who does code reviews?
  4. 4. All characters appearing in this presentation are fictitious. Any resemblance to real persons, living or dead, is purely coincidental.Disclaimer
  5. 5. Tom “I Need It Now” – The Owner Harry “Just Get It Done” – The ManagerThe Team
  6. 6. Adam “The Night Coder” – developer Kris “Hackety Hack” – master code reviewer Bruno “It Will Work” – apprentice reviewerThe Team
  7. 7. How much time do we need to get this project done? Well, design, coding, code reviews, testing… Do we really need to code review the code? You surely know how to code, and you have tested it and it works… Right?Scenario 1
  8. 8. Were nearly done, just need to get this code reviewed. Hmmm… all the developers are busy, we have no one spare. Lets skip it and get it straight into QA…Scenario 2
  9. 9. Hello Harry, I need John to review my code. John is busy, you can have Rob. But Rob is a junior developer, and he doesnt know this system. You want it code reviewed or not? Rob is all weve got!Scenario 3
  10. 10. We do all these code review, spend a lot of time on this, but the code that hits production is still buggy. Its a waste of time!Scenario 4
  11. 11. Code review Adam The Developer 9:31 PM (0 minutes ago) to Kris The Reviewer Kris, I got this code I need you to review. Can you do it for me please? The code is in my repository on problem-fix branch. Thanks --- Adam Click here to Reply or Forward
  12. 12. No (e)mail!Raising a code review
  13. 13. Bug tracking systems - JIRA - Bugtrak - Mantis Code review tools - Crucible/Fisheye - Gerrit - GithubRaising a code review
  14. 14. Code review Adam The Developer 9:31 PM (13 minutes ago) to Kris The Reviewer Kris, I got this code I need you to review. Can you do it for me please? The code is in my repository on problem-fix branch. Thanks --- Adam Kris The Reviewer 9:44 PM (0 minutes ago) to Adam The Developer Adam, No problem at all, but where did you branch the code from? I can’t identify the change set without it. --- Kris Click here to Reply or Forward
  15. 15. Version control • Specific change sets • avoid specific commits • Reviewing patches risky, unless automatedWhat to review
  16. 16. Code review Adam The Developer 9:31 PM (25 minutes ago) Kris, I got this code I need you to review. Can you do it for me please? … Kris The Reviewer 9:44 PM (12 minutes ago) to Adam The Developer Adam, No problem at all, but where did you branch the code from? I can’t identify the change set without it. --- Kris Adam The Developer 9:56 PM (0 minutes ago) to Kris The Reviewer Kris, Ah yes. Sorry. It’s branched from my master branch. --- Adam
  17. 17. What and Why?The purpose of the review
  18. 18. Bruno “It will work” Usual feedback produced: • Makes sense • Works • Syntactically correct • ApprovedOne way of doing things…
  19. 19. Kris “The Master Reviewer” Tools used: • PHP linter • PHP Code Sniffer • PHPUnit • phpDocumentor • PHP Depend • PHP Mess Detector • SonarBeing smarter…
  20. 20. $ php -l Libraries/Action.class.php No syntax errors detected in Libraries/Action.class.php $ php -l Libraries/Action.class.php Errors parsing Libraries/Action.class.php $ phpcs –standard=Zend Libraries/Action.class.php FILE: /Volumes/git/modules/AccountChange/Libraries/Action.class.php -------------------------------------------------------------------------------- FOUND 2 ERROR(S) AND 1 WARNING(S) AFFECTING 3 LINE(S) -------------------------------------------------------------------------------- 44 | ERROR | Protected member variable "arrOptions" must contain a leading | | underscore 66 | WARNING | Line exceeds 80 characters; contains 82 characters 97 | ERROR | Line exceeds maximum limit of 120 characters; contains 135 | | characters -------------------------------------------------------------------------------- Time: 0 seconds, Memory: 5.75MbSpeed up with automation - PHP linter and PHP CodeSniffer
  21. 21. $ phpunit PHPUnit 3.6.12 by Sebastian Bergmann. Configuration read from phpunit.xml.dist ..................IIII................IIIIIIIIIIIIIIIIIIIIIII.. 63 / 240 ( 26%) .............................................I.....I........... 126 / 240 ( 52%) ............................................................... 189 / 240 ( 78%) ................................................... Time: 02:01, Memory: 26.75Mb OK, but incomplete or skipped tests! Tests: 240, Assertions: 514, Incomplete: 29.Verify whether the code works with PHPUnit
  22. 22. PHP_Depend 0.10.6 by Manuel Pichler Parsing source files: .................... 20 Executing CyclomaticComplexity-Analyzer: ............. 261 Executing ClassLevel-Analyzer: ............ 247 Executing CodeRank-Analyzer: . 28 Executing Coupling-Analyzer: ............. 267 Executing Hierarchy-Analyzer: ............ 246 Executing Inheritance-Analyzer: . 30 Executing NPathComplexity-Analyzer: .............. 283 Executing NodeCount-Analyzer: ........ 174 Executing NodeLoc-Analyzer: .......... 205 Generating pdepend log files, this may take a moment. Time: 00:05; Memory: 25.50MbStatic analysis and code quality with PHP Depend
  23. 23. Static analysis and code quality with PHP Mess Detector
  24. 24. Static analysis and code quality with Sonar
  25. 25. Static analysis and code quality with Sonar
  26. 26. Static analysis and code quality with Sonar
  27. 27. Static analysis and code quality with Sonar
  28. 28. Static analysis and code quality with Sonar
  29. 29. Static analysis and code quality with Sonar
  30. 30. Kris “The Master Reviewer” Things checked: • clarity • duplications • performance • code quality • excessive complexity • potential deployment • impact on other issues systems • design flaws • does the solution solves the problem…by looking at things all important
  31. 31. • Knowledge sharing • Mentoring new starters • Find bugs/design flaws early • Improve overall code quality • Fostering collective code ownershipThe benefits of a code review – they are for you!
  32. 32. DEVELOPERS • Understand and accept that you will make mistakes. • You are not your code. • No matter how much "karate" you know, someone else will always know more. • Dont rewrite code without consultation.The soft side - developers
  33. 33. CODE REVIEWERS • The only true authority stems from knowledge, not from position. • Critique code instead of peopleThe soft side – code reviewers
  34. 34. • Location of your changes WHAT? – Repository name, branch name, branch base • Subject of your changes – What have you changed • Reason for the change – Why have you change itSummary - what include in the code review
  35. 35. WHO? • Seek the experts – If youre not sure ask around • Question the solution – Make sure it fits the purposeSummary - who assign the code review to?
  36. 36. WHERE? • Make it traceable – Bug trucking system, ie. Jira, Trac, Mantis, etc – Code review tool, ie. Fisheye/Crucible, gerrit • Conversation/Pair programming – Just make sure outcome is capturedSummary – where to raise a code review?
  37. 37. • Use tools, don’t be a tool • Check for duplications/ HOW? complexity • Asses impact on other systems • Make sure code is clear and self-descriptiveSummary - how to perform a good code review?
  38. 38. http://www.atlassian.com/angrynerds/ http://georgegant.deviantart.com/art/Angry-Nerds-217554774 http://www.flickr.com/photos/dawgbyte77/3058349367/ http://www.flickr.com/photos/zzpza/3269784239/ http://www.flickr.com/photos/toolmantim/6170448143/ http://www.flickr.com/photos/coyau/7630782996/ http://www.flickr.com/photos/73885983@N02/6729908421/ http://www.osnews.com/story/19266/WTFs_mCredits…
  39. 39. The Ten Commandments of Egoless Programming: http://alturl.com/ q4dpa The Code review: http://www.soulbroken.co.uk/blog/2010/07/the-code- review/ Fisheye/Crucible: http://www.atlassian.com/software/crucible/overview Gerrit: http://code.google.com/p/gerrit/ Github: https://github.com/ PHPUnit: http://phpunit.de PHP CodeSniffer: http://pear.php.net/PHP_CodeSniffer PHP Depend: http://pdepend.org/ PHP Mess Detector: http://phpmd.org/ Sonar: http://www.sonarsource.org/…and references
  40. 40. Questions? https:// /6947Q&A

×