SlideShare a Scribd company logo

Effective code review

Effective Code Review - LSP17

1 of 33
Download to read offline
Effective Code Review
What to Say & How to Say It
Lone Star PHP 2017 | #lsp17 | https://joind.in/talk/2bf9b
@jessicamauerhan
Senior Software Engineer
TDD/BDD Expert
jessicamauerhan@gmail.com
jmauerhan.wordpress.com
Why Review?
● Catch / Prevent Bugs
● Identify Potential Problems
(not "bugs" but performance,
security, etc)
● Improve Maintainability of
Code
● Improve Communication and
Understanding
Code Review: Careful examination of
code, looking for mistakes and
attempting to improve overall quality.
Types of Code
Review
● Formal
○ Multiple Days
○ Multiple Reviewers
● Informal
○ Faster
○ Not always documented
○ Just as effective!
Pull Request Reviews
● Useful for impacting the writer's skills and habits
● Cross-Team Code Review: maintainable code
● Small Frequent PRs:
○ Clear, Readable Code enables reader to understand context & purpose quickly
○ Empower everyone to review code, so everyone can contribute to review
● Don't rely on one/few reviewers
Sprint Retrospective Reviews
● Useful for reviewing & communicating out to team
○ Purpose of code / feature
○ Explain new libraries / dependencies
● Extra eyes to catch any remaining flaws
● Demonstrate / enforce good habits

Recommended

Double Loop: TDD & BDD Done Right
Double Loop: TDD & BDD Done RightDouble Loop: TDD & BDD Done Right
Double Loop: TDD & BDD Done RightJessica Mauerhan
 
Double Loop: TDD & BDD Done Right!
Double Loop: TDD & BDD Done Right!Double Loop: TDD & BDD Done Right!
Double Loop: TDD & BDD Done Right!Jessica Mauerhan
 
Legacy: A Retrospective - Open West 2016
Legacy: A Retrospective - Open West 2016Legacy: A Retrospective - Open West 2016
Legacy: A Retrospective - Open West 2016Jessica Mauerhan
 
Behat - Beyond the Basics (2016 - SunshinePHP)
Behat - Beyond the Basics (2016 - SunshinePHP)Behat - Beyond the Basics (2016 - SunshinePHP)
Behat - Beyond the Basics (2016 - SunshinePHP)Jessica Mauerhan
 

More Related Content

Recently uploaded

"How we created an SRE team in Temabit as a part of FOZZY Group in conditions...
"How we created an SRE team in Temabit as a part of FOZZY Group in conditions..."How we created an SRE team in Temabit as a part of FOZZY Group in conditions...
"How we created an SRE team in Temabit as a part of FOZZY Group in conditions...Fwdays
 
Unleash the Solace Pub Sub connector | Banaglore MuleSoft Meetup #31
Unleash the Solace Pub Sub connector | Banaglore MuleSoft Meetup #31Unleash the Solace Pub Sub connector | Banaglore MuleSoft Meetup #31
Unleash the Solace Pub Sub connector | Banaglore MuleSoft Meetup #31shyamraj55
 
How we think about an advisor tech stack
How we think about an advisor tech stackHow we think about an advisor tech stack
How we think about an advisor tech stackSummit
 
Introducing the New FME Community Webinar - Feb 21, 2024 (2).pdf
Introducing the New FME Community Webinar - Feb 21, 2024 (2).pdfIntroducing the New FME Community Webinar - Feb 21, 2024 (2).pdf
Introducing the New FME Community Webinar - Feb 21, 2024 (2).pdfSafe Software
 
"AIRe - AI Reliability Engineering", Denys Vasyliev
"AIRe - AI Reliability Engineering", Denys Vasyliev"AIRe - AI Reliability Engineering", Denys Vasyliev
"AIRe - AI Reliability Engineering", Denys VasylievFwdays
 
Synergy in Leadership and Product Excellence: A Blueprint for Growth by CPO, ...
Synergy in Leadership and Product Excellence: A Blueprint for Growth by CPO, ...Synergy in Leadership and Product Excellence: A Blueprint for Growth by CPO, ...
Synergy in Leadership and Product Excellence: A Blueprint for Growth by CPO, ...Product School
 
"Running Open-Source LLM models on Kubernetes", Volodymyr Tsap
"Running Open-Source LLM models on Kubernetes",  Volodymyr Tsap"Running Open-Source LLM models on Kubernetes",  Volodymyr Tsap
"Running Open-Source LLM models on Kubernetes", Volodymyr TsapFwdays
 
Leveraging SLF4j for Effective Logging in IBM App Connect Enterprise.docx
Leveraging SLF4j for Effective Logging in IBM App Connect Enterprise.docxLeveraging SLF4j for Effective Logging in IBM App Connect Enterprise.docx
Leveraging SLF4j for Effective Logging in IBM App Connect Enterprise.docxVotarikari Shravan
 
Act Like an Owner, Challenge Like a VC by former CPO, Tripadvisor
Act Like an Owner,  Challenge Like a VC by former CPO, TripadvisorAct Like an Owner,  Challenge Like a VC by former CPO, Tripadvisor
Act Like an Owner, Challenge Like a VC by former CPO, TripadvisorProduct School
 
The Art of the Possible with Graph by Dr Jim Webber Neo4j.pptx
The Art of the Possible with Graph by Dr Jim Webber Neo4j.pptxThe Art of the Possible with Graph by Dr Jim Webber Neo4j.pptx
The Art of the Possible with Graph by Dr Jim Webber Neo4j.pptxNeo4j
 
Revolutionizing The Banking Industry: The Monzo Way by CPO, Monzo
Revolutionizing The Banking Industry: The Monzo Way by CPO, MonzoRevolutionizing The Banking Industry: The Monzo Way by CPO, Monzo
Revolutionizing The Banking Industry: The Monzo Way by CPO, MonzoProduct School
 
Roundtable_-_API_Research__Testing_Tools.pdf
Roundtable_-_API_Research__Testing_Tools.pdfRoundtable_-_API_Research__Testing_Tools.pdf
Roundtable_-_API_Research__Testing_Tools.pdfMostafa Higazy
 
Introduction to Multimodal LLMs with LLaVA
Introduction to Multimodal LLMs with LLaVAIntroduction to Multimodal LLMs with LLaVA
Introduction to Multimodal LLMs with LLaVARobert McDermott
 
"Platform Engineering with Development Containers", Igor Fesenko
"Platform Engineering with Development Containers", Igor Fesenko"Platform Engineering with Development Containers", Igor Fesenko
"Platform Engineering with Development Containers", Igor FesenkoFwdays
 
Enterprise Architecture As Strategy - Book Review
Enterprise Architecture As Strategy - Book ReviewEnterprise Architecture As Strategy - Book Review
Enterprise Architecture As Strategy - Book ReviewAshraf Fouad
 
How to write an effective Cyber Incident Response Plan
How to write an effective Cyber Incident Response PlanHow to write an effective Cyber Incident Response Plan
How to write an effective Cyber Incident Response PlanDatabarracks
 
Mind your App Footprint 🐾⚡️🌱 (@FlutterHeroes 2024)
Mind your App Footprint 🐾⚡️🌱 (@FlutterHeroes 2024)Mind your App Footprint 🐾⚡️🌱 (@FlutterHeroes 2024)
Mind your App Footprint 🐾⚡️🌱 (@FlutterHeroes 2024)François
 
ASTRAZENECA. Knowledge Graphs Powering a Fast-moving Global Life Sciences Org...
ASTRAZENECA. Knowledge Graphs Powering a Fast-moving Global Life Sciences Org...ASTRAZENECA. Knowledge Graphs Powering a Fast-moving Global Life Sciences Org...
ASTRAZENECA. Knowledge Graphs Powering a Fast-moving Global Life Sciences Org...Neo4j
 
Building Bridges: Merging RPA Processes, UiPath Apps, and Data Service to bu...
Building Bridges:  Merging RPA Processes, UiPath Apps, and Data Service to bu...Building Bridges:  Merging RPA Processes, UiPath Apps, and Data Service to bu...
Building Bridges: Merging RPA Processes, UiPath Apps, and Data Service to bu...DianaGray10
 

Recently uploaded (20)

In sharing we trust. Taking advantage of a diverse consortium to build a tran...
In sharing we trust. Taking advantage of a diverse consortium to build a tran...In sharing we trust. Taking advantage of a diverse consortium to build a tran...
In sharing we trust. Taking advantage of a diverse consortium to build a tran...
 
"How we created an SRE team in Temabit as a part of FOZZY Group in conditions...
"How we created an SRE team in Temabit as a part of FOZZY Group in conditions..."How we created an SRE team in Temabit as a part of FOZZY Group in conditions...
"How we created an SRE team in Temabit as a part of FOZZY Group in conditions...
 
Unleash the Solace Pub Sub connector | Banaglore MuleSoft Meetup #31
Unleash the Solace Pub Sub connector | Banaglore MuleSoft Meetup #31Unleash the Solace Pub Sub connector | Banaglore MuleSoft Meetup #31
Unleash the Solace Pub Sub connector | Banaglore MuleSoft Meetup #31
 
How we think about an advisor tech stack
How we think about an advisor tech stackHow we think about an advisor tech stack
How we think about an advisor tech stack
 
Introducing the New FME Community Webinar - Feb 21, 2024 (2).pdf
Introducing the New FME Community Webinar - Feb 21, 2024 (2).pdfIntroducing the New FME Community Webinar - Feb 21, 2024 (2).pdf
Introducing the New FME Community Webinar - Feb 21, 2024 (2).pdf
 
"AIRe - AI Reliability Engineering", Denys Vasyliev
"AIRe - AI Reliability Engineering", Denys Vasyliev"AIRe - AI Reliability Engineering", Denys Vasyliev
"AIRe - AI Reliability Engineering", Denys Vasyliev
 
Synergy in Leadership and Product Excellence: A Blueprint for Growth by CPO, ...
Synergy in Leadership and Product Excellence: A Blueprint for Growth by CPO, ...Synergy in Leadership and Product Excellence: A Blueprint for Growth by CPO, ...
Synergy in Leadership and Product Excellence: A Blueprint for Growth by CPO, ...
 
"Running Open-Source LLM models on Kubernetes", Volodymyr Tsap
"Running Open-Source LLM models on Kubernetes",  Volodymyr Tsap"Running Open-Source LLM models on Kubernetes",  Volodymyr Tsap
"Running Open-Source LLM models on Kubernetes", Volodymyr Tsap
 
Leveraging SLF4j for Effective Logging in IBM App Connect Enterprise.docx
Leveraging SLF4j for Effective Logging in IBM App Connect Enterprise.docxLeveraging SLF4j for Effective Logging in IBM App Connect Enterprise.docx
Leveraging SLF4j for Effective Logging in IBM App Connect Enterprise.docx
 
Act Like an Owner, Challenge Like a VC by former CPO, Tripadvisor
Act Like an Owner,  Challenge Like a VC by former CPO, TripadvisorAct Like an Owner,  Challenge Like a VC by former CPO, Tripadvisor
Act Like an Owner, Challenge Like a VC by former CPO, Tripadvisor
 
The Art of the Possible with Graph by Dr Jim Webber Neo4j.pptx
The Art of the Possible with Graph by Dr Jim Webber Neo4j.pptxThe Art of the Possible with Graph by Dr Jim Webber Neo4j.pptx
The Art of the Possible with Graph by Dr Jim Webber Neo4j.pptx
 
Revolutionizing The Banking Industry: The Monzo Way by CPO, Monzo
Revolutionizing The Banking Industry: The Monzo Way by CPO, MonzoRevolutionizing The Banking Industry: The Monzo Way by CPO, Monzo
Revolutionizing The Banking Industry: The Monzo Way by CPO, Monzo
 
Roundtable_-_API_Research__Testing_Tools.pdf
Roundtable_-_API_Research__Testing_Tools.pdfRoundtable_-_API_Research__Testing_Tools.pdf
Roundtable_-_API_Research__Testing_Tools.pdf
 
Introduction to Multimodal LLMs with LLaVA
Introduction to Multimodal LLMs with LLaVAIntroduction to Multimodal LLMs with LLaVA
Introduction to Multimodal LLMs with LLaVA
 
"Platform Engineering with Development Containers", Igor Fesenko
"Platform Engineering with Development Containers", Igor Fesenko"Platform Engineering with Development Containers", Igor Fesenko
"Platform Engineering with Development Containers", Igor Fesenko
 
Enterprise Architecture As Strategy - Book Review
Enterprise Architecture As Strategy - Book ReviewEnterprise Architecture As Strategy - Book Review
Enterprise Architecture As Strategy - Book Review
 
How to write an effective Cyber Incident Response Plan
How to write an effective Cyber Incident Response PlanHow to write an effective Cyber Incident Response Plan
How to write an effective Cyber Incident Response Plan
 
Mind your App Footprint 🐾⚡️🌱 (@FlutterHeroes 2024)
Mind your App Footprint 🐾⚡️🌱 (@FlutterHeroes 2024)Mind your App Footprint 🐾⚡️🌱 (@FlutterHeroes 2024)
Mind your App Footprint 🐾⚡️🌱 (@FlutterHeroes 2024)
 
ASTRAZENECA. Knowledge Graphs Powering a Fast-moving Global Life Sciences Org...
ASTRAZENECA. Knowledge Graphs Powering a Fast-moving Global Life Sciences Org...ASTRAZENECA. Knowledge Graphs Powering a Fast-moving Global Life Sciences Org...
ASTRAZENECA. Knowledge Graphs Powering a Fast-moving Global Life Sciences Org...
 
Building Bridges: Merging RPA Processes, UiPath Apps, and Data Service to bu...
Building Bridges:  Merging RPA Processes, UiPath Apps, and Data Service to bu...Building Bridges:  Merging RPA Processes, UiPath Apps, and Data Service to bu...
Building Bridges: Merging RPA Processes, UiPath Apps, and Data Service to bu...
 

Featured

AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfAI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfmarketingartwork
 
PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024Neil Kimberley
 
Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)contently
 
How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024Albert Qian
 
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsKurio // The Social Media Age(ncy)
 
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Search Engine Journal
 
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summarySpeakerHub
 
ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd Clark Boyd
 
Getting into the tech field. what next
Getting into the tech field. what next Getting into the tech field. what next
Getting into the tech field. what next Tessa Mero
 
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentGoogle's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentLily Ray
 
Time Management & Productivity - Best Practices
Time Management & Productivity -  Best PracticesTime Management & Productivity -  Best Practices
Time Management & Productivity - Best PracticesVit Horky
 
The six step guide to practical project management
The six step guide to practical project managementThe six step guide to practical project management
The six step guide to practical project managementMindGenius
 
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...RachelPearson36
 
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...Applitools
 
12 Ways to Increase Your Influence at Work
12 Ways to Increase Your Influence at Work12 Ways to Increase Your Influence at Work
12 Ways to Increase Your Influence at WorkGetSmarter
 

Featured (20)

AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfAI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
 
Skeleton Culture Code
Skeleton Culture CodeSkeleton Culture Code
Skeleton Culture Code
 
PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024
 
Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)
 
How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024
 
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie Insights
 
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024
 
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary
 
ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd
 
Getting into the tech field. what next
Getting into the tech field. what next Getting into the tech field. what next
Getting into the tech field. what next
 
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentGoogle's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search Intent
 
How to have difficult conversations
How to have difficult conversations How to have difficult conversations
How to have difficult conversations
 
Introduction to Data Science
Introduction to Data ScienceIntroduction to Data Science
Introduction to Data Science
 
Time Management & Productivity - Best Practices
Time Management & Productivity -  Best PracticesTime Management & Productivity -  Best Practices
Time Management & Productivity - Best Practices
 
The six step guide to practical project management
The six step guide to practical project managementThe six step guide to practical project management
The six step guide to practical project management
 
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
 
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
 
12 Ways to Increase Your Influence at Work
12 Ways to Increase Your Influence at Work12 Ways to Increase Your Influence at Work
12 Ways to Increase Your Influence at Work
 
ChatGPT webinar slides
ChatGPT webinar slidesChatGPT webinar slides
ChatGPT webinar slides
 
More than Just Lines on a Map: Best Practices for U.S Bike Routes
More than Just Lines on a Map: Best Practices for U.S Bike RoutesMore than Just Lines on a Map: Best Practices for U.S Bike Routes
More than Just Lines on a Map: Best Practices for U.S Bike Routes
 

Effective code review

  • 1. Effective Code Review What to Say & How to Say It Lone Star PHP 2017 | #lsp17 | https://joind.in/talk/2bf9b
  • 2. @jessicamauerhan Senior Software Engineer TDD/BDD Expert jessicamauerhan@gmail.com jmauerhan.wordpress.com
  • 3. Why Review? ● Catch / Prevent Bugs ● Identify Potential Problems (not "bugs" but performance, security, etc) ● Improve Maintainability of Code ● Improve Communication and Understanding Code Review: Careful examination of code, looking for mistakes and attempting to improve overall quality.
  • 4. Types of Code Review ● Formal ○ Multiple Days ○ Multiple Reviewers ● Informal ○ Faster ○ Not always documented ○ Just as effective!
  • 5. Pull Request Reviews ● Useful for impacting the writer's skills and habits ● Cross-Team Code Review: maintainable code ● Small Frequent PRs: ○ Clear, Readable Code enables reader to understand context & purpose quickly ○ Empower everyone to review code, so everyone can contribute to review ● Don't rely on one/few reviewers
  • 6. Sprint Retrospective Reviews ● Useful for reviewing & communicating out to team ○ Purpose of code / feature ○ Explain new libraries / dependencies ● Extra eyes to catch any remaining flaws ● Demonstrate / enforce good habits
  • 8. Attention Coders! ● Remember: ○ You are not your code ○ The Bugs are the enemy, not QA / Reviewers ● Your Responsibilities: ○ Document your code ○ Review your code
  • 9. Automate, Don't Debate! ● Style / Formatting / Linter ● Unit Tests ○ Coverage Calculation ○ Mutation Testing ● Behavior Tests ● Other Automated QA: ○ github: exakat/php-static-analysis-tools ○ PHP Mess Detector ■ number of arguments, LOC, else statements, etc ○ Copy Paste Detector
  • 10. Let's Get Our Review On!
  • 11. Quick Tips ● Avoid Context Switching ● Review < 200 LOC ○ No faster than 300 LOC / hour ○ No more than 60 minutes
  • 12. The Code Review Checklist ● Does it work? ● Are tests effective? ● Are edge cases covered? ● Do I understand? ● Do comments explain "Why"? ● Duplicated concepts ● Design patterns ● Maintainable / modular code ● Incomplete / TODO / commented-out code ● Error Messages / Exceptions ● Security concerns ● Performance issues
  • 14. Provide Positive Feedback ● Applies newly introduced or difficult concepts ● Easily understood code, well named classes, uses third party library appropriately, etc. ● Uses design patterns appropriately
  • 15. Observe, Don't Interpret Interpretations are what you think is happening ● "You're trying too hard to be clever and save lines of code here, just write it out!" Observations are things you see ● "I think this might be easier to read if it was separated out into multiple statements with assignments, like this:" Interpretation Observation
  • 16. Review the Code, Not the Coder - Don't Say "You" ● "You used the wrong logical comparison here" ● "You should use a factory!" ● "Does the logic of this feature mean this should be a triple equal (===) instead of the double (==)?" ● "Could we use a factory here to help prevent coupling?" "You" Statement "Code" Statement
  • 17. Suggest, Don't Demand ● "This loop is repeated in this other method too, and so it needs to be refactored into a separate method" ● "Could we refactor this section here into a separate method? It would reduce duplication in the method above as well" Demand Suggestion
  • 18. There is no "Just Do It" Implies it's easy, obvious, quick ● "Why didn't you just use *Library X*?" Suggest solution and explain the benefit of it ● "Could we use *Library X* here instead of rolling our own? It could save us a lot of time in the future, and it's well tested" "Just" Just don't "Just"
  • 19. Avoid Absolutes ● "Never run queries in loops!" ● "Our best practices guide says queries in loops are bad for performance, is there a better way we can do this?" Never, Always, Must… Ask for Explanation
  • 20. Discuss Large Concepts in Person ● Complex ● Controversial ● Confusing
  • 21. Be On The Same Team! ● "Can you rewrite this to use a Singleton?' ● "Could we rewrite this to use a Singleton?" Against Together
  • 22. Phrasing! Effective Feedback ● Provide positive feedback ● Observe, don't interpret ● Review the code, not the coder ● Suggest, don't demand ● Don't "just do it" ● Avoid absolutes ● Discuss large / complicated concepts in person ● Remember to be on the same team!
  • 24. After A Review ● Confirm bugs are fixed / changes are made ● As Needed: Discuss in person, then document
  • 25. Effective Code Review in One Slide ● Automate All The Things! ● Self-Review ● Review often, slowly and carefully, for shorter periods ● Empower everyone to review ● Follow a review checklist ○ Logic, business benefits documented, readability & maintainability, security, performance and TESTS! ● When sharing your feedback: ○ Empathetic ○ Polite ○ Suggestions ○ Teamwork ● Follow up
  • 27. I have written some code, committed, and am about to push this commit...
  • 28. 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 <?php class SimpleJsonApiValidator implements JsonValidator { public function validate(string $json):bool { $object = json_decode($json); if($object === null){ throw new InvalidJsonException(); } if (property_exists($object, 'data') = false) { throw new InvalidJsonApiException('Missing data property'); } } }
  • 29. You have been asked to review these commits...
  • 30. <?php namespace Src; use Mandrill; Class App { private $from = 'app@example.com'; private $subject = 'Welcome to the App!'; private $message = 'This is a welcome email!'; private $apiKey = 'C0wG3h1A5Fs5xNoLdM2S0w'; private $mailer; public function __construct() { $this->mailer = new Mandrill($this->apiKey); } public function email($to) { /** Build an email array */ $email = [ 'to' => [['email' => $to]], 'from_email' => $this->from, 'subject' => $this->subject, ]; $this->mailer->messages->send($email); return true; } } ● Does it work? ● Are tests effective? ● Are edge cases covered? ● Do I understand? ● Do comments explain "Why"? ● Duplicated concepts ● Design patterns ● Maintainable / modular code ● Incomplete / TODO / commented-out code ● Error Messages / Exceptions ● Security concerns ● Performance issues
  • 31. <?php class SimpleJsonApiValidator implements JsonValidator { /** * @param string $json * @return bool * * @throws InvalidJsonException */ public function validate(string $json):bool { $object = json_decode($json); if ($object === null) { throw new Exception(); } if (property_exists($object, 'data') === false) { throw new InvalidJsonException(); } $data = $object->data; if (property_exists($data, 'type') === false) { throw new InvalidJsonApiException(); } if (property_exists($data, 'id') === false) { throw new InvalidJsonApiException(); } if (property_exists($data, 'attributes') === false) { throw new InvalidJsonApiException(); } //if( property_exists($data, 'error') === false) { // throw new InvalidJsonApiException(); //} return true; } } <?php class SimpleJsonApiValidatorTest extends TestCase { public function testValidateThrowsExceptionWhenJsonInvalid() { $json = '{"data":}'; $this->expectException(InvalidJsonException::class); $validator = new SimpleJsonApiValidator(); $validator->validate($json); } public function testValidateReturnsTrueWhenJsonValid() { $data = (object)[ 'type' => 'chirp', 'id' => 'uuid', 'attributes' => (object)[ 'chirpText' => 'Test' ] ]; $payload = (object)['data' => $data]; $json = json_encode($payload); $validator = new SimpleJsonApiValidator(); self::assertTrue($validator->validate($json)); } }
  • 32. <?php class SimpleJsonApiValidator implements JsonValidator { /** * @param string $json * @return bool * * @throws InvalidJsonException */ public function validate(string $json):bool { $object = json_decode($json); if ($object === null) { throw new Exception(); } if (property_exists($object, 'data') === false) { throw new InvalidJsonException('Missing data property'); } $data = $object->data; if (property_exists($data, 'type') === false) { throw new InvalidJsonApiException('Missing data->type property'); } if (property_exists($data, 'id') === false) { throw new InvalidJsonApiException('Missing data->id property'); } if (property_exists($data, 'attributes') === false) { throw new InvalidJsonApiException('Missing data->attributes property'); } return true; } } <?php class SimpleJsonApiValidatorTest extends TestCase { public function testValidateThrowsExceptionWhenJsonInvalid() { $json = '{"data":}'; $this->expectException(InvalidJsonException::class); $validator = new SimpleJsonApiValidator(); $validator->validate($json); } public function invalidJsonProvider() { return [ 'missingData' => ['{"someJson":"myText"}'], 'missingType' => ['{"data":{}}'] ]; } /** * @dataProvider invalidJsonProvider */ public function testValidateThrowsExceptionWhenSchemaInvalid(string $json) { $this->expectException(InvalidJsonApiException::class); $validator = new SimpleJsonApiValidator(); $validator->validate($json); } public function testValidateReturnsTrueWhenJsonValid() { $data = (object)[ 'type' => 'chirp', 'id' => 'uuid', 'attributes' => (object)[ 'chirpText' => 'Test' ] ]; $payload = (object)['data' => $data]; $json = json_encode($payload); $validator = new SimpleJsonApiValidator(); self::assertTrue($validator->validate($json)); } }
  • 33. @jessicamauerhan Thank You! Effective Code Review Lone Star PHP 2017 https://joind.in/talk/2bf9b Feedback & Questions? Welcome & Encouraged! @jessicamauerhan jessicamauerhan@gmail.com jmauerhan.wordpress.com