Jan Wloka, profile picture
Uploaded byJan Wloka
384 views

Code Reviews @ Quatico

The document outlines best practices for conducting code reviews, emphasizing their importance in finding bugs, transferring knowledge, and lowering project costs. It provides guidelines for both authors and reviewers on how to effectively conduct reviews, including the need for structured feedback, maintaining clear communication, and fostering a strong review culture. The document also addresses the recommended limits on lines of code for review and encourages authors to provide context for their changes.

Software
Related topics:
Software Engineering

Embed presentation

Code Reviews @ Quatico Jan Wloka Quatico Solutions AG
Code Reviews, again?
Why do we review code? • Find bugs • Transfer knowledge • Lower project cost • [ Hiring a candidate ]
How would you review? • Branch —> Code —> Assign Pull Request! • Create a feature branch • Implement the feature • Create a pull request • Assign a reviewer • Discuss (and add changes to)
 pull request • Approve and merge pull request
PR, really? You also could… • Code —> Push —> Assign Ticket! • Implement the feature • Commit with message • Push changes • Assign ticket w/ commits 
 to review
Sure, but how do I review? • Read the issue ticket: “the why” • Checkout the code/branch • Run the tests w/ coverage • Check the console • Review the change
What should I be reviewing? •Change • Complexity: Shape of change = complex • Test Coverage •Code • Naming, Functionality, Control Structures, Error Handling • Tricky things (Thread Safety, Resource Leaks, Timezones) • No obvious things: Performance, Security •Design • Single Responsibility Principle (Implicit dependencies) • Data lifecycle (Cache invalidation, Reentrancy) •Everything else: Tests, Builds, Deployment scripts, Configurations
Whoa. We should make checklist!
So, what’s hard about it? • Process is more difficult than the result • Discuss your code with your peers • How to disagree? • Don’t just agree on the issue —> Silent Commitment. • No fear of conflict —> Be curious! • Agree to disagree —> Ask and learn. • Form a strong code review culture!
Okay, but what can I do?
Authors: Provide Context! • What problems are we solving? • Pull Request / Commit message: • Add 2 paragraphs of context. • Annotate source code. • Describe changes, defending reasons and methods. • Re-think and explain every change.
Background: Prepare your code. SmartBear Study 300 reviews, about 15% random samples
Guidelines for Authors • The primary reviewer is the author, i.e. YOU. • Review your own code BEFORE commit. • Create a checklist for yourself. • You are not your code. Good code is…
Reviewers: Ask don’t tell • What have you learned? • Critique the code, instead of people • Ask questions, rather than make statements • “What do you think …” • “Did you consider …” • “Can you clarify …” • Avoid ‘why’ questions, be more specific! • Don’t forget to praise.
Background: How many LOCs to review? Defect density dramatically decreases when the number of lines of inspection goes above 200, and is almost zero after 400.
Background: Inspection rate If you don’t spend enough time, you won't find many defects. Faster than 400-500 LOC/hour results in severe drop-off in effectiveness.
Guidelines for Reviewers • Review fewer than 400 LOC at a time. • Aim for less than 500 LOC / hour. • Take your time, but quit after 60mins. • Establish quantifiable goals. Capture metrics.
Goal: Structured feedback • Must Haves: “How to get your approval” • Customer facing incompleteness and inconsistencies • Obvious bugs, and everything on the checklist • Nice To Haves: “How to improve the code base” • New design flaws, or known code smells • Reduced test coverage, performance • Everything you can live with, but don’t want to • Superhero Deeds: “How to show love to your team” • What are your peers working on? Can you help? • Extra test data, mocks, anything done easily that helps.
We all make mistakes, but… • Verify that defects are actually fixed! • Managers foster good code reviews. • ‘Big Brother Effect’ versus
 ‘Ego Effect’. • Authors never merge own Pull Requests. • Tech leads aren’t gatekeepers.
Next Steps • Authors: “Provide more context” • Favour pull requests, over direct commits. • Annotate your change, explain the ‘why’ • Maintain a personal checklist. • Review every modification, before push. • Reviewers: “Provide structured feedback” • Critique the code, not the coder. • Use the checklist. • Be specific, and helpful. • Don’t forget to praise.
Goal: Strong Review Culture • Better code. • Better developers. • Team ownership > Code ownership. • Healthy debate > No silent agreement.
Thank You. jan.wloka@quatico.com @crashtester
References • Best Practices for Code Reviews
 http://www.smartbear.com/docs/ BestPracticesForPeerCodeReview.pdf • The Ten Commandments of Egoless Programming
 http://www.codinghorror.com/blog/2006/05/the- ten-commandments-of-egoless-programming.html • Effective Code Reviews Without the Pain
 http://www.developer.com/java/other/article.php/ 3579756 Thanks to geek-and-poke.com & commadot.com

More Related Content

PPTX
Peer review
byCharuta Joshi
 
PPTX
Automated Testing but like for PowerShell (April 2012)
byRob Reynolds
 
PPTX
Writing Better Tests - Applying Clean-Code TDD at 99designs
bylachlandonald
 
PPTX
You Live, You Learn, Then You Get Perforce Swarm
byPerforce
 
PPTX
Unit Testing and Tools
byWilliam Simms
 
PPTX
Unit Testing and Tools - ADNUG
byWilliam Simms
 
PDF
Code Review Matters and Manners
byTrisha Gee
 
PPT
Know Before it Goes: Testing Your Email Design
byLitmus
 
Peer review
byCharuta Joshi
 
Automated Testing but like for PowerShell (April 2012)
byRob Reynolds
 
Writing Better Tests - Applying Clean-Code TDD at 99designs
bylachlandonald
 
You Live, You Learn, Then You Get Perforce Swarm
byPerforce
 
Unit Testing and Tools
byWilliam Simms
 
Unit Testing and Tools - ADNUG
byWilliam Simms
 
Code Review Matters and Manners
byTrisha Gee
 
Know Before it Goes: Testing Your Email Design
byLitmus
 

What's hot

PPTX
Clean Code Talk (draft)
byDaniel Deutsch, LL.M. (WU)
 
PPTX
The importance of testing in a web design & build project
byBuilding Blocks
 
PPTX
An Overview of automated testing (1)
byRodrigo Lopes
 
PPTX
Type mock isolator
byMaslowB
 
PDF
Style guide driven development
byArvid Torset
 
PPT
Practical TDD Demonstrated
byAlan Christensen
 
PPT
Points.com fisheye crucible code reviews 2011
bypointstechgeeks
 
PPT
TDD In Practice
byAlan Christensen
 
PDF
Crucible
byBrian Repko
 
PPTX
Code reviews
byRobert Lee
 
PPTX
Eurosport's Kodakademi #2
byBenjamin Baumann
 
PPTX
Level Up Your Automated Tests
byTrisha Gee
 
Clean Code Talk (draft)
byDaniel Deutsch, LL.M. (WU)
 
The importance of testing in a web design & build project
byBuilding Blocks
 
An Overview of automated testing (1)
byRodrigo Lopes
 
Type mock isolator
byMaslowB
 
Style guide driven development
byArvid Torset
 
Practical TDD Demonstrated
byAlan Christensen
 
Points.com fisheye crucible code reviews 2011
bypointstechgeeks
 
TDD In Practice
byAlan Christensen
 
Crucible
byBrian Repko
 
Code reviews
byRobert Lee
 
Eurosport's Kodakademi #2
byBenjamin Baumann
 
Level Up Your Automated Tests
byTrisha Gee
 

Similar to Code Reviews @ Quatico

PDF
Code reviews
byRaúl Araya Tauler
 
PDF
How to successfully grow a code review culture
byNina Zakharenko
 
PDF
Code review best practice
byOren Digmi
 
PPTX
Code Review to the Rescue
byAndrei Sviridov
 
PDF
Are your interns reviewing code? Andrew Lavers, ConFoo Montreal 2020
byAndrew Lavers
 
PDF
Code Reviews Inside Out
byInes Jelovac
 
PPTX
Code Reviews
byphildenoncourt
 
PPTX
How to successfully grow a code review culture
byDanylenko Max
 
PDF
10 Faulty Behaviors of Code Review - Developer Summit Istanbul 2018
byLemi Orhan Ergin
 
DOCX
Code review guidelines
byLalit Kale
 
PDF
Increasing code quality with code reviews (poetry version)
byDavid Stockton
 
PDF
Code-Review-Principles-Process-and-Tools (1)
byAditya Bhuyan
 
PDF
Best Practices in Software Development
byAndré Pitombeira
 
PPTX
Effective Code Review
byEyal Kenig
 
PPT
Code Review
byrantav
 
PPT
Code review
bydqpi
 
PPTX
Level Up Your Python Code Reviews to Ship It Faster - WWCodeDigital - 2020
bySyeda Kauser Inamdar
 
PDF
The Anatomy of a Code Review
byGuilherme Garnier
 
PPTX
Code_Review_Presentation_v22222_LLM.pptx
bySofienBoutaib
 
PDF
Code Review Tool Evaluation
byKate Semizhon
 
Code reviews
byRaúl Araya Tauler
 
How to successfully grow a code review culture
byNina Zakharenko
 
Code review best practice
byOren Digmi
 
Code Review to the Rescue
byAndrei Sviridov
 
Are your interns reviewing code? Andrew Lavers, ConFoo Montreal 2020
byAndrew Lavers
 
Code Reviews Inside Out
byInes Jelovac
 
Code Reviews
byphildenoncourt
 
How to successfully grow a code review culture
byDanylenko Max
 
10 Faulty Behaviors of Code Review - Developer Summit Istanbul 2018
byLemi Orhan Ergin
 
Code review guidelines
byLalit Kale
 
Increasing code quality with code reviews (poetry version)
byDavid Stockton
 
Code-Review-Principles-Process-and-Tools (1)
byAditya Bhuyan
 
Best Practices in Software Development
byAndré Pitombeira
 
Effective Code Review
byEyal Kenig
 
Code Review
byrantav
 
Code review
bydqpi
 
Level Up Your Python Code Reviews to Ship It Faster - WWCodeDigital - 2020
bySyeda Kauser Inamdar
 
The Anatomy of a Code Review
byGuilherme Garnier
 
Code_Review_Presentation_v22222_LLM.pptx
bySofienBoutaib
 
Code Review Tool Evaluation
byKate Semizhon
 

Recently uploaded

PDF
Ontwikkel sneller en veiliger met GitHub Copilot
byDelta-N
 
PDF
Introduction to Modern Artificial Intelligence.pdf
byAI n Dot Net
 
PDF
The Modern Architect's Codex: Design Patterns in .NET 9
byVineet Sharma
 
PPTX
Pitch Deck for MEVIA OS - No Apps, Infinite, Decentralized Operating System
byDr. Edwin Hernandez
 
PDF
HuemanAI Platform Overview.pptx (1) (2).pdf
byAnkur Handoo
 
PPTX
Installing Python in Visual Studio Code
bydabydcatahanibmcom
 
PPTX
Best Digital Marketing Company in Lucknow
bydigitallearning9277
 
PPTX
‘Analyzing Application Logs Using AI’ Webinar
byTier1 app
 
PPTX
40m_wAIred_DigitalPlatformRabobank_10022026.pptx
bySimonedeGijt
 
PDF
Ready, Set, REST! Introducing MySQL's Built-In REST Service
byMiguel Araújo
 
PDF
MySQL Routing Guidelines: Designing Smarter Query Routing Together
byMiguel Araújo
 
PDF
On Demand Massage Therapist Booking App Development
byV3CUBE TECHNOLABS
 
PPTX
How CFD Simulations Support Sustainable Data Center Design Optimization
byWeb Synergies
 
PDF
SAP ERP to SAP S_4HANA Cloud Private Edition Delta Scope
bychuck78
 
PDF
ACE Aarhus February 2026: Atlassian news
byDanielEriksen5
 
PDF
Complete iOS Delivery App Features & Admin Tools
byShiv Technolabs Pvt. Ltd.
 
PDF
Metrics, Logs, Traces, and Mayhem_ Introducing an observability adventure gam...
byImma Valls Bernaus
 
PDF
JFokus 2026 - Please pass the salt- Serve up passwords with a side of entropy...
byOrtus Solutions, Corp
 
PPTX
Connecting to MCP Servers in OutSystems Platform
byOzanCali
 
PDF
Doctor On Call App Development for Digital Healthcare.
byV3CUBE TECHNOLABS
 
Ontwikkel sneller en veiliger met GitHub Copilot
byDelta-N
 
Introduction to Modern Artificial Intelligence.pdf
byAI n Dot Net
 
The Modern Architect's Codex: Design Patterns in .NET 9
byVineet Sharma
 
Pitch Deck for MEVIA OS - No Apps, Infinite, Decentralized Operating System
byDr. Edwin Hernandez
 
HuemanAI Platform Overview.pptx (1) (2).pdf
byAnkur Handoo
 
Installing Python in Visual Studio Code
bydabydcatahanibmcom
 
Best Digital Marketing Company in Lucknow
bydigitallearning9277
 
‘Analyzing Application Logs Using AI’ Webinar
byTier1 app
 
40m_wAIred_DigitalPlatformRabobank_10022026.pptx
bySimonedeGijt
 
Ready, Set, REST! Introducing MySQL's Built-In REST Service
byMiguel Araújo
 
MySQL Routing Guidelines: Designing Smarter Query Routing Together
byMiguel Araújo
 
On Demand Massage Therapist Booking App Development
byV3CUBE TECHNOLABS
 
How CFD Simulations Support Sustainable Data Center Design Optimization
byWeb Synergies
 
SAP ERP to SAP S_4HANA Cloud Private Edition Delta Scope
bychuck78
 
ACE Aarhus February 2026: Atlassian news
byDanielEriksen5
 
Complete iOS Delivery App Features & Admin Tools
byShiv Technolabs Pvt. Ltd.
 
Metrics, Logs, Traces, and Mayhem_ Introducing an observability adventure gam...
byImma Valls Bernaus
 
JFokus 2026 - Please pass the salt- Serve up passwords with a side of entropy...
byOrtus Solutions, Corp
 
Connecting to MCP Servers in OutSystems Platform
byOzanCali
 
Doctor On Call App Development for Digital Healthcare.
byV3CUBE TECHNOLABS
 

Code Reviews @ Quatico

  • 1.
    Code Reviews @ Quatico JanWloka Quatico Solutions AG
  • 2.
  • 3.
    Why do wereview code? • Find bugs • Transfer knowledge • Lower project cost • [ Hiring a candidate ]
  • 4.
    How would youreview? • Branch —> Code —> Assign Pull Request! • Create a feature branch • Implement the feature • Create a pull request • Assign a reviewer • Discuss (and add changes to)
 pull request • Approve and merge pull request
  • 5.
    PR, really? Youalso could… • Code —> Push —> Assign Ticket! • Implement the feature • Commit with message • Push changes • Assign ticket w/ commits 
 to review
  • 6.
    Sure, but howdo I review? • Read the issue ticket: “the why” • Checkout the code/branch • Run the tests w/ coverage • Check the console • Review the change
  • 7.
    What should Ibe reviewing? •Change • Complexity: Shape of change = complex • Test Coverage •Code • Naming, Functionality, Control Structures, Error Handling • Tricky things (Thread Safety, Resource Leaks, Timezones) • No obvious things: Performance, Security •Design • Single Responsibility Principle (Implicit dependencies) • Data lifecycle (Cache invalidation, Reentrancy) •Everything else: Tests, Builds, Deployment scripts, Configurations
  • 8.
    Whoa. We shouldmake checklist!
  • 9.
    So, what’s hardabout it? • Process is more difficult than the result • Discuss your code with your peers • How to disagree? • Don’t just agree on the issue —> Silent Commitment. • No fear of conflict —> Be curious! • Agree to disagree —> Ask and learn. • Form a strong code review culture!
  • 10.
  • 11.
    Authors: Provide Context! •What problems are we solving? • Pull Request / Commit message: • Add 2 paragraphs of context. • Annotate source code. • Describe changes, defending reasons and methods. • Re-think and explain every change.
  • 12.
    Background: Prepare your code. SmartBearStudy 300 reviews, about 15% random samples
  • 13.
    Guidelines for Authors •The primary reviewer is the author, i.e. YOU. • Review your own code BEFORE commit. • Create a checklist for yourself. • You are not your code. Good code is…
  • 14.
    Reviewers: Ask don’ttell • What have you learned? • Critique the code, instead of people • Ask questions, rather than make statements • “What do you think …” • “Did you consider …” • “Can you clarify …” • Avoid ‘why’ questions, be more specific! • Don’t forget to praise.
  • 15.
    Background: How many LOCsto review? Defect density dramatically decreases when the number of lines of inspection goes above 200, and is almost zero after 400.
  • 16.
    Background: Inspection rate If youdon’t spend enough time, you won't find many defects. Faster than 400-500 LOC/hour results in severe drop-off in effectiveness.
  • 17.
    Guidelines for Reviewers •Review fewer than 400 LOC at a time. • Aim for less than 500 LOC / hour. • Take your time, but quit after 60mins. • Establish quantifiable goals. Capture metrics.
  • 18.
    Goal: Structured feedback • MustHaves: “How to get your approval” • Customer facing incompleteness and inconsistencies • Obvious bugs, and everything on the checklist • Nice To Haves: “How to improve the code base” • New design flaws, or known code smells • Reduced test coverage, performance • Everything you can live with, but don’t want to • Superhero Deeds: “How to show love to your team” • What are your peers working on? Can you help? • Extra test data, mocks, anything done easily that helps.
  • 19.
    We all makemistakes, but… • Verify that defects are actually fixed! • Managers foster good code reviews. • ‘Big Brother Effect’ versus
 ‘Ego Effect’. • Authors never merge own Pull Requests. • Tech leads aren’t gatekeepers.
  • 20.
    Next Steps • Authors:“Provide more context” • Favour pull requests, over direct commits. • Annotate your change, explain the ‘why’ • Maintain a personal checklist. • Review every modification, before push. • Reviewers: “Provide structured feedback” • Critique the code, not the coder. • Use the checklist. • Be specific, and helpful. • Don’t forget to praise.
  • 21.
    Goal: Strong Review Culture •Better code. • Better developers. • Team ownership > Code ownership. • Healthy debate > No silent agreement.
  • 22.
  • 23.
    References • Best Practicesfor Code Reviews
 http://www.smartbear.com/docs/ BestPracticesForPeerCodeReview.pdf • The Ten Commandments of Egoless Programming
 http://www.codinghorror.com/blog/2006/05/the- ten-commandments-of-egoless-programming.html • Effective Code Reviews Without the Pain
 http://www.developer.com/java/other/article.php/ 3579756 Thanks to geek-and-poke.com & commadot.com