VincitOy, profile picture
Uploaded byVincitOy
PDF, PPTX1,618 views

Improving Code Quality In Medical Software Through Code Reviews - Vincit Teatime 2013

The document discusses improving code quality in medical software through code reviews. It describes how one project implemented peer code reviews to prevent bugs, share knowledge, and improve discipline. The project evolved its workflow from long review cycles with many changes to immediate reviews of individual commits. Reviews check functionality, style, implementation, and readability. Commit messages are also reviewed to improve the project history. Tools like Git, Gerrit and Buildbot help automate version control, reviews and continuous integration.

Embed presentation

Download as PDF, PPTX
Improving Code Quality In Medical Software Through Code Reviews Janne R¨onkk¨o (janne.ronkko@vincit.fi) Vincit Oy April 9, 2013
Contents 1 About Code Reviews 2 Code Reviewing In One Project 3 Summary
Outline 1 About Code Reviews 2 Code Reviewing In One Project 3 Summary
Goals In Code Reviews Preventing bugs from ending up in product Keeping main branch working Quality assurance Design verification Knowledge sharing There is always at least two developers who know the change A way to see how others have solved problems
Are Code Reviews Useful? The earlier you find issue the cheaper it is to fix the issue Can improve your discipline Forces the developer to reason his/her solution There is no single developer knowing certain implementation
Are Code Reviews Useful? ”I believe that peer code reviews are the single biggest thing you can do to improve your code” Jeff Atwood of Coding Horror at http://www.codinghorror.com/blog/2006/01/code-reviews-just-do-it.html ”Individual inspections typically catch about 60 percent of defects, which is higher than other techniques except prototyping and high-volume beta testing.” Steve McConnell, Code Complete 2nd Edition, page 485
Types Of Code Review Formal code review Peer review Pair programming
The Traditional Code Review A lot of code is reviewed in single session Many participants Preparations beforehand Formal
The Traditional Code Review Problems Iteration takes time A lot of code Leads discussion easily to minor issues
Peer Reviews Usually immediately after task has been implemented In most cases all the changes are reviewed as single entity Part of the normal work flow
Pair Programming Continuous review during development
Outline 1 About Code Reviews 2 Code Reviewing In One Project About The Project Workflow Reviewing - The Way We Do It Tools 3 Summary
About The Project
Overview All changes have to be reviewed by our client before approval Code is delivered to our client’s VCS Changes are delivered biweekly
About The Developed Software C++ Almost 2 million lines of code Tens of subsystems The development of current version started around 2000 Tens of developers, mainly located in Finland Builds for Windows and Linux
The Vincit Team Initially two developers The team grew up to about 15 developers during the project Most of the Vincit developers had no prior knowledge about the software
Challenges For Developers Large code base Hard to remember / find utility classes Finding implementation of certain feature is not trivial The way how things are done has evolved Coding style has evolved Strict rules about which C++ features are allowed
Workflow
The Initial Workflow No peer review at Vincit Long delay between implementation and comments Multiple changes were reviewed as single change Single comment list for all reviewed changes Reviewing was split on a subsystem basis
The Initial Workflow Results From Reviews Mainly comments about coding style A lot of questions why something was changed A lot of requests to fix issues not related to the real change in files
Changes In Project Vincit team had grown from two (2) developers to five (5) Changes done within one delivery cycle had grown Time getting comments from review had grown
Changes In Project Vincit team had grown from two (2) developers to five (5) Changes done within one delivery cycle had grown Time getting comments from review had grown Something had to be done to improve the situation
The Revised Workflow In peer review the developer explained the change to another developer the change was discussed usually it was just agreed that after some changes the task would be ready
The Revised Workflow Results From Reviews Many issues were corrected before handing the code to the client Many enhancement ideas were discovered Because the developer explained the code to reviewer not all the issues that should have been fixed were fixed
The Revised Workflow Results From Reviews Many issues were corrected before handing the code to the client Many enhancement ideas were discovered Because the developer explained the code to reviewer not all the issues that should have been fixed were fixed But the main problems in review remained: The long delay between implementation and final comments A lot of questions was asked Comments from client were in a single list
The Current Workflow Immediate (or almost immediate) comments on change Client reviews also one change instead of all changes in single delivery The workflow has worked well even for team of 15 vincitizens
The Current Workflow Results From Review Practically no remaining coding style issues in client review Developers have become more disciplined Client can review the change faster and easier than before Client can concentrate on functionality
The Current Workflow Results From Review Practically no remaining coding style issues in client review Developers have become more disciplined Client can review the change faster and easier than before Client can concentrate on functionality We have started talking that a change is ready to be bashed (”valmis lyt¨att¨av¨aksi” in Finnish)
Reviewing - The Way We Do It
Overview Each commit is reviewed separately1 Commit is always reviewed after fixing found issues Reviewed commit is required to be self-containing Review is done first internally; client gets review request after internal review has passed 1 A task may contain more than one commit
Time Spent Reviewing clearly less than 10% of development time reviews can be easily done, for example, while compiling
Review Workflow
Reviewed Items Our Checklist Functionality
Reviewed Items Our Checklist Functionality Coding style
Reviewed Items Our Checklist Functionality Coding style Implementation (code structure / architecture)
Reviewed Items Our Checklist Functionality Coding style Implementation (code structure / architecture) Readability
Reviewed Items Our Checklist Functionality Coding style Implementation (code structure / architecture) Readability Commits and commit messages
Commits and commit messages Why It Is Important To Review These? Good commits with good commit messages are easier to review are helpful in the future forces you to think what is reasonable change
Commits and commit messages Why It Is Important To Review These?
Commits and commit messages Why It Is Important To Review These? There is surprisingly many tools that leverage good commits. For example: VCS log VCS blame (who changed a line and in which commit) find change introducing a bug
Reviewing Commit Messages say what was changed explain why the change has been done2 have description of the old incorrect behaviour in case of bugfix3 2 just like good comments 3 or reference to the bug which contains the information
Reviewing Commit self-containing a good chapter in the story of the software’s history would be reasonable piece to revert
Fixing Found Issues The commit containing issues is replaced with fixed commit because if the issue is found at code review the story of the software’s history contains less issues / bugs the commits remain self-containing and atomic No commit should be broken
Continuous Integration
Continuous Integration Usually C.I. is run for changes already put in main branch to find if bad change has been merged automatically build test versions
Continuous Integration Usually C.I. is run for changes already put in main branch to find if bad change has been merged automatically build test versions Downsides are that C.I. is only reacting to issues not preventing them C.I. could provide valuable information for reviews
Continuous Integration Reviews Our Commits! Our C.I. tool reviews all the commits immediately after the commits are available for review by running unittests running smoke test running static code analyzer building the most important builds
What Else Could Be Done At Review Time Build and publish test version for all platforms Have test engineer, client or end user to verify that the change is valid
Tools
About Tools All the tools we use in the review process are open source are quite easy to setup4 require very little maintenance have been scaling without issues 4 first usable installation done less than one day
Version Control System Git (http://git-scm.com/) Distributed VCS Very efficient at branching Fast and efficient Git allows easy way to ”rewrite history” (rebasing).
Version Control System Git (http://git-scm.com/) Distributed VCS Very efficient at branching Fast and efficient Git allows easy way to ”rewrite history” (rebasing). Currently only Mercurial supports rebasing in addition to Git. Darcs has rebase support in early phase.
Code Review Tool Gerrit (https://code.google.com/p/gerrit/) Web based code review tool Integrates with git5 Easy to add comments for changes A Quick Introduction To Gerrit: http://gerrit-documentation.googlecode.com/svn/ Documentation/2.6/intro-quick.html 5 Gerrit implements git repository
Gerrit Reviewing A Commit
Gerrit Reviewing A Fixed Commit
Gerrit My Comments The best review tool I have used Very efficient and helpfull; makes reviewing easy Just a tool
Continuous Integration Buildbot (http://buildbot.net/) Python based CI system Master controls which builds should be built and when Slaves do the actual builds Built-in support for gerrit Can be configured to review changes in gerrit
Outline 1 About Code Reviews 2 Code Reviewing In One Project 3 Summary
Summary 1 About Code Reviews 2 Code Reviewing In One Project About The Project Workflow Reviewing - The Way We Do It Tools 3 Summary
Questions? Improving Code Quality In Medical Software Through Code Reviews Janne R¨onkk¨o janne.ronkko@vincit.fi

More Related Content

PPTX
Importance of the quality of code
byShwe Yee
 
PPT
Code Quality
byFrançois Camus
 
PDF
Code Review
byTu Hoang
 
PPTX
Tdd
byCristina Carstea
 
PPTX
TDD with RSpec
byRachid Calazans
 
PPTX
Tdd com Java
byRafael Miceli
 
PDF
Android Devops : Master Continuous Integration and Delivery
bymahmoud ramadan
 
PDF
Continuous delivery of embedded systems embedded meetup
byMike Long
 
Importance of the quality of code
byShwe Yee
 
Code Quality
byFrançois Camus
 
Code Review
byTu Hoang
 
Tdd
byCristina Carstea
 
TDD with RSpec
byRachid Calazans
 
Tdd com Java
byRafael Miceli
 
Android Devops : Master Continuous Integration and Delivery
bymahmoud ramadan
 
Continuous delivery of embedded systems embedded meetup
byMike Long
 

What's hot

PDF
Tdd
bymahmoud ramadan
 
KEY
TDD refresher
byKerry Buckley
 
PPTX
Code Quality Assurance
byBart Blommaerts
 
PDF
Why and how to keep your code quality
byKrešimir Antolić
 
PDF
Test driven development - Zombie proof your code
byPascal Larocque
 
PDF
Measuring Code Quality in WTF/min.
byDavid Gómez García
 
PDF
Software Engineering Culture - Improve Code Quality
byDmytro Patserkovskyi
 
PPT
Code Review
byRavi Raj
 
PDF
Understanding, measuring and improving code quality in JavaScript
byMark Daggett
 
PDF
Test driven development_continuous_integration
byhaochenglee
 
ODP
Documenting Code - Patterns and Anti-patterns - NLPW 2016
bySøren Lund
 
ODP
Beyond Unit Testing
bySøren Lund
 
ODP
Documenting code yapceu2016
bySøren Lund
 
PDF
Tdd practices
byaxykim00
 
PPTX
Code review process with JetBrains UpSource
byOleksii Prohonnyi
 
PDF
Code metrics in PHP
byJulio Martinez
 
PDF
DevOpsDaysRiga 2018: Neil Crawford - Trunk based development, continuous depl...
byDevOpsDays Riga
 
PPT
Code Review
byrantav
 
PDF
TDD CrashCourse Part2: TDD
byDavid Rodenas
 
PDF
Code review best practice
byOren Digmi
 
Tdd
bymahmoud ramadan
 
TDD refresher
byKerry Buckley
 
Code Quality Assurance
byBart Blommaerts
 
Why and how to keep your code quality
byKrešimir Antolić
 
Test driven development - Zombie proof your code
byPascal Larocque
 
Measuring Code Quality in WTF/min.
byDavid Gómez García
 
Software Engineering Culture - Improve Code Quality
byDmytro Patserkovskyi
 
Code Review
byRavi Raj
 
Understanding, measuring and improving code quality in JavaScript
byMark Daggett
 
Test driven development_continuous_integration
byhaochenglee
 
Documenting Code - Patterns and Anti-patterns - NLPW 2016
bySøren Lund
 
Beyond Unit Testing
bySøren Lund
 
Documenting code yapceu2016
bySøren Lund
 
Tdd practices
byaxykim00
 
Code review process with JetBrains UpSource
byOleksii Prohonnyi
 
Code metrics in PHP
byJulio Martinez
 
DevOpsDaysRiga 2018: Neil Crawford - Trunk based development, continuous depl...
byDevOpsDays Riga
 
Code Review
byrantav
 
TDD CrashCourse Part2: TDD
byDavid Rodenas
 
Code review best practice
byOren Digmi
 

Similar to Improving Code Quality In Medical Software Through Code Reviews - Vincit Teatime 2013

PDF
The Anatomy of a Code Review
byGuilherme Garnier
 
PPTX
Marrying Jenkins and Gerrit-Berlin Expert Days 2013
byDharmesh Sheta
 
PDF
Code Review Tool Evaluation
byKate Semizhon
 
PDF
Xen Project Contributor Training - Part 1 introduction v1.0
byThe Linux Foundation
 
PDF
FUG Agile software engineering practices
bySerena Software
 
PPT
Adopting code reviews for agile software development
bymariobernhart
 
PPTX
Code Reviews
byphildenoncourt
 
PDF
Code reviews
byRaúl Araya Tauler
 
PDF
Continuous integrations - Basics
byBarış İNANÇ
 
PDF
Continuous Integration (CI) - An effective development practice
byDao Ngoc Kien
 
PPTX
It's all about feedback - code review as a great tool in the agile toolbox
byStefan Lay
 
PPTX
Capability Building for Cyber Defense: Software Walk through and Screening
byMaven Logix
 
PDF
On to code review lessons learned at microsoft
byMichaela Greiler
 
PDF
The Testers' Secret Weapon - Code Reviews
byBertold Kolics
 
PPTX
Unit3 software review control software
byReetesh Gupta
 
PDF
Debugging 2013- Lars pedersen
byMediehuset Ingeniøren Live
 
PPTX
Making software development processes to work for you
byAmbientia
 
PDF
Agile & ALM tools
byLarry Cai
 
DOCX
Code review guidelines
byLalit Kale
 
PDF
Continuous integration
byhugo lu
 
The Anatomy of a Code Review
byGuilherme Garnier
 
Marrying Jenkins and Gerrit-Berlin Expert Days 2013
byDharmesh Sheta
 
Code Review Tool Evaluation
byKate Semizhon
 
Xen Project Contributor Training - Part 1 introduction v1.0
byThe Linux Foundation
 
FUG Agile software engineering practices
bySerena Software
 
Adopting code reviews for agile software development
bymariobernhart
 
Code Reviews
byphildenoncourt
 
Code reviews
byRaúl Araya Tauler
 
Continuous integrations - Basics
byBarış İNANÇ
 
Continuous Integration (CI) - An effective development practice
byDao Ngoc Kien
 
It's all about feedback - code review as a great tool in the agile toolbox
byStefan Lay
 
Capability Building for Cyber Defense: Software Walk through and Screening
byMaven Logix
 
On to code review lessons learned at microsoft
byMichaela Greiler
 
The Testers' Secret Weapon - Code Reviews
byBertold Kolics
 
Unit3 software review control software
byReetesh Gupta
 
Debugging 2013- Lars pedersen
byMediehuset Ingeniøren Live
 
Making software development processes to work for you
byAmbientia
 
Agile & ALM tools
byLarry Cai
 
Code review guidelines
byLalit Kale
 
Continuous integration
byhugo lu
 

More from VincitOy

PDF
Vincit Teatime 2015.2 - Niko Kurtti: SaaSiin pa(i)nostusta
byVincitOy
 
PDF
Vincit Teatime 2015.2 - Aleksi Häkli: SaaSiin pa(i)nostusta
byVincitOy
 
PDF
Vincit Teatime 2015.2 - Otto Kekäläinen: Don't be a git
byVincitOy
 
PDF
Vincit ankkasarjakuva
byVincitOy
 
PDF
Tampere goes agile 2015
byVincitOy
 
PPTX
Digijytky kunnossapidossa 2015 - Simsotec
byVincitOy
 
PPTX
Digijytky kunnossapidossa 2015 - M-Files
byVincitOy
 
PPTX
Digijytky kunnossapidossa 2015 - Oliotalo
byVincitOy
 
PDF
Digijytky kunnossapidossa 2015 - Vincit
byVincitOy
 
PDF
Itseohjautuvan organisaation muutos
byVincitOy
 
PDF
Vincit markkinointi AMKE VIMMA 2.6.2015
byVincitOy
 
PDF
Vincit Teatime 2015 - Case Käyttöauto: Google Glass
byVincitOy
 
PDF
Vincit Teatime 2015 - Heikki Salo: Case ZenRobotics: JavaScriptin äärirajoilla
byVincitOy
 
PDF
Vincit Teatime 2015 - Niko Kurtti: Case Shopify: SaaS:n testaaminen, mihin un...
byVincitOy
 
PDF
Implementation of an intelligent car wash service - Vincit Teatime 2013
byVincitOy
 
PDF
Projektipäivät 2014: V-Käyrä & Apgar
byVincitOy
 
PDF
Vincit V-Käyrä
byVincitOy
 
PDF
Need more speed! Pain of mobile app development. Case: Virittäjät
byVincitOy
 
PDF
Trello projektinhallinnan työkaluna
byVincitOy
 
PDF
Avaus - Vincit Teatime 2014
byVincitOy
 
Vincit Teatime 2015.2 - Niko Kurtti: SaaSiin pa(i)nostusta
byVincitOy
 
Vincit Teatime 2015.2 - Aleksi Häkli: SaaSiin pa(i)nostusta
byVincitOy
 
Vincit Teatime 2015.2 - Otto Kekäläinen: Don't be a git
byVincitOy
 
Vincit ankkasarjakuva
byVincitOy
 
Tampere goes agile 2015
byVincitOy
 
Digijytky kunnossapidossa 2015 - Simsotec
byVincitOy
 
Digijytky kunnossapidossa 2015 - M-Files
byVincitOy
 
Digijytky kunnossapidossa 2015 - Oliotalo
byVincitOy
 
Digijytky kunnossapidossa 2015 - Vincit
byVincitOy
 
Itseohjautuvan organisaation muutos
byVincitOy
 
Vincit markkinointi AMKE VIMMA 2.6.2015
byVincitOy
 
Vincit Teatime 2015 - Case Käyttöauto: Google Glass
byVincitOy
 
Vincit Teatime 2015 - Heikki Salo: Case ZenRobotics: JavaScriptin äärirajoilla
byVincitOy
 
Vincit Teatime 2015 - Niko Kurtti: Case Shopify: SaaS:n testaaminen, mihin un...
byVincitOy
 
Implementation of an intelligent car wash service - Vincit Teatime 2013
byVincitOy
 
Projektipäivät 2014: V-Käyrä & Apgar
byVincitOy
 
Vincit V-Käyrä
byVincitOy
 
Need more speed! Pain of mobile app development. Case: Virittäjät
byVincitOy
 
Trello projektinhallinnan työkaluna
byVincitOy
 
Avaus - Vincit Teatime 2014
byVincitOy
 

Recently uploaded

PDF
Usage Control for Process Discovery through a Trusted Execution Environment
byValerioGoretti
 
PDF
TrustArc Webinar - Looking Ahead: The 2026 Privacy Landscape
byTrustArc
 
PDF
The year in review - MarvelClient in 2025
bypanagenda
 
PPTX
wob-report.pptxwob-report.pptxwob-report.pptx
byssuser0d171c
 
PDF
Making Sense of Raster: From Bit Depth to Better Workflows
bySafe Software
 
PDF
Eredità digitale sugli smartphone: cosa resta di noi nei dispositivi mobili
bySpeck&Tech
 
PPTX
Conversational Agents – Building Intelligent Assistants [Virtual Hands-on Wor...
byUiPathCommunity
 
PDF
Real-Time Data Insight Using Microsoft Forms for Business
byElevate
 
PDF
Internet_of_Things_IoT_for_Next_Generation_Smart_Systems_Utilizing.pdf
byRoshanSyed12
 
PDF
Vibe Coding vs. Spec-Driven Development [Free Meetup]
byHaim Michael
 
PPTX
Cybersecurity Best Practices - Step by Step guidelines
byYasir Naveed Riaz
 
PDF
Access Control 2025: From Security Silo to Software-Defined Ecosystem
byMemoori
 
PPTX
cybercrime in Information security .pptx
byismaeelsahib032
 
PDF
Day 1 - Cloud Security Strategy and Planning ~ 2nd Sight Lab ~ Cloud Security...
by2nd Sight Lab
 
PPTX
Protecting Data in an AI Driven World - Cybersecurity in 2026
byYasir Naveed Riaz
 
PPTX
Chapter 3 Introduction to number system.pptx
byGetachewAbera9
 
PDF
The major tech developments for 2026 by Pluralsight, a research and training ...
byChris Skinner
 
PPTX
AI in Cybersecurity: Digital Defense by Yasir Naveed Riaz
byYasir Naveed Riaz
 
PDF
DevFest El Jadida 2025 - Product Thinking
byElmehdi AMLOU
 
PPTX
Cybercrime in the Digital Age: Risks, Impact & Protection
byYasir Naveed Riaz
 
Usage Control for Process Discovery through a Trusted Execution Environment
byValerioGoretti
 
TrustArc Webinar - Looking Ahead: The 2026 Privacy Landscape
byTrustArc
 
The year in review - MarvelClient in 2025
bypanagenda
 
wob-report.pptxwob-report.pptxwob-report.pptx
byssuser0d171c
 
Making Sense of Raster: From Bit Depth to Better Workflows
bySafe Software
 
Eredità digitale sugli smartphone: cosa resta di noi nei dispositivi mobili
bySpeck&Tech
 
Conversational Agents – Building Intelligent Assistants [Virtual Hands-on Wor...
byUiPathCommunity
 
Real-Time Data Insight Using Microsoft Forms for Business
byElevate
 
Internet_of_Things_IoT_for_Next_Generation_Smart_Systems_Utilizing.pdf
byRoshanSyed12
 
Vibe Coding vs. Spec-Driven Development [Free Meetup]
byHaim Michael
 
Cybersecurity Best Practices - Step by Step guidelines
byYasir Naveed Riaz
 
Access Control 2025: From Security Silo to Software-Defined Ecosystem
byMemoori
 
cybercrime in Information security .pptx
byismaeelsahib032
 
Day 1 - Cloud Security Strategy and Planning ~ 2nd Sight Lab ~ Cloud Security...
by2nd Sight Lab
 
Protecting Data in an AI Driven World - Cybersecurity in 2026
byYasir Naveed Riaz
 
Chapter 3 Introduction to number system.pptx
byGetachewAbera9
 
The major tech developments for 2026 by Pluralsight, a research and training ...
byChris Skinner
 
AI in Cybersecurity: Digital Defense by Yasir Naveed Riaz
byYasir Naveed Riaz
 
DevFest El Jadida 2025 - Product Thinking
byElmehdi AMLOU
 
Cybercrime in the Digital Age: Risks, Impact & Protection
byYasir Naveed Riaz
 

Improving Code Quality In Medical Software Through Code Reviews - Vincit Teatime 2013

  • 1.
    Improving Code QualityIn Medical Software Through Code Reviews Janne R¨onkk¨o (janne.ronkko@vincit.fi) Vincit Oy April 9, 2013
  • 2.
    Contents 1 About CodeReviews 2 Code Reviewing In One Project 3 Summary
  • 3.
    Outline 1 About CodeReviews 2 Code Reviewing In One Project 3 Summary
  • 4.
    Goals In CodeReviews Preventing bugs from ending up in product Keeping main branch working Quality assurance Design verification Knowledge sharing There is always at least two developers who know the change A way to see how others have solved problems
  • 5.
    Are Code ReviewsUseful? The earlier you find issue the cheaper it is to fix the issue Can improve your discipline Forces the developer to reason his/her solution There is no single developer knowing certain implementation
  • 6.
    Are Code ReviewsUseful? ”I believe that peer code reviews are the single biggest thing you can do to improve your code” Jeff Atwood of Coding Horror at http://www.codinghorror.com/blog/2006/01/code-reviews-just-do-it.html ”Individual inspections typically catch about 60 percent of defects, which is higher than other techniques except prototyping and high-volume beta testing.” Steve McConnell, Code Complete 2nd Edition, page 485
  • 7.
    Types Of CodeReview Formal code review Peer review Pair programming
  • 8.
    The Traditional CodeReview A lot of code is reviewed in single session Many participants Preparations beforehand Formal
  • 9.
    The Traditional CodeReview Problems Iteration takes time A lot of code Leads discussion easily to minor issues
  • 10.
    Peer Reviews Usually immediatelyafter task has been implemented In most cases all the changes are reviewed as single entity Part of the normal work flow
  • 11.
  • 12.
    Outline 1 About CodeReviews 2 Code Reviewing In One Project About The Project Workflow Reviewing - The Way We Do It Tools 3 Summary
  • 13.
  • 14.
    Overview All changes haveto be reviewed by our client before approval Code is delivered to our client’s VCS Changes are delivered biweekly
  • 15.
    About The DevelopedSoftware C++ Almost 2 million lines of code Tens of subsystems The development of current version started around 2000 Tens of developers, mainly located in Finland Builds for Windows and Linux
  • 16.
    The Vincit Team Initiallytwo developers The team grew up to about 15 developers during the project Most of the Vincit developers had no prior knowledge about the software
  • 17.
    Challenges For Developers Largecode base Hard to remember / find utility classes Finding implementation of certain feature is not trivial The way how things are done has evolved Coding style has evolved Strict rules about which C++ features are allowed
  • 18.
  • 19.
    The Initial Workflow Nopeer review at Vincit Long delay between implementation and comments Multiple changes were reviewed as single change Single comment list for all reviewed changes Reviewing was split on a subsystem basis
  • 20.
    The Initial Workflow ResultsFrom Reviews Mainly comments about coding style A lot of questions why something was changed A lot of requests to fix issues not related to the real change in files
  • 21.
    Changes In Project Vincitteam had grown from two (2) developers to five (5) Changes done within one delivery cycle had grown Time getting comments from review had grown
  • 22.
    Changes In Project Vincitteam had grown from two (2) developers to five (5) Changes done within one delivery cycle had grown Time getting comments from review had grown Something had to be done to improve the situation
  • 23.
    The Revised Workflow Inpeer review the developer explained the change to another developer the change was discussed usually it was just agreed that after some changes the task would be ready
  • 24.
    The Revised Workflow ResultsFrom Reviews Many issues were corrected before handing the code to the client Many enhancement ideas were discovered Because the developer explained the code to reviewer not all the issues that should have been fixed were fixed
  • 25.
    The Revised Workflow ResultsFrom Reviews Many issues were corrected before handing the code to the client Many enhancement ideas were discovered Because the developer explained the code to reviewer not all the issues that should have been fixed were fixed But the main problems in review remained: The long delay between implementation and final comments A lot of questions was asked Comments from client were in a single list
  • 26.
    The Current Workflow Immediate(or almost immediate) comments on change Client reviews also one change instead of all changes in single delivery The workflow has worked well even for team of 15 vincitizens
  • 27.
    The Current Workflow ResultsFrom Review Practically no remaining coding style issues in client review Developers have become more disciplined Client can review the change faster and easier than before Client can concentrate on functionality
  • 28.
    The Current Workflow ResultsFrom Review Practically no remaining coding style issues in client review Developers have become more disciplined Client can review the change faster and easier than before Client can concentrate on functionality We have started talking that a change is ready to be bashed (”valmis lyt¨att¨av¨aksi” in Finnish)
  • 29.
    Reviewing - TheWay We Do It
  • 30.
    Overview Each commit isreviewed separately1 Commit is always reviewed after fixing found issues Reviewed commit is required to be self-containing Review is done first internally; client gets review request after internal review has passed 1 A task may contain more than one commit
  • 31.
    Time Spent Reviewing clearlyless than 10% of development time reviews can be easily done, for example, while compiling
  • 32.
  • 33.
  • 34.
  • 35.
    Reviewed Items Our Checklist Functionality Codingstyle Implementation (code structure / architecture)
  • 36.
    Reviewed Items Our Checklist Functionality Codingstyle Implementation (code structure / architecture) Readability
  • 37.
    Reviewed Items Our Checklist Functionality Codingstyle Implementation (code structure / architecture) Readability Commits and commit messages
  • 38.
    Commits and commitmessages Why It Is Important To Review These? Good commits with good commit messages are easier to review are helpful in the future forces you to think what is reasonable change
  • 39.
    Commits and commitmessages Why It Is Important To Review These?
  • 40.
    Commits and commitmessages Why It Is Important To Review These? There is surprisingly many tools that leverage good commits. For example: VCS log VCS blame (who changed a line and in which commit) find change introducing a bug
  • 41.
    Reviewing Commit Messages saywhat was changed explain why the change has been done2 have description of the old incorrect behaviour in case of bugfix3 2 just like good comments 3 or reference to the bug which contains the information
  • 42.
    Reviewing Commit self-containing a goodchapter in the story of the software’s history would be reasonable piece to revert
  • 43.
    Fixing Found Issues Thecommit containing issues is replaced with fixed commit because if the issue is found at code review the story of the software’s history contains less issues / bugs the commits remain self-containing and atomic No commit should be broken
  • 44.
  • 45.
    Continuous Integration Usually C.I.is run for changes already put in main branch to find if bad change has been merged automatically build test versions
  • 46.
    Continuous Integration Usually C.I.is run for changes already put in main branch to find if bad change has been merged automatically build test versions Downsides are that C.I. is only reacting to issues not preventing them C.I. could provide valuable information for reviews
  • 47.
    Continuous Integration ReviewsOur Commits! Our C.I. tool reviews all the commits immediately after the commits are available for review by running unittests running smoke test running static code analyzer building the most important builds
  • 48.
    What Else CouldBe Done At Review Time Build and publish test version for all platforms Have test engineer, client or end user to verify that the change is valid
  • 49.
  • 50.
    About Tools All thetools we use in the review process are open source are quite easy to setup4 require very little maintenance have been scaling without issues 4 first usable installation done less than one day
  • 51.
    Version Control System Git(http://git-scm.com/) Distributed VCS Very efficient at branching Fast and efficient Git allows easy way to ”rewrite history” (rebasing).
  • 52.
    Version Control System Git(http://git-scm.com/) Distributed VCS Very efficient at branching Fast and efficient Git allows easy way to ”rewrite history” (rebasing). Currently only Mercurial supports rebasing in addition to Git. Darcs has rebase support in early phase.
  • 53.
    Code Review Tool Gerrit(https://code.google.com/p/gerrit/) Web based code review tool Integrates with git5 Easy to add comments for changes A Quick Introduction To Gerrit: http://gerrit-documentation.googlecode.com/svn/ Documentation/2.6/intro-quick.html 5 Gerrit implements git repository
  • 54.
  • 55.
  • 56.
    Gerrit My Comments The bestreview tool I have used Very efficient and helpfull; makes reviewing easy Just a tool
  • 57.
    Continuous Integration Buildbot (http://buildbot.net/) Pythonbased CI system Master controls which builds should be built and when Slaves do the actual builds Built-in support for gerrit Can be configured to review changes in gerrit
  • 58.
    Outline 1 About CodeReviews 2 Code Reviewing In One Project 3 Summary
  • 59.
    Summary 1 About CodeReviews 2 Code Reviewing In One Project About The Project Workflow Reviewing - The Way We Do It Tools 3 Summary
  • 60.
    Questions? Improving Code QualityIn Medical Software Through Code Reviews Janne R¨onkk¨o janne.ronkko@vincit.fi