Saturday, November 26, 2022

Code Review Best Practices

Some hate it and some love it. It depends on style and intent of code review done by reviewer or understanding of reviewee. 

A great code review can reduce overall development cycle by minimizing bug leaks to higher environments and lead to a high-quality final product. On the other hand, poor code reviewing strategy can add unnecessary latencies in development cycle without mitigating any bugs. 

What is code review?

A manual process of reviewing source code developed by a fellow programmer of a team. It can be performed by multiple people or be performed multiple times by the same person for a thorough analysis. Fews steps can be automated using code analysis tools available.

Why do we need code review?

The most apparent benefit is making sure bad code is not leaked to production. Other benefits of good code reviews are standardization, knowledge sharing, security checks, and building a sense of teamwork and collaboration.

How-to do-good code reviews?

There are several aspects of a great code review. It should cover design, security, maintainability, logic, and quality. Follow a checklist of questions while reviewing. Below are few important questions that should be verified:

  • Do I understand what the code is supposed to do?
  • Does the code do what it’s supposed to do?
  • Can this source code be simplified? Are there any redundancies?
  • Are the names easy to understand and descriptive?
  • Do the names follow our conventions?
  • Can I quickly discern the role of functions, classes, and methods?
  • Does the source code use encapsulation and modularization?
  • Is it reliant on old functionality or code?
  • Does it introduce vulnerabilities? How could I potentially exploit this code?
  • Does the code require any documentation?
  • Does it meet coding and style standards?


Stick to small PR

For best results, review no more than 400 lines of code at a time. Any more than that and you risk missing bugs, logic flaws, and other defects. 

How to become better Reviewer

Enhancing your techniques for code reviews can improve the quality of the code you’re reviewing as well as your own code. For better code reviews, show humility and focus on the code.

Be Humble - 

Senior developers shouldn’t be the only ones reviewing code. Entry-level developers can provide a fresh perspective and should be integrated into the process from the start. To improve your code reviews, take the attitude that you can learn something new from everyone on your team.

Critique the Code

Critiquing code is a bit of an art. You want to identify issues without making it sound like the author is the issue. The focus here should be on the code itself. Read: not the code writer. Avoid “you” and “should” statements.

Good References - 
https://google.github.io/eng-practices/review/
https://stackoverflow.blog/2019/09/30/how-to-make-good-code-reviews-better/
at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Cybersecurity Essential: OpenSSL

In today’s digital landscape, securing data is paramount. Whether you’re building web applications, managing servers, or developing software...