Code review is a process of software quality assurance that concerns primarily the code base. A peer or a senior developer, called a reviewer, reads parts of the source code to give a second opinion on it.
But what is the purpose of code review?
The key purpose is to optimize the code in the latter stages and prevent the unstable code from launching into usage. It also creates some spirit of collective ownership over the project’s progress and keeps the team involved in planning the later phases of development. In case the code lines cover more than one domain, a minimum of 2 experts are required to review it.
The reviewers help to:
- enhance code quality,
- figure out logic problems,
- identify bugs,
- uncover edge cases.
The process touches upon 4 major areas:
- Code,
- Formatting consistency with overall solution design,
- Documentation quality,
- The compliance of coding standards with project requirements.
Now, let’s look at the advantages and disadvantages of code reviews.
What Are the Benefits of Code Review?
According to Stripe research conducted with Harris Poll, developers spend over 4 hours a week on average fixing bad code. That constitutes about 300B USD in lost productivity every year. So, we are going to disclose what are the benefits of code review for the development company.
1. Ensuring consistency in design and implementation
Every specialist has their own background and a unique style of programming. Thus, the collaboration of multiple developers in big projects can be challenging. Code review helps all experts working on the project standardize the source code and adhere to certain coding practices.
It is also helpful for future developers in building new features without wasting time on code studies, especially when we are talking about open-source projects with multiple contributors.
2. Discovering bugs earlier
With source code review, developers get the chance to spot and fix the problem before the users ever see it. Moreover, by moving this process earlier in the development cycle, the specialists can start fixing without waiting until the end of a lifecycle, when more effort is needed to remember the reasoning, solutions, and code itself.
3. Verification for the developed and required features
Each project has well-defined requirements and scope of work, and several developers working on the project can create various features accordingly. It’s vital to assure that none of them misinterpreted a requirement or crafted a useless feature. It’s exactly what code review helps to achieve while also ensuring all the critical features were created as defined in the specification and requirements.
4. Sharing knowledge
Code review practices encourage not only collaboration between the experts and exchanging feedback, but also sharing of ideas, skills, and knowledge of the latest technologies. Thus, junior team members can learn new approaches, techniques, and solutions, upgrading their knowledge.
5. Enhancing security
Team members check the source code for vulnerabilities and warn developers about the threats. So, code reviews help to create high-level safety, especially when security experts are involved.
6. Better documentation creation
Code reviews help create better documentation so that the developers can easily add new features to the solution in the future or upgrade the existing ones.
Even though the process offers numerous benefits, it’s not without drawbacks, so we’ll review them as well.
What Are the Disadvantages of Code Review?
The disadvantages of code review are to a high degree mere inconveniences to developers, taking their time and attention. Let’s look into them in more detail.
Time spent on the review, further discussion of the results, and possibly corrections of the errors found can delay the launch of the software solution. Even though automation can be used for testing, the process will still take some extra time.
- Shifting focus from other tasks
Since the process presupposes fresh eyes on the code, the reviewers may be sometimes forced to leave their own coding tasks in favor of their colleague’s code review. With a heavy workload, it causes delays in other projects.
Large projects require a significant amount of time for code examination and detailed feedback. At times, developers may sacrifice the feedback quality to accurately review the code.
How to Do a Code Review
Now knowing what are the disadvantages of code review as well as its benefits, we can proceed to the major steps for the code review process, which can be a real challenge.
Even though the practices differ from team to team, there are common points to keep in mind:
1. Set goals and metrics
It is important to define the key metrics and set clear-cut goals that include acceptable corporate coding standards.
2. Convey your goals and expectations
Without communicating goals and expectations, the result can be unpredictable. Not knowing what is expected, a developer may fail to properly complete the task.
3. Define the process
A clearly defined process of code review helps the whole team stay on track and minimize the time spent on testing.
4. Use a checklist
A checklist of the critical aspects and criteria created in advance will help the reviewer not to miss anything.
5. Require annotation from the author in advance
Annotation helps the reviewer comprehend the code and the functions of its separate blocks better. So, encourage developers to supplement their code with annotations.
6. Review for an hour at a time and not more than that
It is not recommended to review code for more than one hour since after 60 minutes the efficiency of a reviewer drops, and certain defects may stay unnoticed.
7. Set a process for fixing bugs detected
Fixing the errors is the ultimate goal of code review, so define the process and make sure it’s realized in the most efficient manner.
8. Foster a positive culture
Code reviews are intended to evaluate the performance of a developer, but they should also be used to create a positive culture and a supportive environment of learning.
9. Automate
There are things to check manually, but there are ones that can be verified with automatic tools. Such tools can scan the entire codebase in less than a minute, spot its defects and offer solutions right away.
Code Review Techniques
As we have already mentioned, every company has its processes, but the 4 most popular examples of code review techniques are as follows:
1. Instant code reviewing
This technique is characterized by the simultaneous work of the author and the reviewer sitting next to the developer, reading the code and correcting it if it’s necessary on the go. The process is good for highly complex projects but is not favorable for companies. Two people working on the same code mean fewer average lines per developer and more interruptions.
2. Ad-hoc reviewing of the code
It’s also a synchronous method of code review, but rather informal and spontaneous. The author produces the code and then requests a review from his senior colleague on the shared screen. The code is discussed over the shoulder.
This technique has many risks of missing errors because the reviewer often lacks information on the project goal.
3. Meeting-based code reviewing
This technique is the least common. A meeting of the tech team is called after the coders complete their work. Everybody shares ideas and suggests ways to solve problems. However, this process requires a lot of time, decreases efficiency, and results in a loss of workforce for the duration of the review.
4. Tool-based review
It’s an asynchronous code review technique when the author makes the code available to the other team members for review. The reviewer checks the code on their screen providing comments, or even amendments and notifying the coder to improve it. As soon as there are no changes, the code is marked with no comments and gets approved.
The process is faster and more efficient, and possible at any time convenient for the reviewer.
Conclusion
Although source code review may seem just another routine check in the process of software development, it allows teams to achieve much more than just finding bugs. Thus, it adds significant value to the development cycle and facilitates high-quality product delivery.
