Code review is the systematic examination of computer source code to find mistakes. It aims to improve overall software quality by identifying errors missed during initial development. Effective code review processes include pairing programmers, using tools to manage code review workflows, and establishing guidelines for what reviewers should evaluate like requirements, readability, performance, and error handling. Selecting the right code review tool is important to support the chosen workflow and meet a team's particular needs.
Unlocking the Future of AI Agents with Large Language Models
Code review
1. How to start performing
useful code reviews
Raquel Pau (@raquelpau)
rpau@walkmod.com
1
#legacycoderocks
2. What is Code / Peer Review
Code review is systematic examination (sometimes referred
to as peer review) of computer source code. It is intended to
find mistakes overlooked in the initial development phase,
improving the overall quality of software.
2
#legacycoderocks
4. Pair programming
u Very effective code review, finds defects early.
u Great for sharing knowledge, mentoring.
u Requires two developers, co-located
u Transient discussion
u Personalities
4
#legacycoderocks
5. Tool-assisted Code Review
u Managed workflow and notification
u Record of discussion
u Asynchronous
u Change team culture?
5
#legacycoderocks
6. “Always code as if the person who ends
up maintaining your code is a violent
psychopath who knows where you live”
John F. Woods (1991)
6
#legacycoderocks
11. Process
u Decide the contribution workflow
u Patches / Branches / Pull requests
u Keep workflow simple
u Iterations are good
u Average 2 reviewers
11
Work on feature/fix
Commit the change
Review the change
Done
Problems
found
#legacycoderocks
12. Tools
u Yes, you need a code review tool
u Find the right tool:
u Fits in your environment
u Supports chosen workflow
u Meets your particular needs
12
#legacycoderocks
13. As a code author
u Review your own code
u Commit small changes
u Document your code
u Provide meaningful commit messages
13
#legacycoderocks
14. As a reviewer
u Don’t postpone it (mental flows interruptions)
u Don’t spend too much time (10min, 30min, 1h)
u Keep in mind your project’s priorities
u Manage technical debt properly
u Apply your expertise
14
#legacycoderocks
15. Use Quality Gates & CI tools
u Tests execution
u Test Coverage
u Code Style Analysis
15
#legacycoderocks
16. What to look for? Create your own
checklist!
u Requirements correctness
u Readability
u Architecture and design
u Performance
u Errors & Security management
16
#legacycoderocks
17. Requirements correctness
u Are tests descriptive enough?
u Are there any bugs?
u Are the business rules and logic fully implemented and
tested?
17
#legacycoderocks
19. Architecture and design review
u Are we modifying the same files over and over again?
u Is this functionality already implemented in another
place?
u Are there any libraries to perform that?
u Data structures
u Is this over engineered?
19
#legacycoderocks
20. Performance
u Performance requirements
u Performance tests
u Common causes of performance problems:
u Unnecessary network calls
u Using locks to access shared resources
u Potential memory leaks
u Not closed connections/streams
u Calls to databases 20
#legacycoderocks
21. Errors & security management
u Errors are handled properly
u Are using special codes/exceptions for each problems
u Authentication
u Third party libraries
21
#legacycoderocks
22. Human factor
u Ego-free reviews
u Do not be a pedant
u Find problems, not solutions
u Embrace feedback
22
#legacycoderocks
23. Workflow: validate as quick as possible
23
Send a patch
to apply
Hook
Clone the project and
apply the patch
Receives the
patch to review
Build Project
Quality GateWrite code
#legacycoderocks
24. Workflow: validate as quick as possible
24
Send a patch
to apply
Hook
Clone the project and
apply the patch
Receives the
patch to review
Build Project
Quality GateWrite code
#legacycoderocks
25. Pre code-review tools
u Test coverage
u Build problems
u Static code analysis tools
u Detect style issues
u Detect common bugs
u Detect dead code
u Detect design issues
25
#legacycoderocks
27. code-review tools: pull-requests
u It is a diff / patch visualization
u A thread of comments
u Usually people express their opinions with +1, -1,
+1000 J
u After an agreement, project owners can apply the
patch
u The code review is merged
27
#legacycoderocks
30. code-review tools: fisheye
u Great integration with Atlassian products
u Crucible, Bitbucket + JIRA
u Like Pull requests
u Share pieces of code
u Open discussions
u Validate patches /diffs.
30
#legacycoderocks
31. code-review tools: gerrit
u Gerrit manages the real changes to the final
repository.
u It becomes the developer repository:
git clone ssh://gerrithost:29418/RecipeBook.git
u Special branches for code review
git push origin HEAD:refs/for/master
31
#legacycoderocks
33. code-review tools: reviwable.io
u SaaS solution
u https://reviewable.io/
u Improved used experience from GitHub pull
requests.
u Shows you what changed since last time you looked
u Manages comments so your inbox does not overflow.
u Integrates effortless with GitHub pull requests
33
#legacycoderocks
34. thanks for your attention
34
Raquel Pau (@raquelpau)
rpau@walkmod.com
#legacycoderocks