SlideShare une entreprise Scribd logo

Code Reviews

Télécharger en tant que PPTX, PDF
P
phildenoncourt

Establishing Code Reviews for your team.

Technologie
1  sur  23
1 Establishing Code Review Processes for yourTeam Phil Denoncourt III Lead Consultant PJ Denoncourt & Associates, LLC Track: Enterprise Architecture
2 Wireless Access 1. Connect to the “Cambridge” network 2. Open a Browser 3. In Logon page use the code: af609
“Software testing alone has limited effectiveness -- the average defect detection rate is only 25 percent for unit testing, 35 percent for function testing, and 45 percent for integration testing. In contrast, the average effectiveness of design and code inspections are 55 and 60 percent. Case studies of review results have been impressive:In a software-maintenance organization, 55 percent of one-line maintenance changes were in error before code reviews were introduced. After reviews were introduced, only 2 percent of the changes were in error. When all changes were considered, 95 percent were correct the first time after reviews were introduced. Before reviews were introduced, under 20 percent were correct the first time. In a group of 11 programs developed by the same group of people, the first 5 were developed without reviews. The remaining 6 were developed with reviews. After all the programs were released to production, the first 5 had an average of 4.5 errors per 100 lines of code. The 6 that had been inspected had an average of only 0.82 errors per 100. Reviews cut the errors by over 80 percent. The Aetna Insurance Company found 82 percent of the errors in a program by using inspections and was able to decrease its development resources by 20 percent. IBM's 500,000 line Orbit project used 11 levels of inspections. It was delivered early and had only about 1 percent of the errors that would normally be expected. A study of an organization at AT&T with more than 200 people reported a 14 percent increase in productivity and a 90 percent decrease in defects after the organization introduced reviews. Jet Propulsion Laboratories estimates that it saves about $25,000 per inspection by finding and fixing defects at an early stage.” Steve McConnell, Code Complete Code Reviews
• Bugs should be spotted earlier • Bugs are cheaper to fix Fewer Defects • More eyes on sustainable factoring • Proves the code is understandable More Maintainable Benefits - Quality
Junior • Learn practiced techniques from experienced developers Senior • Gather more breadth of system architecture Architect • Opportunity to promote principles • Gives you more visibility to suspect areas of code. Benefits - Coaching
• Understand code, not developer is being reviewed Collaborative Group • Done independently or in group? • How do you to notate results? • How to you verify corrections were made? Process • Set expectations by having coding standards documented • Code ReviewChecklist Standards Prequisites
Code is written Compiles Static Code Analysis Automated Tests Succeed Developer reviews code Code Review Corrections are made Code is committed to central repository When to do reviews
• Promotes better learning • People likely to come unprepared Code Review Meeting • Not interrupting developer’s schedules • Easy to defer Offline / Async • Suggestions are emailed to a moderator before the review • Moderator goes through the list High Impact Inspection Methodology
• More bugs were not found in groups larger than 5 Small Group • Keep review to 200-400 lines of code Small Review Scope • After 60 minutes, fewer bugs were found Timeboxed effort Suggestions
• Shouldn’t be forced to have code reviewed that isn’t ready. Developer submits code • Managers don’t have much to contribute. • Encourages unnecessary defensiveness NonTechnical Attendees • Encourages a through review • Sets expectations for developersChecklists Suggestions
• Need to encourage egoless reviews • Continue to reinforce that code is being reviewedTone • Encourage atmosphere of proposing solutions. Not just pointing out problems. Fix it • Make sure non-traditional assets are reviewed • Database Schemas • Supporting Documentation • Installers Broad Suggestions
• Consider having one person responsible for a single area • Security • Memory Usage • Performance Subject Matter Experts • If bug was not found in code review, determine root cause Feedback • Code Reviews are generally not the place to design the solution. • Keep changes focused on code. Revision Suggestions
• Code is re-reviewed until it passes • If it continues to need work, address the underlying issue Repeat • Best if testing staff can read code • A way of communicating how system is put together. Involve Testing Staff • Best to have a system that integrates with build systemAutomate Suggestions
Immediate code reviews • Albeit reviewing isn’t the focus Reviews tend to be non-objective Metrics are hard to gather Pair Programming
Threading Static variables are protected Appropriate objects are threadsafe Locks are released in the correct order Critical Resources Handles are freed at the earliest point Handles are validated before usage Instrumentation Code logs important events Logging is not excessive Security Authorization checks are done Function Parameters are validated  Convention  Adequately Documented  Appropriate Headers  Error Handling  Assumptions in functions are asserted  Exceptions are documented  Resources are properly freed in exception situations  It is possible for the exception to occur  Loops  It will always be finite  Ending conditions are accurate  Tests  Coverage is sufficient  Purpose of test is understandable Review Checklist
• Issues found per review • Expect a spike initially • As your team gets better at finding defects • Expect this to go downward Code Review Failure Rate • Number of big issues found in QA • Expect this to go down rapidly Severe QA Bugs • Number of lines committed as a result of code review • Expect this to be high initially, and have a downwards trend. Number of lines changed per review Measuring
• Best if integrates with defect system • As well as SCCIntegrate • Tracks concerns in code • Resolution of the concernsFeatures • Wide variety of vendors • Open SourceResearch Software
• Team won’t learn from each other Minimal Learning • You won’t be present, so you don’t have insight • Seed code with known issues to measure Questionable Detail • Won’t be taking up team’s time • Project headcount is minimized Lower Commitment Outsourcing
• Takes time to review existing code • Costs ½ person day to review 300 linesCommitment • Big shift from committing any code, to only reviewed code • Some devs are sensitive to feedback Culture • Many developers have had bad experiences • Some research suggests reviews aren’t worthwhile Reputation Struggles
Code Reviews improve quality Code Reviews improve team Reviews require planning and resources Wrapping up
22 ThankYou Sponsors ! {CodeRight}
Help make a better event - Complete a Survey! http://ArchitectFactory.com/Survey.aspx

Recommandé

Defect free development - QS Tag2019
Defect free development - QS Tag2019Defect free development - QS Tag2019
Defect free development - QS Tag2019
Arnon Axelrod
 
ISTQB - CTFL Summary v1.0
ISTQB - CTFL Summary v1.0ISTQB - CTFL Summary v1.0
ISTQB - CTFL Summary v1.0
Samer Desouky
 
Tracking through kanban
Tracking through kanbanTracking through kanban
Tracking through kanban
Shuchi Singla AKT,SPC4,PMI-ACP,ITIL(F),CP-AAT
 
Testing As A Bottleneck - How Testing Slows Down Modern Development Processes...
Testing As A Bottleneck - How Testing Slows Down Modern Development Processes...Testing As A Bottleneck - How Testing Slows Down Modern Development Processes...
Testing As A Bottleneck - How Testing Slows Down Modern Development Processes...
TEST Huddle
 
Static Analysis Techniques For Testing Application Security - Houston Tech Fest
Static Analysis Techniques For Testing Application Security - Houston Tech FestStatic Analysis Techniques For Testing Application Security - Houston Tech Fest
Static Analysis Techniques For Testing Application Security - Houston Tech Fest
Denim Group
 
ISTQB Certified Mobile Application Tester - intro
ISTQB Certified Mobile Application Tester - introISTQB Certified Mobile Application Tester - intro
ISTQB Certified Mobile Application Tester - intro
Hassan Muhammad
 
Testing Best Practices
Testing Best PracticesTesting Best Practices
Testing Best Practices
Axway Appcelerator
 
How google-tests-software
How google-tests-softwareHow google-tests-software
How google-tests-software
Bhawna Tuteja
 

Recommandé

Defect free development - QS Tag2019
Defect free development - QS Tag2019Defect free development - QS Tag2019
Defect free development - QS Tag2019
Arnon Axelrod
 
ISTQB - CTFL Summary v1.0
ISTQB - CTFL Summary v1.0ISTQB - CTFL Summary v1.0
ISTQB - CTFL Summary v1.0
Samer Desouky
 
Tracking through kanban
Tracking through kanbanTracking through kanban
Tracking through kanban
Shuchi Singla AKT,SPC4,PMI-ACP,ITIL(F),CP-AAT
 
Testing As A Bottleneck - How Testing Slows Down Modern Development Processes...
Testing As A Bottleneck - How Testing Slows Down Modern Development Processes...Testing As A Bottleneck - How Testing Slows Down Modern Development Processes...
Testing As A Bottleneck - How Testing Slows Down Modern Development Processes...
TEST Huddle
 
Static Analysis Techniques For Testing Application Security - Houston Tech Fest
Static Analysis Techniques For Testing Application Security - Houston Tech FestStatic Analysis Techniques For Testing Application Security - Houston Tech Fest
Static Analysis Techniques For Testing Application Security - Houston Tech Fest
Denim Group
 
ISTQB Certified Mobile Application Tester - intro
ISTQB Certified Mobile Application Tester - introISTQB Certified Mobile Application Tester - intro
ISTQB Certified Mobile Application Tester - intro
Hassan Muhammad
 
Testing Best Practices
Testing Best PracticesTesting Best Practices
Testing Best Practices
Axway Appcelerator
 
How google-tests-software
How google-tests-softwareHow google-tests-software
How google-tests-software
Bhawna Tuteja
 
Risk Mitigation Using Exploratory and Technical Testing | QASymphony Webinar
Risk Mitigation Using Exploratory and Technical Testing | QASymphony WebinarRisk Mitigation Using Exploratory and Technical Testing | QASymphony Webinar
Risk Mitigation Using Exploratory and Technical Testing | QASymphony Webinar
QASymphony
 
Types of Software Testing: Definition, Objectives and Advantages
Types of Software Testing: Definition, Objectives and AdvantagesTypes of Software Testing: Definition, Objectives and Advantages
Types of Software Testing: Definition, Objectives and Advantages
Simform
 
Defect Prevention & Predictive Analytics - XBOSoft Webinar
Defect Prevention & Predictive Analytics - XBOSoft WebinarDefect Prevention & Predictive Analytics - XBOSoft Webinar
Defect Prevention & Predictive Analytics - XBOSoft Webinar
XBOSoft
 
Training program BaffleSol academy of learning
Training program BaffleSol academy of learningTraining program BaffleSol academy of learning
Training program BaffleSol academy of learning
Shuchi Singla AKT,SPC4,PMI-ACP,ITIL(F),CP-AAT
 
Case studies of Test Driven Development
Case studies of Test Driven DevelopmentCase studies of Test Driven Development
Case studies of Test Driven Development
Simform
 
Mihai mahulea the zen of test driven development
Mihai mahulea the zen of test driven developmentMihai mahulea the zen of test driven development
Mihai mahulea the zen of test driven development
Codecamp Romania
 
Istqb foundation level day 1
Istqb foundation level day 1Istqb foundation level day 1
Istqb foundation level day 1
Shuchi Singla AKT,SPC4,PMI-ACP,ITIL(F),CP-AAT
 
Scrum best practices
Scrum best practicesScrum best practices
Scrum best practices
Shuchi Singla AKT,SPC4,PMI-ACP,ITIL(F),CP-AAT
 
How to Actually DO High-volume Automated Testing
How to Actually DO High-volume Automated TestingHow to Actually DO High-volume Automated Testing
How to Actually DO High-volume Automated Testing
TechWell
 
Why Automated Testing Matters To DevOps
Why Automated Testing Matters To DevOpsWhy Automated Testing Matters To DevOps
Why Automated Testing Matters To DevOps
dpaulmerrill
 
AfterTest Madrid March 2016 - DevOps and Testing Introduction
AfterTest Madrid March 2016 - DevOps and Testing IntroductionAfterTest Madrid March 2016 - DevOps and Testing Introduction
AfterTest Madrid March 2016 - DevOps and Testing Introduction
Peter Marshall
 
Introduction to ISTQB & ISEB Certifications
Introduction to ISTQB & ISEB CertificationsIntroduction to ISTQB & ISEB Certifications
Introduction to ISTQB & ISEB Certifications
Yogindernath Gupta
 
Think tank event mobile app testing v1.3
Think tank event mobile app testing v1.3Think tank event mobile app testing v1.3
Think tank event mobile app testing v1.3
Samer Desouky
 
(Agile) engineering best practices - What every project manager should know
(Agile) engineering best practices - What every project manager should know(Agile) engineering best practices - What every project manager should know
(Agile) engineering best practices - What every project manager should know
Richard Cheng
 
Is Test Planning a lost art in Agile? by Michelle Williams
Is Test Planning a lost art in Agile? by Michelle WilliamsIs Test Planning a lost art in Agile? by Michelle Williams
Is Test Planning a lost art in Agile? by Michelle Williams
QA or the Highway
 
Software testing and quality assurance
Software testing and quality assuranceSoftware testing and quality assurance
Software testing and quality assurance
Benjamin Baumann
 
A Software Testing Intro
A Software Testing IntroA Software Testing Intro
A Software Testing Intro
Evozon Test Lab
 
Cross functional peer review preso 10-01-2013
Cross functional peer review preso 10-01-2013Cross functional peer review preso 10-01-2013
Cross functional peer review preso 10-01-2013
SmartBear
 
Embedded world 2017
Embedded world 2017Embedded world 2017
Embedded world 2017
ChantalWauters
 
On to code review lessons learned at microsoft
On to code review lessons learned at microsoftOn to code review lessons learned at microsoft
On to code review lessons learned at microsoft
Michaela Greiler
 
Backward thinking design qa system for quality goals
Backward thinking design qa system for quality goalsBackward thinking design qa system for quality goals
Backward thinking design qa system for quality goals
gaoliang641
 
Code Review Tool Evaluation
Code Review Tool EvaluationCode Review Tool Evaluation
Code Review Tool Evaluation
Kate Semizhon
 

Contenu connexe

Tendances

Case studies of Test Driven Development
Case studies of Test Driven DevelopmentCase studies of Test Driven Development
Case studies of Test Driven Development
Simform
 
How to Actually DO High-volume Automated Testing
How to Actually DO High-volume Automated TestingHow to Actually DO High-volume Automated Testing
How to Actually DO High-volume Automated Testing
TechWell
 
Cross functional peer review preso 10-01-2013
Cross functional peer review preso 10-01-2013Cross functional peer review preso 10-01-2013
Cross functional peer review preso 10-01-2013
SmartBear
 
Embedded world 2017
Embedded world 2017Embedded world 2017
Embedded world 2017
ChantalWauters
 

Tendances (20)

Risk Mitigation Using Exploratory and Technical Testing | QASymphony Webinar
Risk Mitigation Using Exploratory and Technical Testing | QASymphony WebinarRisk Mitigation Using Exploratory and Technical Testing | QASymphony Webinar
Risk Mitigation Using Exploratory and Technical Testing | QASymphony Webinar
 
Types of Software Testing: Definition, Objectives and Advantages
Types of Software Testing: Definition, Objectives and AdvantagesTypes of Software Testing: Definition, Objectives and Advantages
Types of Software Testing: Definition, Objectives and Advantages
 
Defect Prevention & Predictive Analytics - XBOSoft Webinar
Defect Prevention & Predictive Analytics - XBOSoft WebinarDefect Prevention & Predictive Analytics - XBOSoft Webinar
Defect Prevention & Predictive Analytics - XBOSoft Webinar
 
Training program BaffleSol academy of learning
Training program BaffleSol academy of learningTraining program BaffleSol academy of learning
Training program BaffleSol academy of learning
 
Case studies of Test Driven Development
Case studies of Test Driven DevelopmentCase studies of Test Driven Development
Case studies of Test Driven Development
 
Mihai mahulea the zen of test driven development
Mihai mahulea the zen of test driven developmentMihai mahulea the zen of test driven development
Mihai mahulea the zen of test driven development
 
Istqb foundation level day 1
Istqb foundation level day 1Istqb foundation level day 1
Istqb foundation level day 1
 
Scrum best practices
Scrum best practicesScrum best practices
Scrum best practices
 
How to Actually DO High-volume Automated Testing
How to Actually DO High-volume Automated TestingHow to Actually DO High-volume Automated Testing
How to Actually DO High-volume Automated Testing
 
Why Automated Testing Matters To DevOps
Why Automated Testing Matters To DevOpsWhy Automated Testing Matters To DevOps
Why Automated Testing Matters To DevOps
 
AfterTest Madrid March 2016 - DevOps and Testing Introduction
AfterTest Madrid March 2016 - DevOps and Testing IntroductionAfterTest Madrid March 2016 - DevOps and Testing Introduction
AfterTest Madrid March 2016 - DevOps and Testing Introduction
 
Introduction to ISTQB & ISEB Certifications
Introduction to ISTQB & ISEB CertificationsIntroduction to ISTQB & ISEB Certifications
Introduction to ISTQB & ISEB Certifications
 
Think tank event mobile app testing v1.3
Think tank event mobile app testing v1.3Think tank event mobile app testing v1.3
Think tank event mobile app testing v1.3
 
(Agile) engineering best practices - What every project manager should know
(Agile) engineering best practices - What every project manager should know(Agile) engineering best practices - What every project manager should know
(Agile) engineering best practices - What every project manager should know
 
Is Test Planning a lost art in Agile? by Michelle Williams
Is Test Planning a lost art in Agile? by Michelle WilliamsIs Test Planning a lost art in Agile? by Michelle Williams
Is Test Planning a lost art in Agile? by Michelle Williams
 
Software testing and quality assurance
Software testing and quality assuranceSoftware testing and quality assurance
Software testing and quality assurance
 
A Software Testing Intro
A Software Testing IntroA Software Testing Intro
A Software Testing Intro
 
Cross functional peer review preso 10-01-2013
Cross functional peer review preso 10-01-2013Cross functional peer review preso 10-01-2013
Cross functional peer review preso 10-01-2013
 
Embedded world 2017
Embedded world 2017Embedded world 2017
Embedded world 2017
 
On to code review lessons learned at microsoft
On to code review lessons learned at microsoftOn to code review lessons learned at microsoft
On to code review lessons learned at microsoft
 

Similaire à Code Reviews

IEEE 1633 Recommended Practices for Reliable Software
IEEE 1633 Recommended Practices for Reliable SoftwareIEEE 1633 Recommended Practices for Reliable Software
IEEE 1633 Recommended Practices for Reliable Software
Ann Marie Neufelder
 
Slides for Houston iPhone Developers' Meetup (April 2012)
Slides for Houston iPhone Developers' Meetup (April 2012)Slides for Houston iPhone Developers' Meetup (April 2012)
Slides for Houston iPhone Developers' Meetup (April 2012)
lqi
 
Quality metrics and angular js applications
Quality metrics and angular js applicationsQuality metrics and angular js applications
Quality metrics and angular js applications
nadeembtech
 
Software Project Management lecture 10
Software Project Management lecture 10Software Project Management lecture 10
Software Project Management lecture 10
Syed Muhammad Hammad
 

Similaire à Code Reviews (20)

Backward thinking design qa system for quality goals
Backward thinking design qa system for quality goalsBackward thinking design qa system for quality goals
Backward thinking design qa system for quality goals
 
Code Review Tool Evaluation
Code Review Tool EvaluationCode Review Tool Evaluation
Code Review Tool Evaluation
 
Automated Code Reviews with AI and ML - DevOps Next
Automated Code Reviews with AI and ML - DevOps NextAutomated Code Reviews with AI and ML - DevOps Next
Automated Code Reviews with AI and ML - DevOps Next
 
Capability Building for Cyber Defense: Software Walk through and Screening
Capability Building for Cyber Defense: Software Walk through and Screening Capability Building for Cyber Defense: Software Walk through and Screening
Capability Building for Cyber Defense: Software Walk through and Screening
 
Software testing-and-analysis
Software testing-and-analysisSoftware testing-and-analysis
Software testing-and-analysis
 
code_review_checklist_6_actions_to_improve_the_quality_of_your_reviews.pptx
code_review_checklist_6_actions_to_improve_the_quality_of_your_reviews.pptxcode_review_checklist_6_actions_to_improve_the_quality_of_your_reviews.pptx
code_review_checklist_6_actions_to_improve_the_quality_of_your_reviews.pptx
 
Automation and Technical Debt
Automation and Technical DebtAutomation and Technical Debt
Automation and Technical Debt
 
IEEE 1633 Recommended Practices for Reliable Software
IEEE 1633 Recommended Practices for Reliable SoftwareIEEE 1633 Recommended Practices for Reliable Software
IEEE 1633 Recommended Practices for Reliable Software
 
Slides for Houston iPhone Developers' Meetup (April 2012)
Slides for Houston iPhone Developers' Meetup (April 2012)Slides for Houston iPhone Developers' Meetup (April 2012)
Slides for Houston iPhone Developers' Meetup (April 2012)
 
Quality metrics and angular js applications
Quality metrics and angular js applicationsQuality metrics and angular js applications
Quality metrics and angular js applications
 
software project management Software inspection
software project management Software inspectionsoftware project management Software inspection
software project management Software inspection
 
Software Testing Basics
Software Testing BasicsSoftware Testing Basics
Software Testing Basics
 
code_review_checklist_6_actions_to_improve_the_quality_of_your_reviews.pdf
code_review_checklist_6_actions_to_improve_the_quality_of_your_reviews.pdfcode_review_checklist_6_actions_to_improve_the_quality_of_your_reviews.pdf
code_review_checklist_6_actions_to_improve_the_quality_of_your_reviews.pdf
 
Agile engineering practices
Agile engineering practicesAgile engineering practices
Agile engineering practices
 
QM in Software Projects
QM in Software ProjectsQM in Software Projects
QM in Software Projects
 
An Introduction To Software Development - Final Review
An Introduction To Software Development - Final ReviewAn Introduction To Software Development - Final Review
An Introduction To Software Development - Final Review
 
Coding - SDLC Model
Coding - SDLC ModelCoding - SDLC Model
Coding - SDLC Model
 
Software Project Management lecture 10
Software Project Management lecture 10Software Project Management lecture 10
Software Project Management lecture 10
 
Test planning and software's engineering
Test planning and software's engineeringTest planning and software's engineering
Test planning and software's engineering
 
White box testing
White box testingWhite box testing
White box testing
 

Dernier

TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 

Dernier (20)

Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 

Code Reviews

  • 1. 1 Establishing Code Review Processes for yourTeam Phil Denoncourt III Lead Consultant PJ Denoncourt & Associates, LLC Track: Enterprise Architecture
  • 2. 2 Wireless Access 1. Connect to the “Cambridge” network 2. Open a Browser 3. In Logon page use the code: af609
  • 3. “Software testing alone has limited effectiveness -- the average defect detection rate is only 25 percent for unit testing, 35 percent for function testing, and 45 percent for integration testing. In contrast, the average effectiveness of design and code inspections are 55 and 60 percent. Case studies of review results have been impressive:In a software-maintenance organization, 55 percent of one-line maintenance changes were in error before code reviews were introduced. After reviews were introduced, only 2 percent of the changes were in error. When all changes were considered, 95 percent were correct the first time after reviews were introduced. Before reviews were introduced, under 20 percent were correct the first time. In a group of 11 programs developed by the same group of people, the first 5 were developed without reviews. The remaining 6 were developed with reviews. After all the programs were released to production, the first 5 had an average of 4.5 errors per 100 lines of code. The 6 that had been inspected had an average of only 0.82 errors per 100. Reviews cut the errors by over 80 percent. The Aetna Insurance Company found 82 percent of the errors in a program by using inspections and was able to decrease its development resources by 20 percent. IBM's 500,000 line Orbit project used 11 levels of inspections. It was delivered early and had only about 1 percent of the errors that would normally be expected. A study of an organization at AT&T with more than 200 people reported a 14 percent increase in productivity and a 90 percent decrease in defects after the organization introduced reviews. Jet Propulsion Laboratories estimates that it saves about $25,000 per inspection by finding and fixing defects at an early stage.” Steve McConnell, Code Complete Code Reviews
  • 4. • Bugs should be spotted earlier • Bugs are cheaper to fix Fewer Defects • More eyes on sustainable factoring • Proves the code is understandable More Maintainable Benefits - Quality
  • 5. Junior • Learn practiced techniques from experienced developers Senior • Gather more breadth of system architecture Architect • Opportunity to promote principles • Gives you more visibility to suspect areas of code. Benefits - Coaching
  • 6. • Understand code, not developer is being reviewed Collaborative Group • Done independently or in group? • How do you to notate results? • How to you verify corrections were made? Process • Set expectations by having coding standards documented • Code ReviewChecklist Standards Prequisites
  • 8. • Promotes better learning • People likely to come unprepared Code Review Meeting • Not interrupting developer’s schedules • Easy to defer Offline / Async • Suggestions are emailed to a moderator before the review • Moderator goes through the list High Impact Inspection Methodology
  • 9. • More bugs were not found in groups larger than 5 Small Group • Keep review to 200-400 lines of code Small Review Scope • After 60 minutes, fewer bugs were found Timeboxed effort Suggestions
  • 10. • Shouldn’t be forced to have code reviewed that isn’t ready. Developer submits code • Managers don’t have much to contribute. • Encourages unnecessary defensiveness NonTechnical Attendees • Encourages a through review • Sets expectations for developersChecklists Suggestions
  • 11. • Need to encourage egoless reviews • Continue to reinforce that code is being reviewedTone • Encourage atmosphere of proposing solutions. Not just pointing out problems. Fix it • Make sure non-traditional assets are reviewed • Database Schemas • Supporting Documentation • Installers Broad Suggestions
  • 12. • Consider having one person responsible for a single area • Security • Memory Usage • Performance Subject Matter Experts • If bug was not found in code review, determine root cause Feedback • Code Reviews are generally not the place to design the solution. • Keep changes focused on code. Revision Suggestions
  • 13. • Code is re-reviewed until it passes • If it continues to need work, address the underlying issue Repeat • Best if testing staff can read code • A way of communicating how system is put together. Involve Testing Staff • Best to have a system that integrates with build systemAutomate Suggestions
  • 14. Immediate code reviews • Albeit reviewing isn’t the focus Reviews tend to be non-objective Metrics are hard to gather Pair Programming
  • 15. Threading Static variables are protected Appropriate objects are threadsafe Locks are released in the correct order Critical Resources Handles are freed at the earliest point Handles are validated before usage Instrumentation Code logs important events Logging is not excessive Security Authorization checks are done Function Parameters are validated  Convention  Adequately Documented  Appropriate Headers  Error Handling  Assumptions in functions are asserted  Exceptions are documented  Resources are properly freed in exception situations  It is possible for the exception to occur  Loops  It will always be finite  Ending conditions are accurate  Tests  Coverage is sufficient  Purpose of test is understandable Review Checklist
  • 16. • Issues found per review • Expect a spike initially • As your team gets better at finding defects • Expect this to go downward Code Review Failure Rate • Number of big issues found in QA • Expect this to go down rapidly Severe QA Bugs • Number of lines committed as a result of code review • Expect this to be high initially, and have a downwards trend. Number of lines changed per review Measuring
  • 17. • Best if integrates with defect system • As well as SCCIntegrate • Tracks concerns in code • Resolution of the concernsFeatures • Wide variety of vendors • Open SourceResearch Software
  • 18. • Team won’t learn from each other Minimal Learning • You won’t be present, so you don’t have insight • Seed code with known issues to measure Questionable Detail • Won’t be taking up team’s time • Project headcount is minimized Lower Commitment Outsourcing
  • 19. • Takes time to review existing code • Costs ½ person day to review 300 linesCommitment • Big shift from committing any code, to only reviewed code • Some devs are sensitive to feedback Culture • Many developers have had bad experiences • Some research suggests reviews aren’t worthwhile Reputation Struggles
  • 20. Code Reviews improve quality Code Reviews improve team Reviews require planning and resources Wrapping up
  • 21.
  • 23. Help make a better event - Complete a Survey! http://ArchitectFactory.com/Survey.aspx

Notes de l'éditeur

  1. 7/14/2014 11:05 AM