Upgrade to Pro — share decks privately, control downloads, hide ads and more …

How to stop wasting your time and start performing useful code reviews

F27857f64004b34f23be3d3c11122d30?s=47 MKhalusova
November 11, 2015

How to stop wasting your time and start performing useful code reviews

Devoxx Belgium 2015

F27857f64004b34f23be3d3c11122d30?s=128

MKhalusova

November 11, 2015
Tweet

Transcript

  1. @mariakhalusova #Devoxx #UsefulCodeReview How to stop wasting your time and

    start performing useful code reviews Maria Khalusova JetBrains
  2. @mariakhalusova #Devoxx #UsefulCodeReview Code review • Team collaboration • Knowledge

    sharing • Faster on-boarding • Increased bus factor • Improved code quality • Easier code maintenance • Finding bugs Better team Better software
  3. @mariakhalusova #Devoxx #UsefulCodeReview https://twitter.com/pcweenies/status/649954658794913792

  4. @mariakhalusova #Devoxx #UsefulCodeReview Contents • Smooth start • Making code

    reviews useful • What to look for in a code review • Human factor
  5. @mariakhalusova #Devoxx #UsefulCodeReview Where to start? Key aspects: • Team

    • Change impact • Process • New tool
  6. @mariakhalusova #Devoxx #UsefulCodeReview The Team • Communicate clearly • Listen

    to concerns • Cultivate code review culture
  7. @mariakhalusova #Devoxx #UsefulCodeReview Change impact • Who? • What? •

    When?
  8. @mariakhalusova #Devoxx #UsefulCodeReview Process • Decide on the process •

    Keep workflow simple • Iterations are good • Average 2 reviewers • Review often
  9. @mariakhalusova #Devoxx #UsefulCodeReview New tool • Yes, you need a

    code review tool • Find the right tool: • Fits in your environment • Supports chosen workflow • Meets your particular needs • Keeps you in the loop without spamming
  10. @mariakhalusova #Devoxx #UsefulCodeReview Summary • Have an open dialog with

    the team • Have a good plan • Find the right tool
  11. @mariakhalusova #Devoxx #UsefulCodeReview Making code reviews useful

  12. @mariakhalusova #Devoxx #UsefulCodeReview Automate what can be automated • Tests

    • Continuous Integration • Static code analysis • Spellchecker • etc.
  13. @mariakhalusova #Devoxx #UsefulCodeReview Code review is not a place for

    coding style wars
  14. @mariakhalusova #Devoxx #UsefulCodeReview As a code author • Review your

    own code • Commit small changes • Document your code • Provide meaningful commit message
  15. @mariakhalusova #Devoxx #UsefulCodeReview As a reviewer • Don’t postpone it

    • Don’t spend too much time • Keep in mind your project’s priorities • Apply your expertise
  16. @mariakhalusova #Devoxx #UsefulCodeReview What to look for?

  17. @mariakhalusova #Devoxx #UsefulCodeReview General and business logic • Correctness •

    Coding errors • Business rules and logic • User facing messages
  18. @mariakhalusova #Devoxx #UsefulCodeReview Architecture and design • Is the code

    in the right place? • Reusability • Data structures • SOLID principles • YAGNI
  19. @mariakhalusova #Devoxx #UsefulCodeReview Readability and maintainability Always code as if

    the person who ends up maintaining your code is a violent psychopath who knows where you live. - John F. Woods (1991) • Naming • Readability • Documentation • Test coverage
  20. @mariakhalusova #Devoxx #UsefulCodeReview Performance • Performance requirements • Performance tests

    • Common causes of performance problems: • Unnecessary network calls • Using locks to access shared resources • Potential memory leaks • Not closed connections/streams • Calls to the database
  21. @mariakhalusova #Devoxx #UsefulCodeReview Performance: calls to the database

  22. @mariakhalusova #Devoxx #UsefulCodeReview Security • Third party libraries • Authentication

    • Data encryption • Proper management of passports, encryption keys, etc. • Review potential problems
  23. @mariakhalusova #Devoxx #UsefulCodeReview Security: useful read • Common weakness enumeration:

    CWE.mitre.org • OWASP.org Code Review Guide Book v. 2.0 ALPHA
  24. @mariakhalusova #Devoxx #UsefulCodeReview Upsource quick wins • Static code analysis

    • Code navigation • Find usages • IDE plugin
  25. @mariakhalusova #Devoxx #UsefulCodeReview Human factor

  26. @mariakhalusova #Devoxx #UsefulCodeReview

  27. @mariakhalusova #Devoxx #UsefulCodeReview

  28. @mariakhalusova #Devoxx #UsefulCodeReview It is personal!

  29. @mariakhalusova #Devoxx #UsefulCodeReview Code review level Linus

  30. @mariakhalusova #Devoxx #UsefulCodeReview Learn to give feedback • Don’t be

    rude • Don’t dictate • Ask questions • Engage in a discussion • It’s ok to disagree and argue • Be sensitive to cultural differences
  31. @mariakhalusova #Devoxx #UsefulCodeReview

  32. @mariakhalusova #Devoxx #UsefulCodeReview Learn to receive feedback • Contain your

    immediate reaction • Give it a thought • Ask followup questions
  33. @mariakhalusova #Devoxx #UsefulCodeReview It doesn’t have to be all criticism

    Praise good work!
  34. @mariakhalusova #Devoxx #UsefulCodeReview Maria Khalusova JetBrains Thank you!