SlideShare a Scribd company logo

Effective Code Reviews

Sebastian Marek
Sebastian Marek

Code reviews are a powerful tool in ensuring and maintaining quality in your application, but they can be very difficult to get right. When they're misunderstood or poorly executed, they can even make a bad situation worse. In this session I'll use my professional experience to give you some tactics for getting great benefit from code reviews. We'll talk about tools, about process and most importantly about attitude! Whether you're a developer or a technical lead, come along and find out how to perform a genuinely useful code review and provide constructive feedback in the quickest time possible.

Technology
1 of 35
Download to read offline
EFFECTIVE   CODE   REVIEWS   Sebas1an  Marek,  So8ware  Architect   Sebastian Marek
•  a  Pole  living  in  Sheffield   •  over  12  years  in   development   •  Pascal,  C++,  PHP,  perl,   python,  Java   •  co-­‐author  of  2  PHP  books     •  big  fan  of  process   automaBon   •  TDD  and  CI   •  occasionally  contributes  to   open  source  projects   •  wants  to  be  a  knight   h?ps://joind.in/7056   @proofek
Who does code reviews?
All characters appearing in this presentation are fictitious. Any resemblance to real persons, living or dead, is purely coincidental. Disclaimer
Tom “I Need It Now” – The Owner Harry “Just Get It Done” – The Manager The Team
Adam “The Night Coder” – developer Kris “Hackety Hack” – master code reviewer Bruno “It Will Work” – apprentice reviewer The Team
How much time do we need to get this project done? Well, design, coding, code reviews, testing…   Do we really need to code review the code? You surely know how to code, and you have tested it and it works… Right? Scenario 1
We're nearly done, just need to get this code reviewed. Hmmm… all the developers are busy, we have no one spare. Let's skip it and get it straight into QA… Scenario 2
Hello Harry, I need John to review my code. John is busy, you can have Rob. But Rob is a junior developer, and he doesn't know this system. You want it code reviewed or not? Rob is all we've got! Scenario 3
We do all these code review, spend a lot of time on this, but the code that hits production is still buggy. It's a waste of time! Scenario 4
Code review Adam The Developer 9:31 PM (0 minutes ago) to  Kris  The  Reviewer   Kris, I got this code I need you to review. Can you do it for me please? The code is in my repository on problem-fix branch. Thanks --- Adam Click here to Reply or Forward
No  (e)mail!   Raising a code review
Bug  tracking  systems   -­‐  JIRA   -­‐  Bugtrak   -­‐  ManBs     Code  review  tools   -­‐  Crucible/Fisheye   -­‐  Gerrit   -­‐  Github   Raising a code review
Code review Adam The Developer 9:31 PM (13 minutes ago) to  Kris  The  Reviewer   Kris, I got this code I need you to review. Can you do it for me please? The code is in my repository on problem-fix branch. Thanks --- Adam Kris The Reviewer 9:44 PM (0 minutes ago) to  Adam  The  Developer   Adam, No problem at all, but where did you branch the code from? I can’t identify the change set without it. --- Kris Click here to Reply or Forward
Version  control   •  Specific  change  sets   •  avoid  specific   commits   •  Reviewing  patches   risky,  unless   automated   What to review
Code review Adam The Developer 9:31 PM (25 minutes ago) Kris, I got this code I need you to review. Can you do it for me please? … Kris The Reviewer 9:44 PM (12 minutes ago) to  Adam  The  Developer   Adam, No problem at all, but where did you branch the code from? I can’t identify the change set without it. --- Kris Adam The Developer 9:56 PM (0 minutes ago) to  Kris  The  Reviewer   Kris, Ah yes. Sorry. It’s branched from my master branch. --- Adam
What and Why? The purpose of the review
Bruno  “It  will  work”   Usual  feedback  produced:   •  Makes  sense   •  Works   •  SyntacBcally  correct   •  Approved   One way of doing things…
Kris  “The  Master  Reviewer”   Tools  used:   •  PHP  linter   •  PHP  Code  Sniffer   •  PHPUnit   •  phpDocumentor   •  PHP  Depend   •  PHP  Mess  Detector   •  Sonar   Being smarter…
$ php -l Libraries/Action.class.php No syntax errors detected in Libraries/Action.class.php $ php -l Libraries/Action.class.php Errors parsing Libraries/Action.class.php $ phpcs –standard=Zend Libraries/Action.class.php FILE: /Volumes/git/modules/AccountChange/Libraries/Action.class.php -------------------------------------------------------------------------------- FOUND 2 ERROR(S) AND 1 WARNING(S) AFFECTING 3 LINE(S) -------------------------------------------------------------------------------- 44 | ERROR | Protected member variable "arrOptions" must contain a leading | | underscore 66 | WARNING | Line exceeds 80 characters; contains 82 characters 97 | ERROR | Line exceeds maximum limit of 120 characters; contains 135 | | characters -------------------------------------------------------------------------------- Time: 0 seconds, Memory: 5.75Mb Speed up with automation
$ phpunit PHPUnit 3.6.12 by Sebastian Bergmann. Configuration read from phpunit.xml.dist ..................IIII................IIIIIIIIIIIIIIIIIIIIIII.. 63 / 240 ( 26%) .............................................I.....I........... 126 / 240 ( 52%) ............................................................... 189 / 240 ( 78%) ................................................... Time: 02:01, Memory: 26.75Mb OK, but incomplete or skipped tests! Tests: 240, Assertions: 514, Incomplete: 29. Verify whether the code works
PHP_Depend 0.10.6 by Manuel Pichler Parsing source files: .................... 20 Executing CyclomaticComplexity-Analyzer: ............. 261 Executing ClassLevel-Analyzer: ............ 247 Executing CodeRank-Analyzer: . 28 Executing Coupling-Analyzer: ............. 267 Executing Hierarchy-Analyzer: ............ 246 Executing Inheritance-Analyzer: . 30 Executing NPathComplexity-Analyzer: .............. 283 Executing NodeCount-Analyzer: ........ 174 Executing NodeLoc-Analyzer: .......... 205 Generating pdepend log files, this may take a moment. Time: 00:05; Memory: 25.50Mb   Static analysis and code quality
Static analysis and code quality
Static analysis and code quality
Kris  “The  Master  Reviewer”   Things  checked:   •  clarity   •  duplicaBons   •  performance   •  code  quality   •  excessive  complexity   •  potenBal  deployment  issues   •  impact  on  other  systems   •  design  flaws   •  does  the  soluBon  solves   the  problem   …by looking at things all important
•  Knowledge  sharing   •  Mentoring  new  starters   •  Find  bugs/design  flaws  early   •  Improve  overall  code  quality   •  Fostering  collecBve  code   ownership     The benefits of a code review – they are for you!
DEVELOPERS •  Understand  and  accept  that   you  will  make  mistakes.     •  You  are  not  your  code.   •  No  maZer  how  much   "karate"  you  know,   someone  else  will  always   know  more.     •  Don't  rewrite  code  without   consultaBon.     The soft side - developers
CODE REVIEWERS •  The  only  true  authority  stems   from  knowledge,  not  from   posiBon.     •  CriBque  code  instead  of  people   The soft side – code reviewers
•  LocaBon  of  your  changes   WHAT? –  Repository  name,  branch  name,  branch  base   •  Subject  of  your  changes   –  What  have  you  changed   •  Reason  for  the  change   –  Why  have  you  change  it   Summary - what include in the code review
WHO? •  Seek  the  experts   –  If  you're  not  sure  ask  around     •  QuesBon  the  soluBon   –  Make  sure  it  fits  the  purpose   Summary - who assign the code review to?
WHERE? •  Make  it  traceable   –  Bug  trucking  system,  ie.  Jira,  Trac,  ManBs,  etc   –  Code  review  tool,  ie.  Fisheye/Crucible,  gerrit     •  ConversaBon/Pair  programming   –  Just  make  sure  outcome  is  captured   Summary – where to raise a code review?
•  Use  tools,  don’t  be  a  tool   HOW? •  Check  for  duplicaBons/complexity   •  Asses  impact  on  other  systems   •  Make  sure  code  is  clear  and  self-­‐ descripBve   Summary - how to perform a good code review?
hZp://www.atlassian.com/angrynerds/     hZp://www.flickr.com/photos/dawgbyte77/3058349367/   hZp://www.flickr.com/photos/zzpza/3269784239/   hZp://www.flickr.com/photos/toolmanBm/6170448143/   hZp://www.flickr.com/photos/coyau/7630782996/   hZp://www.flickr.com/photos/73885983@N02/6729908421/       Credits…
The  Ten  Commandments  of  Egoless  Programming:  hZp://alturl.com/q4dpa     The  Code  review:  hZp://www.soulbroken.co.uk/blog/2010/07/the-­‐code-­‐review/       Fisheye/Crucible:  hZp://www.atlassian.com/sokware/crucible/overview     Gerrit:  hZp://code.google.com/p/gerrit/     Github:  hZps://github.com/     PHPUnit:  hZp://phpunit.de       PHP  CodeSniffer:  hZp://pear.php.net/PHP_CodeSniffer       PHP  Depend:  hZp://pdepend.org/       PHP  Mess  Detector:  hZp://phpmd.org/       Sonar:  hZp://www.sonarsource.org/     …and references
Ques1ons?   h?ps://                              /7056   Q&A

Recommended

Code Review
Code ReviewCode Review
Code ReviewMikalai Alimenkou
 
Code Review Best Practices
Code Review Best PracticesCode Review Best Practices
Code Review Best PracticesTrisha Gee
 
Code Review for Teams Too Busy to Review Code - Atlassian Summit 2010
Code Review for Teams Too Busy to Review Code - Atlassian Summit 2010Code Review for Teams Too Busy to Review Code - Atlassian Summit 2010
Code Review for Teams Too Busy to Review Code - Atlassian Summit 2010Atlassian
 
On to code review lessons learned at microsoft
On to code review lessons learned at microsoftOn to code review lessons learned at microsoft
On to code review lessons learned at microsoftMichaela Greiler
 
Code review
Code reviewCode review
Code reviewAbhishek Sur
 
Improving Code Quality Through Effective Review Process
Improving Code Quality Through Effective Review ProcessImproving Code Quality Through Effective Review Process
Improving Code Quality Through Effective Review ProcessDr. Syed Hassan Amin
 
Version control system
Version control systemVersion control system
Version control systemAryman Gautam
 
Introduction to CI/CD
Introduction to CI/CDIntroduction to CI/CD
Introduction to CI/CDSteve Mactaggart
 

Recommended

Code Review
Code ReviewCode Review
Code ReviewMikalai Alimenkou
 
Code Review Best Practices
Code Review Best PracticesCode Review Best Practices
Code Review Best PracticesTrisha Gee
 
Code Review for Teams Too Busy to Review Code - Atlassian Summit 2010
Code Review for Teams Too Busy to Review Code - Atlassian Summit 2010Code Review for Teams Too Busy to Review Code - Atlassian Summit 2010
Code Review for Teams Too Busy to Review Code - Atlassian Summit 2010Atlassian
 
On to code review lessons learned at microsoft
On to code review lessons learned at microsoftOn to code review lessons learned at microsoft
On to code review lessons learned at microsoftMichaela Greiler
 
Code review
Code reviewCode review
Code reviewAbhishek Sur
 
Improving Code Quality Through Effective Review Process
Improving Code Quality Through Effective Review ProcessImproving Code Quality Through Effective Review Process
Improving Code Quality Through Effective Review ProcessDr. Syed Hassan Amin
 
Version control system
Version control systemVersion control system
Version control systemAryman Gautam
 
Introduction to CI/CD
Introduction to CI/CDIntroduction to CI/CD
Introduction to CI/CDSteve Mactaggart
 
SonarQube: Continuous Code Inspection
SonarQube: Continuous Code InspectionSonarQube: Continuous Code Inspection
SonarQube: Continuous Code InspectionMichael Jesse
 
Managing code quality with SonarQube
Managing code quality with SonarQubeManaging code quality with SonarQube
Managing code quality with SonarQubeRadu Vunvulea
 
The story of SonarQube told to a DevOps Engineer
The story of SonarQube told to a DevOps EngineerThe story of SonarQube told to a DevOps Engineer
The story of SonarQube told to a DevOps EngineerManu Pk
 
Developing a Testing Strategy for DevOps Success
Developing a Testing Strategy for DevOps SuccessDeveloping a Testing Strategy for DevOps Success
Developing a Testing Strategy for DevOps SuccessDevOps.com
 
Performance testing
Performance testing Performance testing
Performance testing BugRaptors
 
Enforcing Quality with DevOps Pipeline Gates
Enforcing Quality with DevOps Pipeline GatesEnforcing Quality with DevOps Pipeline Gates
Enforcing Quality with DevOps Pipeline GatesMichael King
 
Effective Software Release Management
Effective Software Release ManagementEffective Software Release Management
Effective Software Release ManagementMichael Degnan
 
How To Improve Quality With Static Code Analysis
How To Improve Quality With Static Code Analysis How To Improve Quality With Static Code Analysis
How To Improve Quality With Static Code Analysis Perforce
 
Refine your ci:cd pipeline with automated test
Refine your ci:cd pipeline with automated testRefine your ci:cd pipeline with automated test
Refine your ci:cd pipeline with automated testMalang QA Community
 
Software development life cycle (sdlc) overview
Software development life cycle (sdlc) overviewSoftware development life cycle (sdlc) overview
Software development life cycle (sdlc) overviewRachid Meziani, PhD, CGEIT, PMP
 
"DevOps > CI+CD "
"DevOps > CI+CD ""DevOps > CI+CD "
"DevOps > CI+CD "Innovation Roots
 
Intro to Manual Testing
Intro to Manual TestingIntro to Manual Testing
Intro to Manual TestingAyah Soufan
 
Bamboo - an introduction
Bamboo - an introductionBamboo - an introduction
Bamboo - an introductionSven Peters
 
Software testing ppt
Software testing pptSoftware testing ppt
Software testing pptPoonkodi Jayakumar
 
Application Quality Gates in Continuous Delivery: Deliver Better Software Fas...
Application Quality Gates in Continuous Delivery: Deliver Better Software Fas...Application Quality Gates in Continuous Delivery: Deliver Better Software Fas...
Application Quality Gates in Continuous Delivery: Deliver Better Software Fas...Andreas Grabner
 
extreme Programming
extreme Programmingextreme Programming
extreme ProgrammingBilal Shah
 
Azure DevOps
Azure DevOpsAzure DevOps
Azure DevOpsMichael Jesse
 
Project Report on Exam Suite/Test Application/Exam App ( JAVA )
Project Report on Exam Suite/Test Application/Exam App ( JAVA )Project Report on Exam Suite/Test Application/Exam App ( JAVA )
Project Report on Exam Suite/Test Application/Exam App ( JAVA )paras91
 
Working Effectively With Legacy Code
Working Effectively With Legacy CodeWorking Effectively With Legacy Code
Working Effectively With Legacy CodeNaresh Jain
 
DevOps
DevOpsDevOps
DevOpsGehad Elsayed
 
Code Review
Code ReviewCode Review
Code Reviewrantav
 
Peer Code Review An Agile Process
Peer Code Review An Agile ProcessPeer Code Review An Agile Process
Peer Code Review An Agile Processgsporar
 

More Related Content

What's hot

SonarQube: Continuous Code Inspection
SonarQube: Continuous Code InspectionSonarQube: Continuous Code Inspection
SonarQube: Continuous Code InspectionMichael Jesse
 
Managing code quality with SonarQube
Managing code quality with SonarQubeManaging code quality with SonarQube
Managing code quality with SonarQubeRadu Vunvulea
 
The story of SonarQube told to a DevOps Engineer
The story of SonarQube told to a DevOps EngineerThe story of SonarQube told to a DevOps Engineer
The story of SonarQube told to a DevOps EngineerManu Pk
 
Developing a Testing Strategy for DevOps Success
Developing a Testing Strategy for DevOps SuccessDeveloping a Testing Strategy for DevOps Success
Developing a Testing Strategy for DevOps SuccessDevOps.com
 
Performance testing
Performance testing Performance testing
Performance testing BugRaptors
 
Enforcing Quality with DevOps Pipeline Gates
Enforcing Quality with DevOps Pipeline GatesEnforcing Quality with DevOps Pipeline Gates
Enforcing Quality with DevOps Pipeline GatesMichael King
 
Effective Software Release Management
Effective Software Release ManagementEffective Software Release Management
Effective Software Release ManagementMichael Degnan
 
How To Improve Quality With Static Code Analysis
How To Improve Quality With Static Code Analysis How To Improve Quality With Static Code Analysis
How To Improve Quality With Static Code Analysis Perforce
 
Refine your ci:cd pipeline with automated test
Refine your ci:cd pipeline with automated testRefine your ci:cd pipeline with automated test
Refine your ci:cd pipeline with automated testMalang QA Community
 
Intro to Manual Testing
Intro to Manual TestingIntro to Manual Testing
Intro to Manual TestingAyah Soufan
 
Bamboo - an introduction
Bamboo - an introductionBamboo - an introduction
Bamboo - an introductionSven Peters
 
Application Quality Gates in Continuous Delivery: Deliver Better Software Fas...
Application Quality Gates in Continuous Delivery: Deliver Better Software Fas...Application Quality Gates in Continuous Delivery: Deliver Better Software Fas...
Application Quality Gates in Continuous Delivery: Deliver Better Software Fas...Andreas Grabner
 
extreme Programming
extreme Programmingextreme Programming
extreme ProgrammingBilal Shah
 
Project Report on Exam Suite/Test Application/Exam App ( JAVA )
Project Report on Exam Suite/Test Application/Exam App ( JAVA )Project Report on Exam Suite/Test Application/Exam App ( JAVA )
Project Report on Exam Suite/Test Application/Exam App ( JAVA )paras91
 
Working Effectively With Legacy Code
Working Effectively With Legacy CodeWorking Effectively With Legacy Code
Working Effectively With Legacy CodeNaresh Jain
 

What's hot (20)

SonarQube: Continuous Code Inspection
SonarQube: Continuous Code InspectionSonarQube: Continuous Code Inspection
SonarQube: Continuous Code Inspection
 
Managing code quality with SonarQube
Managing code quality with SonarQubeManaging code quality with SonarQube
Managing code quality with SonarQube
 
The story of SonarQube told to a DevOps Engineer
The story of SonarQube told to a DevOps EngineerThe story of SonarQube told to a DevOps Engineer
The story of SonarQube told to a DevOps Engineer
 
Developing a Testing Strategy for DevOps Success
Developing a Testing Strategy for DevOps SuccessDeveloping a Testing Strategy for DevOps Success
Developing a Testing Strategy for DevOps Success
 
Performance testing
Performance testing Performance testing
Performance testing
 
Enforcing Quality with DevOps Pipeline Gates
Enforcing Quality with DevOps Pipeline GatesEnforcing Quality with DevOps Pipeline Gates
Enforcing Quality with DevOps Pipeline Gates
 
Effective Software Release Management
Effective Software Release ManagementEffective Software Release Management
Effective Software Release Management
 
How To Improve Quality With Static Code Analysis
How To Improve Quality With Static Code Analysis How To Improve Quality With Static Code Analysis
How To Improve Quality With Static Code Analysis
 
Refine your ci:cd pipeline with automated test
Refine your ci:cd pipeline with automated testRefine your ci:cd pipeline with automated test
Refine your ci:cd pipeline with automated test
 
Software development life cycle (sdlc) overview
Software development life cycle (sdlc) overviewSoftware development life cycle (sdlc) overview
Software development life cycle (sdlc) overview
 
"DevOps > CI+CD "
"DevOps > CI+CD ""DevOps > CI+CD "
"DevOps > CI+CD "
 
Intro to Manual Testing
Intro to Manual TestingIntro to Manual Testing
Intro to Manual Testing
 
Bamboo - an introduction
Bamboo - an introductionBamboo - an introduction
Bamboo - an introduction
 
Software testing ppt
Software testing pptSoftware testing ppt
Software testing ppt
 
Application Quality Gates in Continuous Delivery: Deliver Better Software Fas...
Application Quality Gates in Continuous Delivery: Deliver Better Software Fas...Application Quality Gates in Continuous Delivery: Deliver Better Software Fas...
Application Quality Gates in Continuous Delivery: Deliver Better Software Fas...
 
extreme Programming
extreme Programmingextreme Programming
extreme Programming
 
Azure DevOps
Azure DevOpsAzure DevOps
Azure DevOps
 
Project Report on Exam Suite/Test Application/Exam App ( JAVA )
Project Report on Exam Suite/Test Application/Exam App ( JAVA )Project Report on Exam Suite/Test Application/Exam App ( JAVA )
Project Report on Exam Suite/Test Application/Exam App ( JAVA )
 
Working Effectively With Legacy Code
Working Effectively With Legacy CodeWorking Effectively With Legacy Code
Working Effectively With Legacy Code
 
DevOps
DevOpsDevOps
DevOps
 

Viewers also liked

Code Review
Code ReviewCode Review
Code Reviewrantav
 
Peer Code Review An Agile Process
Peer Code Review An Agile ProcessPeer Code Review An Agile Process
Peer Code Review An Agile Processgsporar
 
Code review guidelines
Code review guidelinesCode review guidelines
Code review guidelinesLalit Kale
 
How to successfully grow a code review culture
How to successfully grow a code review cultureHow to successfully grow a code review culture
How to successfully grow a code review cultureNina Zakharenko
 
Code-Review-Principles-Process-and-Tools (1)
Code-Review-Principles-Process-and-Tools (1)Code-Review-Principles-Process-and-Tools (1)
Code-Review-Principles-Process-and-Tools (1)Aditya Bhuyan
 
Principios diseño de interacción
Principios diseño de interacciónPrincipios diseño de interacción
Principios diseño de interacciónXavi Cardet
 
Carolina castro segundo parcial_tarea2
Carolina castro segundo parcial_tarea2Carolina castro segundo parcial_tarea2
Carolina castro segundo parcial_tarea2CarolinaCastroO
 
Exposiçao: Kandinsky - Tudo começa num ponto
Exposiçao: Kandinsky - Tudo começa num pontoExposiçao: Kandinsky - Tudo começa num ponto
Exposiçao: Kandinsky - Tudo começa num pontoFabiana Motroni
 
Interplay Project. National Indigenous Research and Knowledges Network (NIRAK...
Interplay Project. National Indigenous Research and Knowledges Network (NIRAK...Interplay Project. National Indigenous Research and Knowledges Network (NIRAK...
Interplay Project. National Indigenous Research and Knowledges Network (NIRAK...Ninti_One
 
Scala collections wizardry - Scalapeño
Scala collections wizardry - ScalapeñoScala collections wizardry - Scalapeño
Scala collections wizardry - ScalapeñoSagie Davidovich
 
7th Etherum Meetup Vienna: Crypto Token Economy - Price of ETH, Bitcoin 1.0 a...
7th Etherum Meetup Vienna: Crypto Token Economy - Price of ETH, Bitcoin 1.0 a...7th Etherum Meetup Vienna: Crypto Token Economy - Price of ETH, Bitcoin 1.0 a...
7th Etherum Meetup Vienna: Crypto Token Economy - Price of ETH, Bitcoin 1.0 a...Alexander Hirner
 
ZAYANN : Parcours pédagogique entre nature et culture
ZAYANN : Parcours pédagogique entre nature et cultureZAYANN : Parcours pédagogique entre nature et culture
ZAYANN : Parcours pédagogique entre nature et cultureartefact97160
 
Effective Code Review
Effective Code ReviewEffective Code Review
Effective Code ReviewUri Lavi
 
Modern Code Reviews in Open Source Projects: Which Problems Do They Fix?
Modern Code Reviews in Open Source Projects: Which Problems Do They Fix?Modern Code Reviews in Open Source Projects: Which Problems Do They Fix?
Modern Code Reviews in Open Source Projects: Which Problems Do They Fix?Moritz Beller
 
Linking E-Mails and Source Code Artifacts
Linking E-Mails and Source Code ArtifactsLinking E-Mails and Source Code Artifacts
Linking E-Mails and Source Code ArtifactsAlberto Bacchelli
 
RTFM (Read The Factual Mails) --Augmenting Program Comprehension with REmail
RTFM (Read The Factual Mails) --Augmenting Program Comprehension with REmailRTFM (Read The Factual Mails) --Augmenting Program Comprehension with REmail
RTFM (Read The Factual Mails) --Augmenting Program Comprehension with REmailAlberto Bacchelli
 

Viewers also liked (20)

Code Review
Code ReviewCode Review
Code Review
 
Peer Code Review An Agile Process
Peer Code Review An Agile ProcessPeer Code Review An Agile Process
Peer Code Review An Agile Process
 
Code review guidelines
Code review guidelinesCode review guidelines
Code review guidelines
 
How to successfully grow a code review culture
How to successfully grow a code review cultureHow to successfully grow a code review culture
How to successfully grow a code review culture
 
Code-Review-Principles-Process-and-Tools (1)
Code-Review-Principles-Process-and-Tools (1)Code-Review-Principles-Process-and-Tools (1)
Code-Review-Principles-Process-and-Tools (1)
 
Principios diseño de interacción
Principios diseño de interacciónPrincipios diseño de interacción
Principios diseño de interacción
 
Carolina castro segundo parcial_tarea2
Carolina castro segundo parcial_tarea2Carolina castro segundo parcial_tarea2
Carolina castro segundo parcial_tarea2
 
Exposiçao: Kandinsky - Tudo começa num ponto
Exposiçao: Kandinsky - Tudo começa num pontoExposiçao: Kandinsky - Tudo começa num ponto
Exposiçao: Kandinsky - Tudo começa num ponto
 
Interplay Project. National Indigenous Research and Knowledges Network (NIRAK...
Interplay Project. National Indigenous Research and Knowledges Network (NIRAK...Interplay Project. National Indigenous Research and Knowledges Network (NIRAK...
Interplay Project. National Indigenous Research and Knowledges Network (NIRAK...
 
Unit tests benefits
Unit tests benefitsUnit tests benefits
Unit tests benefits
 
Scala collections wizardry - Scalapeño
Scala collections wizardry - ScalapeñoScala collections wizardry - Scalapeño
Scala collections wizardry - Scalapeño
 
Caso La Noria
Caso La NoriaCaso La Noria
Caso La Noria
 
7th Etherum Meetup Vienna: Crypto Token Economy - Price of ETH, Bitcoin 1.0 a...
7th Etherum Meetup Vienna: Crypto Token Economy - Price of ETH, Bitcoin 1.0 a...7th Etherum Meetup Vienna: Crypto Token Economy - Price of ETH, Bitcoin 1.0 a...
7th Etherum Meetup Vienna: Crypto Token Economy - Price of ETH, Bitcoin 1.0 a...
 
ZAYANN : Parcours pédagogique entre nature et culture
ZAYANN : Parcours pédagogique entre nature et cultureZAYANN : Parcours pédagogique entre nature et culture
ZAYANN : Parcours pédagogique entre nature et culture
 
Effective Code Review
Effective Code ReviewEffective Code Review
Effective Code Review
 
090603 Contratos áGiles
090603 Contratos áGiles090603 Contratos áGiles
090603 Contratos áGiles
 
Modern Code Reviews in Open Source Projects: Which Problems Do They Fix?
Modern Code Reviews in Open Source Projects: Which Problems Do They Fix?Modern Code Reviews in Open Source Projects: Which Problems Do They Fix?
Modern Code Reviews in Open Source Projects: Which Problems Do They Fix?
 
Linking E-Mails and Source Code Artifacts
Linking E-Mails and Source Code ArtifactsLinking E-Mails and Source Code Artifacts
Linking E-Mails and Source Code Artifacts
 
Effective code reviews
Effective code reviewsEffective code reviews
Effective code reviews
 
RTFM (Read The Factual Mails) --Augmenting Program Comprehension with REmail
RTFM (Read The Factual Mails) --Augmenting Program Comprehension with REmailRTFM (Read The Factual Mails) --Augmenting Program Comprehension with REmail
RTFM (Read The Factual Mails) --Augmenting Program Comprehension with REmail
 

Similar to Effective Code Reviews

Html5 devconf nodejs_devops_shubhra
Html5 devconf nodejs_devops_shubhraHtml5 devconf nodejs_devops_shubhra
Html5 devconf nodejs_devops_shubhraShubhra Kar
 
Rocket Fuelled Cucumbers
Rocket Fuelled CucumbersRocket Fuelled Cucumbers
Rocket Fuelled CucumbersJoseph Wilk
 
SFBigAnalytics_20190724: Monitor kafka like a Pro
SFBigAnalytics_20190724: Monitor kafka like a ProSFBigAnalytics_20190724: Monitor kafka like a Pro
SFBigAnalytics_20190724: Monitor kafka like a ProChester Chen
 
Introduction To Software Reverse Engineering
Introduction To Software Reverse EngineeringIntroduction To Software Reverse Engineering
Introduction To Software Reverse EngineeringSinaRostami7
 
[cb22] Your Printer is not your Printer ! - Hacking Printers at Pwn2Own by A...
[cb22] Your Printer is not your Printer ! - Hacking Printers at Pwn2Own by A...[cb22] Your Printer is not your Printer ! - Hacking Printers at Pwn2Own by A...
[cb22] Your Printer is not your Printer ! - Hacking Printers at Pwn2Own by A...CODE BLUE
 
Connect js nodejs_devops_shubhra
Connect js nodejs_devops_shubhraConnect js nodejs_devops_shubhra
Connect js nodejs_devops_shubhraShubhra Kar
 
WWCode Dallas - Kubernetes: Learning from Zero to Production
WWCode Dallas - Kubernetes: Learning from Zero to ProductionWWCode Dallas - Kubernetes: Learning from Zero to Production
WWCode Dallas - Kubernetes: Learning from Zero to ProductionRosemary Wang
 
Использование KASan для автономного гипервизора
Использование KASan для автономного гипервизораИспользование KASan для автономного гипервизора
Использование KASan для автономного гипервизораPositive Hack Days
 
Kanban for Software Development and Kaizen Culture
Kanban for Software Development and Kaizen CultureKanban for Software Development and Kaizen Culture
Kanban for Software Development and Kaizen CultureAcquate
 
Clearly, I Have Made Some Bad Decisions
Clearly, I Have Made Some Bad DecisionsClearly, I Have Made Some Bad Decisions
Clearly, I Have Made Some Bad DecisionsJonathan Hitchcock
 
Web Developing In Search
Web Developing In SearchWeb Developing In Search
Web Developing In SearchFrank Xu
 
Scylla Summit 2022: Learning Rust the Hard Way for a Production Kafka+ScyllaD...
Scylla Summit 2022: Learning Rust the Hard Way for a Production Kafka+ScyllaD...Scylla Summit 2022: Learning Rust the Hard Way for a Production Kafka+ScyllaD...
Scylla Summit 2022: Learning Rust the Hard Way for a Production Kafka+ScyllaD...ScyllaDB
 
Abusing bleeding edge web standards for appsec glory
Abusing bleeding edge web standards for appsec gloryAbusing bleeding edge web standards for appsec glory
Abusing bleeding edge web standards for appsec gloryPriyanka Aash
 
Sista: Improving Cog’s JIT performance
Sista: Improving Cog’s JIT performanceSista: Improving Cog’s JIT performance
Sista: Improving Cog’s JIT performanceESUG
 
Mapping Detection Coverage
Mapping Detection CoverageMapping Detection Coverage
Mapping Detection CoverageJared Atkinson
 
Patching Windows Executables with the Backdoor Factory | DerbyCon 2013
Patching Windows Executables with the Backdoor Factory | DerbyCon 2013Patching Windows Executables with the Backdoor Factory | DerbyCon 2013
Patching Windows Executables with the Backdoor Factory | DerbyCon 2013midnite_runr
 
Testing: ¿what, how, why?
Testing: ¿what, how, why?Testing: ¿what, how, why?
Testing: ¿what, how, why?David Rodenas
 
VMs, Interpreters, JIT
VMs, Interpreters, JITVMs, Interpreters, JIT
VMs, Interpreters, JITMarcus Denker
 

Similar to Effective Code Reviews (20)

Html5 devconf nodejs_devops_shubhra
Html5 devconf nodejs_devops_shubhraHtml5 devconf nodejs_devops_shubhra
Html5 devconf nodejs_devops_shubhra
 
Effective C++
Effective C++Effective C++
Effective C++
 
Rocket Fuelled Cucumbers
Rocket Fuelled CucumbersRocket Fuelled Cucumbers
Rocket Fuelled Cucumbers
 
SFBigAnalytics_20190724: Monitor kafka like a Pro
SFBigAnalytics_20190724: Monitor kafka like a ProSFBigAnalytics_20190724: Monitor kafka like a Pro
SFBigAnalytics_20190724: Monitor kafka like a Pro
 
Introduction To Software Reverse Engineering
Introduction To Software Reverse EngineeringIntroduction To Software Reverse Engineering
Introduction To Software Reverse Engineering
 
[cb22] Your Printer is not your Printer ! - Hacking Printers at Pwn2Own by A...
[cb22] Your Printer is not your Printer ! - Hacking Printers at Pwn2Own by A...[cb22] Your Printer is not your Printer ! - Hacking Printers at Pwn2Own by A...
[cb22] Your Printer is not your Printer ! - Hacking Printers at Pwn2Own by A...
 
Connect js nodejs_devops_shubhra
Connect js nodejs_devops_shubhraConnect js nodejs_devops_shubhra
Connect js nodejs_devops_shubhra
 
WWCode Dallas - Kubernetes: Learning from Zero to Production
WWCode Dallas - Kubernetes: Learning from Zero to ProductionWWCode Dallas - Kubernetes: Learning from Zero to Production
WWCode Dallas - Kubernetes: Learning from Zero to Production
 
Использование KASan для автономного гипервизора
Использование KASan для автономного гипервизораИспользование KASan для автономного гипервизора
Использование KASan для автономного гипервизора
 
Kanban for Software Development and Kaizen Culture
Kanban for Software Development and Kaizen CultureKanban for Software Development and Kaizen Culture
Kanban for Software Development and Kaizen Culture
 
Clearly, I Have Made Some Bad Decisions
Clearly, I Have Made Some Bad DecisionsClearly, I Have Made Some Bad Decisions
Clearly, I Have Made Some Bad Decisions
 
Web Developing In Search
Web Developing In SearchWeb Developing In Search
Web Developing In Search
 
Scylla Summit 2022: Learning Rust the Hard Way for a Production Kafka+ScyllaD...
Scylla Summit 2022: Learning Rust the Hard Way for a Production Kafka+ScyllaD...Scylla Summit 2022: Learning Rust the Hard Way for a Production Kafka+ScyllaD...
Scylla Summit 2022: Learning Rust the Hard Way for a Production Kafka+ScyllaD...
 
Abusing bleeding edge web standards for appsec glory
Abusing bleeding edge web standards for appsec gloryAbusing bleeding edge web standards for appsec glory
Abusing bleeding edge web standards for appsec glory
 
Sista: Improving Cog’s JIT performance
Sista: Improving Cog’s JIT performanceSista: Improving Cog’s JIT performance
Sista: Improving Cog’s JIT performance
 
Mapping Detection Coverage
Mapping Detection CoverageMapping Detection Coverage
Mapping Detection Coverage
 
Patching Windows Executables with the Backdoor Factory | DerbyCon 2013
Patching Windows Executables with the Backdoor Factory | DerbyCon 2013Patching Windows Executables with the Backdoor Factory | DerbyCon 2013
Patching Windows Executables with the Backdoor Factory | DerbyCon 2013
 
Testing: ¿what, how, why?
Testing: ¿what, how, why?Testing: ¿what, how, why?
Testing: ¿what, how, why?
 
VMs, Interpreters, JIT
VMs, Interpreters, JITVMs, Interpreters, JIT
VMs, Interpreters, JIT
 
Ruby Under The Hood
Ruby Under The HoodRuby Under The Hood
Ruby Under The Hood
 

More from Sebastian Marek

The Journey Towards Continuous Integration
The Journey Towards Continuous IntegrationThe Journey Towards Continuous Integration
The Journey Towards Continuous IntegrationSebastian Marek
 
CodeClub - Teaching the young generation programming
CodeClub - Teaching the young generation programmingCodeClub - Teaching the young generation programming
CodeClub - Teaching the young generation programmingSebastian Marek
 
Praktyczne code reviews - PHPConPl
Praktyczne code reviews - PHPConPlPraktyczne code reviews - PHPConPl
Praktyczne code reviews - PHPConPlSebastian Marek
 
Managing and Monitoring Application Performance
Managing and Monitoring Application PerformanceManaging and Monitoring Application Performance
Managing and Monitoring Application PerformanceSebastian Marek
 
Ten Commandments Of A Software Engineer
Ten Commandments Of A Software EngineerTen Commandments Of A Software Engineer
Ten Commandments Of A Software EngineerSebastian Marek
 
Continuous Inspection: Fight back the 7 deadly sins of a developer!
Continuous Inspection: Fight back the 7 deadly sins of a developer!Continuous Inspection: Fight back the 7 deadly sins of a developer!
Continuous Inspection: Fight back the 7 deadly sins of a developer!Sebastian Marek
 
Test your code like a pro - PHPUnit in practice
Test your code like a pro - PHPUnit in practiceTest your code like a pro - PHPUnit in practice
Test your code like a pro - PHPUnit in practiceSebastian Marek
 
PHP Forum Paris 2012: Magic behind the numbers. Software metrics in practice
PHP Forum Paris 2012: Magic behind the numbers. Software metrics in practicePHP Forum Paris 2012: Magic behind the numbers. Software metrics in practice
PHP Forum Paris 2012: Magic behind the numbers. Software metrics in practiceSebastian Marek
 
Ten Commandments Of A Software Engineer
Ten Commandments Of A Software EngineerTen Commandments Of A Software Engineer
Ten Commandments Of A Software EngineerSebastian Marek
 
PHP Benelux 2012: Magic behind the numbers. Software metrics in practice
PHP Benelux 2012: Magic behind the numbers. Software metrics in practice PHP Benelux 2012: Magic behind the numbers. Software metrics in practice
PHP Benelux 2012: Magic behind the numbers. Software metrics in practice Sebastian Marek
 
Magic behind the numbers - software metrics in practice
Magic behind the numbers - software metrics in practiceMagic behind the numbers - software metrics in practice
Magic behind the numbers - software metrics in practiceSebastian Marek
 
Back to basics - PHPUnit
Back to basics - PHPUnitBack to basics - PHPUnit
Back to basics - PHPUnitSebastian Marek
 
Back to basics - PHP_Codesniffer
Back to basics - PHP_CodesnifferBack to basics - PHP_Codesniffer
Back to basics - PHP_CodesnifferSebastian Marek
 
Sonar - the ring to rule them all
Sonar - the ring to rule them allSonar - the ring to rule them all
Sonar - the ring to rule them allSebastian Marek
 
vfsStream - effective filesystem mocking
vfsStream - effective filesystem mocking vfsStream - effective filesystem mocking
vfsStream - effective filesystem mocking Sebastian Marek
 

More from Sebastian Marek (15)

The Journey Towards Continuous Integration
The Journey Towards Continuous IntegrationThe Journey Towards Continuous Integration
The Journey Towards Continuous Integration
 
CodeClub - Teaching the young generation programming
CodeClub - Teaching the young generation programmingCodeClub - Teaching the young generation programming
CodeClub - Teaching the young generation programming
 
Praktyczne code reviews - PHPConPl
Praktyczne code reviews - PHPConPlPraktyczne code reviews - PHPConPl
Praktyczne code reviews - PHPConPl
 
Managing and Monitoring Application Performance
Managing and Monitoring Application PerformanceManaging and Monitoring Application Performance
Managing and Monitoring Application Performance
 
Ten Commandments Of A Software Engineer
Ten Commandments Of A Software EngineerTen Commandments Of A Software Engineer
Ten Commandments Of A Software Engineer
 
Continuous Inspection: Fight back the 7 deadly sins of a developer!
Continuous Inspection: Fight back the 7 deadly sins of a developer!Continuous Inspection: Fight back the 7 deadly sins of a developer!
Continuous Inspection: Fight back the 7 deadly sins of a developer!
 
Test your code like a pro - PHPUnit in practice
Test your code like a pro - PHPUnit in practiceTest your code like a pro - PHPUnit in practice
Test your code like a pro - PHPUnit in practice
 
PHP Forum Paris 2012: Magic behind the numbers. Software metrics in practice
PHP Forum Paris 2012: Magic behind the numbers. Software metrics in practicePHP Forum Paris 2012: Magic behind the numbers. Software metrics in practice
PHP Forum Paris 2012: Magic behind the numbers. Software metrics in practice
 
Ten Commandments Of A Software Engineer
Ten Commandments Of A Software EngineerTen Commandments Of A Software Engineer
Ten Commandments Of A Software Engineer
 
PHP Benelux 2012: Magic behind the numbers. Software metrics in practice
PHP Benelux 2012: Magic behind the numbers. Software metrics in practice PHP Benelux 2012: Magic behind the numbers. Software metrics in practice
PHP Benelux 2012: Magic behind the numbers. Software metrics in practice
 
Magic behind the numbers - software metrics in practice
Magic behind the numbers - software metrics in practiceMagic behind the numbers - software metrics in practice
Magic behind the numbers - software metrics in practice
 
Back to basics - PHPUnit
Back to basics - PHPUnitBack to basics - PHPUnit
Back to basics - PHPUnit
 
Back to basics - PHP_Codesniffer
Back to basics - PHP_CodesnifferBack to basics - PHP_Codesniffer
Back to basics - PHP_Codesniffer
 
Sonar - the ring to rule them all
Sonar - the ring to rule them allSonar - the ring to rule them all
Sonar - the ring to rule them all
 
vfsStream - effective filesystem mocking
vfsStream - effective filesystem mocking vfsStream - effective filesystem mocking
vfsStream - effective filesystem mocking
 

Recently uploaded

SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostZilliz
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DaySri Ambati
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfRankYa
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 

Recently uploaded (20)

SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdf
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 

Effective Code Reviews

  • 1. EFFECTIVE   CODE   REVIEWS   Sebas1an  Marek,  So8ware  Architect   Sebastian Marek
  • 2. •  a  Pole  living  in  Sheffield   •  over  12  years  in   development   •  Pascal,  C++,  PHP,  perl,   python,  Java   •  co-­‐author  of  2  PHP  books     •  big  fan  of  process   automaBon   •  TDD  and  CI   •  occasionally  contributes  to   open  source  projects   •  wants  to  be  a  knight   h?ps://joind.in/7056   @proofek
  • 3. Who does code reviews?
  • 4. All characters appearing in this presentation are fictitious. Any resemblance to real persons, living or dead, is purely coincidental. Disclaimer
  • 5. Tom “I Need It Now” – The Owner Harry “Just Get It Done” – The Manager The Team
  • 6. Adam “The Night Coder” – developer Kris “Hackety Hack” – master code reviewer Bruno “It Will Work” – apprentice reviewer The Team
  • 7. How much time do we need to get this project done? Well, design, coding, code reviews, testing…   Do we really need to code review the code? You surely know how to code, and you have tested it and it works… Right? Scenario 1
  • 8. We're nearly done, just need to get this code reviewed. Hmmm… all the developers are busy, we have no one spare. Let's skip it and get it straight into QA… Scenario 2
  • 9. Hello Harry, I need John to review my code. John is busy, you can have Rob. But Rob is a junior developer, and he doesn't know this system. You want it code reviewed or not? Rob is all we've got! Scenario 3
  • 10. We do all these code review, spend a lot of time on this, but the code that hits production is still buggy. It's a waste of time! Scenario 4
  • 11. Code review Adam The Developer 9:31 PM (0 minutes ago) to  Kris  The  Reviewer   Kris, I got this code I need you to review. Can you do it for me please? The code is in my repository on problem-fix branch. Thanks --- Adam Click here to Reply or Forward
  • 12. No  (e)mail!   Raising a code review
  • 13. Bug  tracking  systems   -­‐  JIRA   -­‐  Bugtrak   -­‐  ManBs     Code  review  tools   -­‐  Crucible/Fisheye   -­‐  Gerrit   -­‐  Github   Raising a code review
  • 14. Code review Adam The Developer 9:31 PM (13 minutes ago) to  Kris  The  Reviewer   Kris, I got this code I need you to review. Can you do it for me please? The code is in my repository on problem-fix branch. Thanks --- Adam Kris The Reviewer 9:44 PM (0 minutes ago) to  Adam  The  Developer   Adam, No problem at all, but where did you branch the code from? I can’t identify the change set without it. --- Kris Click here to Reply or Forward
  • 15. Version  control   •  Specific  change  sets   •  avoid  specific   commits   •  Reviewing  patches   risky,  unless   automated   What to review
  • 16. Code review Adam The Developer 9:31 PM (25 minutes ago) Kris, I got this code I need you to review. Can you do it for me please? … Kris The Reviewer 9:44 PM (12 minutes ago) to  Adam  The  Developer   Adam, No problem at all, but where did you branch the code from? I can’t identify the change set without it. --- Kris Adam The Developer 9:56 PM (0 minutes ago) to  Kris  The  Reviewer   Kris, Ah yes. Sorry. It’s branched from my master branch. --- Adam
  • 17. What and Why? The purpose of the review
  • 18. Bruno  “It  will  work”   Usual  feedback  produced:   •  Makes  sense   •  Works   •  SyntacBcally  correct   •  Approved   One way of doing things…
  • 19. Kris  “The  Master  Reviewer”   Tools  used:   •  PHP  linter   •  PHP  Code  Sniffer   •  PHPUnit   •  phpDocumentor   •  PHP  Depend   •  PHP  Mess  Detector   •  Sonar   Being smarter…
  • 20. $ php -l Libraries/Action.class.php No syntax errors detected in Libraries/Action.class.php $ php -l Libraries/Action.class.php Errors parsing Libraries/Action.class.php $ phpcs –standard=Zend Libraries/Action.class.php FILE: /Volumes/git/modules/AccountChange/Libraries/Action.class.php -------------------------------------------------------------------------------- FOUND 2 ERROR(S) AND 1 WARNING(S) AFFECTING 3 LINE(S) -------------------------------------------------------------------------------- 44 | ERROR | Protected member variable "arrOptions" must contain a leading | | underscore 66 | WARNING | Line exceeds 80 characters; contains 82 characters 97 | ERROR | Line exceeds maximum limit of 120 characters; contains 135 | | characters -------------------------------------------------------------------------------- Time: 0 seconds, Memory: 5.75Mb Speed up with automation
  • 21. $ phpunit PHPUnit 3.6.12 by Sebastian Bergmann. Configuration read from phpunit.xml.dist ..................IIII................IIIIIIIIIIIIIIIIIIIIIII.. 63 / 240 ( 26%) .............................................I.....I........... 126 / 240 ( 52%) ............................................................... 189 / 240 ( 78%) ................................................... Time: 02:01, Memory: 26.75Mb OK, but incomplete or skipped tests! Tests: 240, Assertions: 514, Incomplete: 29. Verify whether the code works
  • 22. PHP_Depend 0.10.6 by Manuel Pichler Parsing source files: .................... 20 Executing CyclomaticComplexity-Analyzer: ............. 261 Executing ClassLevel-Analyzer: ............ 247 Executing CodeRank-Analyzer: . 28 Executing Coupling-Analyzer: ............. 267 Executing Hierarchy-Analyzer: ............ 246 Executing Inheritance-Analyzer: . 30 Executing NPathComplexity-Analyzer: .............. 283 Executing NodeCount-Analyzer: ........ 174 Executing NodeLoc-Analyzer: .......... 205 Generating pdepend log files, this may take a moment. Time: 00:05; Memory: 25.50Mb   Static analysis and code quality
  • 23. Static analysis and code quality
  • 24. Static analysis and code quality
  • 25. Kris  “The  Master  Reviewer”   Things  checked:   •  clarity   •  duplicaBons   •  performance   •  code  quality   •  excessive  complexity   •  potenBal  deployment  issues   •  impact  on  other  systems   •  design  flaws   •  does  the  soluBon  solves   the  problem   …by looking at things all important
  • 26. •  Knowledge  sharing   •  Mentoring  new  starters   •  Find  bugs/design  flaws  early   •  Improve  overall  code  quality   •  Fostering  collecBve  code   ownership     The benefits of a code review – they are for you!
  • 27. DEVELOPERS •  Understand  and  accept  that   you  will  make  mistakes.     •  You  are  not  your  code.   •  No  maZer  how  much   "karate"  you  know,   someone  else  will  always   know  more.     •  Don't  rewrite  code  without   consultaBon.     The soft side - developers
  • 28. CODE REVIEWERS •  The  only  true  authority  stems   from  knowledge,  not  from   posiBon.     •  CriBque  code  instead  of  people   The soft side – code reviewers
  • 29. •  LocaBon  of  your  changes   WHAT? –  Repository  name,  branch  name,  branch  base   •  Subject  of  your  changes   –  What  have  you  changed   •  Reason  for  the  change   –  Why  have  you  change  it   Summary - what include in the code review
  • 30. WHO? •  Seek  the  experts   –  If  you're  not  sure  ask  around     •  QuesBon  the  soluBon   –  Make  sure  it  fits  the  purpose   Summary - who assign the code review to?
  • 31. WHERE? •  Make  it  traceable   –  Bug  trucking  system,  ie.  Jira,  Trac,  ManBs,  etc   –  Code  review  tool,  ie.  Fisheye/Crucible,  gerrit     •  ConversaBon/Pair  programming   –  Just  make  sure  outcome  is  captured   Summary – where to raise a code review?
  • 32. •  Use  tools,  don’t  be  a  tool   HOW? •  Check  for  duplicaBons/complexity   •  Asses  impact  on  other  systems   •  Make  sure  code  is  clear  and  self-­‐ descripBve   Summary - how to perform a good code review?
  • 33. hZp://www.atlassian.com/angrynerds/     hZp://www.flickr.com/photos/dawgbyte77/3058349367/   hZp://www.flickr.com/photos/zzpza/3269784239/   hZp://www.flickr.com/photos/toolmanBm/6170448143/   hZp://www.flickr.com/photos/coyau/7630782996/   hZp://www.flickr.com/photos/73885983@N02/6729908421/       Credits…
  • 34. The  Ten  Commandments  of  Egoless  Programming:  hZp://alturl.com/q4dpa     The  Code  review:  hZp://www.soulbroken.co.uk/blog/2010/07/the-­‐code-­‐review/       Fisheye/Crucible:  hZp://www.atlassian.com/sokware/crucible/overview     Gerrit:  hZp://code.google.com/p/gerrit/     Github:  hZps://github.com/     PHPUnit:  hZp://phpunit.de       PHP  CodeSniffer:  hZp://pear.php.net/PHP_CodeSniffer       PHP  Depend:  hZp://pdepend.org/       PHP  Mess  Detector:  hZp://phpmd.org/       Sonar:  hZp://www.sonarsource.org/     …and references
  • 35. Ques1ons?   h?ps://                              /7056   Q&A