Software Testing - Code Review

---

---

The developed code for a software needs to be reviewed in order to make it robust. No matter how experienced a developer is, every piece of code has to be re-checked to produce a world class software.

What is Code Review?

The code review is a methodical process where a group of developers work together to analyze and check another developer’s code to detect errors, give suggestions, and confirm if the developed code is as per the standards. The objective of code review is to enhance the quality, maintainability, stability, security etc of the software which bring positive results to the project. Also, the findings from the code review promote sharing knowledge and learnings among the team members.

Why is Code Review Done?

The code review is done for the reasons listed below −

• It helps to detect errors, defects, issues etc in the code prior to being deployed to production. Thus a code review helps to fix bugs at the initial phases of software development life cycle (SDLC).
• It motivates developing clean, maintainable, and effective code. The reviewers pass feedback and comments so that the code is as per the standards and best practices.
• It implements consistency in coding among all the developers which enables easy maintenance and understanding of the code base.
• The findings from the code reviews can be shared across teams which propagate domain knowledge and coding guidelines.
• The code reviewers take partial ownership of the code they review thereby increasing collective responsibility towards ensuring quality.
• The code reviewers can work together and collaborate to improve the entire review process which helps in enhancing the overall software quality.
• It can be a part of documentation.
• It is an integral part of ensuring the software quality. By doing code reviews, the team can confirm if the software meets all the functional and non-functional requirements.
• It helps to adopt continuous improvement for the team. By following the suggestions, feedback, and findings from the code review, the team can work up on them, then gradually improve.

Types of Code Review

The types of code reviews are listed below −

Pull Requests (PR)

In Git, the developers raise a PR to incorporate changes to the code. It should be reviewed prior to the changes being merged with the base code.

Pair-Programming

It is a type of review in which two developers work on the same computer. One of them writes the code and the other one reviews it in real time. It is a highly interactive form of code review.

Over the Shoulder Review

It is the type of review in which one developer in the team is requested to review the code of another developer by sitting together and going through the code on the computer.

Tool Aided Reviews

It is a type of review conducted by tools like Github, GitLab, BitBucket, Crucible etc.

Email Based Reviews

It is a type of review in which the code changes sent over email for review. The feedback of the code review is also delivered in email.

Checklist Reviews

It is a type of review in which the reviewers follow the list of checklist items for the review process.

Ad Hoc Review

It is an informal way of review. A developer may be requested to have a quick look at the code and provide feedback not formally.

Formal Inspection

It is a type of review in which an already existing process is followed. It is mostly done by an inspection team and is guided by proper documentation.

How is Code Review Done?

The code review is done by following the processes listed below −

Step 1 − The developers complete the code and create a review request or inform the team about the same.

Step 2 − Single or multiple code reviewers are selected based on their experiences and skills to review the code correctly.

Step 3 − The code reviewers have the required tools or IDE that enable them to get hold of the code, review it and pass the feedback.

Step 4 − The reviewers may follow checklists or guidelines while reviewing the code to maintain consistency.

Step 5 − The reviewers perform code inspections covering the logical, syntax, performance, security etc issues so that there is stability, scalability, and good performance in the code.

Step 6 − The reviewers’ comments, feedback, and suggestions are recorded in the review tools. They should be clear, constructive, and to the point so that the author can easily understand them.

Step 7 − A detailed discussion between the reviewers and author is done regarding the expected code changes.

Step 8 − The author incorporates the changes and may have multiple discussions with the reviewers till all the issues are addressed and resolved in the code.

Step 9 − Once the reviewers are satisfied with the code changes, the code is approved for merging.

Step 10 − The code is merged using version control tools like Git.

Step 11 − Once the code is merged to the production, it is checked if the new changes in the code are working fine and they have not impacted any part of the existing code.

Step 12 − This entire code review process is documented for future references. All the relevant comments, feedback, and suggestions are also included in the documentations.

Advantages of Code Review

The advantages of code review are listed below −

• It enhances the software quality by detecting bugs in the early phases of SDLC.
• It encourages knowledge sharing and learnings among the team members.
• It enforces standards, guidelines and best practices to be followed in the code, making it consistent and easily maintainable.
• It identifies all the security vulnerabilities in the software.
• It creates an environment of collaboration, transparency and clear communication among the team members.
• It gives a culture of collective responsibility and ownership to the software quality since the reviewers also have partial ownership to the quality of the developed software.
• It helps to create documentations which are used for future references.
• It helps to determine more scopes of code reusability in the software.

Disadvantages of Code Review

The disadvantages of code review are listed below −

• It may turn out to be a time consuming process for large and complex software leading to delay in the development process.
• It is subjective in nature as different reviewers may have different opinions, comments, and feedback on the code.
• Excessive code reviews on small code changes, may lead to delay in the software development.
• The reviewers may have biases which impact the review process.
• The reviewers and author should agree on all terms and have clear communication among them.
• It depends on the skill sets of the reviewers. Inexperienced reviewers may miss important suggestions in the code.
• It may lead to fatigue for the reviewers to go through code of large and complex software.

Best Practices for Code Review

The best practices for code review are listed below −

• Determine the clear goals and objectives of code review.
• Select the correct reviewers for the code.
• Breakdown the big chunks of code into smaller units and then start the review process.
• Provide all relevant information in a review request.
• Use the code review tools for the entire process.
• Focus should be on the code quality, stability, scalability, performance etc.
• Review all the security features in the code.
• Test the code after review by actually executing it.
• Constructive, specific, and relevant feedback is to be shared.
• Maintain a positive, collaborative, and healthy relation with the reviewers and author.
• Reviews should be done timely without delaying the software development.
• Document each part of the code review process.
• Share the learnings from the code reviews among the team members.

Conclusion

This concludes our comprehensive take on the tutorial on Software Code Review. We’ve started with describing what is code review, why is code review done, what are the types of code review, how code review is done, advantages and disadvantages of code review, and what are the best practices for code review. This equips you with in-depth knowledge of Software Code Review. It is wise to keep practicing what you’ve learned and exploring others relevant to Software Testing to deepen your understanding and expand your horizons.