I really love Anthony Bourdain’s quote about omelets. He says that “the way you make an omelet reveals your true character.”
In my 20+ years as a software engineering manager and founder of my own agency, I’d like to think that your code review best practices say a lot about your development team or maybe even your company.
At the beginning of my career, some of the companies I worked for had a very strict peer code review strategy that required forensic thoroughness and excessive documentation. Getting through code review comments was a nightmare too. All that killed morale and, as expected, productivity plunged.
For other companies, while knowledge-sharing and communication were focal points of the peer review process, they were in many cases irregular and not taken too seriously. There was always a “fixer” who would “clean up any code mess left behind.”
I guess as an engineering manager, your task is to find a balance that works for you. In my opinion, one of the best ways to make sure code reviews are close to perfect is to be regular and to have a solid peer code review system in place.
Getting a fresh pair of eyes on a few chunks of code could really help pick out any mistakes, whether they’re non-destructive syntax errors or bugs that could bring down entire projects and put an end to partnerships. The infamous “# define true (rand() > 10)” line of code comes to mind. Thankfully, as is good practice, we never worked on main branches. Duh!
This blog post is based on a Code Review Best Practices created by our CTO, Karwer, who is an expert on AWS-based modern cloud application architectures, iOS development, and everything security related in software development. Plus, he’s also a Polish Sudoku Champion and has won the Polish Math & Logic Games - twice! 🏆 If you’re up to challenging him, I double dare you 😂 But first…
What Is a Code Review?
A code review is a systematic examination of source code by one or more developers. The goal is to assess the code’s quality, identify issues, and suggest improvements. It’s a collaborative process where team members review code to ensure it meets coding standards, follows best practices, and aligns with the project's requirements and objectives.
Code reviews typically involve analyzing the code's logic, structure, readability, maintainability, performance, and security. If you're interested in reading up about my take on code quality, you could check out my other post on KPIs in Software Development.
During a code review, reviewers provide feedback on potential bugs, design flaws, code smells, or areas where the code could be optimized. The idea behind a code review is to catch errors, improve code quality, enhance overall system reliability, and promote knowledge sharing among team members.
How Do You Conduct a Code Review?
Code reviews can be conducted through various methods, such as manual inspection, pair programming, or specialized tools that automate the review process.
To conduct a code review effectively, you should start by setting clear objectives and scheduling the review at an appropriate stage. Assign an experienced reviewer, establish guidelines, and utilize code review tools that may be useful. Prioritize critical areas and provide constructive feedback, focusing on the code rather than the developer. Encourage discussion and foster a collaborative atmosphere. Follow up with iterations and appreciate the efforts made. Code reviews promote collaboration, knowledge sharing, and continuous improvement, enhancing code quality and fostering team growth.
Why Are Code Reviews Important?
Code reviews ensure high-quality software, foster teamwork, and facilitate knowledge sharing. By having multiple sets of eyes examine the code, code reviews help identify bugs, improve code readability, maintain coding standards, and catch potential issues early on. They provide an opportunity for developers to gain insights into different coding approaches and best practices.
Code reviews also promote accountability and help establish a culture of quality and continuous improvement within the development team. Ultimately, code reviews contribute to producing reliable, maintainable, and robust software applications.
📜 THE TEN COMMANDMENTS OF CODE REVIEW BEST PRACTICES 📜
1. Don’t focus on a specific chunk of code alone. Understand the entire context as this will help you catch the functional problems.
2. Don’t assume that the more experienced developer should be reviewing the code of a less experienced developer. Everyone can learn from each other, and everyone in your team could potentially catch an issue.
3. Don’t focus on minor things like, for example, two empty lines instead of one. Configure an automated check using a linter for such things to prevent the reviewer from getting distracted.
4. Treat the code review process not only as a means to ensure the application quality but also to share knowledge and establish best practices. Reviewing code has to make the entire development team better!
5. As a repository maintainer, keep the discussion in comments focused on the goal of the pull request. Avoid any debates or heated discussions about the pull request.
6. Keep the comments focused, constructive, and polite. Do not position yourself as being smarter or more knowledgeable. Ask questions instead of giving orders.
7. For the author of the pull request, be open to comments and suggestions. Do not assume bad intentions from the reviewer. If you don’t understand the suggestion given, keep asking questions until you do. This is also a way to gain knowledge.
8. Do not treat code reviews as a means to block the pull request completely. Depending on the policy of your company, but in general, the only reason you should reject code is when the pull request does not meet the functional or non-functional requirements of the application correctly.
9. Do not treat code reviews as boring and something that you have to do. Remember: your colleague is waiting for your review and is really looking forward to hearing your advice. A good practice is to start the day with a code review waiting for you.
10. Try not to skip parts of code that you may find less important e.g. some people avoid reviewing test code since it looks repetitive and may be boring to get insights from it.
“From now on, all code will be 100% peer-reviewed!”
If there’s one thing I’d like you to take away from this post, it’s for you to be convinced of code reviews’ importance and to say the above phrase to your dev team.
By integrating code review into your workflow, you ensure a robust and reliable codebase while fostering collaboration and growth within your teams. Embrace the power of code review and reap the rewards it offers to elevate your software development endeavors.
Special thanks to my colleague and good friend Michał “Karwer” Karwanski for creating this comprehensive and insightful Best Practices for Code Reviews ⛺