On Software Development (or "O Sr. SiIva disse..."): Tools: Code Reviews and Support tools

segunda-feira, 21 de novembro de 2016

Tools: Code Reviews and Support tools

Why (NOT) Code Reviews?

Code reviews is not the most beloved verification method for a developer (in the end of the day it makes you proof-read others code, and everyone knows that all code other than yours is not good enough - #irony). But remember that Code Reviews are one of the most cost-effective verification methods available: Fixing a bug in software while developing it is way much cheaper than fixing it after the formal testing phases begin (several studies on the subject can be found - just "google" for it).

Also, things that we should bear in mind before we start complaining about having to do code reviews are:

There are things that are much easier to verify looking at the code directly (e.g. correct use of RDBMS transactions) than by integration / system testing. "White box" rules here and saves us hours (as a team - because on some cases we are saving testers' time).
For some critical parts of your code it might be a good idea to have them being checked (read: code reviewed) prior to any deployment to production, e.g., code involved in authentication, authorization, money transfers, etc..

Code Reviews in your QMS/SDP

Your QMS/SDP might have a Verification Process defining a code review procedure on how to conduct code reviews (see "Further Reading"). And how metrics related to code reviews are to be collected (and when, and by whom). Examples are: code review speed, preferably per technology; number of defects detected, number of defects fixed, defect fix cost - e.g. in minutes, etc.

And What About Supporting Tools?

So in order to "reap the benefits" (read: improve SW Quality and save money), give the developer teams a help by supporting the procedure with tools. For instance: Crucible (a plugin to Atlassian JIRA). Or any other. Anything other than making people use printed code and / or word processor annotated documents.