Thoughts on Code Review Process

Testing is the best way a developer will be able to ship software with confidence.One of the ways to perform these is code coverage, which is often debatable as there is lack of evidence for its relation with effectiveness. Although experiments have been conducted to show that test suite coverage is correlated to assertion coverage, there are doubts on the effectiveness of the machine generated assertions in this age of machine learning. The test suite size does not always sufficient for effectiveness which was shown in previous studies but the number is assertions and the test methods are the underlying reasons for this. So, it is a good idea to consider the distribution of the assertion types in the test suite when we try to predict its effectiveness Code Reviews, the process which is very common in the software engineering process, proven to improve code quality also has additional benefits such as familiarising new members to the code base. However, every developer has their own way of performing code reviews and sometimes the expectations may not be the actual outcome. For example, finding defects is one of the major motivation for performing code reviews but there when a code review is performed, there is another perspective thinking of the problem the code is solving and human brain naturally tries to come up with alternative solutions which sometimes be proven to be more effective and be implemented and also not to ignore the fact that the learning that happens while performing a code review, So, no doubts that code reviews help improve code quality but also comes with added benefits, it’s always dependent on the team culture and environment.

Bugs, the never ending nightmare of developers. There is no existing way the we can avoid that nightmare (even if there is a way, you are never sure) but we can try reducing its frequency of occurrence. Many studies have suggested that methods such as pair programming, improve code quality and reduce the occurrence of bugs, you are never sure and always on a lookout for bugs, unless we have a proven universal golden book of code which has no possibility of bugs. (Is it even possible?) So, if we take help of machines to solve this problem, there are tools which try to detect bugs but never reached the level of humans. So, How far are we to have a bug less project?(as far as finding the last digit of pi), but I won’t stop dreaming to see that one day where an active project is declared as BUG FREE.

Code Reviews are not only just for quality but they are also for security and community. It helps in security because it helps identify and eliminate vulnerabilities, but wait, doesn’t that come under quality? No because writing code is one hurdle and making that code as secure as possible is quite another. For example, code of checking every element of an array list comes under quality and controlling who can access that array list is security. So, now coming to community aspect of code reviews is the fun collaboration part where learning and knowing more about your team and making a vibrant community of being connected through reviewing code. Fascinating, isn’t it? When you review code of a person, you are getting connected to that person, so once you meet by any means there is a common ground already which is much better than a stranger. So code reviews are good for community as well.