Posts Tagged ‘CodeReview’
[DevoxxUK2025] Cracking the Code Review
Paco van Beckhoven, a senior software engineer at Hexagon’s HXDR division, delivered a comprehensive session at DevoxxUK2025 on improving code reviews to enhance code quality and team collaboration. Drawing from his experience with a cloud-based platform for 3D scans, Paco outlined strategies to streamline pull requests, provide constructive feedback, and leverage automated tools. Highlighting the staggering $316 billion cost of fixing bugs in 2013, he emphasized code reviews as a critical defense against defects. His practical tactics, from crafting concise pull requests to automating style checks, aim to reduce friction, foster learning, and elevate software quality, making code reviews a collaborative and productive process.
Streamlining Pull Requests
Paco stressed the importance of concise, well-documented pull requests to facilitate reviews. He advocated for descriptive titles, inspired by conventional commits, that include ticket numbers and context, such as “Fix null pointer in payment service.” Descriptions should outline the change, link related tickets or PRs, and explain design decisions to preempt reviewer questions. Templates with checklists ensure consistency, reminding developers to update documentation or verify tests. Paco also recommended self-reviewing PRs after a break to catch errors like unused code or typos, adding comments to clarify intent and reduce reviewer effort, ultimately speeding up the process.
Effective Feedback and Collaboration
Delivering constructive feedback is key to effective code reviews, Paco noted. He advised reviewers to start with the PR’s description and existing comments to understand context before diving into code. Reviews should prioritize design and functionality over minor style issues, ensuring tests are thoroughly checked for completeness. To foster collaboration, Paco suggested using “we” instead of “you” in comments to emphasize teamwork, posing questions rather than statements, and providing specific, actionable suggestions. Highlighting positive aspects, especially for junior developers, boosts confidence and encourages participation, creating a supportive review culture.
Leveraging Automated Tools
To reduce noise from trivial issues like code style, Paco showcased tools like Error Prone, OpenRewrite, Spotless, Checkstyle, and ArchUnit. Error Prone catches common mistakes and suggests fixes, while OpenRewrite automates migrations, such as JUnit 4 to 5. Spotless enforces consistent formatting across languages like Java and SQL, and Checkstyle ensures adherence to coding standards. ArchUnit enforces architectural rules, like preventing direct controller-to-persistence calls. Paco advised introducing these tools incrementally, involving the team in rule selection, and centralizing configurations in a parent POM to maintain consistency and minimize manual review efforts.
Links:
[PHPForumParis2022] Code Review: We Didn’t Come to Suffer! – Anne-Laure de Boissieu
Anne-Laure de Boissieu, a backend developer at Bedrock, delivered a heartfelt presentation at PHP Forum Paris 2022 on transforming code reviews into positive, constructive experiences. As a member of the Duchess France network and an organizer of the Mixit conference, Anne-Laure shared personal anecdotes and practical strategies to make code reviews less daunting and more collaborative, drawing from her experience at Bedrock and her passion for community engagement.
Reframing Code Reviews as Collaboration
Anne-Laure began by addressing the emotional challenges of code reviews, recounting instances where feedback felt personal or discouraging. She argued that code reviews should be a collaborative process, not a source of suffering. By adopting a constructive mindset, developers can focus on improving code quality rather than defending their work. Anne-Laure emphasized the importance of clear communication, citing her own experiences at Bedrock, where supportive feedback helped her grow as a developer.
Best Practices for Effective Reviews
Drawing from Bedrock’s workflow, Anne-Laure shared actionable best practices for code reviews. She advocated for assigning a “buddy” to new developers for initial reviews, conducting verbal feedback sessions to reduce misunderstandings, and addressing complex feedback in person. Referencing Amélie’s talk on onboarding, she highlighted small tasks, like adding a name to a list, to familiarize newcomers with workflows. These practices, Anne-Laure argued, create a supportive environment that fosters learning and aligns with team standards.
Building a Positive Review Culture
Anne-Laure emphasized that human interactions are key to successful code reviews. She cautioned against piling up written comments, which can escalate tensions, and encouraged direct discussions to resolve issues. By sharing her journey from feeling hurt by feedback to valuing constructive critiques, Anne-Laure inspired developers to approach reviews with empathy and openness. Her insights underscored the role of team dynamics in creating a culture where reviews enhance collaboration and professional growth.
Links:
[ScalaDaysNewYork2016] Nightmare Before Best Practices: Lessons from Failure
At Scala Days New York 2016, José Castro, a software engineer at Codacy, delivered a riveting presentation that diverged from the typical conference narrative. Instead of showcasing success stories, José shared cautionary tales of software development mishaps, emphasizing the critical importance of adhering to best practices to prevent costly errors. Through vivid anecdotes, he illustrated how neglecting simple procedures can lead to significant financial and operational setbacks, offering valuable lessons for developers.
The Costly Oversight in Payment Systems
José Castro began with a chilling account of a website launch that initially seemed successful but resulted in a €180,000 loss. The development team had integrated a shopping cart with a bank’s payment system, but for three weeks, no customer payments were processed. José recounted how a developer’s personal purchase revealed that the system was authorizing transactions without completing charges, a flaw unnoticed due to inadequate testing. The bank’s policy allowed only one week to finalize charges, rendering earlier transactions uncollectible. This oversight, José emphasized, could have been prevented with rigorous integration testing and automated checks to ensure payment flows were correctly implemented.
Deployment Disasters and Human Error
Another tale José shared involved a deployment error that brought down a critical system for 12 hours. A developer, tasked with updating a customer-facing application, accidentally deployed to the production environment instead of staging, overwriting essential configurations. The absence of proper deployment protocols and environment safeguards exacerbated the issue, leading to significant downtime. José highlighted the need for automated deployment pipelines and environment-specific configurations to prevent such human errors, ensuring that production systems remain insulated from untested changes.
The Perils of Inadequate Documentation
José also recounted a scenario where insufficient documentation led to a prolonged outage in a payment processing system. A critical configuration change was made without updating the documentation, leaving the team unable to troubleshoot when the system failed. This lack of clarity delayed recovery, costing the company valuable time and revenue. José advocated for documentation-driven development, where comprehensive records of system configurations and procedures are maintained, enabling quick resolution of issues and reducing dependency on individual knowledge.
Fostering a Healthy Code Review Culture
In addressing code review challenges, José discussed the emotional barriers developers face when receiving feedback. He shared an example of a team member who successfully separated personal ego from code quality, embracing constructive criticism. To mitigate conflicts, José recommended automated code review tools like Codacy, which provide objective feedback, reducing interpersonal tension. By automating routine checks, teams can focus on higher-level implementation discussions, fostering a collaborative environment and improving code quality without bruising egos.