本文介绍了一个简单而有效的代码审查流程,包括准备、参与者选择、审查步骤等关键环节,并提供了检查清单和跟踪表格等辅助工具。
http://www.deaded.com/staticpages/index.php/codereviewprocess
Simple Code Review Process
1. Overview
A code/peer review is where developers go over the code in a system to:
- make sure that the code is written to standard and satisfies the specifications, requirements or design documents
- suggest improvement opportunities to the author
- learn different ways of coding and about the system under review (competence building)
Document base from www.processimpact.com
2. Work Aids
The following peer review work aids are available:
- Issue Log (for keeping track of issues found during the review)
- Java Inspection Checklist (things to keep a lookout for)
- Reviewed Code Tracking (keep track of what was reviewed and when)
3. What to Review
To get some idea which code to review, think about the following:
- code that uses new technology, techniques, or tools
- key architectural components
- complex logic or algorithms
- security related code
- code that has many exception conditions or failure modes
- exception handling code that cannot easily be tested
- components that are intended to be reused
- code that will serve as models or templates for other code
- code that affect multiple portions of the product
- complex user interfaces
- code created by less experienced developers
- code having high cyclomatic complexity
- code having a history of many defects or changes
4. Participants
Who should take part in a review? In general, the code should be reviewed by:
- the author
- peers of the author
- possibly a 3rd party unrelated to the project
Ideally, 3 to 5 people should take part, not all needing knowledge of the system under review.
5. Inspection Procedure
The actual review meeting should be no longer than 2 hours a time (and never two reviews in the same day).
To start with, someone selects which code will be reviewed. The author(s) of the code ensure that the code is written to the coding standards, compiles, and has passed static analysis checks (PMD and FindBugs).
The code is then printed (one copy for each reviewer). At this point, the code under review is frozen. This means that no more changes are to be made to the code under review until after the review has been completed and any actions taken related to the review have been dealt with. There is no point reviewing code that has already changed, and also no point in trying to fix issues raised by the review in code that has changed since the review.
Printed code must have the class name, line numbers and a page number printed on each sheet.
5.2. During the meeting
Code reviews are for reviewing code – not for going over system design, picking at brace placement or spacing, or criticising the way the author has written anything. Remember that you are reviewing application code – not the person that has written that code.
The review should have a light, informal, atmosphere where questions relating directly to the code under review can be freely asked and answered, yet also keeping the meeting moving forwards.
The author(s) of the code starts with a quick verbal explanation of what the code does and then starts to go through the code. This does not mean in a robotic fashion “line 1 import com.mycompany.bla.bla†… “line 55 for x equals zero, x is less than the size of myarray, increment xâ€. It means to describe in natural language the important aspects of what the code is doing. The line numbers are used to direct attention to a place in the code when going through.
When an issue is raised, it needs to be recorded in the issue log so that it can be dealt with after the review meeting. The class name, line number, and text description of the issue should be recorded. It is up to the project to decide what should be fixed and when, sometimes it is enough to recognise an issue and ensure that the developers are informed about what or what not to do in the future. Other times, you will find bugs that must be fixed or possibly some refactoring. When something like refactoring is done, you should also consider putting the refactored code under review again.
Filling in the issue log is the only task that should be done with a computer. Trying to review code on a computer screen with 3 or more people doesn’t work – it must be printed. The issue log should be kept even after any actions raised by the review have been dealt with (this may help to spot any patterns so that the static analysis tools can be improved to help find any issues automatically in the future). Note that these tools cannot replace human checking of what is done, they can only check how something is done.
6. Reference Sheet for Peer Reviews
-
- Select review participants, obtain their agreement to participate, and schedule a walkthrough meeting. Responsibility: Moderator
- Author prints a copy of the code for each member of the meeting. Responsibility: Author
- Describe the work product to the reviewers during the meeting in any appropriate way. Lead discussion on the topics of interest or concerns about the work product. Responsibility: Author
- Present comments, possible defects, and improvement suggestions to the author. Responsibility: Reviewers
- Based on reviewer comments, perform any necessary rework of the work product. Responsibility: Author
The architect / author selects the participants for the review.
Entry Criteria
Architect has selected work to be reviewed and author(s) has prepared the work for review.
Tasks
Deliverables
Modified work product
Verification
No verification of rework is required. Changes are made at the project group’s discretion.
Exit Criteria
The author has made any appropriate changes in the work product.
7. Process Maintenance
Submit suggestions for improvements to be made in this peer review process to the Quality Department ( a.person@mycompany.com ).
http://www.stickyminds.com/index.asp
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
