contemporary peer code review practices
play

Contemporary Peer Code Review Practices Jeffrey C. Carver Nasir U. - PowerPoint PPT Presentation

Sep 04, 2022 •26 likes •716 views

Contemporary Peer Code Review Practices Jeffrey C. Carver Nasir U. Eisty University of Alabama 2 Can you spot the mistakes? 3 // file: IVR.CPP 1 void IVR() 2 { 3 //press 1 for account balance, 2 for last transaction, 4 //3 for last

  1. Contemporary Peer Code Review Practices Jeffrey C. Carver Nasir U. Eisty University of Alabama

  2. 2

  3. Can you spot the mistakes? 3

  4. // file: IVR.CPP 1 void IVR() 2 { 3 //press 1 for account balance, 2 for last transaction, 4 //3 for last statement, any other for operator 5 play_prompt(); 6 7 int key_pressed= get_user_choice(); 8 if(key_pressed ==1) 9 { 10 play_account_balance(); 11 Assignment operator } 12 else if(key_pressed =2) 13 instead of comparison { 14 play_last_transaction(); 15 } 16 else if(key_pressed ==3) 17 { 18 play_last_statement(); 19 } 20 else transfer_to_operator(); 21 } 22

  5. //file: printer.java 1 if (user.isAuthenticated) 2 { 3 userAccess = checkUserAuthorization(user); 4 5 //if user has access to printer 6 if(user.isAuthenticated && userAccess.printer) 7 printUsageReport (); 8 else 9 Redundant check emailUsageReport(); 10 } 11

  6. //file: UserStats.java 1 String[] listOfUsers = getUsersList(); 2 //print all the users name 3 for(int i=1;i< listOfUsers.length();i++) 4 System.out.println(“User# “+i +”: “+listOfUsers[i]); 5 6 Will not print first user

  7. Do you think only novice developers make those mistakes?

  12. We all make mistakes and need help identifying them https://twitter.com/noeabarcam/ status/394749401283190784

  13. 13

  14. Where does it fit? Other Activities Code Review 14

  15. Code Review Goals 15

  16. Team building Improved code Personal growth

  17. Code Review Goals • Team building • Better shared understanding • Team cohesion • Peer impression • Code Quality • Find/fix defects early • Identify common problems • Different perspectives • Consistency in code/design • More maintainable code • Personal • Learning

  18. Goal: Achieve peace and harmony

  19. Code Review Practices

  20. What do I need to do? 20

  21. For Developers • Realize that the goal of code review it to improve the overall code, not to evaluate the quality or worth of the developer • Remove the fear of making to mistakes an create an atmosphere where admitting and fixing is OK • You are not your code • Be humble • You will make mistakes, we all do • Someone else will always know more, its ok, learn from them • People bring different perspectives, that’s a good thing • Fight for what you believe, but gracefully accept defeat

  22. What am I supposed to do? 22

  23. For Reviewers • Focus on the code not the author • Use “I” statements rather than “you” statements • Criticize the author’s behavior, not their attributes • Talk about the code, not the coder • Ask questions rather than make statements – avoid “why” questions • Accept that there are different solutions • Choose carefully which battles to fight • Remember to praise good code • Take your time and do it well

  24. Code Review Techniques

  25. Code Algorithms

  26. Code Review Techniques • Examine the code • Is the code readable to a human? • Are variables and method names clear? • Is there sufficient documentation for someone to come back 6 months later (or someone new) to understand what the code is doing? • Examine the algorithms in detail • Are there any hidden assumptions, not specified, that could cause problems? • Are there edge cases that may not work? • What happens with bad or missing data? • Does the algorithm do what it is supposed to? – Use stepwise abstraction

  27. Example - Stepwise Abstraction • Examine the algorithm embedded in the code • Start at the bottom, extract low-level functionality • Group low-level functionality into higher- level • At top level, compare with desired plan

  28. As long as ”a”, “b”, “c”, and “d” are not while ((a>b) || (b>c) || (c>d)) in descending order { if(b>a) { Assign “b” to “i” i = b; Rearrange “a” and Assign “a” to “b” b = a; “b” in descending Replace “a” and “b” Assign “i” to “a” a = i; order } if(c>b) { Assign “c” to “i” i = c; Rearrange “b” and Assign “b” to “c” c = b; “c” in descending Replace “b” and “c” Assign “i” to “b” b = i; order } if(d>c) { i = d; Assign “d” to “i” Rearrange “c” and d = c; Assign “c” to “d” “d” in descending Replace “c” and “d” c = i; Assign “i” to “c” order } } Requirement : Rearrange ”a”, “b”, ”c”, and “d” in descending order

  29. Code Review Comment Exercise

  30. “You are writing cryptic code” “Its hard for me to grasp what is going on in the code” Use I-Messages

  31. “This is not how I would have solved the problem” “Why did you use this approach rather than approach X?” Ask questions where possible

  32. “You are sloppy when it comes to writing tests” “I believe that you should pay more attention to writing tests” Criticize the author’s behavior, not the author

  33. “You’re requesting the serve multiple times, which is inefficient” “This code is requesting the service multiple times, which is inefficient” Talk about the code, not the coder

  34. “I always use fixed timestamps in tests and you should too” “I would always use fixed timestamps in tests for better reproducibility, but in this simple test, using the current timestamp is also ok” Accept different solutions

  35. Issues Identified in code review - Misunderstood requirements - Project design violations - Coding style - Critical security defects - Unsafe methods - Inefficient code - Malicious code - Inadequate input validation - Lack of exception handling 35

  36. Developer My code compiles My code has been tested and has unit tests My code includes appropriate comments My code is tidy / follows coding standard I have documented corner cases I have documented workarounds …

  37. Reviewer Comments are understandable and appropriate Comments are neither too many or too few Exceptions are appropriately handled Repetitive code has been factored out Frameworks have been used appropriately Functionality fits the design/architecture Code is testable Code compiles

  38. Code Review 38

  39. Best Practice - Practice lightweight code reviews. - Review fewer than 400 lines of code at a time. - Inspection rate should be under 500 LOC per hour. - Do not review for more than 60 minutes at a time. - Set goals and capture metrics. - Authors should annotate source code before review. - Use checklists. - Establish a process for fixing defects found. - Foster a positive code review culture. - Embrace the subconscious implications of peer review.

  40. Scientific Code Review

  41. 41

  42. Reasons to Use Code Review for Scientific/Research Roftware - Cultural difference between scientific community and software engineering community - Correct results are unknown in many cases - Testing is extensively complex in scientific software - Common testing approaches may not fit - May be better to review the scientific algorithm than to extensively test code - Lack of proper testing knowledge - Test to check the science, not the software - Tend to test when development is about to finish

  43. Our Results 43

  44. Our Results: Findings from Interviews and Surveys • Positives • Large portion of code is reviewed • Shared expertise improves code quality • Consistent style and reusability • Good for new contributors and tricky features • Saves debugging time • Underlying science is more important than the code • Challenges • Developers are attached to the way they have done things and resist change • Lack of time and qualified contributors • Lack of enough people to properly review • Obtaining reviewer agreement

  45. Our Results: Direct Interactions • Working directly with a code team for 2-3 months • Taught them code review • Anecdotal results • Overall positive experience • Found faults they would not have tested for • Decided to implement a code standard • Continued practice

  46. Typical Code Review Workflow

  47. Requests Review Reviews Writes Edits Merge Abandon

  48. Mailing List Code Review

  49. 49

  50. Pull Requests

  51. Fix a small bug in a project in GitHub Pull Requests #git clone https://github.com/project/code ; cd code #vi some.c #git commit –a –m ‘Fix the frobinator’ #go to web UI #click fork #git remote add me https://github.com/$USER/code #git push me master #go to web UI #create pull request

  52. Fix a small bug in a project in Gerrithub #git clone https://gerrit.googlsource.com/gerrit ; cd gerrit #vi .buckconfig #git commit –a –m ‘Add new target alias for doc index’ #git push origin HEAD:refs/for/master

  53. Contemporary Code Reviews

  55. Code Review Tools

  56. Code Review Tools Gerrit: https://code.google.com/p/gerrit/ Review Board: https://www.reviewboard.org/ Phabricator: https://phabricator.org/ Crucible: https://www.atlassian.com/software/crucible

  59. Simplified Gerrit workflow Push to main Pull to local branch Main project branch Reviews Code Notifies Push to Gerrit Yes Developer’s Local Branch Approved No Reviewer Notifies developer Developer

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

CONVERGENT CONTEMPORARY SOFTWARE PEER REVIEW PRACTICES Presented by Tresa Varghese

CONVERGENT CONTEMPORARY SOFTWARE PEER REVIEW PRACTICES Presented by Tresa Varghese

CONVERGENT CONTEMPORARY SOFTWARE PEER REVIEW PRACTICES Presented by Tresa Varghese Rose(101017725) Peer review is the practice of inspecting code by other authors to find defects and thus improve software quality. Even if bug inspection

355 views • 20 slides
AGA Peer Review AUDIT A Voluntary Safety &amp; Operational Practices Program The Peer Review

AGA Peer Review AUDIT A Voluntary Safety &amp; Operational Practices Program The Peer Review

2019 AGAs Peer Review Luke Litteken Senior Vice President, Gas Xcel Energy On Behalf of American Gas Association AGA Peer Review AUDIT A Voluntary Safety &amp; Operational Practices Program The Peer Review Program gives member companies

413 views • 13 slides
AICPA Peer Review Program Compliance: l Responding to Latest Developments Best Practices for

AICPA Peer Review Program Compliance: l Responding to Latest Developments Best Practices for

Presenting a live 110 minute teleconference with interactive Q&amp;A AICPA Peer Review Program Compliance: l Responding to Latest Developments Best Practices for Optimal Reviews Given Broker Dealer Issues, B t P ti f O ti l R i Gi B

801 views • 48 slides
Hands On: Code Review Best Practices Nan ancy cy Hol ollenback lenback Bria Br ian n

Hands On: Code Review Best Practices Nan ancy cy Hol ollenback lenback Bria Br ian n

Hands On: Code Review Best Practices Nan ancy cy Hol ollenback lenback Bria Br ian n Powel ell Fi Field eld Ar Arch chitect itects ni.com Agenda A little background Group review of a VI Demo of some tools

348 views • 16 slides
Peer Review: Protecting Your Investment Peer Review: Protecting Your Investment So

Peer Review: Protecting Your Investment Peer Review: Protecting Your Investment So

Peer Review: Protecting Your Investment Peer Review: Protecting Your Investment So Hospitals will be paid less unless: Good scores on Incentive payments Meeting 17 clinical processes Funded by 1% cut in base (aspirin,

614 views • 7 slides
Peer Review: Protecting Your Investment Peer Review: Protecting Your Investment So

Peer Review: Protecting Your Investment Peer Review: Protecting Your Investment So

Peer Review: Protecting Your Investment Peer Review: Protecting Your Investment So Hospitals will be paid less unless: Good scores on Incentive payments Meeting 17 clinical processes Funded by 1% cut in base (aspirin,

418 views • 8 slides
Transforming Students' Lives: This Is How We Do It Accreditation: What is it? Peer review

Transforming Students' Lives: This Is How We Do It Accreditation: What is it? Peer review

Transforming Students' Lives: This Is How We Do It Accreditation: What is it? Peer review teams visit colleges and universities to: certify standards are being met recommend improvements commend excellent practices ACCJC, the

278 views • 15 slides
PEER REVIEW T R A I N I N G W E B I N A R PEER REVIEW TRAINING WEBINAR Program Purpose

PEER REVIEW T R A I N I N G W E B I N A R PEER REVIEW TRAINING WEBINAR Program Purpose

PEER REVIEW T R A I N I N G W E B I N A R PEER REVIEW TRAINING WEBINAR Program Purpose Resources and Tips for Reviewing the Grant Applications Program Goals and Priorities Navigating the on-line Grants Management System

585 views • 34 slides
SEND Peer Review 5 th July 2019 www.local.gov.uk SEND Peer Review Presentation of findings

SEND Peer Review 5 th July 2019 www.local.gov.uk SEND Peer Review Presentation of findings

Salford City Council SEND Peer Review 5 th July 2019 www.local.gov.uk SEND Peer Review Presentation of findings Strengths Areas for further consideration Recommendations The peer team Sue Butcher, Social Care Consultant,

872 views • 23 slides
Moodle Workshop Feature (Peer Review) 0 Flips the classroom 0 My research questions: Is online

Moodle Workshop Feature (Peer Review) 0 Flips the classroom 0 My research questions: Is online

Moodle Workshop Feature (Peer Review) 0 Flips the classroom 0 My research questions: Is online peer review more or less effective than traditional, inclass peer review? Are students more motivated and engaged when their review efforts

413 views • 14 slides
1 4 characteristics of peer 2 things to remember w hen review ers preparing a review

1 4 characteristics of peer 2 things to remember w hen review ers preparing a review

Department of Epidemiology Welch Center for Prevention, Epidemiology, and Clinical Research Review ing a paper for a scientific publication p for dummies Eliseo Guallar, MD, DrPH eguallar@jhsph.edu Objectives of peer review 3 types of

507 views • 3 slides
Test-item Writing Workshop: The Power of Peer-review October 4, 2017 Fidel Lim, DNP, CCRN

Test-item Writing Workshop: The Power of Peer-review October 4, 2017 Fidel Lim, DNP, CCRN

Test-item Writing Workshop: The Power of Peer-review October 4, 2017 Fidel Lim, DNP, CCRN Objectives Identify 4 flaws in test questions Utilize best practices for writing multiple choice questions Utilize best practices when

685 views • 65 slides
Peer Review Presented by Trudy Brown Ripin, MPH &amp; Molly Gwisc, MPH Shoreline Health

Peer Review Presented by Trudy Brown Ripin, MPH &amp; Molly Gwisc, MPH Shoreline Health

Pennsylvania Association of Community Health Centers Peer Review Presented by Trudy Brown Ripin, MPH &amp; Molly Gwisc, MPH Shoreline Health Solutions Peer Review Overview Peer review is a systematic process for clinical providers to

734 views • 38 slides
Chris Rouse Windham 1 Brannon, PC Peer Review Whats going on Agenda AICPA Audit

Chris Rouse Windham 1 Brannon, PC Peer Review Whats going on Agenda AICPA Audit

Peer Review Whats going on, and how to get through it Presented by Chris Rouse Windham 1 Brannon, PC Peer Review Whats going on Agenda AICPA Audit Quality Initiative Peer Review Future How to Have a Successful Peer

517 views • 19 slides
Deans Teleconference Lawrence A. Tabak, D.D.S., Ph.D. On behalf of: ACD WG on Peer Review SC

Deans Teleconference Lawrence A. Tabak, D.D.S., Ph.D. On behalf of: ACD WG on Peer Review SC

http://enhancing-peer-review.nih.gov/ Deans Teleconference Lawrence A. Tabak, D.D.S., Ph.D. On behalf of: ACD WG on Peer Review SC WG on Peer Review http://enhancing-peer-review.nih.gov/ A Self-Study by the NIH in Partnership with the

608 views • 14 slides
The Reviewing Process Bijan Parsia &lt;bijan.parsia@manchester.ac.uk&gt; 1 Peer Review Peer

The Reviewing Process Bijan Parsia &lt;bijan.parsia@manchester.ac.uk&gt; 1 Peer Review Peer

The Reviewing Process Bijan Parsia &lt;bijan.parsia@manchester.ac.uk&gt; 1 Peer Review Peer review is a keystone of modern academia Evaluation by people of similar competence Where theres a fairly high bar for minimally

497 views • 11 slides
Programming With Data One-Slide Summary A list is a data structure , a way of storing and

Programming With Data One-Slide Summary A list is a data structure , a way of storing and

Programming With Data One-Slide Summary A list is a data structure , a way of storing and organizing data. cons creates a pair of two values. car and cdr (or first and rest ) extract the first and second elements of a cons pair. A

205 views • 8 slides
Collecting Application- Level Job Completion Statistics CUG 2010, Edinburgh Matthew Ezell HPC

Collecting Application- Level Job Completion Statistics CUG 2010, Edinburgh Matthew Ezell HPC

Collecting Application- Level Job Completion Statistics CUG 2010, Edinburgh Matthew Ezell HPC Systems Administrator National Institute for Computational Sciences University of Tennessee NICS is the latest NSF HPC center Kraken #3 on

383 views • 14 slides
Pointer arithmetic arrays only arrays only Pointer arithmetic Can add or subtract an

Pointer arithmetic arrays only arrays only Pointer arithmetic Can add or subtract an

Pointer arithmetic arrays only arrays only Pointer arithmetic Can add or subtract an integer as long as result is still within the bounds of the array Can subtract a pointer from another pointer iff both point to

140 views • 9 slides
GlideinWMS Marco Mambelli Stakeholders Meeting November 13, 2019 Overview Project updates

GlideinWMS Marco Mambelli Stakeholders Meeting November 13, 2019 Overview Project updates

GlideinWMS Marco Mambelli Stakeholders Meeting November 13, 2019 Overview Project updates since last stakeholders meeting Completed and Upcoming releases GlideinWMS roadmap Developers spotlight Reference slides GlideinWMS

1.3k views • 30 slides
Are Scientific Experiments in Security Possible? Vicraj Thomas vthomas@bbn.com 18 November 2008

Are Scientific Experiments in Security Possible? Vicraj Thomas vthomas@bbn.com 18 November 2008

Are Scientific Experiments in Security Possible? Vicraj Thomas vthomas@bbn.com 18 November 2008 Experimentation is Difficult Difficult in any discipline Time consuming, tedious Expensive But It is a key piece of the

610 views • 12 slides
MSc Thesis Department of Computer Science Gerth Stlting Brodal gerth@cs .au.dk September 2018

MSc Thesis Department of Computer Science Gerth Stlting Brodal gerth@cs .au.dk September 2018

MSc Thesis Department of Computer Science Gerth Stlting Brodal gerth@cs .au.dk September 2018 (original April 2014, Anders Mller) My background Chair of the Education Committee Department of Computer Science Research group

820 views • 35 slides
Viruses, and Epigenetics Yaron Tomer, MD Division of Endocrinology, Department of Medicine,

Viruses, and Epigenetics Yaron Tomer, MD Division of Endocrinology, Department of Medicine,

Triggering Thyroid Autoimmunity: Genes, Viruses, and Epigenetics Yaron Tomer, MD Division of Endocrinology, Department of Medicine, Icahn School of Medicine at Mount Sinai, New York Nothing to Disclose PRESENTATION FROM THE 83rd ANNUAL

512 views • 24 slides
Praktische Aspekte der Informatik Moritz Mhlhausen Prof. Marcus Magnor

Praktische Aspekte der Informatik Moritz Mhlhausen Prof. Marcus Magnor

Praktische Aspekte der Informatik Moritz Mhlhausen Prof. Marcus Magnor https://graphics.tu-bs.de/teaching/ss19/padi/ LaTeX Documents https://graphics.tu-bs.de/teaching/ss19/padi/ Further Reading Warning! The following slides are meant to

351 views • 33 slides

More recommend