понедельник, 28 июля 2008 г.

Making code review easier with Codestriker

The big brother is watching you
George Orwell


Everybody agrees that code review is crucial for any software project. I don't believe that it is possible to do good code reviews on a regular basis without a code review tool. I you are not using a code review tool, the following scenarios might happen:
  1. You have just finished with your task and want the code to be reviewed. The reviewer and you work in the same office. Unfortunately, the reviewer is not available at the moment. There are many reasons why it can happen. The reviewer might have flexible working schedule which differs from your working schedule, he might be ill, he might be at a meeting, visiting the dentist, stuck in a traffic jam. Of course, you can't wait until the reviewer appears in the office, you switch to another task instead. It is easy to forget about code review.
  2. You have a distributed team. One or two developers work in one office, the rest of developers work in another office which might be located in another country. We had this situation at my last place of work. In this case the only way to send a code review request is an email with an attached patch file which contains your changes to code. The reviewer is supposed to read your email, save the attached patch to a folder, then apply the patch to the right version, examine your code. It is time-consuming and not efficient.
Without a code review tool the team leader doesn't have the whole picture of what is going on with code reviews. How many code review requests are pending ? Which topics are the most discussed ? These questions need to be addressed, and a code review tool helps.

There are many code review tools available, most of them are commercial, some are free. The one I introduced in my team was Codestriker. It's a free tool written in Perl. Although its functionality has minimum features, it can be successfully used. Basically, it is a web appplication running on Apache. Although Codestriker has no built-in security support, you can secure Codestriker with Apache's auth module.

Learning and setting up Codestriker took me one day. Configuration is simple but requires knowledge of Linux or Unix. You tell Codestriker what database to use and where is the code repository. We used MySQL and Subversion.

Features of Codestiker
  • The creator of a topic gets notifications by e-mail when reviewers post comments.
  • You can have multiple reviewers
  • All the members of the team can post comments on any topic
  • You can browse changes to code through Codestriker's web interface
  • You can add comments to a single line of code and to a whole topic.


Even though we were using the simpliest code review tool, the quality of code reviews increased dramatically. The code became controlled better by the team lead. More members became involved in code review. Intreraction between offices improved. It turned out that it is possible to misuse code review tool. If the team lead is a dictator and willing to blame and critisize everyone, he can abuse the code review tool. Other members would feel like "the big brother is watching you".The programmers would feel that their every step is under attack, they would loose motivation or leave the company. So be careful with code review tools. Small teams with limited budget who don't want to spend money on commercial code review tools can use Codestiker fine.

2 комментария:

Анонимный комментирует...

Do you know any other tools for code review?

Sergey Grigoriev комментирует...

Review board is another one. See http://www.review-board.org/ for details.