Policies & Governance
- What is the purpose of code review
- How important is Code Review
Purpose of code review
- Code review is our basic mechanism for validating the design and implementation of an application. It also helps us maintain a level of consistency in design and implementation practices across the various tiers of a web application.
What do reviewers look for?
A review is focused on a web-app's design, implementation, best practices and usefulness in fixing a stated problem.
A reviewer should be someone with domain expertise in the problem area. A reviewer may also utilize other areas of his or her expertise and comment on other possible improvements. There are no inherent limitations on what comments a reviewer might make about improving the code.
Reviewers will probably look at the following areas of the code:
- API/design review. Because APIs define the interactions between tiers/modules, they need special care. Review is especially important to keep APIs balanced and targeted, and not too specific or overdesigned.
- Maintainability review. Code which is unreadable is impossible to maintain. If the reviewer has to ask questions about the purpose of a piece of code, then it is probably not documented well enough. Does the code follow the coding style guide?
- Security review. Does the design use security concepts? Does this code need additional security testing?
- Testing review. Are there tests for correct function?
- Implementation of Concepts noted in these tutorial pages
- for example:
- dynamic JPQL is prohibited
- see every section for best practices
- for example: