Policies & Governance

  • What is the purpose of code review
  • How important is Code Review

Purpose of code review

  • Code review is our basic mechanism for validating the design and implementation of an application. It also helps us maintain a level of consistency in design and implementation practices across the various tiers of a web application. 

What do reviewers look for?

  • A review is focused on a web-app's design, implementation, best practices and usefulness in fixing a stated problem.

  • A reviewer should be someone with domain expertise in the problem area. A reviewer may also utilize other areas of his or her expertise and comment on other possible improvements. There are no inherent limitations on what comments a reviewer might make about improving the code.

    Reviewers will probably look at the following areas of the code:

    • API/design review. Because APIs define the interactions between tiers/modules, they need special care. Review is especially important to keep APIs balanced and targeted, and not too specific or overdesigned.
    • Maintainability review. Code which is unreadable is impossible to maintain. If the reviewer has to ask questions about the purpose of a piece of code, then it is probably not documented well enough. Does the code follow the coding style guide?
    • Security review. Does the design use security concepts? Does this code need additional security testing?
    • Testing review. Are there tests for correct function?
    • Implementation of Concepts noted in these tutorial pages
      • for example:
        • dynamic JPQL is prohibited
        • see every section for best practices