Our sales team member Matt Kohler recently gave a presentation on code review benefits with his “Benefits of Automated Code Review” webinar. We’ll give you an overview of the points in his webinar and also invite you to watch it here.
Problem
With $85 billion global GDP loss from developer time spent on bad code annually, discussing the benefits of code review is key. Findings also indicate that 13.5 hours in the developer work week is spent fixing technical debt.
Many engineers will say most of the time code reviews are about enforcing best practices, code style and security issues. ‘
Solution
In order to help address engineers’ concerns, code reviews address many efficiency issues. However, code reviews should be executed in an effective way. There are two key categories of code review techniques — manual and automated code review.
Manual Code Review vs. Automated Code Review
Manual Code Review
Like the name suggests, this process is done manually. Reviewers read source code line by line. Review is often done by a peer or a QA team. During the process, developers submit their code for review and issues are sent back. Manual code review may employ checklists to identify issues.
However, sometimes feedback can be construed as too personal. Conversations in the manual code review process should focus on topics like code logic, effective writing and comprehension (can the code be written more effectively?).
Automated Code Review
Automated code review is a process that reviews code without manual input using a predefined set of rules. With the limited capacity of humans, it helps handle code volumes and works across team workflows and time zones. Additionally, it does not factor in personal bias or interpersonal communication. Efficiency, human error and quality assurance (human vs. machine capacity) are key benefits.
Static Code Analysis
Static code analysis is an automated way to review code without executing any code. Linters, which are used to search for stylistic issues, bugs and possible memory leaks may be considered static analysis tools but have limitations. For instance, they do not typically offer technical debt avoidance, security screening, duplication avoidance, complexity metrics, compliance and education on best practices. Popular open source linting tools include Pylint (Python) and ESLint (JavaScript).
Other Tools
Other tools in the code review ecosystem include: Continuous Integration (CI) tools such as Jenkins or CircleCl, code coverage tools (eg CodeCov, Coverall) and project management tools that aid manual code review.
However, there are downsides to using multiple tools such as:
- Teams spend excessive time configuring tools rather than coding
- Costs multiply across tools
- Tools may not integrate
- Constant maintenance of standards are required
- Context switching for developers reduces efficiency
Solution: Code Review Suite
A code review suite like Codacy is a static analysis tool that performs a variety of functions like the tools above. However, it mitigates many issues associated with using multiple tools. Key components of Codacy include:
- Efficiency: shows managers what to prioritize so less time reviewing means more coding
- Code quality standardization: provides pre-set customizable standards that can be enforced
- Code quality predictability: Duplication and complexity metrics tell developers where problems may develop if they actually do
- Team management and reporting: a suite provides easily-accessible metrics for technical and non-technical level reports
- Proactive: Pull requests (PRs) that may have a detrimental impact on code code quality maybe blocked
To learn more about a code review suite like Codacy and the benefits of automated code review watch Matt’s video. You can also download the slides from his presentation and check out some other static analysis pieces on our blog like Automate Your Code Review With Static Code Analysis.
Originally published at https://blog.codacy.com on December 4, 2019.
