Come and pick up this issue manual code review!
Code review list is a code review of clear rules and instruction manuals, it can make code reviews more benefits for your team, and can significantly improve the speed of code review.
Studies have shown that the use of code review the list of reviewer outperformed reviewers do not use. So whether you are a novice or an experienced developer developer, began to consider the use of bar code review list.
A list of codes should be concerned
As the author of the code, you should ensure that:
The code and compile successfully (without warning) by static checking
By all the tests the code (unit testing, integration and system testing)
You have carefully checked the spelling mistakes and done a deal (comments, todo, etc.)
Overview reason to modify the code and to modify what place
In addition, as the code writers, should also be reviewed prior to submission, review their codes in accordance with the list of reviewer.
The list of code review should concern
As a code reviewer, your task is to find the most important issue. Comments will be more valuable to structural or logical problem code, even if sometimes seem picky.
You should know what is good code feedback. Also note that the best code review feedback is not a review, but recommended. So do not say “variable name should be removeObject”, better to say “call variable removeObject how about?.”
The list below is sufficient to help you raise a good code review feedback.
Change this code will execute what it supposed to do?
This solution is the simplest yet?
When you change this dependency has introduced some unwanted compile or runtime do?
Whether the framework should not be used, API, libraries, service?
The existence of unused framework can enhance the workarounds, API, libraries, service?
Code is at the correct level of abstraction?
Modular code is doing is good enough?
Do you have other solutions, the program performs better code maintainability, readability, performance, security?
Whether a function similar functions already exist? If so, why not reuse?
Are there best practices, design patterns or specific language models can optimize the code?
Compliance with the code object-oriented analysis and design principles, such as a single responsibility principle, the principle of opening and closing, Richter substitution principle, interface isolation, dependency injection?
Logic error or Bug
Can you think of any use cases code does not run as expected it?
Can you think of any possible damage to the code input or external events do?
Error handling and logging
Errors are correctly handle it?
Is there a need to increase or delete the log / debug information?
Error message is user friendly?
Is there enough logs, whether they are written in a way that is easy to debug?
Availability and accessibility
From a usability point of view, the proposed solution is that the design is reasonable?
API documentation is good enough?
The proposed solution whether they have accessible?
API / UI whether intuitive to use?
Testing and testability
Code can test whether the standard?
Is there enough automated testing (unit testing / integration testing / system testing)?
Whether it is reasonable to cover existing test code changes?
Are there additional test cases, input or edge cases for testing?
If changes need to update a file other than code, such as updating the document, configuration, readme file. Completion of these updates?
Whether this change will affect other parts of the system? Whether the backward compatible?
Data security and privacy
This code is open security vulnerabilities in software?
Whether permissions and authentication is handled correctly?
Is it safe handling of sensitive data such as user data, such as credit card information? Whether to use encryption correct?
If code changes revealed some private information (such as drugged, user name, etc.)?
If the code to handle user input, whether to solve the cross-site scripting, SQL injection and other security breaches, whether a clean and input validation?
Whether the data obtained from an external API or database. The appropriate checks?
This code whether the changes would have a negative impact on system performance?
You can further improve code performance?
Code is easy to understand?
Which part makes you confused as to why?
You can improve code readability by reducing method?
You can improve the readability of the code it by using a different function / method or variable name?
Code is stored in the correct file / directory / package?
Do you think the method should be reconstructed in order to have a more intuitive control flow?
Whether the data stream understandable?
Are there extra comment?
Whether certain comments can better convey information?
If more comments will make your code easier to understand?
Can you remove some comments to understand the code by improving code readability?
If the code commented out of existence?
Do you think a particular expert (such as availability of security experts or experts) should first check the code, and then submit the code?
This code changes will affect other teams do? They should also comment on it?
Well, that’s a list of some of the most pressing problems.
Coding style and conventions
Your team or company must have a clear coding style guide, which is very important. Because this is the only way the only embodiment of the code in the library. And consistency will make code reviews faster, so that people can easily change the project and keep the readability and maintainability of your code.
Google is to do this good example, no doubt, this allows Google to quickly code review.
First of all, I would suggest using readily available coding styles to support multiple languages offered by Google. It is important to set the ground rules, but make sure once and for all. Do not continue to argue.
Automate as much as possible
After determining the coding style, take some time to properly install and configure the tool to a key formatting codes.
There are also many things you can do. For example, instead of using static checking some of the manual review. It is worth the effort.
A complete list of