Roger Xia, profile picture
Uploaded byRoger Xia
PPTX, PDF621 views

Code reviews

This document discusses the importance and benefits of code reviews. It notes that code reviews can increase quality, reduce defects, improve readability, share knowledge within a team, and help people get to know each other better. The document outlines different methodologies for conducting code reviews, such as team reviews, pair programming, walkthroughs, and peer reviews. It also provides tips for preparing code for review and things reviewers should check for, such as naming conventions, logic, refactoring, performance, and security. Overall, the document promotes code reviews as a way to improve code quality and collaboration.

Embed presentation

Downloaded 20 times
Every Programmer Should Know Code Reviews Roger Xia July 2012
$ whoami • Programmer
Programming & Code review • Programming is – Taking an algorithm – Choosing a language – Using that language to implement algorithm and solve problems • Code review is –?
Why? • Increase Quality & Reduce Defects • Improve readability • Share knowledge in team • Know your workmate better! • Two Wrongs Can Make a Right • NOT personal attack! • NOT architect reviews everything
methodology • Team review (Planned 1-2 hour/week, Clear roles) • Pair programming (Share knowledge, 1 task) • Walkthrough (Author leads, reviewers take notes, higher level) • Peer review (Asynchronous) • Gerrit • Reaction & Ask questions
Preparation • Code Conventions • Findbugs • Tested • Test case
Take care of • naming convention spelling mistakes • business logic • refactoring • performance • security (attack, thread safe)
Refactoring • Refactoring modifies software to improve its readability, maintainability, and extensibility without changing what it actually does. • Martin Fowler uses “code smells” to identify when to refactor. • Boss: "Refactoring is an overhead activity - I'm paid to write new, revenue generating features."
Code smells • Bad names • Duplicate code • Long method • Large class • Long parameter list • Temporary field • Speculative Generality • Data Class • Don’t flood log
Use Meaningful Names
Meaningful Names • Class names – Should be nouns or noun phrases. – Examples: Car, Account, DataRetrievalService, AddressParser • Method names – Should be verb or verbPhrases – Examples: parseData, deletePage, save – Methods that return boolean values should sound like question. – Examples: isAuthenticated, hasNoErrors, isEmpty • Interface and Implementation – ICache  LRUCache – IExport  ExportService • Constants – MAX_VALUE – SEP_COMMA, SEP_SEMICOLON
The Art of Readable code • The book! • I want to point out: – Use blank to separate logic block.
Comments for complex process, algorithm, reasons
Aiming for simplicity • Do one thing in a function (simple responsibility) • Have no side effects. • Prefer exceptions to return codes. • Format your code.
DRY -- Don’t repeat yourself • Duplicated code should be avoided. • Object Orientation, Abstract! • Design pattern!
OO Principles • Simple responsibility principle: Class should have one and only one reason to change. • Encapsulation: Modules should not know internal details of objects it manipulates. • Polymorphism -- Liskov’s substitution principle: A subclass can be used as an argument where a base class is expected. • Open-closed principle: Class should be open for extention, but closed for modification.
Design Patterns
Pay Attention to Performance • JAVA: JVM usage – Don’t create object in loop – Use ArrayList, HashMap etc as opposed to Vector, Hashtable etc (synchronized) where possible. Even better is to use just arrays where possible. – Set initial capacity of a collection (e.g. ArrayList, HashMap) and StringBuffer/StringBuilder appropriately. – Concurrent Collection, Lock – Lazy load or multi-threading where applicable. – Cache (LRUCache, Distributed Cache)
Pay Attention to Performance
Pay Attention to Security • Sandbox (security manager, access manager, Classloaders, policies) • Scope: Access modifier to help protect your classes, methods, fields. – public, protected, private, package – Exceptions: object serialization, reflection, • Immutable class – final – String – Insecure direct object reference of mutable object • Type safe – Casting • Thread safe • OOM (static), file description handler, release resources (File, DBConnection) • SQL injection • Single point of failure
• secure code
Have Fun and win http://rosettacode.org/wiki/Rosetta_Code

More Related Content

PPTX
Writing Clean Code (Recommendations by Robert Martin)
byShirish Bari
 
PDF
Style & Design Principles 01 - Code Style & Structure
byNick Pruehs
 
PDF
Extracts from "Clean Code"
byVlatkaPavii
 
PDF
Extracts from "Clean Code"
byVlatkaPavii
 
PPT
Comp102 lec 3
byFraz Bakhsh
 
PPT
Presentation on java
byshashi shekhar
 
PPTX
Pass by value and pass by reference
byTurnToTech
 
PPTX
Python introduction
byRoger Xia
 
Writing Clean Code (Recommendations by Robert Martin)
byShirish Bari
 
Style & Design Principles 01 - Code Style & Structure
byNick Pruehs
 
Extracts from "Clean Code"
byVlatkaPavii
 
Extracts from "Clean Code"
byVlatkaPavii
 
Comp102 lec 3
byFraz Bakhsh
 
Presentation on java
byshashi shekhar
 
Pass by value and pass by reference
byTurnToTech
 
Python introduction
byRoger Xia
 

What's hot

PPT
Java OOP s concepts and buzzwords
byRaja Sekhar
 
PDF
Executable specifications for xtext
bymeysholdt
 
PPTX
Java Tokens
byMadishetty Prathibha
 
PDF
Type theory in practice
byGabriel Habryn
 
PPTX
ANTLR - Writing Parsers the Easy Way
byMichael Yarichuk
 
PPTX
C sharp
byAhmed Vic
 
PPTX
Core java Classroom training at HarshithaTechnologies
byJayarajus
 
PPTX
Programming Paradigm & Languages
byGaditek
 
PPTX
Metaprogramming in Ruby
byVolodymyr Byno
 
PPT
PHP - Procedural To Object-Oriented
byVance Lucas
 
PPTX
Building Your Own DSL with Xtext
byGlobalLogic Ukraine
 
PPTX
Agile xml
byRichard Winslow
 
PPTX
OOPs fundamentals session for freshers in my office (Aug 5, 13)
byAshoka R K T
 
PPSX
Short notes of oop with java
byMohamed Fathy
 
DOCX
Object oriented programming tutorial
byGhulam Abbas Khan
 
PPTX
CS8392 OOP
byDhanalakshmiVelusamy1
 
PPT
Introducing object oriented programming (oop)
byHemlathadhevi Annadhurai
 
PPTX
C# - Igor Ralić
bySoftware StartUp Academy Osijek
 
PPSX
Intro to Object Oriented Programming with Java
byHitesh-Java
 
Java OOP s concepts and buzzwords
byRaja Sekhar
 
Executable specifications for xtext
bymeysholdt
 
Java Tokens
byMadishetty Prathibha
 
Type theory in practice
byGabriel Habryn
 
ANTLR - Writing Parsers the Easy Way
byMichael Yarichuk
 
C sharp
byAhmed Vic
 
Core java Classroom training at HarshithaTechnologies
byJayarajus
 
Programming Paradigm & Languages
byGaditek
 
Metaprogramming in Ruby
byVolodymyr Byno
 
PHP - Procedural To Object-Oriented
byVance Lucas
 
Building Your Own DSL with Xtext
byGlobalLogic Ukraine
 
Agile xml
byRichard Winslow
 
OOPs fundamentals session for freshers in my office (Aug 5, 13)
byAshoka R K T
 
Short notes of oop with java
byMohamed Fathy
 
Object oriented programming tutorial
byGhulam Abbas Khan
 
CS8392 OOP
byDhanalakshmiVelusamy1
 
Introducing object oriented programming (oop)
byHemlathadhevi Annadhurai
 
C# - Igor Ralić
bySoftware StartUp Academy Osijek
 
Intro to Object Oriented Programming with Java
byHitesh-Java
 

Viewers also liked

PDF
Q con london2011-matthewwall-whyichosemongodbforguardiancouk
byRoger Xia
 
PDF
JavaEE6
byRoger Xia
 
PDF
构建高效能的Web网站 精选版-by-infoq
byRoger Xia
 
PDF
E commerce search strategies
byRoger Xia
 
DOCX
新浪微博架构猜想
byRoger Xia
 
PPTX
机器学习推动金融数据智能
byRoger Xia
 
PDF
Mongo db实战
byRoger Xia
 
PPT
Ajax Lucence
byRoger Xia
 
PDF
Consistency-New-Generation-Databases
byRoger Xia
 
PDF
Java explore
byRoger Xia
 
PPT
Java util concurrent
byRoger Xia
 
DOCX
Eclipse plug in mylyn & tasktop
byRoger Xia
 
PDF
No sql and data scalability
byRoger Xia
 
PPTX
Code reviews
byRoger Xia
 
PDF
Ca siteminder
byRoger Xia
 
DOCX
MDD and modeling tools research
byRoger Xia
 
PDF
Indefero source code_managment
byRoger Xia
 
PDF
Jenkins
byRoger Xia
 
Q con london2011-matthewwall-whyichosemongodbforguardiancouk
byRoger Xia
 
JavaEE6
byRoger Xia
 
构建高效能的Web网站 精选版-by-infoq
byRoger Xia
 
E commerce search strategies
byRoger Xia
 
新浪微博架构猜想
byRoger Xia
 
机器学习推动金融数据智能
byRoger Xia
 
Mongo db实战
byRoger Xia
 
Ajax Lucence
byRoger Xia
 
Consistency-New-Generation-Databases
byRoger Xia
 
Java explore
byRoger Xia
 
Java util concurrent
byRoger Xia
 
Eclipse plug in mylyn & tasktop
byRoger Xia
 
No sql and data scalability
byRoger Xia
 
Code reviews
byRoger Xia
 
Ca siteminder
byRoger Xia
 
MDD and modeling tools research
byRoger Xia
 
Indefero source code_managment
byRoger Xia
 
Jenkins
byRoger Xia
 

Similar to Code reviews

PDF
Clean code
byAlvaro García Loaisa
 
PDF
[DevDay2018] Let’s all get along. Clean Code please! - By: Christophe K. Ngo,...
byDevDay Da Nang
 
PDF
Clean code
byKhou Suylong
 
PPTX
Clean Code
byswaraj Patil
 
PPTX
Clean code presentation
byBhavin Gandhi
 
PPTX
Clean code
bySimon Sönnby
 
PDF
How to do code review and use analysis tool in software development
byMitosis Technology
 
PPTX
Clean code quotes - Citações e provocações
byAndré de Fontana Ignacio
 
PPT
Coding Standards
byJeevitesh Ms
 
PDF
Patterns, Code Smells, and The Pragmattic Programmer
byJason McCreary
 
PPTX
Clean code - DSC DYPCOE
byPatil Shreyas
 
PPT
Writing Good Code
byLeo Liang
 
PDF
Clean Code
byChris Farrell
 
PPTX
Writing clean code in C# and .NET
byDror Helper
 
PPT
Clean code
byUday Pratap Singh
 
PPTX
Refactoring
byochursina
 
PDF
The View - Lotusscript coding best practices
byBill Buchan
 
PDF
Refactoring PHP
byAdam Culp
 
PDF
Mpg Feb08 Gian Lorenzetto
bymelbournepatterns
 
PDF
Bade Smells in Code
byWill Shen
 
Clean code
byAlvaro García Loaisa
 
[DevDay2018] Let’s all get along. Clean Code please! - By: Christophe K. Ngo,...
byDevDay Da Nang
 
Clean code
byKhou Suylong
 
Clean Code
byswaraj Patil
 
Clean code presentation
byBhavin Gandhi
 
Clean code
bySimon Sönnby
 
How to do code review and use analysis tool in software development
byMitosis Technology
 
Clean code quotes - Citações e provocações
byAndré de Fontana Ignacio
 
Coding Standards
byJeevitesh Ms
 
Patterns, Code Smells, and The Pragmattic Programmer
byJason McCreary
 
Clean code - DSC DYPCOE
byPatil Shreyas
 
Writing Good Code
byLeo Liang
 
Clean Code
byChris Farrell
 
Writing clean code in C# and .NET
byDror Helper
 
Clean code
byUday Pratap Singh
 
Refactoring
byochursina
 
The View - Lotusscript coding best practices
byBill Buchan
 
Refactoring PHP
byAdam Culp
 
Mpg Feb08 Gian Lorenzetto
bymelbournepatterns
 
Bade Smells in Code
byWill Shen
 

More from Roger Xia

PPT
Learning notes ruby
byRoger Xia
 
PDF
Converged open platform for enterprise
byRoger Xia
 
PDF
Saml
byRoger Xia
 
PDF
Web Services Atomic Transactio
byRoger Xia
 
DOCX
Web service through cxf
byRoger Xia
 
PDF
Spring one2gx2010 spring-nonrelational_data
byRoger Xia
 
PDF
Fixing twitter
byRoger Xia
 
PDF
Secure Multi Tenancy In the Cloud
byRoger Xia
 
PPT
Java programing considering performance
byRoger Xia
 
Learning notes ruby
byRoger Xia
 
Converged open platform for enterprise
byRoger Xia
 
Saml
byRoger Xia
 
Web Services Atomic Transactio
byRoger Xia
 
Web service through cxf
byRoger Xia
 
Spring one2gx2010 spring-nonrelational_data
byRoger Xia
 
Fixing twitter
byRoger Xia
 
Secure Multi Tenancy In the Cloud
byRoger Xia
 
Java programing considering performance
byRoger Xia
 

Recently uploaded

PDF
Linux Foundation Certified System Administrator (LFCS) Exam.pdf
byLinuxCert Guru
 
PDF
Building Powerful Web Apps to Improve Productivity and Engagement - Esri UK W...
byEsri UK
 
PDF
KMWorld - KM & AI Bring Collectivity, Nostalgia, & Selectivity
byJonathan Ralton
 
PDF
Building a Multi-Tenant OpenShift Platform with HyperShift
byTosin Akinosho
 
PDF
UiPath DevConnect 2025: UiPath ScreenPlay - The Future of Human-Like Automation
byDianaGray10
 
PDF
Mastering UiPath Maestro – Session 2 – Building a Live Use Case - Session 2
byDianaGray10
 
PDF
Beyond Basics: How to Build Scalable, Intelligent Imagery Pipelines
bySafe Software
 
PDF
How to Spot a Fraudulent Shopping Website
byAshwini Singh
 
PDF
SELinux Policy Management in RHEL - RHCSA+.pdf
byLinuxCert Guru
 
PPTX
Opening Plenary - Esri UK Welsh Conference 2025
byEsri UK
 
PDF
IDSECCONF2025 - Aan Wahyu - Maze–Malware Analysis Platform.pdf
byidsecconf
 
PDF
Supervised Machine Learning Approaches for Log-Based Anomaly Detection: A Cas...
byMohammed BEKKOUCHE
 
PDF
Command Line Text Processing - RHCSA +.pdf
byLinuxCert Guru
 
PDF
Dev Dives: Build smarter agents with UiPath Agent Builder
byUiPathCommunity
 
PDF
Running Non-Cloud-Native Databases in Cloud-Native Environments_ Challenges a...
byAlkin Tezuysal
 
PPTX
oop pillor polymorphism Code Presentation
byhifzamahmood8
 
PPTX
Support, Monitoring, Continuous Improvement & Scaling Agentic Automation [3/3]
byUiPathCommunity
 
PPTX
Redcentric Data Centres: vision, mission and values
byRedcentric
 
PPTX
Understanding the digital experience of FE teaching staff in 2024/25
byJisc
 
PDF
THE THREATS OF INSTABILITY IN BRAZIL'S INTERCONNECTED ELECTRICAL SYSTEM AND H...
byFaga1939
 
Linux Foundation Certified System Administrator (LFCS) Exam.pdf
byLinuxCert Guru
 
Building Powerful Web Apps to Improve Productivity and Engagement - Esri UK W...
byEsri UK
 
KMWorld - KM & AI Bring Collectivity, Nostalgia, & Selectivity
byJonathan Ralton
 
Building a Multi-Tenant OpenShift Platform with HyperShift
byTosin Akinosho
 
UiPath DevConnect 2025: UiPath ScreenPlay - The Future of Human-Like Automation
byDianaGray10
 
Mastering UiPath Maestro – Session 2 – Building a Live Use Case - Session 2
byDianaGray10
 
Beyond Basics: How to Build Scalable, Intelligent Imagery Pipelines
bySafe Software
 
How to Spot a Fraudulent Shopping Website
byAshwini Singh
 
SELinux Policy Management in RHEL - RHCSA+.pdf
byLinuxCert Guru
 
Opening Plenary - Esri UK Welsh Conference 2025
byEsri UK
 
IDSECCONF2025 - Aan Wahyu - Maze–Malware Analysis Platform.pdf
byidsecconf
 
Supervised Machine Learning Approaches for Log-Based Anomaly Detection: A Cas...
byMohammed BEKKOUCHE
 
Command Line Text Processing - RHCSA +.pdf
byLinuxCert Guru
 
Dev Dives: Build smarter agents with UiPath Agent Builder
byUiPathCommunity
 
Running Non-Cloud-Native Databases in Cloud-Native Environments_ Challenges a...
byAlkin Tezuysal
 
oop pillor polymorphism Code Presentation
byhifzamahmood8
 
Support, Monitoring, Continuous Improvement & Scaling Agentic Automation [3/3]
byUiPathCommunity
 
Redcentric Data Centres: vision, mission and values
byRedcentric
 
Understanding the digital experience of FE teaching staff in 2024/25
byJisc
 
THE THREATS OF INSTABILITY IN BRAZIL'S INTERCONNECTED ELECTRICAL SYSTEM AND H...
byFaga1939
 

Code reviews

  • 1.
    Every Programmer ShouldKnow Code Reviews Roger Xia July 2012
  • 2.
  • 3.
    Programming & Codereview • Programming is – Taking an algorithm – Choosing a language – Using that language to implement algorithm and solve problems • Code review is –?
  • 4.
    Why? • Increase Quality & Reduce Defects • Improve readability • Share knowledge in team • Know your workmate better! • Two Wrongs Can Make a Right • NOT personal attack! • NOT architect reviews everything
  • 5.
    methodology • Team review(Planned 1-2 hour/week, Clear roles) • Pair programming (Share knowledge, 1 task) • Walkthrough (Author leads, reviewers take notes, higher level) • Peer review (Asynchronous) • Gerrit • Reaction & Ask questions
  • 7.
    Preparation • Code Conventions • Findbugs • Tested • Test case
  • 8.
    Take care of •naming convention spelling mistakes • business logic • refactoring • performance • security (attack, thread safe)
  • 9.
    Refactoring • Refactoring modifiessoftware to improve its readability, maintainability, and extensibility without changing what it actually does. • Martin Fowler uses “code smells” to identify when to refactor. • Boss: "Refactoring is an overhead activity - I'm paid to write new, revenue generating features."
  • 10.
    Code smells • Bad names • Duplicate code • Long method • Large class • Long parameter list • Temporary field • Speculative Generality • Data Class • Don’t flood log
  • 11.
  • 12.
    Meaningful Names • Classnames – Should be nouns or noun phrases. – Examples: Car, Account, DataRetrievalService, AddressParser • Method names – Should be verb or verbPhrases – Examples: parseData, deletePage, save – Methods that return boolean values should sound like question. – Examples: isAuthenticated, hasNoErrors, isEmpty • Interface and Implementation – ICache  LRUCache – IExport  ExportService • Constants – MAX_VALUE – SEP_COMMA, SEP_SEMICOLON
  • 13.
    The Art ofReadable code • The book! • I want to point out: – Use blank to separate logic block.
  • 14.
  • 15.
    Aiming for simplicity •Do one thing in a function (simple responsibility) • Have no side effects. • Prefer exceptions to return codes. • Format your code.
  • 16.
    DRY -- Don’trepeat yourself • Duplicated code should be avoided. • Object Orientation, Abstract! • Design pattern!
  • 17.
    OO Principles • Simpleresponsibility principle: Class should have one and only one reason to change. • Encapsulation: Modules should not know internal details of objects it manipulates. • Polymorphism -- Liskov’s substitution principle: A subclass can be used as an argument where a base class is expected. • Open-closed principle: Class should be open for extention, but closed for modification.
  • 18.
  • 19.
    Pay Attention toPerformance • JAVA: JVM usage – Don’t create object in loop – Use ArrayList, HashMap etc as opposed to Vector, Hashtable etc (synchronized) where possible. Even better is to use just arrays where possible. – Set initial capacity of a collection (e.g. ArrayList, HashMap) and StringBuffer/StringBuilder appropriately. – Concurrent Collection, Lock – Lazy load or multi-threading where applicable. – Cache (LRUCache, Distributed Cache)
  • 20.
    Pay Attention toPerformance
  • 21.
    Pay Attention toSecurity • Sandbox (security manager, access manager, Classloaders, policies) • Scope: Access modifier to help protect your classes, methods, fields. – public, protected, private, package – Exceptions: object serialization, reflection, • Immutable class – final – String – Insecure direct object reference of mutable object • Type safe – Casting • Thread safe • OOM (static), file description handler, release resources (File, DBConnection) • SQL injection • Single point of failure
  • 22.
  • 23.
    Have Fun andwin http://rosettacode.org/wiki/Rosetta_Code

Editor's Notes

  • #10 Loose couple:FacadeSpringMessaging
  • #11 Temporary fieldAn attribute of an object is only set in certain circumstances; but an object should need all of its attributes Speculative Generality“Oh I think we need the ability to do this kind of thing someday” Data ClassThese are classes that have fields, getting and setting methods for the fields, and nothing else; they are data holders, but objects should be about data AND behavior
  • #12 http://www.slideshare.net/srikanthps/practices-for-becoming-a-better-programmer-presentation
  • #15 Are we writing comments because our code is unclear?Will you keep the comments up-to-date whenever code is updated?
  • #17 If there is a bug in the code or code requires changes, then, one has to change it at multiple places.
  • #19 http://www.lifeyun.com/design-pattern-diagram.html
  • #20 http://www.artima.com/insidejvm/ed2/jvm2.html
  • #21 http://www.artima.com/insidejvm/ed2/jvm2.html
  • #22 Mitigation of serialization:- Don’t extend java.io.serializable- ImplementreadObject and writeObject as final methods that throw IOException- If serialize you must: use transient or use java.io.Externalizeable plus Encryption