Rethinking the Application Code Review Process

1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10

Rethinking the Application Code Review Process

  • 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10

New approaches to application development, coupled with the availability of a plethora of online collaboration tools, are going to change the way IT organizations handle application code reviews.

At the moment, most IT organizations continue to favor in-person code reviews. In a perfect world, this may even be preferable, given the value of face time between developers. But in reality, development teams are distributed around the globe, and all the key stakeholders involved in a given project can’t provide their input in person.

For these reasons, a new study conducted by Forrester Consulting on behalf of Klocwork, a provider of source code analysis tools, finds that the code review processes in place in most IT organizations are not keeping pace with the rise of globalization and the advent of agile development processes that result in new code being developed on a more iterative basis.

Without putting in a new framework for code review to address these fundamental shifts in how applications are developed, the person assigned to do code review is usually based more on who is available locally, rather than who is the most qualified. And worse yet, business stakeholders that have funded the project are rarely asked to participate in any part of the review process. Without their input, there is rarely any business context applied to the code review process, resulting in reviews that focus more on form than function.

Klocwork CTO Gwyn Fisher says Klocwork is trying to provide a framework for application code review that takes advantage of the Web 2.0 technologies that are widely used for collaboration all across the Web. It’s time to bring those capabilities to bear on the application code review process so the most qualified people to review any piece of given code can be assigned to look at that code at the right time.

Fisher argues that this approach will ultimately result in a more formal code review process that reduces much of the personal sniping that can go on among developers who tend to view anybody else’s code other than their own with suspicion.

Regardless of how professional your organization’s code review process is, chances are that it has not kept pace with advances in on-line collaboration tools. Ultimately, this will cost your organization time and money compared to other organizations that are leveraging these tools to deliver better code to market faster. So the question is really not if your company needs to change its approach to the application code review process, but rather when.