---
title: Code Review Best Practice by Trisha Gee
---
###### tags: `code review`
# Code Review Best Practice by Trisha Gee
{%youtube 3pth05Rgr8U %}
* Video: https://www.youtube.com/watch?v=3pth05Rgr8U
* Slides: https://speakerdeck.com/trishagee/code-review-best-practice
* More resources: https://trishagee.com/presentations/code_review_best_practice/
E' importante avere una **checklist condivisa** da seguire e una **definition of done**...
Don't spend time on thing that can be automated, e.g. code standards, code styles, formatting, etc
## Why?
Ask the team: **why are we doing code reviews?**
* to ensure code does what it's supposed to
* to ensure code is **understandable**
* to **share knowledge**
* to have conversations around the directions we want to move our code, on how to evolve our code
## When?
Quando fare la code review?
Il quando fare la code review dipende molto dal perché si fa la code review.
ad es se lo faccio per condividere la conoscenza non è necessario farla come "gateway review", prima di accettare la pull request ad es.
### when is the review complete?
**what is your definition of "review completed"?**
## Who reviews the code?
Who should be involved in the code review?
* be aware of bottlenecks and blockages putting just one senior person reviewing the code
* **juniors are great people to do code review**: they learn and ask great questions (why this?)
* have a rotating pool of reviewers
### who signs it off?
Who ultimately says "yes, it's good to go"?
* the author? a committee?
* who solves conflicts and blocks?
## Where?
Where is done the code review?
* Pairing => code review on steroids
* Mob reviewing in a conf room (aka zoom room)
Too much confrontational? let's sit together and see
## What?
What to look for in a code review?
It depends on the
* whys?
* whens?
* whos?
* wheres?
![a lot of stuff!](https://i.imgur.com/gvtM7YU.png)
Human reviews should be limited to what cannot be automated!
To be able to know what to look for, you have to **understand the constraints of your application**. E.g. performance in a backoffice webapp vs performance in a trading system
If the goal is knowledge sharing, then you should look at what is the code doing and why, (_do I understand what it's happening?_).
When reviewing code when it's code-completed, at the end of the dev process:
* you cannot use it for having feedback on the design: the end of the dev is not the right time (too late)
* you should have a set of checks (there should be no surprises)
### How?
Let's see some mechanics
* automate all you can!!
* reviews should be small! and changes should be small (a few days of work...)
* should be clear WHO is doing the code review (who is responsible?)
* have a checklist of WHAT to look for (to fight "inconsistent feedback" anti-pattern)
* my take: avoid offline code reviews as much as possible. In other words: try to have in-person code reviews
As a reviewer:
* respond in a timely fashion!
* when doing a code review, have a clear idea of WHY, WHEN and WHAT
* be constructive in the comments
* be specific in the comments!
* leave praises on the code reviews!
When making changes:
* respond
* respond in a timely fashion
* resolve: **the goal of the code review is make sure the code is ready to go in production!**
* be clear of when code review is good to go
A good code review is one where the process is clear!
* why?
* when?
* who?
* where?
* what?
* how?