Scribd
Upload
10 views

lect_04_qa_code_review

Uploaded by

Andrew Koh
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
10 views

lect_04_qa_code_review

Uploaded by

Andrew Koh
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 36

CSC2012 Professional Software Development 2

Lecture 04

Quality Assurance & Code Review

Peter CY YAU
What is Quality?

• Quality assurance (QA) is the term used in both manufacturing and service
industries to describe the systematic efforts taken to ensure that the product(s)
delivered to customer(s) meet with the contractual and other agreed/agreement
upon performance, design, reliability, and maintainability expectations of that
customer.
• The core purpose of Quality Assurance is to prevent mistakes and defects in the
development and production of both
• manufactured products, such as automobiles and shoes, and
• delivered services, such as automotive repair and athletic shoe design.

Prepared by Peter YAU Source: https://en.wikipedia.org/wiki/Configuration_management 2


What is Quality? (Cont)

• Assuring quality and therefore avoiding problems and delays when delivering
products or services to customers is what ISO 9000 defines as that
• "part of quality management focused on providing confidence that quality
requirements will be fulfilled".
• This defect prevention aspect of quality assurance differs from the defect detection
aspect of quality control.

Prepared by Peter YAU Source: https://en.wikipedia.org/wiki/Configuration_management 3


ISO 9000 series

• ISO 9001: This standard applies to the organizations engaged in design,


development, production, and servicing of goods.
• This is the standard that applies to most software development organizations.
• ISO 9002: This standard applies to those organizations which do not design
products but are only involved in the production. Examples of these category
industries contain steel and car manufacturing industries that buy the product and
plants designs from external sources and are engaged in only manufacturing those
products.
• Therefore, ISO 9002 does not apply to software development organizations.
• ISO 9003: This standard applies to organizations that are involved only in the
installation and testing of the products. For example, Gas companies.
Prepared by Peter YAU Source: https://www.javatpoint.com/software-engineering-iso-9000-certification 4
What is Code Review?

• Code reviews are methodical assessments of code designed to identify bugs,


increase code quality, and help developers learn the source code.
• Every commit is reviewed by at least one other developer using integrated
tooling.
• Reviews are automatically generated and linked to the system of record (e.g.
the story in JIRA).
• Reviews are completed in a reasonable amount of time (hours/days
depending).
• Review feedback is provided in a constructive manner, and focuses on
standards, security, best practices, easy-to-avoid pitfalls, and of course tries to
point out mistakes
Prepared by Peter YAU
as much as possible
Source: https://smartbear.com/blog/what-makes-a-great-code-review/ 5
What do you believe are the most
important benefits of code review?

Prepared by Peter YAU Source: https://smartbear.com/resources/ebooks/the-state-of-code-review-2017/ 6


How often do you participate in an ad-hoc
(“over the shoulder”) code-review process?

Prepared by Peter YAU Source: https://smartbear.com/resources/ebooks/the-state-of-code-review-2017/ 7


How often do you participate in a meeting-
based code-review process?

Prepared by Peter YAU Source: https://smartbear.com/resources/ebooks/the-state-of-code-review-2017/ 8


How often do you participate in a tool based
code review process?

Prepared by Peter YAU Source: https://smartbear.com/resources/ebooks/the-state-of-code-review-2017/ 9


What obstacles prevent you from doing the
level of code review that you desire?

Prepared by Peter YAU Source: https://smartbear.com/resources/ebooks/the-state-of-code-review-2017/ 10


Learning from Hewlett Packard
and Best Practices

• In 1988, Hewlett Packard (HP) conducted an internal review of their software


development processes and set a target to improve their code quality tenfold. To
meet this ambitious goal, they tried a number of approaches. Eventually, they
concluded that incorporating code reviews into the development cycle saved more
money than resolving defects after they were found by customers.
• Create a code review checklist
• Introduce code review metrics
• Ensure your feedback justifies your stance
• Don’t review more than 200-400 lines of code at a time
• Supplement your best practices with automation
Prepared by Peter YAU Source: https://www.atlassian.com/blog/add-ons/code-review-best-practices 11
Create a Code Review Checklist

• A code review checklist is a predetermined set of questions and rules your team
will follow during the code review process, giving you the benefit of a structured
approach to necessary quality checks before you approve code into the codebase.
• Readability: Are there any redundant comments in the code?
• Security: Does the code expose the system to a cyber attack?
• Test coverage: Is there a need to test more cases?
• Architecture: Does the code use encapsulation and modularization to achieve
separation of concerns?
• Reusability: Does the code use reusable components, functions, and services?

Prepared by Peter YAU Source: https://www.atlassian.com/blog/add-ons/code-review-best-practices 12


Introduce Code Review Metrics

• You can’t correct someone’s code quality without measuring it. Objective metrics
help determine the efficiency of your reviews, analyze the impact of change on the
process, and predict the number of hours required to complete a project.
• Inspection rate: The speed at which your team reviews a specific amount of
code, calculated by dividing lines of code (LoC) by number of inspection hours.
If it takes a long time to review the code, there may be readability issues that
need to be addressed.
• Defect rate: The frequency with which you identify a defect, calculated by
dividing the defect count by hours spent on inspection. This metric helps
determine the effectiveness of your testing procedures; for example, if your
developers are slow to find defects, you may need better testing tools.
Prepared by Peter YAU Source: https://www.atlassian.com/blog/add-ons/code-review-best-practices 13
Introduce Code Review Metrics (Cont)

• Defect density: The number of defects you identify in a specific amount of code,
calculated by dividing the defect count by thousands of lines of code (kLOC).
Defect density helps identify which components are more prone to defects than
others, allowing you to allocate more resources toward the vulnerable
components. For example, if one of your web applications has significantly
more defects than others in the same project, you may need to assign more
experienced developers to work on it.

Prepared by Peter YAU Source: https://www.atlassian.com/blog/add-ons/code-review-best-practices 14


Ensure your feedback justifies your stance

• When reviewing code, don’t simply suggest what needs to be fixed or improved
upon – explain why the developer should make that change.
• Subjective / Objective
• Norm (just accept it, ha~)

Prepared by Peter YAU Source: https://www.atlassian.com/blog/add-ons/code-review-best-practices 15


Don’t review more than 200-400 lines of code at a time

Prepared by Peter YAU Source: https://www.atlassian.com/blog/add-ons/code-review-best-practices 16


Write Compact Code

Prepared by Peter YAU Source: https://github.com/codebasics/py/blob/master/TechTopics/CodingBestPractices/coding_best_practices.md 17


Write Compact Code (Cont)

Prepared by Peter YAU Source: https://github.com/codebasics/py/blob/master/TechTopics/CodingBestPractices/coding_best_practices.md 18


Avoid Creating
Unnecessary Variables

Prepared by Peter YAU Source: https://github.com/codebasics/py/blob/master/TechTopics/CodingBestPractices/coding_best_practices.md 19


Avoid Creating Unnecessary Variables (Cont)

Prepared by Peter YAU Source: https://github.com/codebasics/py/blob/master/TechTopics/CodingBestPractices/coding_best_practices.md 20


Avoid Abbreviations

Prepared by Peter YAU Source: https://github.com/codebasics/py/blob/master/TechTopics/CodingBestPractices/coding_best_practices.md 21


Avoid Abbreviations (Cont)

Prepared by Peter YAU Source: https://github.com/codebasics/py/blob/master/TechTopics/CodingBestPractices/coding_best_practices.md 22


Descriptive Function and Variable Names
Over Code Comments

Prepared by Peter YAU Source: https://github.com/codebasics/py/blob/master/TechTopics/CodingBestPractices/coding_best_practices.md 23


Descriptive Function and Variable Names
Over Code Comments (Cont)

Prepared by Peter YAU Source: https://github.com/codebasics/py/blob/master/TechTopics/CodingBestPractices/coding_best_practices.md 24


Keep it Simple (Don’t Be Too Clever)

Prepared by Peter YAU Source: https://github.com/codebasics/py/blob/master/TechTopics/CodingBestPractices/coding_best_practices.md 25


Keep it Simple (Don’t Be Too Clever) (Cont)

Prepared by Peter YAU Source: https://github.com/codebasics/py/blob/master/TechTopics/CodingBestPractices/coding_best_practices.md 26


Too Much Nested Code Kills Readability

Prepared by Peter YAU Source: https://github.com/codebasics/py/blob/master/TechTopics/CodingBestPractices/coding_best_practices.md 27


Too Much Nested Code Kills Readability (Cont)

Prepared by Peter YAU Source: https://github.com/codebasics/py/blob/master/TechTopics/CodingBestPractices/coding_best_practices.md 28


Consistent Coding Style and Naming
Convention

Prepared by Peter YAU Source: https://github.com/codebasics/py/blob/master/TechTopics/CodingBestPractices/coding_best_practices.md 29


Consistent Coding Style and Naming
Convention (Cont 1)

Prepared by Peter YAU Source: https://github.com/codebasics/py/blob/master/TechTopics/CodingBestPractices/coding_best_practices.md 30


Prepared by Peter YAU Source: https://www.alfredforum.com/topic/4818-code-case/ 31
Reusability

Prepared by Peter YAU Source: https://github.com/codebasics/py/blob/master/TechTopics/CodingBestPractices/coding_best_practices.md 32


Reusability (Cont)

Prepared by Peter YAU Source: https://github.com/codebasics/py/blob/master/TechTopics/CodingBestPractices/coding_best_practices.md 33


Appropriate Data Structure

Prepared by Peter YAU Source: https://github.com/codebasics/py/blob/master/TechTopics/CodingBestPractices/coding_best_practices.md 34


Appropriate Data Structure (Cont)

Prepared by Peter YAU Source: https://github.com/codebasics/py/blob/master/TechTopics/CodingBestPractices/coding_best_practices.md 35


Acknowledgements

Teaching materials in this slide is derived, referenced and/or extracted from the following sources. We
try to make the acknowledgements and references as accurate as possible. Thank you very much.
• Internet Resources, such as Wikipedia, CodingBestPractices from codebasics, JavaPoint, smartbear,
github, Atlassian, etc.
• IEEE Library, IEEE Xplore
• COMPSCI4015 Professional Software Development (H), University of Glasgow (UoG), Dr. Tim Storer
• COMPSCI3005 - Software Engineering M3, UoG, Dr. Richard McCreadie
• Software Engineering (Publisher: Pearson), Ian Sommerville
• Engineering Software Products: An Introduction to Modern Software Engineering (Publisher:
Pearson), Ian Sommerville.
• Contents, and comments from Dr Cao Qi

Prepared by Peter YAU 36

You might also like