|
|
Listening to Black Sabbath's Master of Reality.
|
|
|
@aahoogendoorn Look at you... new avatar! Is that an AC/DC shirt?
|
|
|
@mariannerd Howdy partner! It is AC/DC all right. Your avatar new too? Something wrong with the old one?
|
|
|
@aahoogendoorn Nope, just a change in scenery! Like the project I'm doing. I'm asked to do a code review.
|
|
|
@mariannerd Cool! Whenever I'm asked to do a code review, the client always knows, or at least suspects, something's terribly wrong.
|
|
|
@aahoogendoorn Oh yes... We have the suspect... Now it's a case of getting the evidence ... I feel like Columbo..
|
|
|
@aahoogendoorn You know the suspects from the beginning, but you still have to look for the evidence for conviction!
|
|
|
@aahoogendoorn So when you are asked to do a code review, what is the first thing you do?
|
|
|
@mariannerd The first thing I do? Ask the client what they're hoping to achieve: do they actually want to know how deep the rabbit hole goes?
|
|
|
@mariannerd Next, I make a list of all things I should look at during the review. Architecture, domain, data access, layers, extensibility..
|
|
|
@mariannerd Security, authorization, reuse, code copying (especially in VB), way of working, documentation, design, quality of coding.
|
|
|
@aahoogendoorn So far so good!
|
|
|
@mariannerd Rule #1 in code reviews: more time means more detail.
|
|
|
@aahoogendoorn Code Reviews are fun! No deadlines. just looking at somebody else’s code.
|
|
|
@aahoogendoorn ... Oh and telling what's wrong with it... I must say this is the first time I get such an assignment.
|
|
|
@mariannerd. You know, there's so much horrible code out there, we could do code reviews for the rest of our lives.
|
|
|
@aahoogendoorn Well, a lot of this stuff is subject to opinion... 100 developers, 100x different code for the same functionality...
|
|
|
@mariannerd Yes true, but some code is definitely worse than other code. And believe me, I've seen some bad coding in my time.
|
|
|
@aahoogendoorn Any examples?
|
|
|
@mariannerd Examples of bad code? How many do you need. Check out this old blog post of mine (in Dutch). http://htxt.it/reVB
|
|
|
@mariannerd. Think of SQL statement in web pages, or of a single class that handles 50% of all functionality.
|
|
|
@mariannerd. Or think of the same business rule implemented multiple times on different locations, in different ways.
|
|
|
@aahoogendoorn One of the things I came across: internal web application: authentication by doing a LDAP query to see if the user exists.
|
|
|
@aahoogendoorn Haven't they heard of Windows Authentication in IIS? They didn't even check if the user was enabled or disabled... :-S
|
|
|
@mariannerd Haha, nice one. I once audited the enterprise web portal for a very large international company where ALL communication ...
|
|
|
@mariannerd between front end and back end went through one single class. Imagine the effect of a single change..
|
|
|
@mariannerd Sometimes, it gets really bad. Code a whole company depends on, which is so bad, that productivity will definitely be below zero soon.
|
|
|
@mariannerd Anyway, I love being asked for code reviews. It gives the opportunity to help improve the quality of applications.
|
|
|
@mariannerd. That is, if they follow up on your advice from your code review. Unfortunately, that is not always the case.
|
|
|
@aahoogendoorn Well maybe it's not needed... Or they just want to know the risks and are happy to take them!
|
|
|
@aahoogendoorn Which could be the outcome of a code review. It's not good, but far from worse… And it may be fixed with a couple of quick wins.
|
|
|
@mariannerd. Well yes, that could be the outcome. Maybe I'm to idealistic about writing good code. If it ain't broken, don't fix it.
|
|
|
@mariannerd. But I just love clean code...
|
|
|
@aahoogendoorn .... But even bad code can function.
|
|
|
@mariannerd My favorite example: an ASP.NET web site that was never compiled by the developers. They just ran it from the browser. Great stuff!
|
|
|
@mariannerd. As a consequence, of the over 40 pages in the application, only 6 compiled (the ones they visited running it in the browser)...
|
|
|
@aahoogendoorn LOL "we got a live one here!". This business application compiled at runtime? No test cases, just put it in production!
|
|
|
@mariannerd. And then things can get pretty messy. Especially when your poor company lives of this software.
|
|
|
@aahoogendoorn That is the whole point isn't it… Developers just start coding without a plan, or knowing best practices.
|
|
|
@mariannerd Yes, a lot of developers code without having a decent architecture, without patterns, without layers - but with best intentions.
|
|
|
@aahoogendoorn Oh yes, best intentions... The road to hell is paved with good intentions...
|
|
|
@mariannerd. No stop signs, speed limits. Nobody's gonna slow me down. Highway to hell. AC/DC# ?
|
|
|
@aahoogendoorn Nope... 4 minutes by Madonna LOL.
|
|
|
@mariannerd. Madonna? Girl you need a music review instead of a code review!
|
|
|
@aahoogendoorn ....I guess even bad music can function. ;-)
|