COMO USAR e trabalhar com Code Review no Visual Studio Code

Não é todo programador que gosta de compartilhar o seu trabalho ou até mesmo receber feedbacks de como o seu código foi escrito, mas o Code Review é cada vez mais comum em empresas do mundo todo.

Conheça uma extensão para Visual Studio Code e comece a trabalhar com Code Review em seu próximo projeto. Essa é a sua chance de saber COMO USAR e trabalhar com Code Review no Visual Studio Code.

#visual studio code #code review #visual studio #code

What is GEEK

Buddha Community

COMO USAR e trabalhar com Code Review no Visual Studio Code

COMO USAR e trabalhar com Code Review no Visual Studio Code

Não é todo programador que gosta de compartilhar o seu trabalho ou até mesmo receber feedbacks de como o seu código foi escrito, mas o Code Review é cada vez mais comum em empresas do mundo todo.

Conheça uma extensão para Visual Studio Code e comece a trabalhar com Code Review em seu próximo projeto. Essa é a sua chance de saber COMO USAR e trabalhar com Code Review no Visual Studio Code.

#visual studio code #code review #visual studio #code

Fannie  Zemlak

Fannie Zemlak

1604048400

Softagram - Making Code Reviews Humane

The story of Softagram is a long one and has many twists. Everything started in a small company long time ago, from the area of static analysis tools development. After many phases, Softagram is focusing on helping developers to get visual feedback on the code change: how is the software design evolving in the pull request under review.

Benefits of code change visualization and dependency checks

While it is trivial to write 20 KLOC apps without help of tooling, usually things start getting complicated when the system grows over 100 KLOC.

The risk of god class anti-pattern, and the risk of mixing up with the responsibilities are increasing exponentially while the software grows larger.

To help with that, software evolution can be tracked safely with explicit dependency change reports provided automatically to each pull request. Blocking bad PR becomes easy, and having visual reports also has a democratizing effect on code review.

Example visualization

Basic building blocks of Softagram

  • Architectural analysis of the code, identifying how delta is impacting to the code base. Language specific analyzers are able to extract the essential internal/external dependency structures from each of the mainstream programming languages.

  • Checking for rule violations or anomalies in the delta, e.g. finding out cyclical dependencies. Graph theory comes to big help when finding out unwanted or weird dependencies.

  • Building visualization for humans. Complex structures such as software is not easy to represent without help of graph visualization. Here comes the vital role of change graph visualization technology developed within the last few years.

#automated-code-review #code-review-automation #code-reviews #devsecops #software-development #code-review #coding #good-company

Samanta  Moore

Samanta Moore

1621137960

Guidelines for Java Code Reviews

Get a jump-start on your next code review session with this list.

Having another pair of eyes scan your code is always useful and helps you spot mistakes before you break production. You need not be an expert to review someone’s code. Some experience with the programming language and a review checklist should help you get started. We’ve put together a list of things you should keep in mind when you’re reviewing Java code. Read on!

1. Follow Java Code Conventions

2. Replace Imperative Code With Lambdas and Streams

3. Beware of the NullPointerException

4. Directly Assigning References From Client Code to a Field

5. Handle Exceptions With Care

#java #code quality #java tutorial #code analysis #code reviews #code review tips #code analysis tools #java tutorial for beginners #java code review

Philosophy of Code Review

Introduction:

Code reviews not only prevent potential (future) bugs early on, it is an effective way to communicate changes and sharing learnings within a team. There does not exist a geekier way to engage an engineer than code reviews.

A good code review process should lead to open development environment and increase in knowledge sharing and geek index of the team along with fewer bugs and regression.

Overview:

An effective code review would cover all major aspects of good code, that are:

  1. General (Low level) — Effective use of CS concepts, hygiene, language constructs and its ecosystem
  2. Design — Adherence to design principles and patterns (Esp. when new module is being developed) and adherence to the existing design (in case of incremental development)
  3. Functionality — Coverage of business use cases and test cases to support it

Flavours of Reviews:

  • General Review
  • Code Design Review
  • Functional Review

General Review:

General review can be done by anybody in the team. I’d encourage rather multiple members should review major releases.

At this level, the expectation is to review the code from solely implementation tech point of view:

  • Effective use of various CS concepts such as DS/Algo, Concurrency, Locking etc. Review algorithms and ensure sufficient documentation. Lookout for opportunities of optimisations. Ensure there are unit tests for both possible and impossible state of the application.
  • Effective use of language constructs and best practices. Most of the best practices are summarised in some of the popular books such as Effective Java, Code Complete, Pragmatic Programmer, Java Concurrency in Practice etc.
  • Effective use of language ecosystem such as standard libraries (data structures etc), unit test frameworks etc. We should encourage reuse of battle tested code as much as possible.
  • Hygiene such as style guide, documentation, type safety, resource management, object construction, DI, validations etc.

Code Design Review:

In this phase, the reviewer needs to be familiar with the domain to justify the design choices. Depending on the nature of the change, the review can have different expectations:

  • When a new product is released: Ensure that the code adheres to the design document drafted prior to implementation (encourage reviewees to submit one if not present). In any unexpected cases where the design doc is not already reviewed or there is no design doc, the reviewer needs to review the contracts to ensure they model the domain properly.
  • When changes are in existing product: The reviewer must ensure that the changes adhere to the established design of the product. And that the change honours the constraints of the product or affects all the constraints uniformly (rather than conditionally)

On a general note, the review must ensure:

  • DRY — don’t repeat yourself — reviewer needs to ensure DRYness of logic and abstraction rather than just code.
  • Single Responsibility Principle (SRP) — Functions are modular, concise and handle one and only one concern
  • Interfaces communicate a clear intention, without useless methods
  • Separation of concerns needs to be reviewed here.
  • Designed for concurrent environment — objects declare thread safety contracts
  • OOPs tenets — identification of state and it’s encapsulation, responsibility of the objects and the protocol of communication between the objects
  • Design is extensible; one popular way is to ensure right design pattern are used if there was an opportunity (for eg: algos should be pluggable through Strategy pattern et al)
  • Testability — the functionality must be unit testable.

Please note that this is an indicative list and not an exhaustive list. Please feel free to evaluate on more dimensions from your experience. May refer the books (mentioned in General Review section)

Functional Review:

This is the most important step of the review. Reviewer must be familiar and contributor to the product and understands the features and constraints alike. Apart from dedicated regression suite, reviewer’s familiarity gives unique opportunity to uncover unforeseen scenarios. Here reviewer need to ensure that there are no regressions because of the change. Additionally, reviewer should review the unit tests and integration tests and make sure they test the behaviour of the functionality in all possible states of the application (possible and impossible state)

Formally, reviewer need to ensure that

  1. The Domain Modelling is done right (in case LLD - CD/ERD etc are not thoroughly reviewed)
  2. The code is sufficiently instrumented (biz and system instrumentation)
  3. the relationships between abstractions and classes are clearly laid out (and easily derivable from the code)
  4. Security aspects such as
  5. Input and output validation

  6. Defence against known vulnerabilities

  7. Boundary checks (Eg array OOB) that may cause overflows and DoS

  8. Vulnerabilities in platforms and libraries (basic audit of known issues should do)

#developer #code-review #code #visual studio code #visual studio

Java no Visual Studio Code: Projetos com Maven e Tomcat

Vídeo tutorial como criar e executar projetos Java com Maven no Visual Studio Code. Nesse vídeo criamos dois projetos: um projeto Java simples com JUnit e outro Java Web que é executado no Tomcat.

#code #visual studio code #visual studio