Code review vs. static code audits
Yesterday I watched Mike Rozlog's presentation at Code PaLOUsa about Static Code Audits. I really enjoyed it. He gave a great motivational speech, advocating the use of static code audits, describing their benefits.
I don't agree with Mr. Rozlog's attack at peer code reviews, though. He believes them to be inferior in efficacy to static code audits and he makes his point by bringing in statistics you can't fight.
I, personally, think you should not compare these things at all. Yes, static code audits can find hidden bugs and code smells, they can check your code style etc. But, in my opinion, a peer code review is not about finding all bugs. It's about developer interaction, it's about exchange of knowledge.
A static code audit can point out the bugs in your code but it cannot tell you how to make your code better (except for the most obvious things). It cannot teach you how to use your tools better. It doesn't teach you how to think and plan. It doesn't allow other people to learn your code as you submit it.
Yes, I think you shouldn't compare these two practices at all. You should do them both.
I don't agree with Mr. Rozlog's attack at peer code reviews, though. He believes them to be inferior in efficacy to static code audits and he makes his point by bringing in statistics you can't fight.
I, personally, think you should not compare these things at all. Yes, static code audits can find hidden bugs and code smells, they can check your code style etc. But, in my opinion, a peer code review is not about finding all bugs. It's about developer interaction, it's about exchange of knowledge.
A static code audit can point out the bugs in your code but it cannot tell you how to make your code better (except for the most obvious things). It cannot teach you how to use your tools better. It doesn't teach you how to think and plan. It doesn't allow other people to learn your code as you submit it.
Yes, I think you shouldn't compare these two practices at all. You should do them both.
Code review is single best development practice I recommend since code spent 90% time in maintenance and only 10% in initial development , a code which has comments and readable is easy to maintain and understand and saves a lot of time to understand and less error prone while making any changes but at the same time there should be guidelines for maintainers also because I have seen code quality getting degraded with every version.
ReplyDeleteThanks
How to use ArrayList in Java 1.5 with generics
Best Casino Games with real money in 2021 | DrmCD
ReplyDeleteThere is a huge 대구광역 출장마사지 range of gambling games available for everyone, and our 아산 출장안마 team have created 강릉 출장안마 a list of the best online 익산 출장안마 casinos that offer real 충청북도 출장마사지 money.