The Value of a Code Review

Posted by C/D/H Consultant on Nov 1, 2016 9:33:10 AM

Systematic custom code review can uncover inefficient, unused, old, or mistakenly implemented code. Who wouldn't want to do that?

It's also useful in new custom implementations of all sizes, and with IT departments ranging from a single developer to a team with various skill sets.

Custom code can be leveraged to alter:

  • Look and feel
    • Colors, sizes, logos, placement of content, and overall user experience
  • Integration
    • Pull or push data from or to another system
    • Deploy dashboards
  • Custom features
    • Add functionality that was missing in previous software sets
    • Add new functionality
    • Target content based on factors including group membership, device, or location
    • Designers can also leverage technologies, techniques, and languages, including:
  • Open source vs. closed source
    • Operating systems
    • Programming languages
    • Storage (databases or file structures)
    • Version control systems
  • Commercial off the shelf (COTS) software and custom software

On-premise, hybrid, or cloud hosting

However, this is only true if the code works, which is why you need systematic code reviews.

A reputable software development specialist can document how well code was deployed, whether it has vulnerabilities, if it has a significant performance impact, and whether it should be maintained or replaced, as well as other things.

If the code writer is still on staff, a professional review of the writer can determine why he or she made certain decisions. Nevertheless, even if the writer is no longer available, a review can still provide tremendous insight.

Of course, you can cap the depth or time for a code review. You might want all custom deployments reviewed. That could be useful when you're missing proper or sufficient documentation. Alternatively, you might want to know if your code is production-ready. You might even need help to decide whether your code is ready to move into a different hosting environment or to the next version of a platform.

For example, a SharePoint solution may attempt to load content from an object.

A thorough code review would surface this implementation as a red flag due to its lack of disposal on unmanaged resources.

The common denominator here is using a knowledgeable professional to ascertain exactly what's been customized. The professional should know and understand the technologies at your enterprise, why you need them, how you use them, and what else you need.

For example, if your business leverages a content-management system like DotNetNuke, you need a professional familiar with Microsoft-based solutions. Look for experience with Visual Studio, C#, JavaScript, CSS, IIS, and Server operating systems. If you use free, open-source software like WordPress, you need someone with experience deploying PHP, JavaScript, CSS, and either Linux or Microsoft operating systems. 

If you've had turnover recently, had the same IT team for more than four years, are taking on a project that's bigger than you've done before, or have not met previous timelines or budgets, you may also consider performing a code review. 

With the professional's findings and recommendations, you can make informed decisions about how you can leverage customizations and interconnected services in the future. You may even help management review the quality of internal or external designers and developers to determine if a different path should be taken.

Bottom line: C/D/H has code review specialists. Contact us for information.

Topics: Code