Code review

Code review (sometimes referred to as peer review) is a software quality assurance activity in which one or several people check a program mainly by viewing and reading parts of its source code, and they do so after implementation or as an interruption of implementation. At least one of the persons must not be the code's author. The persons performing the checking, excluding the author, are called "reviewers".[1][2]

Although direct discovery of quality problems is often the main goal,[3] code reviews are usually performed to reach a combination of goals:[4][5]

• Better code quality  – improve internal code quality and maintainability (readability, uniformity, understandability, etc.)
• Finding defects  – improve quality regarding external aspects, especially correctness, but also find performance problems, security vulnerabilities, injected malware, ...
• Learning/Knowledge transfer  – help in transferring knowledge about the codebase, solution approaches, expectations regarding quality, etc.; both to the reviewers as well as to the author
• Increase sense of mutual responsibility  – increase a sense of collective code ownership and solidarity
• Finding better solutions  – generate ideas for new and better solutions and ideas that transcend the specific code at hand.
• Complying to QA guidelines, ISO/IEC standards  – Code reviews are mandatory in some contexts, e.g., air traffic software, safety-critical software

The above-mentioned definition of code review delimits it against neighboring but separate software quality assurance techniques: In static code analysis the main checking is performed by an automated program, in self checks only the author checks the code, in testing the execution of the code is an integral part, and pair programming is performed continuously during implementation and not as a separate step.[1]