Software Review as a Seal of Quality
Keywords: code review, static analysis, audit, documentation
Writing code alone, or in a homogeneous group where people share the same good and bad practices, is often a clue that a review must be done. The code review is a humility exercise, identifying your piece of code needs it is the hardest step and making the decision to share this code to some stranger may feel uncomfortable. However, we believe that stranger may prove to be the best person for a such task.
No matter how you name it (software audit, peer review...), a code review consists in:
Understanding the goal of the code to be reviewed: to do so, we expect our customer to give us all the necessary files, and potentially time, to get a sense of what the application is meant to achieve, and why.
Reading the code, sometimes running parts of it, and using appropriate tools to infer the quality level of the software
Commenting/Bookmarking/Documenting the bad, but also the good code pieces
Presenting the results during a dedicated session, and provide a package made of a written report of the code review, and the code reviewed with all the bookmarks and comments it may include for our customer to easily start applying changes.
As mentioned, the reviewer will NOT edit the code itself, this may be a subsequent but different step!