A fundamental challenge when introducing reviews is that reviewing code is hard. This post summarizes our practices to nevertheless make life for a reviewer as easy as possible.

 

Read more...

Dr. Nils Göde

Code quality audits are a fundamental part of our daily work as software quality consultants. The objective of such an audit is to assess the quality of a system’s source code and identify trends based on the code’s evolution. That makes an audit an important prerequisite for ongoing quality control and improvement. Understandably, we are not able to publish the results of the audits that we do for our customers. That makes it sometimes hard for us to explain what such an audit looks like. Instead of lengthy descriptions, we decided to analyze the code quality of an open-source system and use this as a showcase to illustrate what our quality audits look like.

 

There are different categories of quality aspects that we analyze in our code audits. This is the…

Read more...

Reviews point out problems in somebody’s work. Unfortunately, both giving and receiving criticism can be hard. To successfully introduce reviews, we must overcome this resistance. Since finding (and later removing) problems is the primary goal of reviews, this challenge is inherent—no review process can avoid it. We can, however, make receiving review results much easier. This post describes two simple but effective practices we use in our code reviews.

 

Read more...

Dr. Martin Feilkas

As the post ‘Tools Do Not Improve Quality’ by my colleague Nils already destroyed the naive dream of simply installing a tool and get all maintenance nightmare healed over night, I would like to address a follow-up question in this post: If tools are not sufficient, how can we improve quality then?

 

Several years ago when we still were blue-eyed researchers on software quality, we started out developing different kinds of quality analyses in the context of our tool ConQAT. We worked hard on eliminating false positives and achieved highly precise analyses at the end. We thought developers will love adressing each issue these tools emit. When we presented analysis results to developers, they usually agreed on the relevance of the deficits we identified.…

Read more...

Dr. Nils Göde

Asking people what they do to improve the quality of their software product, one

of the most frequent answers is something like »Oh, we have installed

[Checkstyle|FindBugs|ConQAT|Sonar|…] and it runs as part of our continuous integration

process«. However, when looking for indications of any quality

improvements, we are mostly unable to find any.

Read more...

The primary purpose of automated tests is to reveal regression bugs. But how can we tell how well a test suite does this? Code coverage measurement is often used to assess tests in practice. But what does it really tell? We analyzed a set of open-source projects to find out and came up with a clear answer. This post summarizes our findings.

 

Read more...

Dr. Nils Göde

Let’s be honest. Who could possibly better judge the quality of our code than ourselves? We wrote this code. We are the experts. We might need some tools to do our assessment, but there is a growing number of freely available tools that help us to identify quality deficits in our product. So why should we invest in a professional code quality audit done by an independent organization? Let me give you a few reasons why I think a professional audit is a worthwhile investment.

Read more...

Dr. Nils Göde

Quality control has many facets, but if there is one factor that distinguishes

good from high-end quality control, it is the systematic use of

manual code reviews. While a lot can be achieved by tool-supported analyses and

improvements, manual reviews have some unique benefits.

 

Read more...

Dr. Nils Göde

At least not all of them at once. The awareness of quality deficits (these

include bugs, lack of understandability, missing documentation, a lack of tests,

and so on) seems to follow a sinus-curve like shape.

 

 

 

In those phases with the highest awareness, project managers and their developer

teams often decide to dedicate a larger block of time exclusively to cleaning up

the system and putting everything else on hold. All too often, the ambitious

objective is to remove all quality deficits—in many cases without even

specifying what a relevant quality deficit is.

 

 

Don’t do this!

Read more...

Dr. Martin Feilkas

During our daily work as consultants for software quality, as auditors of different kinds of software systems and in our role as quality engineers in software engineering projects, we have the opportunity to see a large variety of software development organizations. We encounter a huge amount of different systems from different domains, written in different languages and using various technologies. But most importantly, we talk to many many people that face the challenge of developing and maintaining software day by day. As a result, we receive a big treasure of experiences, insights, anecdotes and war stories on how to (and how better not to) develop software.

 

Read more...