Code reviews are a valuable tool to detect errors in program source code before validation testing. There are many different methods of code review and this document describes a light-weight form of review that gives most of the benefits of a more formal code review process while minimizing the overhead of performing reviews. [Votta 1998]
Code reviews consist of inspecting the source code for issues in implementation and documentation or deviations from the appropriate coding standards.
Defects found by source code review are less expensive than if found at a later stage of the development process.[Dunsmore 2000]
Code reviews are to take place once the source code is complete, unit tested and has been verified by a source code checker if one is available for the source code language. The source code checkers version number and configuration settings are to be documented with the code review documentation.
A group of programmers including the source code's author must perform a peer code review of the source code. The reviewed source code may be on paper printouts or displays viewable by all participants in the review. Source code modifications deemed necessary by the code review are made after the code review meeting. Reworked code must be tested and then reviewed again until no more rework is necessary.
The issues arising from a code review are to be documented and placed in the source code's version control system as part of the system documentation.
Code reviews should take place in a quiet room free from distractions with all necessary materials.
Code reviews should preferably be a maximum of 1 hour in length. Multiple studies have shown that the effectiveness of code reviewers drops after an hour. Limiting reviews to an hour gets the highest efficiencies from the time spent on code reviews. [Dunsmore 2000]
No more than 250 lines of code should be reviewed at any code review. Inspection rates higher than this lead to less defects being found in code reviews. [Blakely 1991]
[Blakely 1991] Blakely, Frank W. and Mark E. Boles. "A Case Study of Code Inspections," Hewlett-Packard Journal, Vol. 42, No. 4, Oct. 1991, pp. 58-63.
[Dunsmore 2000] Alastair Dunsmore , Marc Roper , Murray Wood, Object-oriented inspection in the face of delocalisation, Proceedings of the 22nd international conference on Software engineering, p.467-476, June 04-11, 2000, Limerick, Ireland.
[Votta 1998] Adam Porter , Harvey Siy , Audris Mockus , Lawrence Votta, Understanding the sources of variation in software inspections, ACM Transactions on Software Engineering and Methodology (TOSEM), v.7 n.1, p.41-79, Jan. 1998