Author Archives: Mike Conley

A Sobering Post About Code Review From Microsoft

It’s easy to get on the code review band-wagon, and tout it as the “silver bullet” for bugs, or the key to developing awesome, elegant software, etc.  It’s easy to get carried away, and forget that code review should probably be accompanied by rigorous testing, static analysis, and security integration from day one.

While the purpose of this blog post by Shawn Hernan from Microsoft may be to attack or question the merits of open source software, I see it as an interesting discussion on the role of code review in software engineering and how it relates to writing secure code.

Insert your own joke about Microsoft security here.  I, personally, think their IE team should read Shawn’s post.

Particularly interesting is one of the comments to the post by “danclarke_2000”:

I think another point is diminishing returns of code review..  Each extra code review brings less value than the preeding; review comments can already be known and awaiting action, not important enough to change etc

having extra eyes reviewing code means generating extra code review output.  Here is the true cost, all the code review comments of the many eyes have to pass through the bottleneck of the few people who have authority to make changes.  As each extra review has less value, processing the extra reviews has a higher and higher opportunity cost.

Sound kind of familiar?

Anyhow, Hernan’s post is an interesting read.  Click here to check it out.

UPDATE:

Here’s a quote from Joshua Bloch of Google on a similar topic:

…We programmers need all the help we can get, and we should never assume otherwise. Careful design is great. Testing is great. Formal methods are great. Code reviews are great. Static analysis is great. But none of these things alone are sufficient to eliminate bugs: They will always be with us. A bug can exist for half a century despite our best efforts to exterminate it. We must program carefully, defensively, and remain ever vigilant.

Read the entire post here.

It Was a Dark and Stormy Night

I was just munching on some cereal and reading one of my (many) Peanuts books.

Sporadically, throughout the late 1960’s strips, Snoopy can be seen working on a novel, and receiving input from Charlie Brown, Linus, Lucy, and the rest of the gang.

It turns out that, a while back, someone went to the trouble to compile the complete text.  Here is Snoopy’s novel, copypasta’d from here:

It Was A Dark And Stormy Night

by Snoopy

Part I

It was a dark and stormy night. Suddenly, a shot rang out!

A door slammed. The maid screamed.

Suddenly, a pirate ship appeared on the horizon!

While millions of people were starving, the king lived in

luxury. Meanwhile, on a small farm in Kansas, a boy was

growing up.

Part II

A light snow was falling, and the little girl with the

tattered shawl had not sold a violet all day.

At that very moment, a young intern at City Hospital

was making an important discovery. The mysterious patient

in Room 213 had finally awakened. She moaned softly.

Could it be that she was the sister of the boy in Kansas

who loved the girl with the tattered shawl who was the

daughter of the maid who had escaped from the pirates?

The intern frowned.

“Stampede!” the foreman shouted, and forty thousand

head of cattle thundered down on the tiny camp. The two

men rolled on the ground grappling beneath the murderous

hooves. A left and a right. A left. Another left and right.

An uppercut to the jaw. The fight was over. And so the

ranch was saved.

The young intern sat by himself in one corner of the

coffee shop. he had learned about medicine, but more

importantly, he had learned something about life.

THE END

And here’s a description of Snoopy’s desired cover art:

“How about a bunch of pirates and foreign legionnaires fighting some cowboys with some lions and tigers and elephants leaping through the air at this girl who is tied to a submarine?”

-Snoopy

Now that’s some damn fine writing.

          It Was A Dark And Stormy Night
          by Snoopy

          Part I

   It was a dark and stormy night. Suddenly, a shot rang out!
A door slammed. The maid screamed.
   Suddenly, a pirate ship appeared on the horizon!
   While millions of people were starving, the king lived in
luxury. Meanwhile, on a small farm in Kansas, a boy was
growing up.

          Part II

   A light snow was falling, and the little girl with the
tattered shawl had not sold a violet all day.
   At that very moment, a young intern at City Hospital
was making an important discovery. The mysterious patient
in Room 213 had finally awakened. She moaned softly.
   Could it be that she was the sister of the boy in Kansas
who loved the girl with the tattered shawl who was the
daughter of the maid who had escaped from the pirates?
The intern frowned.
   "Stampede!" the foreman shouted, and forty thousand
head of cattle thundered down on the tiny camp. The two
men rolled on the ground grappling beneath the murderous
hooves. A left and a right. A left. Another left and right.
An uppercut to the jaw. The fight was over. And so the
ranch was saved.
   The young intern sat by himself in one corner of the
coffee shop. he had learned about medicine, but more
importantly, he had learned something about life.

          THE END

I’ve Always Wanted to Know This: What English Sounds Like to Others

Every time I meet a non-native English speaker, I invariably ask them the same question:

I make fun of other languages all the time.  I can spout out gibberish that sounds like Russian, Chinese, French, etc.  What happens when someone who speaks a different language tries to spout out English gibberish?  What does English gibberish sound like?

Well, I guess I’m not the only one who is curious about it.  Here’s what English possibly sounds like to people from other countries.

This one might be my favourite – 14 seconds in:

Take Those Code Review Requests for a TestDrive…

Remember how I wrote a while back that I wanted to write a script to let me do some quick and easy pre-commit continuous integration with the MarkUs project?

Well, I think I just wrote one.

Introducing TestDrive…

TestDrive will fetch a review request, grab the latest diff (yes, found an easy way past the lack of API there), check out a fresh copy of MarkUs, throw down the diff, set it up with some Sqlite3 databases, run your tests, and voila – go to localhost:3000, and you’re running the review request diff.

I’ve been using it myself for about a week or so, and so far, it’s helped me catch a number of bugs that I wouldn’t have caught just by looking at the code in ReviewBoard.  Nice.

Click here to check out TestDrive.

Pants First, Then Shoes: More Argument for Pre-Commit Code Review

In my opinion, at least for The MarkUs Project, post-commit code review would probably be analogous to putting on your shoes before your pants.  And though I mentioned earlier that there is plenty of preference for post-commit, I forgot to include this juicy little tidbit.

Click here to read one of the developers of ReviewBoard state his case for pre-commit code review.

To each their own.  But I dig his points.