Code review

Code review (sometimes referred to as peer review) is a software quality assurance activity in which one or more people check a program, mainly by viewing and reading parts of its source code, either after implementation or as an interruption of implementation. At least one of the persons must not have authored the code. The persons performing the checking, excluding the author, are called "reviewers".

Although direct discovery of quality problems is often the main goal, code reviews are usually performed to reach a combination of goals:

• Better code quality – Improve internal code quality and maintainability (such as readability, uniformity, and understandability)
• Finding defects – Improve quality regarding external aspects, especially correctness, but also find issues such as performance problems, security vulnerabilities, and injected malware
• Learning/Knowledge transfer – Help transfer codebase knowledge, solution approaches, and quality expectations, both to the reviewers and the author
• Increase sense of mutual responsibility – Increase a sense of collective code ownership and solidarity
• Finding better solutions – Generate ideas for new and better solutions and ideas that transcend the specific code at hand
• Complying to QA guidelines, ISO/IEC standards – Code reviews are mandatory in some contexts, such as air traffic software and safety-critical software

This definition of code review distinguishes it from related software quality assurance techniques, such as static code analysis, self checks, testing, and pair programming. In static code analysis the main checking is performed by an automated program, in self checks only the author checks the code, in testing the execution of the code is an integral part, and pair programming is performed continuously during implementation and not as a separate step.