Code reviews are a well-trodden path in the world of software engineering, designed to help improve code quality and encourage collaboration among team members. Of course factors like security and privacy and important focal points in this process, but are code reviews actually meaningful outside of these particular realms anymore?
Are Code Reviews Just a Ritual?
Code reviews are often heralded as a critical component for maintaining quality code. They promise a number of benefits including enhanced code quality, robust knowledge sharing, and shared ownership of the codebase.
Yet, the question looms - do they make a real difference, or just add layers of bureaucracy, and over time have become an accepted - if largely useless - part of the process of building software?
For those new to code reviews, the concept is elegantly simple. A peer programmer examines your code before it merges with the existing codebase. This practice not only improves the quality of the codebase but it ensures consistent coding standards across the board, so surely there is some benefit, right?
The Individual vs. The Organisation vs The End User
The debate about whether code reviews reap benefits that are worthy of the time they take will go on long after this article, but we could get closer to the answer if we consider who code reviews could (or should) actually be useful for.
Most often, feedback from code reviews revolves around maintainability, focusing on variable naming, code readability, and style consistency rather than actually fixing bugs or finding solutions to issues in the code. The question here is, how important are these factors considering they are largely hidden from the end user and are only a concern to the developers themselves.
So perhaps this is how we need to look at code reviews: useful for the development team and the individuals on it, which is in turn good for the output of the organisation they work for, but are of no concern to the users using the software.
Time is Money
One undeniable downside of code reviews is the time investment they entail. Estimates suggest that code reviews add a significant amount of additional time—up to 33%—to the completion of a development ticket. It's a stark reminder that rather being quick processes that reap benefits without considerable benefits, code reviews are often time-consuming the distract developers from their main focus (if you come from the position that writing code is the developers' primary task).
Code Reviews in the Age of AI
Software development is an ever-evolving industry and practice, and is constantly being impacted by new technologies that disrupt established practices. Artificial intelligence is arguably the advancement that threatens to alter software development more than any others that have come before it.
Code-focused AI tools like GitHub Copilot, Cursor, and Bolt are driving the trend of integrating generative AI models directly into IDEs and code editors, and with this we are seeing the role of the programmer change considerably. Rather than writing code from scratch, developers increasingly describe the code they want to write, and then accept, reject or further query the content given by the AI model.
This means that developers are increasingly reviewing code as the primary task in their jobs, as opposed to writing it. We all know that generative AI tools often write code that is verbose, vulnerable, inefficient or that shows the limitations of the AI in understanding the overall architecture of the software. This is where developers come in; by reviewing the AI-generated code they can carefully select the best of the options they are presented with, and then a subsequent code review with their team helps to evaluate its role within the wider codebase.
Conclusion
Code reviews can be pointless. They shouldn't be, but they can be.
Despite the pitfalls, dismissing code reviews outright would be not just premature, but possibly detrimental.
Even though most outcomes from reviews might concern trivial matters, tackling even a small fraction of bugs in review before release provides intrinsic value. An unnoticed bug could escalate into mammoth proportions once it hits production.
Code reviews might seem redundant or overly-rigorous, but embracing them helps developers collaborate more efficiently with their team mates, and while the process itself might be changing, reviewing code is more of a part of a developers' day than in the past, so we may as well get what we can from them.
For further insights on code reviews and their surprising impacts, Sven Amann'offers a wealth of data and expert perspective; check it out for a deeper dive into the topic.
