Nov 25, 2009 0
One Simple Step for Avoiding Shallow Reviews
It’s your job as a reviewer to find as many defects as possible. If you’re not finding defects, you’re wasting time.
Read the rest of this entry »Jan 27, 2009 0
Five Things That Do Not Belong In A Review Checklist
This is the second half of an article I posted about using a checklist to prevent security errors. There, I said that you have 15 checklist items max, and you shouldn’t waste any of those questions on silly things like “Does the code follow the coding standard?”.
Jason Cohen pointed to an article of his in [...]
Jan 23, 2009 2
How To Use A Checklist to Prevent Security Errors
The 2009 CWE/SANS Top 25 Most Dangerous Programming Errors has been out for a while now. Maybe you’ve already eliminated all of these errors from your code. In case you haven’t, this post will help you develop a checklist that you can use to eliminate these errors starting at the architecture level and moving through [...]
Read the rest of this entry »Dec 31, 2008 2
Code Review Tools
Yesterday I posted twenty reasons to do code reviews, and I promised a list of code review tools. Here they are, in no particular order. I have not used all of them, so I can’t comment on their relative merits. If there are some I missed, please leave a comment and I’ll update this list.
Codestriker [...]
Read the rest of this entry »Dec 30, 2008 2
Twenty Reasons To Do Code Reviews
Update [2008-12-31]: I posted the list of code review tools as promised below.
I tweeted this article on Five Reasons to Do Code Reviews from CIO.com last week,and realized that there are much more than the five reasons they give. So I came up with 20 more over the rest of the day. This is a [...]
Dec 24, 2008 0
The cost of (not) testing software
Great post on the cost of (not) testing software. The take-home lesson is “find defects early”.
The main thing missing from the discussion is that there are better techniques for finding defects than testing. Like design and code reviews, and especially more attention to requirements. Catch defects as early as possible and reduce costs even further.
Dec 15, 2008 0
Five Reasons to Slow Down
Here are five reasons you should wait before moving on to the next phase of your software development process:
Get the requirements right. It’s so often repeated that it’s almost a cliché to say that requirements errors will cost 10x or more to fix during coding or testing. But it’s true, so I can risk repeating [...]
Read the rest of this entry »
From The Peanut Gallery