- cross-posted to:
- lobsters
- cross-posted to:
- lobsters
TL;DR
- Pull requests were designed for open source contributions from untrusted strangers. Applying them to trusted teams is a category error.
- Peer-reviewed research shows code review’s primary value is knowledge transfer, not bug detection. Less than 15% of review comments relate to actual bugs.
- Async PR workflows mean your code spends 86-99% of its lead time waiting. One organisation spent 130,000 hours in a single year waiting on PRs that received zero comments.
- DORA research across 36,000+ professionals shows trunk-based development correlates with dramatically higher software delivery performance, and faster code reviews alone improve performance by 50%.
- The alternative is T*D: Test-Driven Development (build quality in), Trunk-Based Development (integrate continuously), and Team-focused Development (review during creation, not after).
- The transition is gradual: optimise PRs first, adopt Ship/Show/Ask, then move to pairing and trunk-based development as trust and automation mature.-
If PRs arent being reviewed for hours or days thats a management problem. No amount of unit tests are a replacement for another set of eyes.
hmm, i have mixed feelings about this.
This i agree with totally.
Whether or not it’s human resource based or policy based, it’s usually a failing of process and that’s generally a fault with management. in my experience anyway.
This though, while i wouldn’t compare PR’s to Unit testing in the first place there is some overlap in quality control.
If you have robust enough testing suites it can reduce the PR burden in a variety of ways, though most of them come down to automating away the need to catch so many logic and regression bugs.
That’s not to say reviews aren’t needed, they definitely are, it’s just automated testing does have an overlap.
Notice that i said testing suites though, that’s not just unit testing, that’s the whole CI testing caboodle.
The problem with automated tests is that they only test for the narrow slice of things you actually think to test for. They don’t cover the gamut of things you didn’t think to test for.
They also only test how you write them to test for, which means if you make a bad assumption somewhere along the way your tests can’t help you find it.
Peer reviews cover two very important things:
A fresh set of eyes and a different perspective is just so important to writing robust, quality code.
Indeed, which is why it’s an ever evolving suite of tests, as and when you come across problems and things that were missed, you add automated tests for them.
It’s not magic, you only get out what you put in, but it is automated, which means that if you do a reasonable job you have a lot less to worry about from that particular issue in the future and now you have a much quicker way of checking for it.
Also agreed, and automated testing is a way to partially formalise that knowledge into something that can be checked quickly and deterministically (if you are doing it right).
As i said before it’s not magic and it’s not a replacement, it’s more of an augmentation to relieve some of the cognitive burden.
As with any other approach, it also has it’s downsides, there are ways to go about it that can be actively detrimental.
In my experience a well done (and maintained) automated suite is a boon to ongoing development.