The Engineer’s Complete Guide to Code Quality
You might not realize it, but you probably know when you see bad quality code. It might be written in a way that doesn't make sense, be full of errors, excessively verbose, or highly inconsistent in its use of terminology and naming conventions. Fortunately, there are lots of ways you can improve your code quality, make it easier to review and test and reduce the pain later of having to fix all of the errors. Let's take a look.
What is code quality?
Code quality refers to the attributes and characteristics of your code. These may differ according to your organization's specific business focus and the particular needs of your team. While there's no definitive checklist, there are broadly several things that separate good quality code from poor quality.
Markers of good code:
- Functional or useful—the code should do what it says it will do
- Easy to understand for users, not just its author
- Efficient—good code is succinct
- Testable—good code should be tested to be free of bugs or defects
- Easy to maintain
- Easy to build upon, reuse or replicate in the future
- Well documented—well written and adheres to agreed-upon standards or a style guide
Notably, all of these markers may mean different things to different people or teams. One person may find code clearly written and easy to understand, while another finds it unclear and thus hard to maintain. But it is helpful to have some parameters to work with.
Documentation, code standards, and style guides
As Damien Conway describes, "Documentation is a love letter that you write to your future self. Comments or notes in code are a way to provide a message to your future self on why you might have written code in a certain way. Or why a team member made a particular decision at a specific time. This also provides insights to other team members into your decision-making.
Code standards are also helpful to provide uniformity in code across the team. They make it both easier to use and maintain. William Moore describes them as "a sequence of processes for a particular coding language that requires a coding format, the methods, and different procedures."
A style guide provides a company's standard conventions (such as naming conventions) and other best practices within one place. It aims to ensure that code is consistent across all team members, making it easier to work with and review. It should be agreed upon by the team if you want them to actually own and adopt it and may require some training.
Many companies such as Google, Microsoft, and WebKit have published their style guides online, which can help you get started creating your own style guide. There's also plenty of programming language-specific guides—Alexander Van Tol writing for RealPython offers some great resources for Python programmers, including Python-specific style guides and linters.
The importance of code reviews
Code reviews are of paramount importance to ensuring good code and providing a way to locate problems so that they can be fixed as early as possible. They can also ensure the consistency and reliability of the software you're building. For companies who have adopted a DevOps way of life, code reviews are par for the course and are already embedded in the process as early as possible. The earlier you find errors, the faster, easier, and cheaper they are to resolve.
SmartBear Software conducted a global online survey over the course of ten weeks during the months of June and July 2020 with responses from over 740 software developers, testers, IT/operations professionals, and business leaders across 20 different industries. The respondents' rate code reviews as the best way to boost code quality.
The survey also showed improving code quality as the topic business driver to influence the need for code review tools.
Additionally, more than 80 percent of developers surveyed said satisfaction with code review processes is directly tied to confidence in software releases' overall quality.
Besides code review, respondents cited unit, continuous and functional testing of code as among the best steps for improving quality. Continuous integration and integration were also cited as best practices for software development.
In terms of cadence, roughly 63% of respondents participate in some form of code review, at least on a weekly basis. When it came to frequency and which approach used, 27% of respondents cited tool-based code review on a daily basis, and 19% noted a weekly basis.
Overall code review ensures code meets the attributes that were mentioned earlier as markers of good code. A code review ensures code is efficient, bug-free, adheres to standards, and overall aims to catch problems early before problems multiply.
Code reviews can be conducted in a variety of ways from manual reviews, pair programming, mentoring, and the use of shared documents for easy review. However, all of these methods can be time-intensive, and code review tools provide a way to automate the process.
Tools to review code quality
Most devs already use GitHub to maintain their Git repositories and are accustomed to the use of pull requests and forks to review code. There's also plenty of other tools available that help teams automate the code review process:
If you’re looking for a sustainable solution for code quality improvement and tech debt management in your engineering team, you need Stepsize. It’s the world’s first and only bespoke tech debt management tool. Track and manage issues directly from the IDE, and create issues directly linked to code. It surfaces quality and tech debt issues during code review in pull requests. For engineers, this means no more context-switching and high-quality issues that can be prioritised based on impact and fixed. And because it integrates with Jira, your PM will love it too.
Learn how to get started with Stepsize here. It works with Visual Studio, VS Code, JetBrains.
Code quality and security are similar in that both types of issues can be identified with static analysis. Developers typically use static analytical methods to design and test components. In this instance, the code is not running or executed, but the tool itself executes using the source code as its input data. Static analysis enables devs to also use tooling to discover security issues early, often in real-time as they write code. The tools scan as the dev writes, then flag any security issues in the engineer's integrated development environment (IDE) or editor. By looking at dataflow paths through an application, static analysis tools can identify where an application mishandles data or code produces unintended outcomes.
Static code review software also helps developers understand structure and coding standards and implement their own coding standards. As developers push code directly into production, static code analysis also validates code quality, decreases later errors, and reduces bugs. The tools can identify data mishandling within an app or when code causes unintended consequences.
Another way to improve code quality is through refactoring. Source code refactoring turns messy, incorrect and/or repetitive code into clean code with lower complexity. It addresses the standardization problems which can occur when multiple developers contribute their own code. Refactored code is easier to read and maintain. It's also easier to expand upon and add new features. Removing unnecessary parts such as duplications can also result in code that uses less memory and performs faster.
Writing good quality code not only leads to higher quality software, but also greater team satisfaction. This is especially important when tools and frameworks and style guides are used to take a lot of the guesswork out of decision making, freeing developers to focus on more interesting tasks.
To write top-quality code, you need top-quality collaboration.
We've built CollabGPT, the AI companion for software projects.
CollabGPT has a long-term "memory" of the context around your projects from Jira, GitHub and Slack. It knows what you're refactoring, what tickets are blocked and what your team are worried about.
It offers powerful summaries of what happened in your project, actionable suggestions on what to do next, and can answer pressing questions in seconds.