"Code review is not about finding things that are wrong with the code" CTO Jungkook on code review
Elice
6/10/2022
As a tech company, code reviews are an important part of our development culture. It allows us to identify mistakes that individuals may not have noticed, proactively address potential risks, and plays a key role in building our overall development capabilities beyond just finding problems.
But what exactly is the process of code review? It’s not always easy to figure out what to review, how much to review, and what to watch out for, especially if you’re a junior developer looking for a job, so we asked Elice CTO Jungkook to talk about code review.
In late May, he was named one of Forbes’ “30 Under 30 Most Influential Leaders in Asia,” and since he’s in the consumer technology space, which Forbes says is at the forefront of new app development, we’re even more curious about how he does code review. Let’s take a look at how Forbes’ man, Jungkook, reviews code.
Q. Hello, Mr. Jungkook. Congratulations on being selected by Forbes, can you tell us a little bit about yourself?
A. I’m Jungkook Park, CTO and backend team lead at Elice.
Q. What kind of work do you do?
I’m in charge of the backend. I’m responsible for creating and maintaining the APIs and API servers that run behind the scenes when the product is running, and making sure the servers don’t slow down when a lot of people come in. I’m also responsible for collecting data from Elice and managing what services to provide based on that data. I’m also responsible for physically deploying, upgrading, and replacing servers.
What is a code review?
Q. Today you’re going to walk us through the process of doing a code review specifically, but before you do, how would you describe a ‘code review’?
Code review can be likened to the process of going through a package that you ordered from the mall and it arrives, because the first time you actually get it, it’s similar to how you feel when you get a package. There’s excitement and a little bit of anxiety (laughs).
So, for example, if you bought a vacuum cleaner, there’s a manual, there’s things that you have to assemble, and it’s the same thing with code, you’re looking at the manual, you’re looking at the lead of the project, you’re looking at the documentation, you’re looking at whether it’s well-written, you’re looking at what models the API server uses to implement the functionality, and you’re looking at the parts of the vacuum cleaner.
First, look at the project structure
Q. For your code review, we have prepared WellAi, a project from the 3rd Elice AI Track winner team. WellAi is an AI home service that uses image recognition to identify, record, and manage yoga poses so that you can do yoga at home. What is the first thing you would like to review about this service?
First, let’s look at the project structure. When I first saw WellAi, I thought it wasn’t a typical structure for a Django project. In fact, there’s no set formula for project structure, but it’s usually a good idea to look at articles or projects on well-known developers’ blogs to get an idea of how files and folders are typically organized, so that someone new to the code doesn’t get lost.
Q. Are there any sites you recommend for project structure?
FastAPI is a famous web framework in Python. The developer of FastAPI, Tiangolo, has released the source code, and you can see how to structure your project when developing with FastAPI with full stack.
If you look at this project structure, you’ll notice that the top level folder has very few files and folders, usually the license, a riddim description, and documentation on how you can contribute to the project. Then you have the scripts, which are the programs you need to manipulate the project. When you actually get into the backend, it’s pretty bite-sized, and if you organize it similarly to this structure, you can generally improve upon the project structure that you’re used to.
Q. You’ve given us some great tips on how to stay organized with your project structure. It’s actually important to stay organized for collaboration as well. Can you also tell us what tools you need to collaborate?
There is a tool that is essential to use when collaborating. It is about code formatting. On WellAi, you can see the code called black, flake8. This is a program called Code Formatter.
In fact, when you write code, it reflects your personal style. For example, some people like to type a lot, and if you write code in your own style, it becomes a jumble of code. So it’s important to have rules for how to code when you’re collaborating with multiple people. This doesn’t affect functionality, but it does make it easier to collaborate if the code is easy to read and unified.
Q. So, what are some code formatters?
There’s a code formatter that’s been trending in Python lately called black. It’s a tool that doesn’t give developers a choice, they just have to do what it says. For example, if you use a single quarter, it turns it into a double quarter. (Laughs) You can think of it as a tool that emphasizes rules. We also use Code Formatter at WellAi, and it makes it easier for me to do reviews.
Second, check for coding conventions
Q. I’m impressed that this is a tool that emphasizes uniformity, what will you be reviewing next:?
The next thing I look at is what models have been declared, what models are there at the beginning. If you look at WellAi, there’s a Tag, and then there’s an Exercise, and then there’s a Course, and you can see that there’s a review, and there’s a bookmark feature, and then you get a sense that there’s going to be a yoga course in the service, and there’s going to be a yoga exercise within that course, and you can see that you can leave a review and bookmark it.
In this structure, checking the relationships between models and what data they contain is called checking coding conventions. As you’re checking, you’ll find things along the way that don’t make sense.
So, for example, we have a Tag model at the beginning, and we have a field called tag_name. I personally think that tag has a redundant meaning, and I think it could be Tag.name, and if you look at the semantics of tag_name later on, it says “hashtag.” So, I think it would be more consistent to name it hashtag, or to write tag, and say “tag.” It’s important to name things well, because if you have a bunch of these names piling up, you’re going to have trouble scaling. In fact, naming is one of the hardest parts of programming.
Q. You mentioned the importance of good naming when programming, and I’d like to give you some additional praise.
I actually use these models to check if I’m doing what I want to do in the project, and the part that I think I did well was using a framework called rest_framework. With a proven library like this, I can quickly move on to the review, thinking that there is no error in the process of getting the ‘exercise details’. (Laughs) I would like to say that it is important to use a library or framework well for the situation and purpose.
Third, check the efficiency of your code
Q. Next, we need to check if the code works efficiently, right?
Right, and then we look at whether the code is working efficiently, whether it’s performing really well, and whether it’s well-organized in terms of performance. For example, we have an API that lists reviews of yoga courses, and we have the ability to reorder them by Rating or Create_at.
Then we’ll see if it’s efficient when we have, say, 1,000 reviews. In WellAi, we used a pre-made library called a framework, so it’s actually difficult to improve it beyond that. I think it’s up to the person writing the project to code efficiently.
Fourth, check for security issues
Q. Checking for security issues is also important in code review. How do you check for security issues?
It’s very important to make sure there are no security issues, because if there is a security issue on the API server, there is no going back. Usually, there are common mistake patterns, such as accidentally writing a password in the code.
There are tools that can help you avoid these mistakes. One such tool is a Python program called bandit, which will read your code and tell you where there are security risks. For example, if you’re writing code in Flask and you have Debug set to true, it will tell you to change it to false.
Q. That’s a great tool for avoiding pitfalls before they happen, and it’s a great tip for people who are preparing to become developers. Is there anything else you look for when you’re doing code reviews?”
In addition, I make sure that the project will work properly even in extreme situations. For example, I make sure that the data doesn’t break if there are thousands of users at once, or if the power goes out and the server goes down while I’m saving the data.
I use a program called APACHE - JMeter to check how long it takes in different cases and how much CPU it takes. You can test how long it takes and how much CPU it uses for different cases. I recommend using this tool when you need to make sure your server won’t crash under extreme conditions.
Q. You’ve done a great job explaining the process of doing code reviews so far, thank you for making it so easy to understand. Is there anything else you’d like to add?
Code reviews are great for both the reviewer and the reviewed. It’s a very helpful process to grow as a developer, so I think it’s important to do code reviews. If you’re doing a team project, it’s good to review each other, and if you don’t have anyone to review, it’s good to review open source code on your own. I think it’s good to get a lot of experience looking at different things and reviewing them. I’m glad I had this opportunity to share what I see through code reviews. Thank you!
Have you been listening to Jungkook’s code review talks? You shared a lot of information about how code reviews work, good programs and tools to use when reviewing, and you emphasized getting a lot of experience doing code reviews. I think it’s important to have an open attitude and mind to review code and share feedback with others.
In the future, we’ll continue to feature content that gives insights from Elice developers. We’ll be sharing developer tips on what programs they use and what bookmarks they have, so stay tuned for more!
If you’re interested in getting a code review from Jungkook, apply to be an Elice Engineer!
Apply to be an Elice Engineer 👉 https://elice.careers
*This content is a work protected by copyright law and is copyrighted by Elice. *The content is prohibited from secondary processing and commercial use without prior consent.
- #elicer
- #tech
- #job