As a senior at my last big company job, basically all I did was conduct meetings and do PRs. It’s such a grind.
My opinion now is that most PR is worthless anyway. Most people give, at best, a superficial skim for typos, lack of comments, or other low-hanging replies (that usually, really, a static checker or linter should be dealing with).
Reading the code base in little chunks like that doesn’t give you proper context for the changes you’re reading. Automated unit and integration tests would be better for catching issues like that, but of course then who is reviewing and verifying the tests? Who’s writing them for that matter?
Ideally, pair-programming or having extra people on projects to create knowledge redundancy would help. But companies want to replace juniors with AI now, so that’s not looking good. Senior devs and architects might know the major pieces of much of the code, but can they “load it into working memory” sufficiently to do a quality PR that will catch something the tests didn’t and QA wouldn’t? Not in my experience.
I think the best actually-implementable solution for most teams is to get rid of PR expectations and take a multi-pronged approach to replacing that process.
use tooling to check for and fix basic stuff. Use a linter, adopt a code standard, get a code formatting tool that forced adherence to the standard and run it on every PR.
Unit tests if you got them, start if you don’t. You don’t need 90% code coverage, just make sure critical paths are covered.
Turn one of your useless meetings into a code review session. Each week/sprint, one Very Important Code section is presented by the developer that works on it most or that last changed it. This helps the whole team learn the code base, gets more eyes on the important stuff regularly, and enforces not just a consistent style but a consistent approach to solving and documenting problems.
PR (and the github PR approval stuff or its equivalent for you) should be streamlined but preserved. Do have a second person approve changes before merging, just to double check that tests have finished and passed and all that. If your team is so busy that no one ever approves PRs then allow self-approval and be done with it. This will make regular code review very important for security and stability, since any dev could be misbehaving unseen, but these are the trade-offs you make when burning out your team is more important than quality.
I caught a junior trying to reimplement an existing feature, poorly, in a way that would have affected every other consumer of the software I’m a code owner on a week or two ago. There’s good reason to keep them around.
PRs suck to do, but having a rotating team of owners helps, and linting + auto formatting helps with a lot of the ticky tacky stuff.
Honestly, the worst part is “newGuy has requested your review on a PR you requested changes on but he hasn’t addressed” that’ll get you in the ignored pile real quick.
these are the trade-offs you make when burning out your team is more important than quality.
Yep.
Many directors and CIOs know exactly where they stand regardin the classic value proposition: deliver something trivial before next quarterly earnings statements - at the low easy cost of losing all organizational understanding of the code base.
I generally agree and like this strategy, but to add to the other comment about catching reimplemented code, there’s just some code quality reviewing that cannot be done by automating tooling right now.
Some scenarios come to mind:
code is written in a brittle fashion, especially with external data, where it’s difficult to unit test every type of input; generally you might catch improper assumptions about the data in the code
code reimplements a more battle tested functionality, or uses a library no longer maintained or is possibly unreliable
code that the test coverage unintentionally misses due to code being located outside of the test path
poor abstractions, shallow interfaces
It’s hard to catch these without understanding context, so I agree a code review meets are helpful and establishing domain owners. But I think you still need PR reviews to document these potential problems
As a senior at my last big company job, basically all I did was conduct meetings and do PRs. It’s such a grind.
My opinion now is that most PR is worthless anyway. Most people give, at best, a superficial skim for typos, lack of comments, or other low-hanging replies (that usually, really, a static checker or linter should be dealing with).
Reading the code base in little chunks like that doesn’t give you proper context for the changes you’re reading. Automated unit and integration tests would be better for catching issues like that, but of course then who is reviewing and verifying the tests? Who’s writing them for that matter?
Ideally, pair-programming or having extra people on projects to create knowledge redundancy would help. But companies want to replace juniors with AI now, so that’s not looking good. Senior devs and architects might know the major pieces of much of the code, but can they “load it into working memory” sufficiently to do a quality PR that will catch something the tests didn’t and QA wouldn’t? Not in my experience.
I think the best actually-implementable solution for most teams is to get rid of PR expectations and take a multi-pronged approach to replacing that process.
This comment seems like a lot of work to read, I’ll pretend I didn’t see it
So you’ll just hit approve?
I caught a junior trying to reimplement an existing feature, poorly, in a way that would have affected every other consumer of the software I’m a code owner on a week or two ago. There’s good reason to keep them around.
PRs suck to do, but having a rotating team of owners helps, and linting + auto formatting helps with a lot of the ticky tacky stuff.
Honestly, the worst part is “newGuy has requested your review on a PR you requested changes on but he hasn’t addressed” that’ll get you in the ignored pile real quick.
Yep.
Many directors and CIOs know exactly where they stand regardin the classic value proposition: deliver something trivial before next quarterly earnings statements - at the low easy cost of losing all organizational understanding of the code base.
I generally agree and like this strategy, but to add to the other comment about catching reimplemented code, there’s just some code quality reviewing that cannot be done by automating tooling right now.
Some scenarios come to mind:
It’s hard to catch these without understanding context, so I agree a code review meets are helpful and establishing domain owners. But I think you still need PR reviews to document these potential problems
I will never not hate scrum. Screw all this corporatization of programming.