GitLab Commit Virtual is here. Register Now for our 24 hour immersive DevOps experience.
Jul 3, 2020 - Suri Patel    

The challenges of code reviews

The 2020 DevSecOps Report discovers that developers are bogged down by code reviews. Are they worth the trouble?

Code reviews are stressful. As a merge request owner, you're giving others an inside look at your abilities and thought processes. As a reviewer, there’s something quite daunting about serving as the last stop before code is merged to the main branch. When teams face uncertain processes, lengthy wait times, and lack of buy-in, an inherently difficult task can soon feel Sisyphean. In GitLab’s 2020 Global DevSecOps Survey, over 3600 software professionals shared their thoughts on code reviews, and the results reinforce that code reviews are a challenging aspect of software development.

Why is code review important?

Code reviews enable developers to more easily identify bugs, because they’re assessing the code with a fresh perspective. Shipping clean code decreases the likelihood of errors nestling into the main branch. Teams turn to code reviews as a way to share knowledge, mentor newer developers, and ease the burden of development. When everyone reviews code, there is no longer a single point of failure that can halt delivery and risk missing releases or business goals.

Studies show that code reviews increase collaboration, because the process of working together to improve code quality creates a shared ownership of the codebase. Developers work towards a common goal rather than feel proprietary attachment to their lines.

Code reviews according to developers

In the 2020 DevSecOps Report, developers candidly shared their views on code reviews, with many highlighting the challenges of ensuring code quality standards. Here’s a look at what developers said about code reviews.

How frequently does your team conduct code reviews?  
Weekly 48.9%
Bi-weekly 13.6%
Monthly 9.5%

Most respondents do code reviews weekly, indicating that teams are committed to making them part of their workflow.

How do code reviews happen?  
Messaging chat 40.8%
Offline 28.6%
Other 20.9%
Video 9.7%

Documentation is an important part of a successful code review. Authors should be able to refer to a checklist or assessment that highlights areas of improvement or excellence. Respondents indicated that the majority of code reviews occur in messaging chat or offline, which may enable written documentation.

How do you prefer to do code reviews?  
IDE 44%
Browser 41.4%
Code/text editor 14.6%

Conducting code reviews in integrated development environments and browsers is unsurprising, because there’s a low barrier to entry in participating and collaborating with others.

Many respondents shared their thoughts about the specific challenges they face when doing code reviews.

“Code reviews can take a long time due to the lack of reviewers.”

Without enough reviewers, code reviews can become overwhelming for the few people who make time for this task. Code reviews become a burdensome activity that can prevent certain team members from meeting goals and delivering.

“As an all-remote company, we haven't yet solved the problem of needing reviews from people in much different time zones and working hours. We have a strict code review process, and it often takes several days for the reviewer to respond to requests for review. Planning takes a while, and our code review process, while awesome, takes some time.”

Working in a distributed team can have drawbacks, especially when waiting for domain experts or maintainers to review code. While processes are important in establishing workflow, it’s equally important not to slow down team members with process.

“Our code review process is disorganized. It took more time when reviewing the code and testing than expected.”

On the other hand, not having an established review process can lead to stress, confusion, and pressure. Team members may dread code reviews due to the disorganization, which can lead to insufficient assessment.

“Some experts do not understand the importance of code review and regard it as a secondary task.”

When some team members do not value code review, they may deprioritize it and be reluctant participants. Collaboration is a key component in ensuring successful code reviews, and lack of buy-in can slowly erode morale.

Are code reviews worth it?

Based on the frustration level found in the 2020 DevSecOps Survey, it’s hard not to wonder whether code reviews are worth the trouble. But all complaints aside, it’s clear that the review process is helpful.

How valuable are code reviews?  
Very valuable 61.9%
Moderately valuable 33.3%
They have no effect 3.7%

Code reviews are worth the difficulties, because they help teams collaborate to maintain a clean codebase, learn from each other to develop new skills, and ensure that innovative solutions solve complex problems. In order for team members to feel like code reviews are valuable, IT leaders must invest time in establishing processes to ensure that everyone has the tools and knowledge to succeed.

Ready to learn more about code reviews?

Here are a few resources to help you alleviate the challenges of code review.

Read GitLab’s mandatory code review process →

Learn how to troubleshoot delays with GitLab’s Code Review Analytics tool →

Discover better code reviews GitLab style →

What blocks faster code releases? It starts with testing →

Read about GitLab’s experience with Reviewer Roulette →

Try all GitLab features - free for 30 days

GitLab is more than just source code management or CI/CD. It is a full software development lifecycle & DevOps tool in a single application.

Try GitLab for Free
GIT is a trademark of Software Freedom Conservancy and our use of 'GitLab' is under license

Try GitLab risk-free for 30 days.

No credit card required. Have questions? Contact us.

Gitlab x icon svg