Category Direction - Code Review

1. You are here:
2. GitLab Direction
3. Product Vision - Create
4. Category Direction - Code Review

• Code Review
• Introduction and how you can help
• Overview
  • Metrics of success
  • Target Audience
  • Challenges to address
• Where we are Headed
  • What's Next & Why
  • What is Not Planned Right Now
  • Maturity Plan
• Competitive Landscape
• Analyst Landscape
• Top Customer Success/Sales issue(s)
• Top user issue(s)
• Top internal customer issue(s)
• Top Vision Item(s)

Code Review

Introduction and how you can help

The Code Review strategy page belongs to the Source Code group of the Create stage, and is maintained by Daniel Gruesso.

This strategy is a work in progress, and everyone can contribute. Please comment and contribute in the linked issues and epics. Sharing your feedback directly on GitLab.com is the best way to contribute to our strategy and vision.

• Issue list
• Epic list

Overview

Code Review is an essential practice of every successful project. It is necessary for maintaining and improving code quality, and is one of the primary avenues of mentorship for software engineers, but it is also time consuming.

GitLab's vision for code review is a place where:

• changes can be discussed,
• developers can be mentored,
• knowledge can be shared, and
• defects identified.

GitLab should make these tasks efficient and easy, so that velocity and code quality both increase.

Metrics of success

The primary metric by which we measure the success of the Code Review category is: reducing the duration of the Code Review. This is measured as the duration from the first merge request version to merged.

Category-level UX baselines conducted quarterly will provide qualitative feedback to validate perceived efficiency and our hypothesis.

Target Audience

Code review is used by software engineers and individual contributors of all kinds. Depending on their context, however, the workflow and experience of code review can vary significantly.

• full time contributor to a commercial product where reducing cycle time is important. The review cycle is tight and focussed as a consequence of best practices where keeping merge requests small and iterating at a high velocity are objectives. Code review workflows for these users are Complete
• occasional contributor to an open source product where cycle time is typically longer as a consequence that they are not working on the project full time. This results in longer review times. When long review times occur, the participants in the merge request will need to spend more time reacquainting themselves with the change. When there are non-trivial amounts of feedback this can be difficult to understand. Code review workflows for these users are Complete
• scientific projects frequently have a different flow to typical projects, where the development is sporadic, and changes are often reviewed after they have been merged to master. This is a consequence of the high code churn associated with high exploratory work, and having infrequent access to potential reviewers. Post-merge code review workflows are not yet viable in GitLab.

Challenges to address

There are many code review tools in the market as well as multiple workflows. Deciding which features/workflows to build-in to GitLab is important so that users can migrate seamlessly. However, it is not realistic for us to support every feature/workflow out there, as such we must suss out the most popular, forward-looking features/workflows, and support them in GitLab.

• Some of the features/workflows we are planning to build into GitLab:

  • Merge request reviewer assignment
  • Easily tracking unread diffs, files, commits and discussions in merge requests
  • Commit by commit code review

• Some of the features/workflows we are currently researching:

  • Cross project merge requests

Where we are Headed

The code review process involves at least two roles (author, and reviewer) but may involve many people, who work together to achieve code quality standards and mentor the author. Furthermore, many reviewers are often not Developers. Reviewers may be Developers, UX Designers, Product Managers, Technical Writers, Security Engineers and more.

In support of GitLab's vision for code review, areas of interest and improvement can be organized by the following goals:

• Ease of use influences whether users choose to use the GitLab tool to merge branches instead of simply interacting with the Git server via command line. Merge request should be easy to use and provide enough visible value such that users will default to use merge requests.
• Love-ability captures the essence that GitLab is enjoyable to use, which may mean that it is fast, invisible and allows you to get your work done. Particularly, GitLab should encourage the best of communication between colleagues and contributors, helping teams celebrate great contributions of all kinds, and express their ideas without misunderstandings. How GitLab communicates with people, will influence how people communicate with each other inside GitLab.
• Efficiency directly influences velocity within the time span of a single merge request
  • Author efficiency considers how a merge request author can create and address code review feedback, find a relevant reviewer for their merge request, and incorporate incoming feedback.
  • Reviewer efficiency considers how an individual reviewer can review a code change, leave feedback, and also verify their own feedback has been addressed. Provide enhanced context when reviewing new information (for example, through code intelligence) for efficiency.
  • Team efficiency considers a team can coordinate and communicate responsibilities, progress and status of a merge request, and quickly the entire process can be completed. Support workflows that enable new and better ways of working (for example, suggest changes, commit by commit review).
• Best practices Influence efficiency of teams and projects over a longer time scale, and can include fostering norms and behaviours that aren't explicitly enforced through the application. Amplifying best practices, great defaults and documentation play a significant role in this.
• Policy controls that allows code review requirements to be set and enforced, going above and beyond amplifying and encouraging best practice.

The following improvements will help us make significant progress towards the above goals:

• Improve merge request reviewer assignment
• File-by-file merge request diff navigation

What's Next & Why

• In Progress: Smarter merge request diffs using merge refs

  Code reviews are time consuming, requiring engineers to carefully review and understand the proposed change. The accuracy of the diff is therefore critical.

  Additionally, both Atlassian and GitHub have made their diffs smarter, showing the actual difference between the source and target branch, not the source branch and the merge base of the target branch.

• In progress: Code intelligence (e.g. symbol docs, jump to definition)

  The purpose of code reviews is to identify defects, and ensure the code meets quality guidelines for style, readability, and maintainability. In order to do this, the code reviewer must understand the proposed change well.

  We know that code intelligence is an important tool for understanding code, and has been available in local development environemnts since the 1980s. Because of this many developers rely on local code intelligence when performing code reviews. Providing this to all reviewers in GitLab will improve the quality and efficiency of code reviews.

• In progress: Comment on multiple lines

  Feedback doesn't always relate to a single line, and it can be restrictive to be unable to comment on a range of lines. Similarly, suggested changes to merge requests can also span multiple lines in a diff, but it is difficult to use this feature without a natural interface to select multiple lines.

• In progress: Improved merge request reviewer assignment

  Detecting defects, and providing meaningful code review feedback requires understanding the code being changed. This is most effectively done by subject matter experts, which are typically people who have previously edited or reviewed the areas of the code being changed.

  Helping authors find the right reviewer will yield better code reviews, and carefully distributing them across many engineers will prevent individual engineers becoming over burdened.

What is Not Planned Right Now

Maturity Plan

This category is currently at the Loveable maturity level (see our definitions of maturity levels).

Competitive Landscape

GitLab competes with both integrated and dedicated code review tools. Because merge requests (which is the code review interface), and more specifically the merge widget, is the single source of truth about a code change and a critical control point in the GitLab workflow, it is important that merge requests and code review in GitLab is excellent. Our primary source of competition and comparison is to dedicated code review tools.

Prospects and new customers, who previously used dedicated code review tools typically have high expectations and accustomed to a high degree of product depth. Given that developers spend a significant portion (majority?) of their in application time in merge requests, limitations are quickly noticed and become a source of frustration.

GitLab’s current code review experience is largely modeled after GitHub’s, with most of its pros and cons. Gerrit and Phabricator are frequently mentioned as the best alternatives to the GitHub code review model. See the competitive analysis for a closer look at the user experience and feature set of competitor tools.

Integrated code review packaged with source code management:

• Phabricator by Phacility • Free, open source • Mature • Example code review
• Gerrit • Free, open source • Mature • Example code review
• GitHub • Free option, closed source
• Bitbucket by Atlassian • Free option, closed source
• Azure DevOps by Microsoft • Free option, closed source

Dedicated code review tools:

• Crucible by Atlassian • Paid, closed source • Mature (Bitbucket vs Crucible)
• Review Board • Free, open source • Example code review
• Reviewable • Free option, closed source • Example code review

IDE-related:

• CodeStream • Free option, closed source
• GitLens • Free, open source
• Visual Studio Live Share • Free, open source
• Gitpod • Free option, closed source

Analyst Landscape

Top Customer Success/Sales issue(s)

The highest priority customer requests are for improved application performance, accuracy and efficiency for reviewing merge request diffs of all sizes, small and extremely large.

• Smarter merge request diffs using merge refs address accuracy problems in some situations, thereby improving efficiency of reviews by showing the expected diff contents.
• Track unread diffs, files, and discussions improves usability. primarily improves reviewer efficiency by allowing reviews to be performed incrementally over multiple sittings, and better handling the iterative process of leaving feedback and the author proposing improvements.

Other notable requests include:

• Cross-project code review (group merge requests)
• Post-merge code review is of interest to a variety of organizations where changes are merged with a high velocity (e.g daily) and they desire to review aggregate set of changes semi-regularly.

Top user issue(s)

• Smarter merge request diffs using merge refs
• Increased focus of merge request changes tab will make code review more love-able by reducing distraction, and making use of the navigational affordances of the top of the page which is quickly accessed by mouse and keyboard.
• Multi-line comments

Top internal customer issue(s)

• Suggest and assign reviewers and maintainers will replace the Reviewer Roulette implemented with Danger.

Top Vision Item(s)

• Investigating: Commit focused code review

  Small changes are easier and faster to review, and commits are the smallest unit of change. Some of the largest projects in the world use commit based workflows for this reason.

  We are investigating how we can amplify best practices in commit focussed workflows, and bring these into GitLab to improve code quality and efficiency.

• Investigating: Real-time merge request collaboration

  Merge requests are highly asynchronous today. A code review is requested, and then at some point later the author returns to address the feedback. This causes all but the simplest of merge requests to go through multiple slow review cycles.

  GitLab aims to help teams compress cycle time and increase velocity. To this end, reducing the number of review cycles, and preventing frequent context switching should help.

  Since we know many teams are located in similar timezones, if not located in the same physical location, we can improve notifications and workflows to help people work together on the same merge request in real-time.

  Read more in our blog post.

• Investigating: Track unread merge request comments and commits

  When reviewing a merge request with multiple commits, a large number of changes, or that requires many revisions, it's hard to know what requires your attention, and what you have previously reviewed. This is a factor in making code review inefficient.