Check Point® Software Technologies Ltd. reinforces its Web Application Firewall with the powerful API Discovery feature, aimed at strengthening organizations’ cloud assets.
Recently, the results from SmartBear Software's annual survey, the State of Code Review 2017: Trends & Insights into Dev Collaboration were released. The survey is divided into five sections that include Code Quality, Approaches to Code Review, Code Review & Doc Review Tools, Software Tools & Integrations and Software Teams. Each section reveals how teams and organizations are handling each one of those topics. What's fascinating about the survey is the amount of data captured. Here are some particularly interesting findings and comments.
Code Quality
There is a lot of data in the survey but one point I found interesting is that it suggests only 66 percent of organizations can get releases out on time. Why are the other 34 percent struggling to get releases out the door? I believe there are a number of factors that are preventing timely releases, many of them coming back to requirements and the ability to properly scope the release based on those requirements (or lack thereof).
Collaborating on and reviewing design documents and requirements are critical to a successful release. Many organizations find themselves struggling to collaborate effectively. In fact, I've heard horror stories of documents that are being passed around from desk to desk and then turn up missing.
There is no better way to slow down the development lifecycle than to start from scratch! This is one reason that document review tools exist. They keep things from getting lost.
Approaches to Code Review
There are a lot of different ways to do code review and ensure its effectiveness. I believe tool based review is on the rise because of the growing popularity of repository management tools like GitHub, Bitbucket and GitLab. What I found fascinating from this year's survey is that individuals using tools for code review perform reviews more frequently.
Honestly, I envisioned ad-hoc reviews would have been taking place more often than tool based reviews. People are sitting next to each other and it is easy to grab someone and have them take a quick look at something. However, teams are finding that a tool helps ensure that a process is being followed, which leads to reviews taking place more often.
And as can be seen in the survey, people aren't just reviewing in tools to improve code quality, they are seeing other big benefits as well. This includes mentoring, knowledge sharing and complying with regulatory standards.
Software Teams
The data from this section indicates that a lot of teams are distributed. Collaboration is not just occurring with the person sitting next to you or down the hall. Over half of the individuals surveyed have team members throughout the U.S. or the world. This makes communication vital.
It is never argued that successful software development takes collaboration! With so many teams separated by geography, it is a wonder that two thirds of them are getting releases out on time. I would hazard to guess that they take communication seriously and they are probably using tools to help them. Passing emails around with documents and source code is a terribly inefficient way to collaborate.
If your team is still performing reviews this way, I encourage you to find a tool. It saves a ton of time and dramatically improves the ability to communicate quickly and effectively with multiple people at once.
Final Thoughts
It is clear from the survey results that the majority of respondents feel their teams are productive and collaborating pretty consistently. The tools they are using line up with the conversations that I have on a weekly basis and were not surprising to me. I know that one area I'm hearing more and more about is the need to review documents. I would like next year's survey to dig a bit deeper in that area. What area would you like to see more data on?
Industry News
NightVision launched a new software testing and security solution that enables developers to identify, locate, and remediate exploitable vulnerabilities throughout the software development lifecycle (SDLC).
NXT1 has signed the Secure by Design Pledge introduced by the Cybersecurity and Infrastructure Security Agency (CISA).
Sonar announced that SonarQube is now available on Google Cloud Marketplace, enabling organizations to accelerate DevOps transformations in the cloud, modernize software development workflows, and deliver higher-quality, secure applications.
Progress announced the latest release of Progress Telerik® and Progress Kendo UI, the most powerful .NET and JavaScript UI libraries and tools for application development. Today's release delivers artificial intelligence (AI) prompts to application interfaces, design-to-code productivity, accessibility features and a series of new UI components, including the first-to-market Blazor Spreadsheet component.
JFrog and GitHub announced a new partnership to drive a best of breed, integrated platform solution, allowing joint customers to holistically manage EveryOps for developers, including DevOps, DevSecOps, MLOps and GenAI-powered apps.
Harness entered into a definitive agreement to acquire Split Software, a Feature Management and Experimentation provider.
Sensedia announced the launch of Sensedia AI Copilot, an AI assistant designed to facilitate all steps of API Management, Governance and Application Integrations.
Picus Security announced security validation for Kubernetes.
Kong announced the general availability of Kong Gateway Open Source (OSS) 3.7.
Azul announced the launch of its PartnerConnect training and certification program to empower channel partners to provide advanced Java advisory and delivery services.
Mendix announced a partnership with Snowflake to enable the enterprise to activate and drive maximum value from their data through low-code application development.
LaunchDarkly set the stage for “shipping at the speed of now” with the unveiling of new features, empowering engineering teams to streamline releases and accelerate the pace of innovation.
Tigera launched new features for Calico Enterprise and Calico Cloud, extending the products' Runtime Threat Defense capabilities.
Cirata announced the latest version of Cirata Gerrit MultiSite®.