Code Review Issues and Problems

Events happening in the community are now at Drupal community events on www.drupal.org.
You are viewing a wiki page. You are welcome to join the group and then edit it. Be bold!
Posted by zzolo on April 15, 2011 at 12:14am
Last updated by jthorson on Fri, 2011-07-15 03:34

This page is dedicated to documenting issues of the code review process. These issues should be backed with data when possible and should always be objective. Please do not propose solutions here (you can do propose solutions here).

If you just want to complain about something, please file a complaint.

See zzolo's post for more context.

Comments

Initial Problems Noted

Posted by ccardea on April 19, 2011 at 10:25pm
ccardea's picture

I just completed by first attempt at a code review. These are my initial impressions:

  1. It would be nice to have a link to the Project Application Queue from the group front page.
  2. Unless the project author says something on his project page, there is no way to tell what core version of Drupal the module is designed for. People are still submitting projects for Drupal 6 and we can't assume the module is designed for Drupal 7.
  3. It would be good to have a quick way to look at the project files on drupal.org without having to git clone the project. This might be possible through the git repository but I'm going to have to do some research to find out if it can or can't be done ( unless somebody can tell me how to do it).

Repository viewer

Posted by sreynen on April 20, 2011 at 12:52am
sreynen's picture

The "Repository viewer" link near the bottom of the sidebar of every sandbox allows you to browse the project files before checking them out via git. I generally start there, both to see which core version it targets, and also to make sure it's worth even doing git clone. Many projects have incomplete code, or rely entirely on 3rd party code, both of which mean any further review is not worthwhile.

I agree it would be nice to have earlier indication of core version(s), but I'm not sure it makes sense to do that in the project itself. Full projects already have a system for tracking core versions, so building a new system for sandboxes seems like it would make things more complicate than it's worth. Encouraging applicants to mention core versions in their issue and/or project description might be a simpler solution.

Repository viewer

Posted by ccardea on April 20, 2011 at 1:35am
ccardea's picture

Thanks, I hadn't noticed that. As long as there's access to the info file, that should be enough. This is more my problem, not a real issue.

Good ideas

Posted by zzolo on April 21, 2011 at 5:16pm
zzolo's picture

Hi @ccardea and @sreynen. Good points.

  • I have updated the group page with a direct link to queue.
  • It would be really cool if we could set up a system where people can review code, but without downloading anything. ie an awesome code explorer. There is some work on getting a better code viewer for the new Git, but not sure if this will be good enough for live code reviews, but I really like this idea. I am going to put it on the solutions page.

--
zzolo

Dispute resolution?

Posted by sreynen on May 15, 2011 at 1:18am
sreynen's picture

Here's an application where reviewers are suggesting removal of duplicate functionality and the applicant is disagreeing with the removal:

http://drupal.org/node/1138978

The discussion has been fine so far; I'm just not sure where to take it from here. Should we have some sort of process to get more people to look at disputes like this?

commented on

Posted by zzolo on May 15, 2011 at 10:20pm
zzolo's picture

Commented: http://drupal.org/node/1138978#comment-4472762

Yes, the best thing to do here is to get more people involved. No one person can be the voice of the Drupal community and say "this is how we do it here", so the more people that can put in an opinion, the better (obviously flame wars are no good).

--
zzolo

Getting a second opinion ...

Posted by jthorson on May 31, 2011 at 7:26pm
jthorson's picture

What do folks think of an official 'Request a Second Opinion' thread on the group's front page?

This would be a thread where, if an applicant is pushing back against the review (typically against a 'duplication' argument, but could be anything), the reviewer can post the application link and request an independant analysis from another party?

Having another individual agree with the reviewer could help mediate applicant pushback; and alternatively, having other reviewers weigh in with a different viewpoint during conflicts could (in time) help ensure greater consistency throughout the overall code review process.

+1

Posted by jordojuice on June 9, 2011 at 8:59am
jordojuice's picture

+1

Can the reviewee also request

Posted by davidhernandez on June 9, 2011 at 1:25pm
davidhernandez's picture

Can the reviewee also request a second opinion? Seems only fair.

How to handle Features reviews?

Posted by sreynen on May 31, 2011 at 3:25am
sreynen's picture

I was just looking at this application and I'm a little conflicted on what to do with it:

http://drupal.org/node/1166774

On the one hand, it's new functionality and there's nothing wrong with the code. On the other hand, it's a Features export, so none of the code was directly written by the applicant. This doesn't violate any review criteria I've seen, but it also doesn't give us any idea of the applicant's ability to maintain write or modules beyond Features exports. Thoughts?

There's not so much as a

Posted by tim.plunkett on May 31, 2011 at 2:19pm
tim.plunkett's picture

There's not so much as a hook_form_alter to speak of in there, it is JUST a features export. It's a module in name only. I don't think this should count, as it was created expressly through the GUI (or maybe drush).

Although I think d.o needs a policy on features in general, since to my knowledge none are posted as modules, and there isn't a space for them.

A couple...

Posted by dreamleaf on May 31, 2011 at 2:43pm
dreamleaf's picture

There are a couple of feature sets already on D.O. as projects...

The most widely used one from my knowledge is for OpenPublish... http://drupal.org/project/openpublish_features
There others such as http://drupal.org/project/donor_rally_features & http://drupal.org/project/ct_plus

The thing that sets these apart is the fact that they are for specific distributions rather than generic site builds.

One that I've noticed that doesn't link with a distribution is http://drupal.org/project/agreservations

And I've just spotted that "feature packages" ARE included in the list of module categories... didn't know that...
http://drupal.org/project/modules?filters=tid%3A11478

Dreamleaf Media

I think features are fine as

Posted by greggles on May 31, 2011 at 3:51pm
greggles's picture

I think features are fine as projects on drupal.org. That's relatively well settled. But I don't think we can really review a project if it is just a feature. I propose we make that a requirement of the process that the proposed project cannot be just a feature export.

knaddison blog | Morris Animal Foundation

Also add 'Install profiles' to that process requirement

Posted by jthorson on May 31, 2011 at 7:04pm
jthorson's picture

Had a similar issue come up two weeks ago, with an application which was a mix of feature, install profile, and custom modules. Eventually had the applicant re-apply with just the custom module component ... but at the time, couldn't find an 'official' policy regarding features as modules on d.o, and the IRC channel could only point me at a post listing public 'feature servers'.

I think this is valid

Posted by zzolo on May 31, 2011 at 7:57pm
zzolo's picture

I think Features is a valid application. It falls within the process goals. And ultimately we are reviewing contributors (or contributions). And if someone just wants to contribute (good, significant) Features, thats a very valid contributor to the community. The focus of the review just shifts more to understanding the applicants ability to understand the contrib space, using Git and versioning, full project description. Code writing itself is not a majority of our current goals.

Also, there are standards for Features (the Kit specification). This would be a good way to review this Feature.

I also think Install Profiles are valid as well. (They usually involve custom code, anyway).

This just speaks up to the fact that we need people from different backgrounds (ie themers) to be doing reviews. Contributions to the contrib repository are not just hand written code.

--
zzolo

Conflicting policies?

Posted by jordojuice on June 9, 2011 at 9:11am
jordojuice's picture

This seems to me to conflict with some other project applications in which applicants apply to take over an abandoned module but are ultimately stopped in the project application queue and required to first make modifications to the module before continuing the application process. There is currently an issue in the queue here http://drupal.org/node/1166230 that has this requirement.

Unfortunately, without seeing your own code, we cannot perform a 'Full Project Access' review at this time.

The applicant was instructed to provide his or her own code for review because we could not complete the review without seeing his own work. I tend to support this side of the argument as it is, but I do understand that we don't want to exclude beneficial contributions by putting up too many barriers to contributing. Either way, it is clear that we want to provide consistency and a fair and equal review process.

By the way, hello all! Glad to be here.

Not necessary conflicting

Posted by sreynen on June 9, 2011 at 12:43pm
sreynen's picture

"We need to see your code" has always been my understanding, so I was initially very confused by zzolo's response. But after thinking about it more, I don't think it's necessarily a conflict. If we take a step back, the motivation behind "we need to see your code" is, I think, to verify that the applicant is capable of maintaining the project. With Features projects, the ability to maintain them is much simpler: the ability to make and export configuration changes. Unlike regular projects, people can effectively demonstrate this ability without actually writing any code.

It's still a little weird that we have this new set of contributors with a potentially very different skill set than the rest of the contributor community, but that's probably not something we need to address here in the review process.

Code review for security advisory coverage applications

Group organizers

Group notifications

This group offers an RSS feed. Or subscribe to these personalized, sitewide feeds: