I’ve been doing code review in one form or another all my career. For the most part, I’ve been haphazardly looking at code, trying to find the obvious improvements or defects. It’s much more difficult to find a missing test case, an exploitable security hole, or a race condition. Enter the checklist! Long used by pilots to prepare an airplane for the every phase of a flight, it serves us in much the same way for code review.
According to most sources, the average suggested time to spend on a code review is between 30 to 60 minutes. If you combine performing one or two reviews per day with all the other peripheral tasks you need to accomplish in a day, you’re quickly going to run out of time to accomplish your own “real” work. It’s a tricky situation that can quickly snowball out of control, making it important to have strategies in place to cope with a large influx of code reviews.