Computest advances quality by means of a “Code Quality Review”. During such a review, an engineer from Computest analyses the source code, documentation and process descriptions of a software project in order to be able to provide the client with a substantiated assessment.
What does a code quality review provide?
A code quality review provides answers to a number of questions, such as:
- Are we on the right path with our development efforts?
- Are the technical choices we are making sustainable in the long term?
- What are the risks we are facing in terms of quality?
- Is the quality of this code base as a whole what we might reasonably expect?
What do we look at?
During the review we look at many aspects involving quality, such as scalability, complexity, how themes like isolation, separation of functions and coupling in the architecture are processed, security, defensive programming and consistency in the code base. In addition, the features of the development process are included, such as how non-functional requirements are treated, how test automation is set up, which security measures form part of the development process and so on. After such a review a report will be provided containing the findings in all parts, as well as a considered total assessment concerning the quality. You will also receive a description of steps that can be taken for improvement, where necessary.
What do we do during a code quality review?
During a code quality review our experienced engineers go into the code base and they get to know the structure and architecture. They then turn their attention to specific parts of the architecture, which touch on the scalability, manageability, sturdiness, etc. In order to gain a full picture, use is also made of tools that will search out quality issues and provide insight into the complexity. In addition, our engineers will also read through the documentation. If desired, interviews can also be held with the development team in order to provide insight into how the quality is safeguarded or not, as the case may be, during the development and deployment processes!