HN
Today

Many people misunderstand the purpose of code review

Mark Dominus asserts that many misunderstand code review, arguing its true purpose is ensuring code understandability and maintainability, not bug detection. This controversial take ignites a fiery debate among Hacker News developers who hold diverse, often conflicting, views on the primary goals and efficacy of code review practices. The discussion delves into everything from knowledge transfer to gatekeeping.

72
Score
44
Comments
#3
Highest Rank
5h
on Front Page
First Seen
Jul 2, 1:00 PM
Last Seen
Jul 2, 5:00 PM
Rank Over Time
253101414

The Lowdown

The author, Mark Dominus, challenges the conventional wisdom surrounding code review, suggesting that its widely accepted primary goal—bug detection—is fundamentally flawed and inefficient.

  • He finds the task of specifically searching for bugs in another's code to be exceedingly difficult, unrewarding, and prone to failure, as success (finding all bugs) is impossible to guarantee.
  • Instead, Dominus proposes that code review is far more effective and achievable when the reviewer's objective is to simply understand the code and identify any parts that are unclear or confusing.
  • Under this reframed purpose, success is guaranteed: the reviewer simply documents what they couldn't understand, shifting the burden from finding discrete errors to ensuring collective comprehension and maintainability.

This perspective reframes code review not as a QA bottleneck, but as a critical mechanism for knowledge transfer and ensuring the long-term health and clarity of a codebase.

The Gossip

Multi-faceted Mandates: Unpacking Code Review's Diverse Directives

Many commenters strongly disagree with the author's narrow definition, arguing that code review serves multiple crucial purposes beyond just understanding. Key identified functions include knowledge transfer, fostering team ownership (making it 'our code'), ensuring maintainability (especially preventing 'paradigm rot'), enforcing architectural consistency, and sharing responsibility for the codebase. Several emphasize that finding bugs, while not the sole purpose, is a legitimate and often successful outcome. The underlying sentiment is that there isn't *one* true purpose, but rather a dynamic set of goals depending on context and team culture.

Bug-Spotting or Not: The Efficacy of Error Detection

A significant number of commenters challenge the author's assertion that finding bugs via code review is generally impossible or not the point. Many assert they regularly discover bugs through review, ranging from simple logic errors to critical design flaws. They argue that understanding the code inherently involves identifying potential issues, and that reviews should also encompass checking for adequate testing to prevent bugs. Some clarify that the author, being a mathematician, might mean 'impossible to find *all* bugs,' a point less controversial than 'impossible to find *any* bugs,' suggesting a misinterpretation of the author's phrasing.

Hierarchical Hurdles: Code Review's Social Subtext

Beyond technical objectives, commenters discuss the social and political dimensions of code review. Some cynically suggest it can be used by senior engineers for 'gatekeeping' promotions or nitpicking junior developers' code to maintain hierarchy, especially if the junior's code is perceived as 'too smart' or complex. Others discuss how review practices foster team ownership and shared responsibility, making the codebase 'our code' rather than 'your code.' There's also mention of reviews serving regulatory compliance (SOX/SOC2) in corporate environments, emphasizing their role as an audit mechanism rather than purely a quality-assurance tool.

Algorithmic Assistance: AI's Inroads into Code Review

A nascent but relevant theme is the impact of Artificial Intelligence on code review practices. Commenters ponder whether AI tools might eventually replace traditional human reviews, especially for 'GitHub-style' asynchronous pull requests, by automating checks for maintainability, style, and even correctness. Concerns are raised about the ability to trust AI for critical code review and the difficulty of reviewing large volumes of AI-generated code, with one user noting a shift to a 'binary 'is this batshit crazy or passable'' approval process with AI involvement.