What I Learned About Software Quality From The 10 Most Popular Javascript Projects On Github

Rate this content
Bookmark

It is very common for teams to have code review processes and this usually happens through pull requests. Each comment represents a step towards improving the quality of the software, however, there is a wide variety of points of view. The seniority of the team, the team itself, the company, the time left, the mentality, internal agreements, all of this impacts the way of reviewing code.

As a tester, I need to understand what happens in the code and when reviewing it, to identify flaws in the development process and improve my testing strategy.

In this talk, I will bring the results of research I carried out analyzing the comments contained in pull requests from the 10 most popular GitHub projects created in Javascript and bring some insights related to what I discovered. Among them: are which software quality characteristics are most exercised by Devs, which are weak points in their development process, where we can improve our tests to anticipate failures, and tools that can be used to test more comprehensively, among others.

This talk has been presented at TestJS Summit 2023, check out the latest edition of this JavaScript Conference.

FAQ

The main focus of the talk is to share insights learned from researching the code review practices used in ten of the most popular JavaScript libraries on GitHub, emphasizing the importance of maintainability in code reviews.

A pull request is a method used in software development where a developer informs team members about changes they've pushed to a repository on GitHub. After opening a pull request, team members review the changes and provide feedback, leading to improvements or approval to merge the changes into the main branch.

During code reviews, key factors include maintainability, readability, functionality, and adherence to best practices and coding standards. These factors help ensure the code is efficient, effective, and aligns with project goals.

ISO 25010 provides a standard for software quality that includes characteristics like maintainability and functional suitability. Developers use these standards to evaluate code quality during reviews, ensuring the software is up to industry standards.

The speaker learned that 75% of the comments in pull requests were related to maintainability. This indicates a strong focus on enhancing the readability, testability, and overall quality of code during the review process.

Excluding bot interactions and author comments in pull request reviews helps focus on human feedback, providing a clear perspective on the code's impact and quality from other developers, rather than automated checks or the author’s own follow-up comments.

Using bots in code reviews can automate routine checks, ensure adherence to coding standards, and highlight potential issues like file size or code complexity before human review. This makes the review process more efficient and consistent.

Developers can improve their code review practices by adopting guidelines from established projects, using automated tools like bots for preliminary checks, and focusing on comprehensive quality characteristics including security and performance alongside maintainability.

Júlio de Lima
Júlio de Lima
27 min
07 Dec, 2023

Comments

Sign in or register to post your comment.
Video Summary and Transcription
The Talk discusses the code review process and the importance of software quality. It emphasizes the need for maintainability in code and the use of guidelines tailored to the team. The Talk also highlights the significance of functional suitability and the challenges of code review. Automation and documentation are recommended to improve code reviews and ensure software quality.

1. Introduction to Code Review Process

Short description:

I'm here today to share what I've learned from researching the most used JavaScript libraries in GitHub. Let's understand the best practices for code review. The code review process involves creating code, opening a pull request, and having teammates review and provide perspectives. Devs review code based on standards, readability, and whether it functions correctly. Ideas for code review come from experience and can be empirical. Software testing uses the ISO 25010 standard.

So, I'm very... It's a pleasure to be here today with you guys. Thank you for all the organization that makes this happen and, definitively, it's an honor to be here today. This is my first time speaking here in Europe, so, it's another memoir, moment in my life and my career. And I hope you guys can enjoy this talk as well.

So, I was already introduced, so I will save you guys from hearing this again. The idea here in this talk is to share with you what I've learned after doing research on ten of the most used JavaScript libraries in GitHub. And I try to structure this in a way that we can basically understand a little bit more about the best practices that these guys have been using when reviewing code. And that is the approach. The idea today is not to go on the features that the libraries have, but instead is to learn more about how they are reviewing the code that are submitted to these repositories.

So, let's move ahead and think a little bit more about the code review process, right? The code review process is basically a simple way for people that are coding every day, right? It's something that is pretty straightforward, but for the people that are in the testing side, sometimes doesn't know exactly how it works. So, first, we have the code that is created. So, the developer goes there and creates a piece of code, or even the testers, depending on how you guys are structuring the way that you produce your test automation code, right? But this is the first part to create a code. Then the person that created this code opened APR. And after opening APR, that's the pull request, basically we have our teammates going there and reviewing this and providing us some perspectives, the views that they have. And then after that, we can, if we have the approve, we can go ahead and merge the code. If not, we need to work on this pull request, or in this piece of code that we are producing, right? The thing is that there is a very, how to say, very important activity that happens during this process that is basically to have these teammates looking at the code and reviewing that. The question is, how do devs do it? And the answer is magic, right? Actually, let me ask you guys that are devs. Tell me what do you have in mind when you are reviewing a code? That's your turn. Yeah, we're doing standards, right? What else? That's a very good question. That's a very good answer as well. Readability. What else? Yeah, if the code does what it should do, right? However, where do these ideas come from? Yeah, experience, right? The way that you do it. There's no, I'm not telling you that everyone does it this way, right? But sometimes we do it from an experience manner, right? Based on our experience. So, it makes us to be, how they say, empirical, right? So, if everyone here raised their hand and shared one thought about how to review, we would be the wisest person in this whole conference, right? There is another way to do it. In software testing, we use a standard called ISO 25010. Have you guys heard about it? Yeah? Raise your hands. Okay, good. Do a wave. We got thumbs up.

2. Software Quality and Code Review

Short description:

There are eight software quality characteristics, including functional suitability and maintainability. Maintainability focuses on making the code readable, testable, and better. In a research study, 75% of comments on pull requests were related to maintainability. To understand how software testing repositories handle code reviews, I analyzed closed pull requests. I encourage you to try this research method in your company to gain insights into quality.

Okay, good. So, there are basically eight software quality characteristics. If the software is working as expected, it is classified as functional suitability. If the code is readable, it is called where is it? Okay, maintainability. Okay? There are groups of things. And what happens is that every time that I ask a developer on what they think that they should do during the review, what I heard more commonly, more frequently is related to maintainability.

Okay? It's making the code readable. It's making the code testable. It's making the code better. That's all about maintainability. I did a quick research on one of the teams that I was working with. And I reviewed 52 pull requests and more than 300 comments on the pull requests. What I learned? 75% of the comments were related to maintainability.

Okay? The thing is, how the most used software testing repositories, software testing libraries, how they say, do when they are when the people that contribute to this project are reviewing pull requests. This is the question that I had. And then I started to find out the answers. And what I did was basically to one, go one by one of these repositories and then filter only the closed pull requests.

Okay? Because they are already, how they say, established. Everything that should take as a decision was already did. Right? That is what I did. And I recommend to you guys to remember this slide. Because I really would like to have you trying to do this in your companies. At least for one repository. And I promise you, you will learn a lot about how you guys understand quality in that specific repository.

Okay? So, try to reproduce this research method. So, second was to open the pull request that has comments. Okay? Because sometimes we have pull requests that are just approved. Magically. Okay? They are just approved. And then ignore the pull requests that have only bot interactions or the own author.

QnA

Check out more articles and videos

We constantly think of articles and videos that might spark Git people interest / skill us up or help building a stellar career

Network Requests with Cypress
TestJS Summit 2021TestJS Summit 2021
33 min
Network Requests with Cypress
Top Content
Cecilia Martinez, a technical account manager at Cypress, discusses network requests in Cypress and demonstrates commands like cydot request and SCI.INTERCEPT. She also explains dynamic matching and aliasing, network stubbing, and the pros and cons of using real server responses versus stubbing. The talk covers logging request responses, testing front-end and backend API, handling list length and DOM traversal, lazy loading, and provides resources for beginners to learn Cypress.
Testing Pyramid Makes Little Sense, What We Can Use Instead
TestJS Summit 2021TestJS Summit 2021
38 min
Testing Pyramid Makes Little Sense, What We Can Use Instead
Top Content
Featured Video
Gleb Bahmutov
Roman Sandler
2 authors
The testing pyramid - the canonical shape of tests that defined what types of tests we need to write to make sure the app works - is ... obsolete. In this presentation, Roman Sandler and Gleb Bahmutov argue what the testing shape works better for today's web applications.
A Framework for Managing Technical Debt
TechLead Conference 2023TechLead Conference 2023
35 min
A Framework for Managing Technical Debt
Top Content
Today's Talk discusses the importance of managing technical debt through refactoring practices, prioritization, and planning. Successful refactoring requires establishing guidelines, maintaining an inventory, and implementing a process. Celebrating success and ensuring resilience are key to building a strong refactoring culture. Visibility, support, and transparent communication are crucial for addressing technical debt effectively. The team's responsibilities, operating style, and availability should be transparent to product managers.
Debugging JS
React Summit 2023React Summit 2023
24 min
Debugging JS
Top Content
Watch video: Debugging JS
Debugging JavaScript is a crucial skill that is often overlooked in the industry. It is important to understand the problem, reproduce the issue, and identify the root cause. Having a variety of debugging tools and techniques, such as console methods and graphical debuggers, is beneficial. Replay is a time-traveling debugger for JavaScript that allows users to record and inspect bugs. It works with Redux, plain React, and even minified code with the help of source maps.
Building a Voice-Enabled AI Assistant With Javascript
JSNation 2023JSNation 2023
21 min
Building a Voice-Enabled AI Assistant With Javascript
Top Content
This Talk discusses building a voice-activated AI assistant using web APIs and JavaScript. It covers using the Web Speech API for speech recognition and the speech synthesis API for text to speech. The speaker demonstrates how to communicate with the Open AI API and handle the response. The Talk also explores enabling speech recognition and addressing the user. The speaker concludes by mentioning the possibility of creating a product out of the project and using Tauri for native desktop-like experiences.
A Practical Guide for Migrating to Server Components
React Advanced 2023React Advanced 2023
28 min
A Practical Guide for Migrating to Server Components
Top Content
Watch video: A Practical Guide for Migrating to Server Components
React query version five is live and we'll be discussing the migration process to server components using Next.js and React Query. The process involves planning, preparing, and setting up server components, migrating pages, adding layouts, and moving components to the server. We'll also explore the benefits of server components such as reducing JavaScript shipping, enabling powerful caching, and leveraging the features of the app router. Additionally, we'll cover topics like handling authentication, rendering in server components, and the impact on server load and costs.

Workshops on related topic

Designing Effective Tests With React Testing Library
React Summit 2023React Summit 2023
151 min
Designing Effective Tests With React Testing Library
Top Content
Featured Workshop
Josh Justice
Josh Justice
React Testing Library is a great framework for React component tests because there are a lot of questions it answers for you, so you don’t need to worry about those questions. But that doesn’t mean testing is easy. There are still a lot of questions you have to figure out for yourself: How many component tests should you write vs end-to-end tests or lower-level unit tests? How can you test a certain line of code that is tricky to test? And what in the world are you supposed to do about that persistent act() warning?
In this three-hour workshop we’ll introduce React Testing Library along with a mental model for how to think about designing your component tests. This mental model will help you see how to test each bit of logic, whether or not to mock dependencies, and will help improve the design of your components. You’ll walk away with the tools, techniques, and principles you need to implement low-cost, high-value component tests.
Table of contents- The different kinds of React application tests, and where component tests fit in- A mental model for thinking about the inputs and outputs of the components you test- Options for selecting DOM elements to verify and interact with them- The value of mocks and why they shouldn’t be avoided- The challenges with asynchrony in RTL tests and how to handle them
Prerequisites- Familiarity with building applications with React- Basic experience writing automated tests with Jest or another unit testing framework- You do not need any experience with React Testing Library- Machine setup: Node LTS, Yarn
How to Start With Cypress
TestJS Summit 2022TestJS Summit 2022
146 min
How to Start With Cypress
Featured WorkshopFree
Filip Hric
Filip Hric
The web has evolved. Finally, testing has also. Cypress is a modern testing tool that answers the testing needs of modern web applications. It has been gaining a lot of traction in the last couple of years, gaining worldwide popularity. If you have been waiting to learn Cypress, wait no more! Filip Hric will guide you through the first steps on how to start using Cypress and set up a project on your own. The good news is, learning Cypress is incredibly easy. You'll write your first test in no time, and then you'll discover how to write a full end-to-end test for a modern web application. You'll learn the core concepts like retry-ability. Discover how to work and interact with your application and learn how to combine API and UI tests. Throughout this whole workshop, we will write code and do practical exercises. You will leave with a hands-on experience that you can translate to your own project.
Build Modern Applications Using GraphQL and Javascript
Node Congress 2024Node Congress 2024
152 min
Build Modern Applications Using GraphQL and Javascript
Featured Workshop
Emanuel Scirlet
Miguel Henriques
2 authors
Come and learn how you can supercharge your modern and secure applications using GraphQL and Javascript. In this workshop we will build a GraphQL API and we will demonstrate the benefits of the query language for APIs and what use cases that are fit for it. Basic Javascript knowledge required.
Detox 101: How to write stable end-to-end tests for your React Native application
React Summit 2022React Summit 2022
117 min
Detox 101: How to write stable end-to-end tests for your React Native application
Top Content
WorkshopFree
Yevheniia Hlovatska
Yevheniia Hlovatska
Compared to unit testing, end-to-end testing aims to interact with your application just like a real user. And as we all know it can be pretty challenging. Especially when we talk about Mobile applications.
Tests rely on many conditions and are considered to be slow and flaky. On the other hand - end-to-end tests can give the greatest confidence that your app is working. And if done right - can become an amazing tool for boosting developer velocity.
Detox is a gray-box end-to-end testing framework for mobile apps. Developed by Wix to solve the problem of slowness and flakiness and used by React Native itself as its E2E testing tool.
Join me on this workshop to learn how to make your mobile end-to-end tests with Detox rock.
Prerequisites- iOS/Android: MacOS Catalina or newer- Android only: Linux- Install before the workshop
API Testing with Postman Workshop
TestJS Summit 2023TestJS Summit 2023
48 min
API Testing with Postman Workshop
Top Content
WorkshopFree
Pooja Mistry
Pooja Mistry
In the ever-evolving landscape of software development, ensuring the reliability and functionality of APIs has become paramount. "API Testing with Postman" is a comprehensive workshop designed to equip participants with the knowledge and skills needed to excel in API testing using Postman, a powerful tool widely adopted by professionals in the field. This workshop delves into the fundamentals of API testing, progresses to advanced testing techniques, and explores automation, performance testing, and multi-protocol support, providing attendees with a holistic understanding of API testing with Postman.
1. Welcome to Postman- Explaining the Postman User Interface (UI)2. Workspace and Collections Collaboration- Understanding Workspaces and their role in collaboration- Exploring the concept of Collections for organizing and executing API requests3. Introduction to API Testing- Covering the basics of API testing and its significance4. Variable Management- Managing environment, global, and collection variables- Utilizing scripting snippets for dynamic data5. Building Testing Workflows- Creating effective testing workflows for comprehensive testing- Utilizing the Collection Runner for test execution- Introduction to Postbot for automated testing6. Advanced Testing- Contract Testing for ensuring API contracts- Using Mock Servers for effective testing- Maximizing productivity with Collection/Workspace templates- Integration Testing and Regression Testing strategies7. Automation with Postman- Leveraging the Postman CLI for automation- Scheduled Runs for regular testing- Integrating Postman into CI/CD pipelines8. Performance Testing- Demonstrating performance testing capabilities (showing the desktop client)- Synchronizing tests with VS Code for streamlined development9. Exploring Advanced Features - Working with Multiple Protocols: GraphQL, gRPC, and more
Join us for this workshop to unlock the full potential of Postman for API testing, streamline your testing processes, and enhance the quality and reliability of your software. Whether you're a beginner or an experienced tester, this workshop will equip you with the skills needed to excel in API testing with Postman.
Monitoring 101 for React Developers
React Summit US 2023React Summit US 2023
107 min
Monitoring 101 for React Developers
Top Content
WorkshopFree
Lazar Nikolov
Sarah Guthals
2 authors
If finding errors in your frontend project is like searching for a needle in a code haystack, then Sentry error monitoring can be your metal detector. Learn the basics of error monitoring with Sentry. Whether you are running a React, Angular, Vue, or just “vanilla” JavaScript, see how Sentry can help you find the who, what, when and where behind errors in your frontend project. 
Workshop level: Intermediate