Codestriker Logo

Software Reviews are recognized to be a cost effective way of finding and fixing defects in software products. If you are not performing any type of reviews or inspections right now, you should consider reading some of the literature below.

Reviews are commonly sited as a main factor for the superior quality found in mature open source software projects. For example, OpenBSD credits its incredible security track record with repeated inspections of its source code. Even, the extreme programming movement advocates pair programming, essentially a constant review during coding process.

However, many, many projects either don't do reviews or do them so poorly that they are a waste of money. If you interested in doing reviews on your projects, and have never been trained, please pick up one of the following books.


Peer Reviews In Software, Karl E. Wiegers.

This is the best book for people who are just starting out with software reviews. It is very accessible description of the software review process. It describes the best known processes for running reviews, deals with common challenges introducing reviews into a typical organization, and has a section on the metric data collection and analysis. If you can only get one book, this is the one to get.

Software Inspection, Tom Gilb and Dorothy Graham.

This book is about 10 years old. It mainly focuses on the processes used by IBM. It also has some case studies from other companies. It describes a hard-core formal inspection process. If you do any inspections or reviews currently, this book will make you feel bad for not running them better. If you are responsible for making inspections happen in your organization, then you will probably want to pick up this book. It is very detailed in its descriptions of the different steps in a full blown formal inspection process, has an exhaustive list of forms, and metric data that you will want to consider tracking. The case study from the Sema Group has some metric data that really drives home the danger of inspecting too much material and generally going too fast. I can only recommend this book for people that have already decided to do inspections, and are interested in making sure they are done well. If you need to sell inspections to others, stick with the "Peer Reviews In Software" book.

Handbook of Walkthroughs, Inspections, and Technical Reviews: Evaluating Programs, Projects, and Products.

I have not read this book.


The "Peer Reviews In Software" book has a companion web site with templates, sample chapters from the book, excel files for metrics analysis, and links to some commercial reviewing tools.

Construx (Steve McConnell's company) has a training class for doing software reviews.

I have not attended the class, but Steve McConnell is one of the most respected people in the software engineering community, so I am sure that it would be worth checking out.

NASA has a nice page on code inspections.

The SEI also has a nice page on software inspections.

Codestriker's competitors

We have not used any of these tools. The small number of tools that are available just underscores how few projects are using them. If people have any experience with any of the tools listed and would like to write us a review, please drop us a note. Also, if we missed a tool, please email us a link.

Open-source tools

JCR: Web application for performing and managing code reviews. It can be used for reviews of any type of source code, although it has some special smarts for reviewing Java projects. Written in Python and licenced under the GPL.

Commercial tools

ASSIST: Only licensed for research purposes, runs on Solaris 2.5.1, and python. You needs to send your information to the author before you can use it. It looks like it has not been modified for a couple of years.

ReviewPro: Web based, uses a commercial database as a back end, and they offer it as a hosted service. They have an online demo that you can use if your register with them.

CodeReviewer: It runs under Windows, and is not web-based. It works with CVS, SourceSafe, and Perforce and handles reviews of diffs. It is not client-server and it stores everything into the source code control system. This company also make some nice tools to collect and analyze source code metrics.

Macadamian CodeReview: Macadamian CodeReview is an add-in module for Microsoft Visual Studio .NET. With CodeReview you can attach comments, and even code suggestions, to any source code file supported in Visual Studio .NET.

Cenqua Crucible: From their website: "Due for release in 2005, Crucible is a tool that manages the peer code review process. Crucible builds on FishEye to provide highly configurable review workflow, email and RSS notifications, threaded comment support and many other features."

Jupiter: Jupiter is an open-source code review plug-in tool for the Eclipse IDE.

This page was contributed by Jason Remillard.

SourceForge Logo