|
| 1 | +# Code review |
| 2 | + |
| 3 | +This document aims to explain why code review can be a very valuable form of |
| 4 | +contribution to any Open Source project. |
| 5 | +But code review is a very broad term that can mean many things. Good in-depth |
| 6 | +code review is also a skill that needs to be learned but can be highly valuable |
| 7 | +in any development team. |
| 8 | + |
| 9 | +## Why should new contributors review code first? |
| 10 | + |
| 11 | +Developers interested in contributing to an Open Source project seem to often |
| 12 | +think that _writing code_ is the bottleneck in those projects. |
| 13 | +That rarely is the case though. Especially in Bitcoin related projects, where |
| 14 | +any mistake can have enormous consequences, any code that is to be merged |
| 15 | +needs to go through a thorough review first (often requiring two or more |
| 16 | +developers to approve before it can be merged). |
| 17 | + |
| 18 | +Therefore, the actual bottleneck in Bitcoin related Open Source projects is |
| 19 | +**review, not the production of code**. |
| 20 | + |
| 21 | +So new contributors that come into a project by opening a PR often take more |
| 22 | +time away from the maintainers of that project than what their first |
| 23 | +contribution ends up adding in value. That is especially the case if the |
| 24 | +contributors don't have a lot of experience with git, GitHub, the target |
| 25 | +programming language and its formatting requirements or the review and test |
| 26 | +process as a whole. |
| 27 | + |
| 28 | +If a new contributor instead starts reviewing Pull Requests first, before |
| 29 | +opening their own ones, they can gain the following advantages: |
| 30 | + - They learn about the project, its formal requirements and the programming |
| 31 | + language used, without anyone's assistance. |
| 32 | + - They learn about how to compile, execute and test the project they are aiming |
| 33 | + to contribute to. |
| 34 | + - They see best practices in terms of formatting, naming, commit structure, |
| 35 | + etc. |
| 36 | + - The value added to the project by reviewing, running and testing code is |
| 37 | + likely positive from day one and requires much less active assistance and |
| 38 | + time from maintainers. |
| 39 | + |
| 40 | +The maintainers of this project therefore ask all new contributors to review |
| 41 | +at least a couple of Pull Requests before adding their own. |
| 42 | + |
| 43 | +## How do I review code? |
| 44 | + |
| 45 | +Reviewing code in a constructive and helpful way is almost an art form by |
| 46 | +itself. The following list is definitely not complete and every developer tends |
| 47 | +to develop their own style when it comes to code review. But the list should |
| 48 | +have the most basic tasks associated with code review that should be a good |
| 49 | +entry point for anyone not yet familiar with the process: |
| 50 | + |
| 51 | +- Make sure to pick a Pull Request that fits your level of experience. You |
| 52 | + might want to pick one that [has the "good first review" |
| 53 | + label](https://github.com/lightningnetwork/lnd/labels/good%20first%20review). |
| 54 | + If you're new to the area that you'd like to review, first familiarize |
| 55 | + yourself with the code, try to understand the architecture, public interfaces, |
| 56 | + interactions and code coverage. It can be useful to look at previous PRs to |
| 57 | + get more insight. |
| 58 | +- Check out the code of the pull request in your local git (check [this |
| 59 | + guide](https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/checking-out-pull-requests-locally) |
| 60 | + for an easy shortcut). |
| 61 | +- Compile the code. See [INSTALL.md](INSTALL.md) and [MAKEFILE.md](MAKEFILE.md) |
| 62 | + for inputs on how to do that. |
| 63 | +- Run the unit tests of the changed areas. See the [`unit` section of |
| 64 | + MAKEFILE.md](MAKEFILE.md#unit) on how to run specific packages or test cases |
| 65 | + directly. |
| 66 | +- Run the code on your local machine and attempt to test the changes of the |
| 67 | + pull request. For any actual Bitcoin or Lightning related functionality, you |
| 68 | + might want to spin up a `regtest` local network to test against. You can check |
| 69 | + out the [`regtest` setup project](https://github.com/guggero/rt) that might |
| 70 | + be helpful for that. |
| 71 | +- Try to manually test the changes in the PR. What to actually test might differ |
| 72 | + from PR to PR. For a bug fix you might first want to attempt to reproduce the |
| 73 | + bug in a version prior to the fix. Then test that the Pull Request actually |
| 74 | + fixes the bug. |
| 75 | + Code that introduces new features should be tested by trying to run all the |
| 76 | + new code paths and try out all new command line flags as well as RPC |
| 77 | + methods and fields. Making sure that invalid values and combinations lead to |
| 78 | + proper error messages the user can easily understand is important. |
| 79 | +- Keep the logs of your tests as part of your review feedback. If you find a |
| 80 | + bug, the exact steps to reproduce as well as the local logs will be super |
| 81 | + helpful to the author of the Pull Request. |
| 82 | +- Propose areas where the unit test coverage could be improved (try to propose |
| 83 | + specific test cases, for example "we should test the behavior with a negative |
| 84 | + number here", instead of just saying "this area needs more tests"). |
| 85 | +- Bonus: Write a unit test (or test case) that you can propose to add to the PR. |
| 86 | +- Go through the PR commit by commit and line by line |
| 87 | + - Is the flow of the commits easy to understand? Does the order make sense? |
| 88 | + See the [code contribution guidelines](code_contribution_guidelines.md) |
| 89 | + for more information on this. |
| 90 | + - Is the granularity of the commit structure easy to understand? Should |
| 91 | + commits be split up or be combined? |
| 92 | + - What does each line achieve in terms of the overall goal of the PR? |
| 93 | + - What does each line change in the behavior of the code? |
| 94 | + - Are there any potentially unwanted side effects? |
| 95 | + - Are all errors handled appropriately? |
| 96 | + - Is there sufficient logging to trace what happens if a user runs into |
| 97 | + problems with the code? (e.g. when testing the code, can you find out what |
| 98 | + code path your execution took just by looking at the trace-level log?) |
| 99 | + - Does the commit message appropriately reflect the changes in that commit? |
| 100 | + Only relevant for non-self-explanatory commits. |
| 101 | +- Is the documentation added by the PR sufficient? |
| 102 | +- Bonus: Propose additional documentation as part of the review that can be |
| 103 | + added to the PR. |
| 104 | +- What does the user interface (command line flags, gRPC/REST API) affected by |
| 105 | + the PR look like? Is it easy to understand for users? Are there any unintended |
| 106 | + breaking changes for current users of the API being introduced? We attempt to |
| 107 | + not break existing API users by renaming or changing existing fields. |
| 108 | +- Does the CI pass for the PR? If not, can you find out what needs to be changed |
| 109 | + to make the CI pass? Unfortunately there are still some flakes in the tests, |
| 110 | + so some steps might fail unrelated to the changes in the Pull Request. |
| 111 | + |
| 112 | +## How to submit review feedback |
| 113 | + |
| 114 | +The above checklist is very detailed and extensive. But a review can also be |
| 115 | +helpful if it only covers some of the steps outlined. The more, the better, of |
| 116 | +course, but any review is welcome (within reason of course, don't spam pull |
| 117 | +requests with trivial things like typos/naming or obvious AI-generated review |
| 118 | +that doesn't add any value). |
| 119 | + |
| 120 | +Just make sure to mention what parts you were focusing on. |
| 121 | +The following abbreviations/acronyms might be used to indicate partial or |
| 122 | +specific review: |
| 123 | + |
| 124 | +- Examples: |
| 125 | + - cACK (concept acknowledgement): I only looked at the high-level changes, the |
| 126 | + approach looks okay to me (but didn't deeply look at the code or tests). |
| 127 | + - tACK (tested acknowledgement): I didn't look at the code, but I compiled, |
| 128 | + ran and tested the code changes. |
| 129 | + - ACK ("full" acknowledgement): I reviewed all relevant aspects of the PR and |
| 130 | + I have no objections to merging the code. |
| 131 | + - Request changes: I think we should change the following aspects of the PR |
| 132 | + before merging: ... |
| 133 | + - NACK (negative acknowledgement): I think we should _not_ proceed with the |
| 134 | + changes in this PR, because of the following reasons: ... |
| 135 | + |
| 136 | +Then try to give as much detail as you can. And as with every communication in |
| 137 | +Open Source projects: Always be polite and objective in the feedback. |
| 138 | +Ask yourself: Would you find the feedback valuable and appropriate if someone |
| 139 | +else posted it on your PR? |
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?v=4&size=40){kind=avatar}
0 commit comments