IntelliJ IDEA Code Review Example
In this post, we feature a comprehensive Example on IntelliJ IDEA Code Review. We will learn how we can use IDEA IntelliJ for code reviews.
You can also check this tutorial in the following video:
Code review is a systematic examination (sometimes referred to as peer review) of computer source code. It is intended to find mistakes overlooked in software development, improving the overall quality of software. Reviews are done in various forms such as pair programming, informal walkthroughs, and formal inspections. Code reviews can often find and remove common vulnerabilities such as format string exploits, race conditions, memory leaks and buffer overflows, thereby improving software security. Online software repositories based on Subversion, Mercurial, Git or others allow groups of individuals to collaboratively review code. Additionally, specific tools for collaborative code review can facilitate the code review process.
A code review is a process where two or more developers visually inspect a set of program code, typically, several times. The code can be a method, a class, or an entire program. The main code-review objectives are:
- Best Practice: A more efficient, less error-prone, or more elegant way to accomplish a given task.
- Error Detection: Discovering logical or transitional errors.
- Vulnerability Exposure: Identifying and averting common vulnerabilities like Cross-Site Scripting [XSS], Injection, Buffer Overflow, Excessive Disclosure, etc.
- Malware Discovery: This often-overlooked and very special code-review objective looks for segments of code that appear extraneous, questionable, or flat-out weird. The intent is to discover back doors, Trojans, and time bombs. In today’s world malevolent code is a very real threat and should not be overlooked, especially by Government agencies
Automated code reviewing software lessens the task of reviewing large chunks of code on the developer by systematically checking source code for known vulnerabilities
You can use Upsource provided by Jetbrains which will help you improve your code, project and process. You can perform efficient code-reviews and automate your workflows. You can let Upsource analyse your code and track progress, while you focus on improvements. You can participate in discussions and manage your reviews without leaving the comfort of your IDE. You can discover design flaws by spotting parts of your project in need of developers’ attention, such as hotspots and abandoned files. You can deal with project-wide risks by spreading responsibilities and making sure no part of code is “owned” by a sole developer.
To help developers stay in their comfort zone, Upsource features code review plugins for IntelliJ IDEA and other JetBrains IDEs, which allow you to participate in code discussions and manage code reviews from the comfort of your IDE. You can see what’s going on in the project you’re working on in real time. By default, you get only notifications relevant to you, e.g. when somebody comments on code you’ve authored, mentions you, or assigns you to review a change. But if you prefer, you can also track all news, or just unread ones. Reply to comments and resolve discussions straight from the News Feed in your IDE – no need to switch context.
You can create code reviews straight from the Commit dialog, review your teammates’ changes, browse other ongoing reviews, and see who is involved. Know which revisions have been added, what the changes look like, what’s being discussed, and so on. You can add comments on revisions, in VCS diffs, and label discussions just like you do in the web UI.
If you have Upsource integration plugin installed, you can easily share links to any piece of code with your teammates. They’ll be able to browse that exact selection in that specific revision in Upsource.
4. Installing Upsource Integration Plugin
Upsource is the right tool for you if your development team is looking for ways to browse different revisions of the code base without checking them out to local machines, and to discuss and review changes made in the code base. Upsource only recognises changes that are committed to your repository.
In this section we will see how we can install the Upsource Integration Plugin in IntelliJ. I am using IntelliJ IDEA 2018.1.3 (Community version). Go to Preferences -> Plugins and click on ‘Browse repositories…’.
Type Upsource’ in the search box. The Upsource Integration plugin will be filtered. Click on the ‘Install’ button on the right section of the pop-up.
IntelliJ will start installing the plugin. Once it has been installed you will need to restart IntelliJ. Click on the ‘Restart IntelliJ IDEA’ button on the ‘Browse Repositories’ pop-up.
Now you need to provide Upsource plug-in with your Upsource server URL. From the left pane of your IDE’s Settings window, select Tools|Upsource|Connection, enter the address in the Server URL field, test the connection and click OK. Enter your Upsource credentials in the displayed browser window. Now you’re all set to start using Upsource code review features right from your IDE.
For more information about how to use this plugin please visit Upsource plug.
In this article, we looked at what is a code review and what are it’s advantages. We also discussed about Upsource tool which we can integrate with IntelliJ IDEA to perform code reviews. There are other tools available in the market which can be used to perform code reviews but for this article we have just looked at one of them. It is up to the organisation to decide which tools suits them best and how easy they can bring their developers up to speed with using that tool. Initially there is a learning curve involved but it pays good dividends once used in a correct way.