Code Review

August 17, 2018

The Most Overlooked Server Permission Checks

After reviewing the code for hundreds of backend server applications, we’ve seen some recurring permissions issues. Below we’ll break down what are the most common problems and how to address them.

We previously looked at common server authentication issues we see in code review and offered tips to avoid them. If you followed these suggestions, you should have improved your server authentication techniques and can assure all your incoming requests have a validated user attached.

Tyler Mann headshot

August 10, 2018

Pesky Server Auth Issues We’ve Found

For backend server applications, getting authentication right for your APIs is a critical component for ensuring the security of your service. It’s also one of the most common API security issues we notice.

Almost all popular web frameworks these days have a concept for authentication built-in that you can use to protect your routes and require a user to be logged in to access it.

Tyler Mann headshot

April 7, 2018

3 Principles to Get Your Pull Request Reviewed Faster

How long does it take you and your team to get a pull request reviewed, accepted, and merged? How long should it take?

In my experience, the turnaround time a pull request takes to get through code review ranged from minutes to days. I’ve even had PRs sit for weeks waiting for code review. There are a few fundamentals I’ve learned that can help you get your code reviewed quickly and improve your pull request turnaround time.

Tyler Mann headshot

January 9, 2018

3 Ways Code Review Makes Your Dev Team Better

These three benefits of establishing a healthy code review process can help development teams write better code and do it more efficiently:

Improve readability and maintainability

With the exception of solo engineers working on their own projects, most software is a collaboration built by teams of people working together. As development teams grow, oftentimes the developer now assigned to maintaining a feature isn’t the same person who originally wrote it.

Code review is the best opportunity to get feedback on the readability of your code from another engineer. In addition to checking for quality and performant code, a good review process encourages teams to optimize code for readability.

Tyler Mann headshot