Changes

I have been doing code reading and review for years but I never asked myself why I am reading and reviewing code, but his point of view of why we are code reviewing amazed me. Some of the points he made are somewhat similar to why I have been code reading. I have been using lxr and mxr to tract down the source code I need. When I found a problem in my program and I need to fix it, therefore I am reading my code; bug fixing. I find it difficult to figure how the source code works and I am angry about it because there is no documentation; document code. I have been using grid, find and debugger to debug, read and review code because they are the simplest way to tract down a variable or function. I can really relate to the strategy that he uses in code reviewing, but the above strategy has nothing to do with the open source community. How is code reading and review different in an open source project? Open source is about community, it is about how everyone works together in an open environment when source code and ideas are being shared. This is the best and quickest way to chase down a problem and improve security because there can be thousand of people looking at the same problem at the same time and there can be thousand of people trying to break or fix the code. Open source project can improve something quickly but it is very difficult to control and this cost maintainability problem. Once a source code got published, there can be hundred of people trying to make a new patch for the code. There is a need in maintaining and controlling new patches. Program such as CVS and CVN can be useful in this case. They allow user to view any previous version of the code therefore, if anything went wrong they can always rollback.