Skip to main content
Test Double company logo
Services
Services Overview
Holistic software investment consulting
Software Delivery
Accelerate quality software development
Product Management
Launch modern product orgs
Legacy Modernization
Renovate legacy software systems
DevOps
Scale infrastructure smoothly
Upgrade Rails
Update Rails versions seamlessly
Technical Recruitment
Build tech & product teams
Technical Assessments
Uncover root causes & improvements
Case Studies
Solutions
Accelerate Quality Software
Software Delivery, DevOps, & Product Delivery
Maximize Software Investments
Product Performance, Product Scaling, & Technical Assessments
Future-Proof Innovative Software
Legacy Modernization, Product Transformation, Upgrade Rails, Technical Recruitment
About
About
What's a test double?
Approach
Meeting you where you are
Founder's Story
The origin of our mission
Culture
Culture & Careers
Double Agents decoded
Great Causes
Great code for great causes
EDI
Equity, diversity & inclusion
Insights
All Insights
Hot takes and tips for all things software
Leadership
Bold opinions and insights for tech leaders
Developer
Essential coding tutorials and tools
Product Manager
Practical advice for real-world challenges
Say Hello
Test Double logo
Menu
Services
BackGrid of dots icon
Services Overview
Holistic software investment consulting
Software Delivery
Accelerate quality software development
Product Management
Launch modern product orgs
Legacy Modernization
Renovate legacy software systems
Cycle icon
DevOps
Scale infrastructure smoothly
Upgrade Rails
Update Rails versions seamlessly
Technical Recruitment
Build tech & product teams
Technical Assessments
Uncover root causes & improvements
Case Studies
Solutions
Solutions
Accelerate Quality Software
Software Delivery, DevOps, & Product Delivery
Maximize Software Investments
Product Performance, Product Scaling, & Technical Assessments
Future-Proof Innovative Software
Legacy Modernization, Product Transformation, Upgrade Rails, Technical Recruitment
About
About
About
What's a test double?
Approach
Meeting you where you are
Founder's Story
The origin of our mission
Culture
Culture
Culture & Careers
Double Agents decoded
Great Causes
Great code for great causes
EDI
Equity, diversity & inclusion
Insights
Insights
All Insights
Hot takes and tips for all things software
Leadership
Bold opinions and insights for tech leaders
Developer
Essential coding tutorials and tools
Product Manager
Practical advice for real-world challenges
Say hello
Developers
Developers
Developers
Communication & teams

Should code reviews be mandatory? A look at non-blocking reviews

Are mandatory code reviews a bottleneck for your team? Here's how non-blocking reviews can foster trust, accelerate development, and reduce frustration.
Andrew Walker
|
December 3, 2024
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

For the past year I have had the privilege of working closely with BridgeCare.

During this time they ran an experiment where they disabled the requirement for review on PRs before merging. It was a huge success and it has led me to question our industry's established norms of required code review.

Why do we do code review?

Let's ask a fundamental question: What is the value of code review?

This is by no means a definitive list, but here's what comes to mind for me:

  • It's a form of async pair programming and seeing other's code is one way we level up
  • It builds redundancy in the team as more than one person will be familiar with the code
  • It catches bugs
  • It catches malicious code
  • It ensures code quality
    • Consistency and design
    • Readability and maintainability

So, yeah, code review is valuable, but it comes at a pretty substantial cost. It introduces delays into our feature development pipelines and leads to additional context-switching and juggling of tasks.

Why do we require code review before deploying?

Mandatory code review is the norm in our industry. There are exceptions of course but generally speaking when it comes to core application code the repo is going to require reviews before merging. Why is that? What are we afraid of?

As an industry we've collectively decided that the correct (and only) time to review code is right before merging/deploying. While this makes complete sense in the context of open source, it's a bit odd that we apply this same rigor to closed source. We should be able to trust internal contributors aren't going to purposefully do bad stuff. That would be career suicide.

Like I get that we want to catch mistakes and/or bugs in code before it goes out. We can't expect people to write perfect code. But does code need to be perfect before it gets deployed? Can it simply meet the requirements set by tests and linters and then get fixed up later if needed?

Consider this: code deployment doesn't make it permanent. We can go back and change things. We do it all of the time with bug fixes, hotfixes, refactors, etc. Why can't code review suggestions and revisions also happen downstream?

Non-blocking reviews

Requiring reviews on PRs can be problematic. The entire development flow comes to a screeching halt for hours (and days) because "we can't allow unreviewed code to go out". Do the benefits of requiring code review prior to deployment outweigh faster delivery, tighter feedback loops, less context switching, and fewer distractions?

Have you considered reviewing code after it's been deployed? Or have you considered pairing and reviewing code before it's in a PR? Have you considered only requiring review for non-trivial code?

As it turns out, I'm not the only person asking these questions. The idea of non-blocking code review is gaining traction:

  • Non-Blocking, Continuous Code Reviews - a case study
  • Optimizing the Software development process for continuous integration and flow of work
  • I’ve Found Something BETTER Than Pull Requests...
  • Code Reviews Should Be Optional
  • No code reviews by default
  • How to Perform Continuous, Non-Blocking Code Reviews

‍

via GIPHY

‍

Non-blocking reviews enables the ability to keep reviews “open for comments”. And let the reviewer provide these when it best fits. - Martin Mortensen - Optimizing the Software development process for continuous integration and flow of work

But what about bugs?!? 🐞

You may be concerned that if you don't enforce code review that your code will become littered with bugs. So ask yourself this: does code review catch bugs?

Code review can catch obvious bugs and mistakes. I would argue however that tests and QA do a significantly better job of catching the real bugs.

Pull requests don't prevent bugs. Reviewing code is hard! You can catch obvious mistakes, but you won't have consistent in-depth scrutiny. Many issues reveal themselves only after extensive use, which doesn't happen during code review— Thomas Paul Mann - No code reviews by default

Will code quality suffer?

So that leaves code quality. While your linters can catch many code quality issues they aren’t going to catch bad coding patterns or provide mentorship. You still need code review for this.

But again, this doesn't mean that code review has to block merging. Code review can happen at other points in the process.

We can argue we run the risk of having bad-quality code in production. Yes, you are right. That is possible and that will happen. I do not see a problem over here. First, bad quality does not mean a bug. Code reviews are not there to catch bugs. For this, we have our automated tests and exploratory tests. — Thierry de Pauw

Moreover, from what I have observed, developers naturally opt in to waiting for review. They will know when it's appropriate to wait for a review before merging.

Look at yourself. You have a pretty good idea when your code should be reviewed. I believe you should be able to trust other developers to have this same sense also. If you can't trust your fellow developers to make the right call here... you’ve got bigger problems than code quality.

Can this work for your organization?

I believe non-blocking code review is viable given:

  • You can trust your devs to wait for review when it matters
  • You have decent tests and test coverage (i.e. your devs add tests for all new features)
  • You have safeguards: e.g. Tests + linters must pass before merging
  • You are deploying to QA environments first and not straight to production
  • You actually do QA on said QA environments
  • Your team is motivated to continuously improve and address tech-debt

But, honestly, these are all things you should have regardless of code review processes.

The fact that non-reviewed code can be tested or deployed in production is surprisingly the most significant benefit. We do not ever block the flow of work through the value stream. We can already obtain valuable feedback from testing, and production. We do not have to wait for a reviewer, or worse the ping-pong between reviewer and reviewee, for the feature to be available for testing or deploying into production. — Thierry de Pauw - Non-Blocking, Continuous Code Reviews - a case study

Summary of non-blocking code review

Non-blocking code review comes with a ton of benefits:

  • Move faster!
  • Developers feel trusted
  • Less context switching
    • Reviewees won’t always need to pick up another task after creating a PR
  • Fewer distractions
    • Reviewers have fewer PRs to review
  • Features get in to QA earlier
    • Bugs can be caught earlier
    • Shorter feedback cycle means it’s easier for devs to get their head back into the code when issues are found

Furthermore it allows you to skip all of the virtually useless "LGTM" reviews. Save that energy for the real reviews.

If code reviews are mandatory, a lot of them have to be done. As time is limited, this will incentivize developers to do shallow code reviews which add very little value. It is better to use this time for fewer, but more valuable, deep code reviews. — Felix Roth - Code Reviews Should Be Optional

I know it's a bit of a wild idea, non-blocking reviews, but just think about it. Maybe it's worth trying 🤷.

See our case study of Bridgecare, which experimented with making code reviews optional.

‍

Want more tips, tricks, and insights to level up your software game?

Sign up for the Test Double Dispatch and get the latest resources delivered right to your inbox.

Subscribe now

Related Insights

🔗
What happens when code reviews aren’t mandatory? An experiment
🔗
GitHub shortcut commands that’ll speed up your code reviews
🔗
How effective pull request reviews transform your team

Explore our insights

See all insights
Developers
Developers
Developers
C# and .NET tools and libraries for the modern developer

C# has a reputation for being used in legacy projects and is not often talked about related to startups or other new business ventures. This article aims to break a few of the myths about .NET and C# and discuss how it has evolved to be a great fit for almost any kind of software.

by
Patrick Coakley
Leadership
Leadership
Leadership
Turning observability into a team strength without a big overhaul

By addressing observability pain points one at a time, we built systems and practices that support rapid troubleshooting and collaboration.

by
Gabriel Côté-Carrier
Developers
Developers
Developers
Why I actually enjoy PR reviews (and you should, too)

PR reviews don't have to be painful. Discover practical, evidence-based approaches that turn code reviews into team-building opportunities while maintaining quality and reducing development friction.

by
Robert Komaromi
Letter art spelling out NEAT

Join the conversation

Technology is a means to an end: answers to very human questions. That’s why we created a community for developers and product managers.

Explore the community
Test Double Executive Leadership Team

Learn about our team

Like what we have to say about building great software and great teams?

Get to know us
Test Double company logo
Improving the way the world builds software.
What we do
Services OverviewSoftware DeliveryProduct ManagementLegacy ModernizationDevOpsUpgrade RailsTechnical RecruitmentTechnical Assessments
Who WE ARE
About UsCulture & CareersGreat CausesEDIOur TeamContact UsNews & AwardsN.E.A.T.
Resources
Case StudiesAll InsightsLeadership InsightsDeveloper InsightsProduct InsightsPairing & Office Hours
NEWSLETTER
Sign up hear about our latest innovations.
Your email has been added!
Oops! Something went wrong while submitting the form.
Standard Ruby badge
614.349.4279hello@testdouble.com
Privacy Policy
© 2020 Test Double. All Rights Reserved.

Want more tips, tricks, and insights to level up your software game?

Sign up for the Test Double Dispatch and get the latest resources delivered right to your inbox.

Subscribe now