Code Inspection

A rigorous compliance review ensuring all code meets the exacting standards maintained by the Code Standards Enforcement Team

Code Inspection is the formal review ceremony in which the Code Standards Enforcement Team (CSET) examines completed code to verify compliance with organizational standards before it is permitted to enter Testing. Critically, Code Inspection is performed by the CSET rather than by peer developers. Peer review has been rejected as a practice because peers, having recently written code themselves, are prone to empathy and leniency. The CSET, by contrast, provides the dispassionate objectivity that comes from not having written production code in several years. This distance from the craft is not a liability but a strength; it ensures that reviewers are not distracted by concerns about whether the code actually works and can instead focus on whether it is properly formatted.

The inspection is conducted against the 47-item Code Compliance Checklist, a living document maintained jointly by the CSET and the Enterprise Architecture Review Board (EARB). The checklist covers critical concerns such as indentation consistency, variable naming conventions, comment density ratios (no fewer than one comment per four lines of code), maximum line length, brace placement style, and the proper ordering of import statements. Items related to algorithmic correctness, security vulnerabilities, or architectural soundness are not included on the checklist, as these concerns fall outside the CSET’s area of expertise and are assumed to be handled elsewhere in the process. No one has verified this assumption.

There is a mandatory three-business-day waiting period between code submission and the delivery of inspection results. This waiting period exists to ensure thoroughness and to prevent the appearance that inspections are being rushed. During the waiting period, Code Engineers are returned to the coding pool and may be assigned to other features, which means they will need to context-switch back to address any inspection findings. The CSET has found that this context-switching delay actually improves the quality of fixes, as engineers approach their own code with fresh eyes and diminished recollection of why they wrote it that way in the first place.

Upon completion of the inspection, the CSET produces a Code Inspection Report detailing every checklist item that was evaluated, its pass or fail status, and any required remediation actions. The Code Inspection Report must be filed with the Convoy Manifest and is considered a permanent record of the code’s compliance posture at the time of inspection. Failed inspections require remediation and re-inspection, each re-inspection carrying its own three-day waiting period. Features that fail inspection more than three times are escalated to the EARB for a Root Cause Analysis of the Code Engineer’s development practices.

It is worth noting that CSET members are selected for their seniority and their deep familiarity with the checklist, not for their currency with modern development practices. Many CSET members transitioned into enforcement roles after distinguished careers in coding, and their experience from that era informs the standards they uphold today. Suggestions that the checklist be updated to reflect contemporary practices are welcomed through the annual Checklist Amendment Proposal process, which has a review cycle of approximately eighteen months.

See Also

  • CSET for the team that performs inspections
  • EARB for the board that co-maintains the Code Compliance Checklist
  • Convoy Manifest for where the Code Inspection Report is filed
  • Coding for the phase that produces the code being inspected
  • Testing for the phase that follows a successful inspection