Having just finished three App Reviews of Ruby on Rails apps for clients, I thought I would share the benefits of getting your code reviewed by a developer as part of a standard risk management plan. Reviewing your applications for potential risks carries the same level of importance as assessing for other business risks such as fire, flood and theft. You have likely invested heavily in a custom application, and when it is vitally important to your business operations, it is essential that you identify and are actively mitigating any risks. That way your software investment stays in great shape, bringing in returns for years to come.
We treat every app we review as the most important app we have ever dealt with:
A guiding philosophy at reinteractive is that every single client we work with - no matter how small their Ruby on Rails app is - receives the same level of attention and service from our team. That is what our clients love the most when working with us - every single one is a valued customer. We know what it takes to invest in software development and we love doing great work and being a part of our client's success.
We have a lot of cumulative Rails development experience:
There's one thing you can be sure of when you get our developers to look at your code, and that is that they are going to be an expert developer. We put our best people on the job. Our developers have also worked on a lot of different projects and code bases, which means that there’s nothing we haven’t seen before! While one developer is assigned to each App Review as the primary reviewer, we can lean on other developers in the company as needed. So you’re getting the benefit of our combined experience.
We have a template:
We have done many App Reviews over many years, and have created a template that we work from which ensures that at minimum we investigate all the issues and problem areas that are common to previous apps that we’ve reviewed. This is a living document and we add to it over time. You’d be surprised; it’s not often that we identify more than one or two truly unique issues with an app; the majority tend to be things that we’ve seen before.
We don’t just look at your code…
...We run it! We pull down your app’s code, set it up on our laptops, and run the application for real. We can learn a lot more from this than from just reading line after line of code. And once your app is set up locally we run some tools over it as well to automate our search for common issues. Also, having a developer set the app up from scratch is the best way to identify anything that’s missing, meaning future developers will be able to get up and running faster.
We know our priorities:
We look at a lot of aspects of an app during an App Review, but we certainly prioritise. For example, we spend more time looking for security issues compared to performance issues. We consider it our professional responsibility to do this, even though it’s not exactly fun trawling through logs and metrics! We’ll look for potential leaks of customer data, passwords and tokens that may not be secured, compromised versions of third-party software that your app depends on, and so on. And we know where to look!
We look at all aspects of your app:
From the setup process, to the quality of the code, to security vulnerabilities, to performance issues, and more, we make sure to look at everything. And we also tell you what is good about your app!
If you’re behind, we’ll help you get back on the upgrade path:
The vast majority of apps that we review are running on old versions of Ruby and/or Rails, as well as old versions of other dependencies. Thus, our App Review recommendations often include upgrading these. This is not only to make life easier for developers (though that helps) but also to patch security vulnerabilities, fix other bugs, and improve performance. The further behind you get on upgrades, the harder it is to get up-to-date. Many small hops are easier than one giant leap.
We’ll walk you through the report:
The report can be over 20 pages long, and while we try to keep the jargon to a minimum, it might get a little technical ;) After the report has been delivered we usually have a call with you to walk you through the report in a more conversational way.
If you would like to see a sample copy of an App Review report contact us and we can send you though a sample so you can see ahead of time what you will be getting.
If any recommendations are made (and they will be), then reinteractive can pretty much start right away on implementing them:
Once an App Review is done reinteractive already has access to the code, database and infrastructure, and has some experience with your app, just by virtue of doing the App Review. You’re not obligated to get us to implement the App Review's recommendations, but it’s certainly quicker and easier than engaging a second software development company to start from scratch.
The Axioms of Software Development - Part 7
The Axioms of Software Development - Part 6
How to Redirect a Rails Application to a new Domain Name
reinteractive is Australia’s largest dedicated Ruby on Rails development company. We don’t cut corners and we know what we are doing.
We are an organisation made up of amazing individuals and we take pride in our team. We are 100% remote work enabling us to choose the best talent no matter which part of the country they live in. reinteractive is dedicated to making it a great place for any developer to work.
Webinars are our online portal for tips, tricks and lessons learned in everything we do. Make the most of this free resource to help you become a better developer.
The Ruby on Rails Installfest includes a full setup of your development environment and step-by-step instructions on how to build your first app hosted on Heroku. Over 1,800 attendees to date and counting.
The Ruby on Rails Development Hub is a monthly event where you will get the chance to spend time with our team and others in the community to improve and hone your Ruby on Rails skills.