Source Code Review

Getting started is simple! To apply for this service, just have the following ready:

✅ Your application or service listed in the GÉANT Software Catalogue – this helps us quickly identify and support your project.

📁 A code repository (GitLab, GitHub, etc.) with access to your project’s codebase – so we can dive into the details and begin the review process.

👨‍💻 A development team ready for collaboration – we'll work together to ensure everything aligns perfectly with your needs.

🔎 In-Depth Manual Assessment with Expert Insight: Our service is designed to provide a thorough, hands-on review of your codebase, offering expert guidance to help you understand the current state and potential risks.

👨‍💻 Manual Review by Subject Matter Experts (SMEs): A team of experts will conduct a detailed inspection of your code, analyzing programming languages used, distribution approach, and compliance with relevant industry standards.

📅 Kick-off Meeting for Every Project: Regardless of project size or complexity, a kick-off meeting is held to collect as much information as possible about the project, its key features and to define the scope of the review. During this meeting, we identify critical parts of the code to be reviewed (especially if the codebase is very large, e.g., several thousand lines), determine the contact persons between the teams and agree on required privileges and credentials for the audit team.

🗣️ Post-Review Meeting (Upon Request): After reading the final report, developers may schedule a post-review meeting if they have questions or need clarifications regarding the findings.

Getting started is easy! Simply send us an email at codereviews@software.geant.org or issue a Software Review Request ticket via the Help Desk.

🔹 Comprehensive Analysis: Receive a detailed report that clearly identifies areas for improvement, critical issues, and the overall quality of your code. This is the first step toward more secure, efficient, and reliable software.

🔹 Expert Guidance: Get the insights of code review experts who help you understand potential vulnerabilities, technical inefficiencies, or bottlenecks - explained in a simple and actionable way.

🔹 Customizable Review: The review is tailored to your project’s specific needs - we focus on the most sensitive components, core features, or parts of the code that matter most to you.

🔹 Post-Audit Support: After the review, we offer a follow-up meeting with experts to go over the findings, answer your questions, and help plan next steps for improving your code.

Source Code Reviews are highly recommended for teams that require a thorough, multi-directional insight into code quality and potential improvements. This type of review is especially useful for critical software components or services where quality assurance is paramount.

• Do we need to provide all the code for the review? 
  While a full review of every line of code may not be feasible for very large projects, we focus on the most critical parts of the code as identified by the development team.
• How long does the review take?
  The duration of the review depends on the size and complexity of the codebase. For large projects, a preliminary meeting will help estimate the time frame.
• Can we request a review at any stage of development?
  Yes, source code reviews can be requested during any phase of development. However, it’s generally recommended to perform the review before major releases when the software is stable and changes are limited.