Using StackOverflow content to assist in code review

TL;DR

This paper introduces an automated tool that leverages StackOverflow content and document fingerprinting to assist in code review, aiming to reduce time and subjectivity in defect detection.

Contribution

The paper presents a novel approach using document fingerprinting of StackOverflow posts to evaluate code defectiveness, validated with experiments on GitHub repositories.

Findings

Achieved over 90% precision in identifying relevant StackOverflow posts

Demonstrated effectiveness of the tool in various code review scenarios

Reduced manual effort and increased objectivity in defect detection

Abstract

An important goal for programmers is to minimize cost of identifying and correcting defects in source code. Code review is commonly used for identifying programming defects. However, manual code review has some shortcomings: a) it is time consuming, b) outcomes are subjective and depend on the skills of reviewers. An automated approach for assisting in code reviews is thus highly desirable. We present a tool for assisting in code review and results from our experiments evaluating the tool in different scenarios. The tool leveraged content available from professional programmer support forums (e.g. StackOverflow.com) to determine potential defectiveness of a given piece of source code. The defectiveness is expressed on the scale of {Likely defective, Neutral, Unlikely to be defective}. Basic idea employed in the tool is to: a) Identify a set P of discussion posts on StackOverflow such that each p in P contains source code fragment(s) which sufficiently resemble the input code C being reviewed. b) Determine the likelihood of C being defective by considering all p in P . A novel aspect of our approach is to use document fingerprinting for comparing two pieces of source code. Our choice of document fingerprinting technique is inspired by source code plagiarism detection tools where it has proven to be very successful. In the experiments that we performed to verify effectiveness of our approach source code samples from more than 300 GitHub open source repositories were taken as input. A precision of more than 90% in identifying correct/relevant results has been achieved.