> If you do such review, what do you look for? Are you looking
> for trojans? Checking coding style for general quality? Understanding
> the underlying algorithms? Doing line-by-line inspections for
I keep an eye out for trojans, but mostly I'm looking to understand how
the software works. Not so much underlying algorithms, but overall organization
and data flow. I may not actually go through the source in *detail* until I
run into a problem, maybe I misunderstand the documentation, maybe the
documentation is unclear, maybe the documentation doesn't match the code,
maybe I'm trying to do something unanticipated, whatever it is I need to
plow into the source and figure out *why* it does what it does.
More often, though, the source is simply a reserve, a hedge against the loss
of the vendor.
Peter da Silva `-_-'
Network Management Technology Incorporated 'U`
1601 Industrial Blvd. Sugar Land, TX 77478 USA
+1 713 274 5180 "Har du kramat din varg idag?"