
Ask HN: Should I hire someone to do a code review? - nandocommando
Hi guys - I have no programming experience and  hired an outsourcing company to create an iPhone app MVP for my idea. The first iteration looks good (and works), but before I give them money to do more work , I&#x27;d like to get a 3rd party opinion on the code quality.<p>The easiest way for me would be to hire a freelance developer to perform code review and provide me a honest assessment of what lies under the hood. Few questions:<p>1) Is this a good approach, or are there better ones?
2) What type of costs should I expect? Hourly, Fixed, etc.
3) As this reviewer will be remote, what steps can I take to protect IP, lines of code from being used for their own purposes, etc.<p>Thanks much
NC
======
cauterized
Yes, you should get someone to do a code review. Ideally, you should make this
part of the ongoing process so that design and architecture problems can be
caught early, while its easier to unravel them.

For the code review, plan to hire someone mid-level to senior - with at least
5 years iOS development experience and several apps shipped to the App Store.
(And check those app reviews - don't hire someone whose app crashes a lot!)
That will mean a higher hourly rate, but they'll know best practices better.
You can hire them on a per-hour or a per-project basis. The number of hours
will depend on the size of the codebase.

Code is harder to read and understand than it is to write. It takes far longer
to read a chunk of code than it does to read a similar number of characters of
non-fiction prose. For a small codebase, the reviewer should be able to finish
in 1-2 weeks. For a sprawling one, it could take a couple months. Get an
estimate from anyone you consider hiring.

You've already gotten decent advice on NDAs. My experience is that they're not
really enforceable in many common outsourcing destinations for both legal and
cultural reasons. And that in the US and other "western" cultures you don't
really need them if you're dealing with someone operating in good faith. But
in either case they can't hurt as a CYA move.

Good luck!

------
gokaygurcan
Great question but there's this thing called "Non-Disclosure Agreements", you
know. First, make them sign the NDA, then share your code. If something goes
south, hire an experienced lawyer and voilà!

------
peteypao
Yes, I think it is a good idea. Whatever you put in place for the outsourcing
company (NDAs), I would do for the reviewer.

------
nnn1234
Depending on how much money you want to commit to this idea, I would suggest
hiring a freelancer. Ideally you would have an in-house technical person to
help you going forward. NDA s are good but depending on the situation not
implementable. I suggest building a business moat that can't be copied even if
the code is copied. If you agree , I am building a network for people to
contribute to projects and get rewarded for it. Public beta starts Feb 8th.
Check out www.crowdraising.co Not . Com

------
centdev
In my opinion NDAs are worthless (in most cases) and gives a false sense of
ownership protection. As far as code reviews, you absolutely should include at
least one. I know of a case directly in which the outsourced developer
"accidently" left their API endpoint. Had it went into production they would
see all sorts of things.

------
zippy786
I think you will be wasting your money and setting up a bad culture. How many
rounds of review are you going to ? After the first round will you hire
another one to do more rounds ? Although the product works, it seems you seem
to want 100% bullet proof product which will not be possible. Just make sure
your product works and when you start making money hire a team and not
freelancers to do your code review and manage the product.

~~~
nandocommando
I'm looking to just done ONE code review, as I'm trying to gauge the
performance. Once I get the baseline on their skill sets, I would trust that
their future performance is similar and that would give me some comfort that
they are doing the right thing.

