Discusses the differences between Review and Audit workflows.
Phabricator supports two similar but separate code review workflows:
(By "pre-push", this document means review which blocks deployment of changes, while "post-push" means review which happens after changes are deployed or en route to deployment.)
Both are lightweight, asynchronous web-based workflows where reviewers/auditors inspect code independently, from their own machines -- not synchronous review sessions where authors and reviewers meet in person to discuss changes.
Pre-push review is significantly more powerful than post-push auditing. You gain these advantages by requiring review before changes may be pushed:
The theoretical cost of review is that it slows down development by introducing a blocking step into the process and generally wastes developer time that could be better spent developing. This is less true than it appears, because the costs are low and pay for themselves in other ways:
Post-push review is significantly better than nothing. If you are unpersuaded by the arguments above (or work on a team that is unswayed), audits provide some of the benefits of review with less friction:
Here are super biased recommendations from developers of code review software: