Pair programming as a tool to facilitate knowledge transfer

We at Exove pride ourselves with our full-service approach to projects. Our caring does not end when the project does. Instead, we always offer and suggest our Exove Care for all the support needs that a project might have.

Many people give a deep sigh when it comes to the mundane tasks of software/cms work; especially non-critical security updates. We at Exove, however, have learned to cherish these events as great opportunities for knowledge transfer. Pair programming has proven to be an excellent way to induct new people into our workflow and pass on some more situational knowledge. For more experienced programmers, it serves to solidify coding standards and unify practices.

The benefits of pair programming

Pair programming has multiple benefits, including better code quality, fewer bugs and improved morale. Knowledge transfer is also an integral part of pair programming, imparting a lot of expert level knowledge in an understandable format. For our new employees, pair programming has been almost invaluable, and it is often requested.

Furthermore, it has been found that when the other programmer is female, it results to more positive outcomes. This works great at Exove, as the number of female staff is well above industry average. The research result also serves as an incentive to make sure your workplace gender equality is in proper shape!

Security updates

Having a clear policy about security updates is paramount to the peace of mind of a client. It goes without saying that security updates are important and should be implemented as quickly as possible.

We at Exove have recently implemented a new workflow for managing our client sites’ security updates. This entails that all able developers participate in the updates. This approach has been fantastic, as usually the security updates had been done by only a handful of people and not everyone had done these updates before. This way, every developer in our company can get their hands dirty, which also meant that some training was required.

First hand experience

While Drupal security updates are not exactly rocket surgery, it may be hard to know where to get started or which things to check. This was the case for Heidi, when it came down to her first security update. Heidi started as a developer trainee with Exove in May 2018, and is now working as a developer. She has mostly worked for non-Drupal projects until this autumn, but has recently dived into a Drupal project as well as began working with support-related tasks.

“I had of course done node_modules-related updates for other projects, but as Drupal was a new personal conquest, it didn’t occur to me that the updating process wasn’t so straightforward. For example configuration changes from the client’s side needed to persist, as well as possible patches for the modules.”

Fortunately, our team has some of the wisest Drupal gurus who are willing to guide you through the process. We booked a conference room and sat together at a table in front of one laptop. I did all the handiwork while our expert continuously explained which commands and why we were running. I prefer this method over watching someone else do all the work, as doing it yourself helps in memorizing the process.

The great part about this asymmetrical pair programming is that you don’t have to resort to guides or technical documentation for every small thing. It also helps you to build confidence as you don’t have to be scared of doing something irreversible, as help and guidance is just a quick question away.

My first ever Drupal security update went a bit over my head. Even though it got done successfully, I was left pretty flabbergasted as I wasn’t familiar with Drupal. I couldn’t commit anything to memory, and with a long pause between updates (prior to our new workflow), I felt apprehensive to do it again.

When it came down to doing my second update, I voiced my concerns and we decided to do things a little differently. Me and another Drupal novice were paired with our Drupal expert, who guided us through the process. I was to do the actual update, and the other trainee documented every little detail and command, and wrote down why it was being done. If the documenting would’ve been done by the expert, he might’ve missed out on some very trivial and (to him) self-evident details, but now that it was another trainee, he made sure to write everything down and ask every time something wasn’t clear. We all walked away a little smarter from that update. “

Great value

Regular security updates shouldn’t normally take more than a few hours, depending on the scale of the project. But when conflicts or issues arise, the time required might as well grow. In the normal scenario, the time expenditure for a security update done with pair programming would be two hours for a newcomer.

With just a small price of one hour from an expert, the overall value of the time spent practically skyrockets, as you’re bypassing googling, reading technical documentations without actually knowing what you’re looking for, and communication attempts at public channels trying to get help.

Furthermore, as seen with Heidi’s story, by spending just a little more time focusing on one thing, you’ll much more rapidly absorb the knowledge. As an added bonus, the expert helping might also notice parts of the process which could cause troubles for other newcomers.

All in all

More knowledge is always better. Secure sites are always better. If you can have these both, why not take action and start revising your own security update workflows! Pair programming provides a strong way to impart wisdom, and is especially effective for trainees and newcomers to become more acquainted with company policies, standards and workflow.

How have you used or benefitted from pair programming before?

For all your security update needs, contact us at Exove.

Thoughts by

Panajis Rantala


Team Lead


Latest blogs