slideshare quotation-marks triangle book file-text2 file-picture file-music file-play file-video location calendar search wrench cogs stats-dots hammer2 menu download2 question cross enter google-plus facebook instagram twitter medium linkedin drupal GitHub quotes-close
two people at laptops

Peer-reviewed code for quality Drupal sites

A core part of our development process is quality controls to ensure that any code introduced to your site has been tested and peer-reviewed for browser/device compatibility, accessibility and security.

The following tools are examples of what we use:

  • Nightwatch for functional testing
  • BrowserStack or LambdaTest for browser/device compatibility
  • BackstopJS for visual regression testing
  • axe DevTools and Google Lighthouse for accessibility testing

In our CI/CD process, there is an emphasis on controls and checks, both qualitative and quantitative.


All custom code changes go through a peer-review process to ensure that coding standards and security principles are properly applied and to catch possible bugs early.

Coding standards and basic security checks are run locally by developers before submitting merge requests using tools such as PHP's CodeSniffer library.

In the case of complex changes, a test plan for local testing is included.

End-to-end testing helps verify the complete application and sub-systems flow, increasing the test coverage and confidence in the overall software performance, including cross-browser/device compatibility.

Unit testing improves code quality, helping developers to identify the smallest defects that might be present in the units before they go for integration testing.

Clients contribute through engaging with demos, user acceptance testing and regular feedback sessions to keep us on track. We agree on a delivery and testing approach during our onboarding workshops.


We are really focused on accessibility. In accordance with current EU regulation, EN 301 549, all first and third-party online products and components published by Code Enigma must conform to WCAG 2.1 AA.

Typically, accessibility is a manual and repetitive process. This has disadvantages in terms of the implementation by developers (introducing another step for a developer to perform).

As such, we have developed an automated solution using Lighthouse CI that has enabled testing to be built into our development process. This promotes the need to consider accessibility and push towards accessibility by default - not an afterthought.

You can also book an accessibility audit with us


All custom code must follow the standard security guidelines for the technology in use in a given project. All developers are familiar with common vulnerabilities, referring to the OWASP Top Ten as a bare minimum.

Drupal coding standards are also available, as well as specific documentation for writing secure code for Drupal. 

Let's start your project together

Contact us

Our clients

st john's college

St John's College

The design, build, infrastructure development and ongoing support of an evolving Drupal website

Read the St John's case study here



An accessibility audit on a Drupal website

See the iRecord case study here