Don't reinvent the wheel
The world does not need another XML parser. Use what's already been written and
tested. Often what you think sucks only needs a few patches to be adequate.
Code without a written plan is just asking for trouble
When I hear someone brag that they've got the whole program in their head, I
know it will turn out like garbage. Exceptions to this are rare. There's always
something found in the process of writing the idea down that makes the program
better, and it also becomes a form of documentation.
Don't repeat yourself
Try to remove duplication in code by refactoring, so that it's easier to extend
and debug the program later on.
Your build system should *never* be more than 1 step
configure && make && make install should be the most complicated build
setup you have.
Get it to one-step-to-build - instant feedback is awesome, and the time saved
will pay off when "I need a build for the customer in 5 minutes!" For that
matter, have automated testing that the master always builds clean.
Keep it simple
I once replaced an elaborate Java-based build system with 2 shell scripts. Mine
worked faster, better, and was simpler to read.
A simple prototype done in a few hours can save a week's worth of speculation, and
often you can plunder the prototype for technical insights and even code.
Business rules and logic don't mix well
Business rules will change. It's in your best interest to make
them easily configurable (read: not compiled into the binary). Even better,
make it simple enough that Bob in accounting can manage the rules.
Code can be the best documentation
Descriptive variables and functions are better than comments. When you actually
need non-code documentation, make sure that the docs are automatically
pulled together from the code (a la doxygen, etc.).
Keep LOC down to keep bugs down
.. TODO - What was the study? COMODO?
Code Complete said that the industry average is 15-50 bugs per 1000 lines of
code. By reducing the lines of code and keeping functions simple, your life
will be much easier.
ALWAYS validate your inputs
Because 13-year-olds know enough to fuzz your text box. SQL injections are one
of the most common bugs.
Be correct first, then be fast.
Debugging a fast program that's segfaulting is slow work...
Always review your releases
Code audits are a cheap way of ensuring quality (though they may not seem so at
the time). Lost customers and lost time to troubleshooting problems are
expensive. As well, keep metrics on defects from release to release, so that
you can adjust practices as necessary. Use the "Infinite Hows" technique to
examine release/deployment issues - deployment issues should be dealt with
1 hour of inspection can save up to 100 hours of related work
IBM study found "each hour of inspection prevented about 100 hours of related
work (testing and defect correction)"
Testing - it's worth the effort
When you learn a new language, learn how to test its code as early as possible.
Time spent writing tests is rarely wasted. When you use test cases, you can
refactor without (much) fear. When you need to debug quickly, having tests make
a huge difference.
It's easier to be secure when you bake it in at the start
It sucks to break backwards compatibility, or worse, get caught with your pants
down, because *someone* didn't bother with security when they hacked the
Stop with 'good enough'
To keep from going crazy and spending too much time on irrelevant crap, set
specific and quantitative goals for your project at the start. When you've met
a goal, move on to the next one.
Source control everything
Seriously. Learn git. It'll take you just a couple hours, and you'll make it
back in no time at all.
Don't marry your framework
A framework is a great way to ensure you don't reinvent the wheel, but if
possible keep your business logic external to it. That way if something sexier
comes along you're not fully invested in the old crap. Decoupling can also mean
Practice defensive programming
Use assertions to ensure the state is correct, and use tests to simulate faults.
A bad process will lead to lots of preventable headaches
Take an active role in perfecting the process wherever you work.
Nail the basic process to avoid certain failure
- Do an analysis, capture the requirements, and create a design document
- Review the design - catch errors before the coding stage
- Code review
- Use automated code analysis
- Unit and component tests to stress-test and ensure edge cases are properly handled
Velocity is a good measure of project health
Good code allows you to fix bugs and add features quickly.
Keep a bug database
Even something as simple as BUGS.txt eliminates bus factor, and makes it
easier to approach a project months later.