Defensive Programming

  • Comments posted to this topic are about the item Defensive Programming

  • Defensive programming should be considered to be a technique that is always applied but the specifics vary in application. Just like security, data integrity and performance.

    All of these can be applied to various levels of stringency but at the very least it should remain a continual consideration.

    If in doubt be more strict with your code. Or rather yourself. Sloppy coding practices leads to defects.

    Gaz

    -- Stop your grinnin' and drop your linen...they're everywhere!!!

  • It is one of those practises that needs to become a habit rather than something you have to apply conscious thought other than that needed to educate people new to the discipline.

    People in technical leadership positions need to drive this and police it. I'm finding that I spend a great deal of time on coaching and mentoring and in doing so that means rather than there being just me sallying forth I have a team following the best practice we know how to do.

  • Thanks Steve!

    I have downloaded the 'Defensive Programming' eBook as per your suggestion and will check it out.

  • David.Poole (8/4/2016)


    ...People in technical leadership positions need to drive this and police it...

    I was thanked recently by an intermediate developer formerly missing some key practices. My effort in getting them to make more effort has ensured payback for the current project and, I suspect, their career.

    Gaz

    -- Stop your grinnin' and drop your linen...they're everywhere!!!

  • What, you mean the printed version isn't free too?

  • Gary Varga (8/4/2016)


    Defensive programming should be considered to be a technique that is always applied but the specifics vary in application. Just like security, data integrity and performance.

    All of these can be applied to various levels of stringency but at the very least it should remain a continual consideration.

    If in doubt be more strict with your code. Or rather yourself. Sloppy coding practices leads to defects.

    Sloppy coding practices leads to defects... or much worse!

    Great points!

    Dave

  • I love your use of the word idempotent. I developed skills in that area long before even knowing there was a word for it. Great vocabulary Steve. Unfortunately in my current position, I am not as well versed with some terms due to having more of a support role than pure development, so I enjoy having a chance to expand mine. Maybe it was you that I first saw use that about a year ago.

    Dave

  • The more defensive you are about declaring foreign key constraints, check constraints, not null constraints, and right sized data types, then the less need you will have for defensive programming. Get the constraints right in the database tier, and you make life a lot easier for the application tier programmers. Well, at least you make life easier for the smart programmers.

    "Do not seek to follow in the footsteps of the wise. Instead, seek what they sought." - Matsuo Basho

  • I stopped calling it "Defensive Coding" a while ago, and started calling it "Advanced Laziness."

    The team suddenly became much more interested in learning about it. 😀

  • djackson 22568 (8/4/2016)


    I love your use of the word idempotent. I developed skills in that area long before even knowing there was a word for it. Great vocabulary Steve. Unfortunately in my current position, I am not as well versed with some terms due to having more of a support role than pure development, so I enjoy having a chance to expand mine. Maybe it was you that I first saw use that about a year ago.

    Thanks, and glad you like that. I have written about it a few times, and it's something I think every software developer should understand, especially with databases.

  • tamarian (8/4/2016)


    I stopped calling it "Defensive Coding" a while ago, and started calling it "Advanced Laziness."

    The team suddenly became much more interested in learning about it. 😀

    That's excellent

  • Steve Jones - SSC Editor (8/4/2016)


    tamarian (8/4/2016)


    I stopped calling it "Defensive Coding" a while ago, and started calling it "Advanced Laziness."

    The team suddenly became much more interested in learning about it. 😀

    That's excellent

    I have often said that all good developers are lazy. I've found that many non-technical managers are bemused by the concept, even when it's explained to them.

    Tom

  • Eric M Russell (8/4/2016)


    The more defensive you are about declaring foreign key constraints, check constraints, not null constraints, and right sized data types, then the less need you will have for defensive programming. Get the constraints right in the database tier, and you make life a lot easier for the application tier programmers. Well, at least you make life easier for the smart programmers.

    I agree you should do those things, but they don't reduce the need for defensive programming - they are in fact essential parts of defensive programming. And although it may seem strange to some people, it is a good idea in some cases to have both a check constraint and a programmed check of the same requirement; for example a check on the value in the front end may save network traffic in cases when a check constraint in the DB can't, but it only makes the check constraint in the database redundant if you can guarantee (a) that no relevant front end will ever omit the check, (b) nor will any batch app that can update or insert that data, and (c) no add-hoc query will ever (even including for urgent customer support) attempt to insert or update that data (and I wouldn't bet even on (a) if the code is to have anything but a very short life, and anyone who thinks they can guarantee (c) has never had demanding customers).

    Tom

  • I think if you want more downloads of the defensive programming book you might want to change the name. I bet if you repackaged it with a different name you could get a lot more downloads. I think the reality is that those of us that already practice defensive programming don't think we need to download and read it and perhaps the younger people who should won't because of the defensive word or doesn't sound interesting to them.

    What if it was called offensive programming? People would download it just to fine out what it was about. You are going on the offensive to make sure your code is solid. Even something called "Good programming practices" would probably get downloaded more than defensive programming.

    Anyway, just a thought. Anybody else have a thought on a different name that would cause more downloads? (I am expecting a few good laughs out of some suggestions.)

    Ben

Viewing 15 posts - 1 through 15 (of 15 total)

You must be logged in to reply to this topic. Login to reply