Coding Standards
General Coding Practices
- Choose names that convey intent and purpose.
- Avoid abbreviations unless widely recognized.
- Use consistent naming conventions (e.g., camelCase, snake_case).
- Keep names concise yet descriptive enough for clarity.
- Use comments to clarify non-obvious code operations.
- Avoid obvious comments that restate the code.
- Keep comments up-to-date with code changes.
- Use block comments for complex logic and inline comments sparingly.
- Choose an indentation style (e.g., tabs or spaces) and stick to it.
- Use a consistent number of spaces for indentation.
- Ensure spacing around operators and keywords is uniform.
- Utilize automated tools for style enforcement if possible.
- Replace magic numbers with named constants.
- Define constants at the top of the file or in a separate config.
- Use descriptive names for constants to indicate their purpose.
- Document the meaning of constants where necessary.
- Break code into smaller, reusable functions or classes.
- Each module should handle one specific task or responsibility.
- Avoid combining multiple functionalities in a single module.
- Refactor code regularly to enhance modularity.
Language-Specific Guidelines
- Study the language's design principles.
- Use common patterns and structures.
- Avoid anti-patterns and unconventional practices.
- Read community resources and documentation.
- Seek feedback from experienced developers.
- Identify built-in features that simplify tasks.
- Incorporate well-maintained libraries for efficiency.
- Be aware of performance implications.
- Check for compatibility with existing code.
- Follow best practices for library usage.
- Review the language's official style guide.
- Maintain consistent naming conventions.
- Use indentation and spacing as per guidelines.
- Organize code logically and consistently.
- Document code according to guidelines.
- Verify the project's language version requirements.
- Test code against targeted language versions.
- Utilize version management tools if necessary.
- Stay updated on deprecated features.
- Review release notes for new changes.
Version Control Practices
- Make commits at logical points in development.
- Use a format for message structure: summary, description.
- Summarize changes in the first line (50 characters max).
- Provide detailed context in the body if necessary.
- Create a new branch for each task or feature.
- Use descriptive names for branches (e.g., feature/login).
- Regularly pull changes from the main branch to stay updated.
- Delete branches after merging to maintain clarity.
- Request reviews from team members using pull requests.
- Assign reviewers based on expertise and availability.
- Address feedback and make necessary changes before merging.
- Use automated tools to enforce code quality checks.
- Identify conflicts immediately after they arise.
- Discuss conflicting changes with the involved team members.
- Use version control tools to assist in resolving conflicts.
- Document the resolution process for future reference.
Testing and Quality Assurance
- Identify new features and critical paths.
- Create test cases covering various scenarios.
- Use a testing framework suitable for your language.
- Ensure tests are automated and repeatable.
- Run tests locally before submitting code.
- Fetch the latest code from the repository.
- Run the full test suite to verify all tests pass.
- Address any failing tests before proceeding.
- Document any changes that affect existing functionality.
- Commit code only when all tests are successful.
- Select appropriate testing tools for your stack.
- Integrate tools with your version control system.
- Set up CI pipelines to run tests on every commit.
- Monitor test results and address failures promptly.
- Regularly update tools to leverage new features.
- Schedule regular code review sessions.
- Use a checklist to evaluate code quality and style.
- Encourage constructive feedback and discussions.
- Document identified issues and suggested improvements.
- Follow up on changes made after the review.
Documentation
- Regularly review and revise documentation.
- Ensure all new features and changes are documented promptly.
- Use a consistent format for ease of understanding.
- Incorporate feedback from users and developers.
- Provide practical examples for common use cases.
- Outline step-by-step instructions for setup and usage.
- Use comments and annotations within code examples.
- Organize examples by functionality for quick reference.
- List all libraries with version numbers.
- Include links to official documentation for each library.
- Explain the purpose and usage of each dependency.
- Note any licensing information relevant to the libraries.
- Establish a routine for documentation review with code commits.
- Use version control to track changes in documentation.
- Notify team members of updates to documentation.
- Integrate documentation updates into the development workflow.
Security Practices
- Implement input validation for length, type, format, and range.
- Use built-in functions to sanitize data before processing.
- Employ whitelisting over blacklisting for input validation.
- Regularly review input handling code for potential weaknesses.
- Utilize prepared statements and parameterized queries for database interactions.
- Escape user inputs in HTML to prevent XSS attacks.
- Implement Content Security Policy (CSP) headers to mitigate risks.
- Conduct code reviews focusing on security vulnerabilities.
- Use environment variables or secure vaults for secrets management.
- Encrypt sensitive data both at rest and in transit.
- Limit access to sensitive information based on user roles.
- Regularly audit access to sensitive data.
- Implement automated tools to check for outdated packages.
- Review release notes for security patches before updating.
- Test applications after updates to ensure functionality.
- Maintain a schedule for regular dependency reviews.
Performance Considerations
- Use profiling tools to measure execution time.
- Identify slow functions or methods.
- Analyze resource usage and memory consumption.
- Iterate on performance findings to eliminate bottlenecks.
- Choose algorithms with appropriate time complexity.
- Select data structures that minimize access time.
- Consider trade-offs between memory usage and speed.
- Test and validate optimizations in real scenarios.
- Write clean, understandable code before optimizing.
- Refactor code for simplicity and maintainability.
- Ensure performance optimizations are backed by profiling data.
- Document decisions to maintain code clarity.
- Implement logging and monitoring tools.
- Set performance benchmarks and track against them.
- Collect metrics on user experience and response times.
- Regularly review performance data to inform enhancements.
Code Maintenance
- Identify complex or poorly structured code.
- Break down large functions into smaller, more manageable ones.
- Use meaningful variable and function names.
- Eliminate repetitive code by using functions or classes.
- Test refactored code to ensure functionality remains intact.
- Conduct a code review to identify unused code.
- Delete any code that is not executed or referenced.
- Remove outdated comments that do not reflect current code.
- Ensure that remaining comments are helpful and concise.
- Document the removal process for future reference.
- Regularly check for updates to dependencies.
- Test the software after updating dependencies to catch issues.
- Document version changes and their impact on the codebase.
- Use a package manager to streamline updates.
- Review compatibility notes from dependency maintainers.
- Define criteria for deprecation of code or features.
- Notify stakeholders of upcoming changes and timelines.
- Provide alternatives or replacements for deprecated features.
- Remove deprecated code in a future release cycle.
- Keep records of deprecated items for reference.
Use in Manifestly