paint-brush
How to Stop Developers from Writing Low-Quality Code by@hbvanveen
564 reads
564 reads

How to Stop Developers from Writing Low-Quality Code

by Bernie van VeenNovember 4th, 2020
Read on Terminal Reader
Read this story w/o Javascript
tldt arrow

Too Long; Didn't Read

The ISO/IEC 25010 software quality model describes performance, compatibility, portability, usability, reliability, security and maintainability as additional aspects of software quality. Good software quality is imposed by adding build-breakers to the build pipeline that checks the quality of the code added to the program. The only way to stop a developer from writing low quality code is to break the build. The result of low quality software can be performance issues, increased maintenance cost, bugs, difficulty in changing the software and security vulnerabilities.

Company Mentioned

Mention Thumbnail
featured image - How to Stop Developers from Writing Low-Quality Code
Bernie van Veen HackerNoon profile picture
Developers tend to go for getting things working, ending up with a working program, lacking the quality you would like to see. In this article I will explain how to get quality code as well.Quality software is not only software that is doing what it should do. Next to the functionality, a maybe even larger amount of non-functional requirements determine the quality of software. The software quality model describes performance, compatibility, portability, usability, reliability, security and maintainability as additional aspects of software quality (1). But assuring the required quality in all of these aspects appears to be hard when finishing the last few lines of code of the new feature at the end of a long working day.The result of low-quality software can be performance issues, increased maintenance cost, bugs, difficulty in changing the software and security vulnerabilities. These are all things you would rather avoid, but that requires building good quality software. So, despite high workload and despite the urge to finish that new feature today, we do not want anyone to write low-quality code. How to stop a developer from doing that?

The only way to stop a developer is to break the build!

Every time new code is written and added to the program, the build pipeline is running, a practice known as (2). The build pipeline builds the program and runs various checks to see if the program is behaving according to the requirements. If something is wrong, the build pipeline will stop and report about the problem, which is referred to as a broken build. The problem will have to be fixed first to get to a successful build. So if we want to stop a developer from writing low quality code, we must make sure the build breaks as soon as low quality code is added.Therefore, we add build-breaking checks (build-breakers), to the build pipeline that checks the quality of the code added to the program.

Examples of these checks are:

  • static application security tests (SAST), which examine the programming code for security issues
  • static code analysis, which checks for coding style and coding issues
  • dynamic application security tests (DAST), which examine the running program for security issues
  • unit tests, which automatically perform small tests on the program
  • fuzzing tests, which send random input to the program and check for unwanted behaviour
  • performance tests and end-to-end tests, which test the program as a whole.
OWASP features an extensive (3) useful for checking software quality. Most of these can easily be added to a build pipeline. If you want some examples of how to integrate these tools in a build environment, feel free to check out the of the company I work at (4). We added specific quality checking docker containers as build-breakers in our Google Cloud Build to make sure we build quality in. The screenshot below shows a broken build because the SAST scanner found some issues.
Considering all of this, good software quality is imposed by adding build-breakers to the pipeline. The more you break in the pipeline, the less you break in production.
Lead image by Joëlle van Veen

References

  1. , retrieved 23 October 2020
  2. , retrieved 23 October 2020
  3. , retrieved 23 October 2020
  4. , retrieved 23 October 2020
바카라사이트 바카라사이트 온라인바카라