The human brain can only hold and manipulate a small number of items in short-term memory. The number typically cited is seven things, plus or minus two. So to understand code and keep it all in your head, seven should be the limit of things that must be remembered and understood. For example, keep the number of code paths in a routine to no more than seven. Code that fits in your head is a tour of various software heuristics and methods the author has found useful when using this principle to write correct, understandable, and maintainable software.
The heuristics are a mix of low-level and high-level techniques; some are well known and commonly used even if not widespread, others less known; some widely applicable and others less so. Since a heuristic is a general rule of thumb, these may not apply or work in all cases.
The 28 heuristics are presented roughly in the order a developer would encounter them when implementing new software. Hence the first heuristic is to use checklists, and specifically a three-part checklist for a new code base is suggested: use Git, automate the build, and turn on all error messages. A good starting point, though perhaps a bit too specific in mandating Git rather than more generically saying “use source control,” as there are other source control systems that might be better depending on the situation.
All phases of development are addressed from initial coding (the checklist previously mentioned), refactoring, debugging (“bisection”--repeatedly cut the code in half), testing (“reproduce defects as tests”), through long-term maintenance (“regularly update dependencies”). Some are as simple as the “50/72 rule” for writing good messages when committing changes. Others are more complicated: the “Strangler pattern” describes making major changes to a code base by doing them side-by-side with existing code until the old code can all be removed.
Several well-known, widely applicable methodologies are included: Postel’s law and “review code” should be familiar to most software engineers. On the other hand, “X out names” is a low-level technique that is probably unfamiliar to most developers and works best with typed languages. This heuristic suggests looking at a method’s signature with the method name ignored to see how much the signature itself reveals--the parameters and their types, and any return value(s). This can help in ensuring application programming interfaces (APIs) advertise and meet their contract with appropriate types.
Other common heuristics that always apply and fit within the limit of seven are “count the variables” (meaning keep the number of local variables, parameters, and field names in a procedure low) and “cyclomatic complexity” (similarly, limit the number of paths through a routine to seven).
Performance and security are left to the end. For security, the Microsoft STRIDE threat model (spoofing, tampering, repudiation, information disclosure, denial of service, elevation of privilege) is used as a checklist to evaluate an example restaurant application.
This simple online restaurant reservation application is used as an example in much of the book. The entire source code base is available as a Git repository, though the source listings in the book are sufficient to follow the example. The application uses C# and is developed as a Windows ASP.NET Core web project using Visual Studio. The example shows how to develop real code using the heuristics and some of the issues that may arise when applying the recommended techniques. The choice of C# and ASP.NET may make the examples less useful for readers unfamiliar with this framework. The major difficulty is understanding the many ASP.NET routines used. However, the example is simple enough that knowing all the details is unnecessary to understand the techniques being illustrated.
A useful feature is an appendix summarizing the 28 heuristics and where in the book the heuristic is described. A reader could use the appendix as a guide to the book, reading about each heuristic in turn rather than simply reading the chapters in order. A bibliography of 118 relevant and related items is also included, giving the original sources for many of the heuristics.
The book does an excellent job in fulfilling the author’s goal of collecting some disparate methodologies and presenting them in a consistent manner. The writing is thoughtful and clear. The intended audience is enterprise developers and backend developers with several years’ experience, but every developer should find a few new techniques that can be profitably applied to their software.
More reviews about this item: Amazon
