Tuesday, May 24, 2016

Your Builds Should Compile Without Warnings

Few developers would disagree with that statement. Yet it's rare when I come upon a project where I can build successfully without any compiler or build warnings. Why is this the case? Why are we not more rigorous as a profession?

The objections I usually hear are that warnings are nit-picky and the team was on a time crunch. This is not acceptable in my opinion. It's a classic case of racking up technical debt without an immediate plan to pay off that debt. A big no-no.

Let's review a few of the bugs I have come across in my time trying to clean up warnings.

1. Sql injection security holes - I have actually found a few of these in my time cleaning up code warnings. If you use dynamic sql to build up a sql query and don't parameterize your inputs (eek!) then you expose yourself to a sql injection attack. Code warnings can detect this.

2. Memory Leaks - If you instantiate a class that implements IDisposable and don't dispose it you are wasting memory and relying on the garbage collector to do the job. These bugs suck to find in production. Best to find them with the compiler.

3. Conflicting DLL versions - This build warning is gross and often difficult to track down. It means that somewhere there are two references to the same DLL but with a different version. Ignore this warning at your own peril, there is no telling the type of runtime errors that might result.

Considering warnings can detect and fix these types of problems at runtime it seems the excuse your team was on a time crunch is a very bad one. You are trading short term speed for long term pain.

How to achieve a build without warnings?
From the very beginning of a project the build should be set up to fail if there are any warnings. And the warning level should be set high. If there are nit-picky warnings (there are admittedly quite a few) that can be ignored then decide as a team to have the compiler suppress them. It should be a conscious decision. Start out strict and dial back the strictness after carefully reviewing each warning.


  1. Our proprietary method brings together the best of technologies click this over here now and individuals to supplyadditional hints enterprise-affecting results with breakneck velocity

  2. I'm also visiting this site regularly, this web site is really nice and the users are genuinely sharing good thoughts.
    article source

  3. The problem is that you provide may be worth our time and also effort.
    Ministry Of Freedom Jono Armstrong

  4. Remarkable blog! I have no words to praise, it has really allured me.
    leading companies

  5. The written piece is truly fruitful for me personally; continue posting these types of articles.
    user experience experts

  6. I hope you will share such type of impressive contents again with us so that we can utilize it and get more advantage.
    the UI company

  7. Thanks for letting us know about it, these information are really aweosme. You can also check out deezer premium apk it will provide you complete apk file wih unlock features.

  8. Nice answers in replace of the question with real point of view and explaining about that.
    brand design agencies