Tuesday, May 24, 2016

Your Builds Should Compile Without Warnings

Few developers would disagree with that statement. Yet it's rare when I come upon a project where I can build successfully without any compiler or build warnings. Why is this the case? Why are we not more rigorous as a profession?

The objections I usually hear are that warnings are nit-picky and the team was on a time crunch. This is not acceptable in my opinion. It's a classic case of racking up technical debt without an immediate plan to pay off that debt. A big no-no.

Let's review a few of the bugs I have come across in my time trying to clean up warnings.

1. Sql injection security holes - I have actually found a few of these in my time cleaning up code warnings. If you use dynamic sql to build up a sql query and don't parameterize your inputs (eek!) then you expose yourself to a sql injection attack. Code warnings can detect this.

2. Memory Leaks - If you instantiate a class that implements IDisposable and don't dispose it you are wasting memory and relying on the garbage collector to do the job. These bugs suck to find in production. Best to find them with the compiler.

3. Conflicting DLL versions - This build warning is gross and often difficult to track down. It means that somewhere there are two references to the same DLL but with a different version. Ignore this warning at your own peril, there is no telling the type of runtime errors that might result.

Considering warnings can detect and fix these types of problems at runtime it seems the excuse your team was on a time crunch is a very bad one. You are trading short term speed for long term pain.

How to achieve a build without warnings?
From the very beginning of a project the build should be set up to fail if there are any warnings. And the warning level should be set high. If there are nit-picky warnings (there are admittedly quite a few) that can be ignored then decide as a team to have the compiler suppress them. It should be a conscious decision. Start out strict and dial back the strictness after carefully reviewing each warning.

6 comments:

  1. Our proprietary method brings together the best of technologies click this over here now and individuals to supplyadditional hints enterprise-affecting results with breakneck velocity

    ReplyDelete
  2. I'm also visiting this site regularly, this web site is really nice and the users are genuinely sharing good thoughts.
    article source

    ReplyDelete
  3. The problem is that you provide may be worth our time and also effort.
    Ministry Of Freedom Jono Armstrong

    ReplyDelete
  4. Remarkable blog! I have no words to praise, it has really allured me.
    leading companies

    ReplyDelete
  5. The written piece is truly fruitful for me personally; continue posting these types of articles.
    user experience experts

    ReplyDelete
  6. I hope you will share such type of impressive contents again with us so that we can utilize it and get more advantage.
    the UI company

    ReplyDelete