In this issue from March 2017: The importance of removing dead code; How sane people write terrible code; Some thoughts on CloudBleed; An easier way to make secure passwords; the need to Version Everything; and, Paying attention to your sleep cycle.

Sharpen the Saw is a somewhat delayed repost of a semi-regular newsletter of information I publish for the professional development of software developers. While targeted primarily at developers working with the Microsoft technology stack, content will cover a wider range of topics.

To subscribe, send me an email and I’ll put you on the list. Membership is moderated.


Always a way to improve the code you write every day.

Dead Code Must Be Removed

Source code tools like git and it’s older cousin svn make it really easy to track the evolution of source over time - there’s no need to leave old code in place by commenting it out. (I suspect that many developers do this because they don’t know how to look at the history of code within their source code versioning tool.)

There’s another form of dead code, however - code that is no longer used but still potentially executable. This code can be costly when refactoring or other changes require developers to make changes to the code even though it’s not actually used. In some cases, dead code can wreak devastating results when awakened.

In this interview with Kevlin Henney, he relates a tale of zombie code attacking the NYSE and talks about what you do with dead code.

Read more

Being Professional

A great developer does more than just write great code.

How terrible code gets written by perfectly sane people

Any developer with more than a few days experience has seen code and thrown their hands up in horror at the sight of it. In this post, Christian gives a series of perfectly reasonable reasons why a bunch of smart, intelligent and well-motivated people might end up delivering a mess.

  • Giving excessive importance to estimates
  • Giving no importance to project knowledge
  • Focusing on poor metrics such as “issues closed” or “commits per day”
  • Assuming that good process fixes bad people
  • Ignoring proven practices such as code reviews and unit testing
  • Hiring developers with no people skills
  • Agile and done?

Read the article for a discussion on each of these points. You might find it rewarding (if a little uncomfortable) to think about the code you’re currently writing and/or maintaining as you read.

Read more

Staying Secure

Staying safe online and writing secure systems are both harder than we think.

Pragmatic thoughts on #CloudBleed

The recent Cloudflare bug has been getting a lot of press. The nature of the bug means that it is very hard to assess just how damaging it has been. Some are saying that it’s a storm in a teacup - others that it’s the end of the world and every password should be rotated immediately.

As usual, Troy Hunt has taken a moderate stance and has a well-opined assessment of the issue on his blog. It is well worth the read.

Read more

There’s a new way to make strong passwords, and it’s way easier

If you do decide that CloudBleed means that it’s time to rotate all your passwords, it turns out that an easy way to make passwords stronger is to make them longer - they don’t need to be that cryptic as long as they are much longer than usual.

Next time you’re creating a new password for a new site (you are using a distinct password for every different site, aren’t you?) try this approach instead.

Read more


Sometimes the answer is random.

Version Everything!

There’s a lot more that goes into the development of a complex software system than just the source code itself. Build scripts, configuration files, database schema, static data, and more, are all things that need to be tracked and versioned. Failing to do so can cause very odd problems - such as defects that can’t be reproduced in the test environment.

Read more

Video of the Week

Take some time to feed your mind.

Pay Attention to Your Sleep Cycle to Always Wake Up Early

If you’re not sleeping well (something I’ve struggled with for years), one key might be to pay attention to your sleep cycle. This video explains more.

Watch now


blog comments powered by Disqus
Next Post
Prefer declarative method names  03 Feb 2018
Prior Post
Using Premeditation  27 Jan 2018
Related Posts
Browsers and WSL  31 Mar 2024
Factory methods and functions  05 Mar 2023
Using Constructors  27 Feb 2023
An Inconvenient API  18 Feb 2023
Method Archetypes  11 Sep 2022
A bash puzzle, solved  02 Jul 2022
A bash puzzle  25 Jun 2022
Improve your troubleshooting by aggregating errors  11 Jun 2022
Improve your troubleshooting by wrapping errors  28 May 2022
Keep your promises  14 May 2022
January 2018