Article: Implementing Automated Governance for Coding Standards

by Floyd Marinescu on Jul 26, 2007 |
Most development organizations of a significant size have some form of coding standards and best practices. Simply documenting these standards and keeping them up to date can be a significant challenge and enforcing them even harder.  In this latest InfoQ article, Mark Figley, who leads the architecture group at AIG United Guaranty, writes about about how his organization has found that enforcing coding standards and best practices in an automated fashion through their build process has been highly effective.

Read  Implementing Automated Governance for Coding Standards.

In the article Mark talks about how they evolved to use a server-based build process where various tools scan code for possible problems, as well as best practices for implementing an automated code governance strategy.

What tools/processes are you using for managing your coding standards?

Related Editorial

Hello stranger!

You need to Register an InfoQ account or to post comments. But there's so much more behind being registered.

Get the most out of the InfoQ experience.

Tell us what you think

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Email me replies to any of my messages in this thread
Community comments

Who is not doing it? by Vikas Hazrati

Interesting article but most of the thoughts and ideas seem to be ages old. However, I don't know of any serious software companies, departments who are not using continuous integration and developers checking in code using FTP (huh?).

Re: Who is not doing it? by Andrew Perepelytsya

In AIG world it's absolutely possible, so from Mark's standpoint it fully applies and is current. Leading a focused and agile team (or multiple teams) is very different than an architecture group at a monster, which AIG is. But I agree, nothing new in the article technique-wise. The political effort of putting this process in AIG, that would be a real insight :)

Re: Who is not doing it? by Mark Figley

Vikas,

I completely agree that the strategies of utilizing source control and a centralized build process are in fact ages old. I am not sure I agree with you on how broadly those best practices are implemented, but they are definitely not new ideas. The only reason that I talk about locked down environments and centralized build concepts in the article is because they are required precursors for the automated software audit strategy (which is the focus of the article) to work, and in my experience you cannot take for granted that those best practices are already in place.

So I understand your thoughts on the relevancy of FTP check-ins, but I wonder if all of those same organizations you referenced have implemented their organization's coding standards as an automated software audit infrastructure that scans every class during every build for code that does not follow the standards? And I am not talking about executing a batch of unit tests as part of a build. I am talking about pattern rules broadly applied over the entire codebase. In my experience organizations having that infrastructure in place is more rare, and that is the value that I was hoping to provide with this article. Does that make any sense?

- Mark

Re: Who is not doing it? by Vikas Hazrati

Mark,

Well, the organizations that I am talking about have checkstyle and PMD mapped to their build process, hence they do check it with every build. Finally a report is generated on the Maven dashboard with the number of violations for the team to work on.

Vikas Hazrati

Re: Who is not doing it? by Kalyan C

perfect! even we have integrated PMD into our IDEs n running them right from the start of development phase... so need for any centralized approach here.

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Email me replies to any of my messages in this thread

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Email me replies to any of my messages in this thread

5 comments

Educational Content

General Feedback
Bugs
Advertising
Editorial
 InfoQ.com and all content copyright © 2006-2013 C4Media Inc. InfoQ.com hosted at Contegix, the best ISP we've ever worked with.
Privacy policy