The Executive Summary Series: Craftsmanship
Most people are familiar with the term Quality Assurance (QA) as it relates to software development. There is another term related to quality that is probably not as familiar to most software professionals. The term is “Structural Code Quality.”
While standard QA centers around how well a software application meets functional requirements, structural code quality focuses on non-functional items like how well the code that makes up a piece of software adheres to standards, best practices, security, efficiency, and maintainability. For example, are naming conventions used consistently, outdated libraries removed from use, SQL injection points secured, etc.?
The Cost of Poor Craftsmanship
While all of this sounds great, these items can be considered technical debt, which is subject to de-prioritization. We believe this is a dangerous practice. Here is the reason why. Imagine searching for a house and finding two (2) identical dream houses in a desirable location for the right price. If we asked you to choose, you probably would be happy with either one. Now, imagine that we opened the walls in each house. One house has everything built to code and specification. The other house has lead plumbing, shoddy wiring, lousy framing, and a host of other hidden issues. Given this new information, the choice becomes obvious. Why? It’s because the house built to code and specification is built to last. It will withstand adverse conditions and protect the occupants exceptionally well. This analogy extends to software, too. Software that ignores craftsmanship behind the scenes is vulnerable to attack, less performant under pressure, and harder to maintain.
Legacy applications tend to have low structural code quality due to the accumulation of cutting corners to meet deadlines and reduce costs. It’s crucial to deal with these issues as early as possible to avoid building upon a shaky foundation (akin to building additions to the house constructed through poor craftsmanship.) In the case of new applications, it is essential not to let craftsmanship slip in order to avoid the significant cost of repairing the damage caused to the software down the road.
How to Achieve Structural Code Quality
We champion structural code quality at The Canton Group and achieve it through manual code reviews and static code analysis. Manual code reviews are a practice where a software developer gives other team members access to their code for inspection. Code reviews are like writers sharing their work with an editor for feedback that they can incorporate into their prose. Static code analysis makes use of automated software tools that analyze code and provide feedback. These tools are similar to spelling, grammar, and syntax checkers integrated into your favorite word processor to improve your writing.
In summary, here’s what we would like you to take away from this blog post.
- Structural Code Quality focuses on well written, secure, and performant code.
- Ignoring structural code quality is like ignoring codes, standards, and specifications when building a house. It will cost you in the long run.
- The Canton Group delivers on structural code quality through manual code reviews and static code analysis.
- Manual code review is like an editor reviewing a writer’s work.
- Static code analysis is like spelling, grammar, and syntax checkers in a word processor.
If you’d like to hear more about our practices and some of the specific tools we use, please contact us for more information.
What is the Executive Summary Series?
This blog post is part of the “Executive Summary Series.” Derek Frempong designed it to give executives a high-level introduction to software development concepts in an understandable format, with as little jargon as possible, and consumable in 5-minutes or less.