Mercurial Mercurial > sane-software > sane-software-manifesto / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
ssm-en.xhtml
branchv_0
changeset 3 f31614583438
parent 1 83f6bf9077c5
child 4 53e8012e5461
equal deleted inserted replaced
2:7aca0c2ba72d 3:f31614583438 
   115 		<h2>Sane dependencies</h2>
 
   115 		<h2>Sane dependencies</h2>
 
   116 		<ul>
 
   116 		<ul>
 
   117 			<li>avoid NIH and reuse code but also avoid dependency hell</li>
 
   117 			<li>avoid NIH and reuse code but also avoid dependency hell</li>
 
   118 			<li>know your dependencies, know why they are required</li>
 
   118 			<li>know your dependencies, know why they are required</li>
 
   119 			<li>reduce dependencies to only necessary ones</li>
 
   119 			<li>reduce dependencies to only necessary ones</li>
 
   120 			<li>depend on small and useful libraries – not on bulky application packages</li>
 
   120 			<li>depend on small and useful libraries – not on bulky application packages or libraries with large transitive dependencies</li>
 
   121 			<li>if dependency on bulky application package is inevitable, add a layer of abstraction – create a generic interface and connector and allow others to replace the bulky package with their own sane implementation</li>
 
   121 			<li>if dependency on bulky application package is inevitable, add a layer of abstraction – create a generic interface and connector and allow others to replace the bulky package with their own sane implementation</li>
 
   122 			<li>helper tools:
 
   122 			<li>helper tools:
 
   123 			<ul>
 
   123 			<ul>
 
   124 				<li>if you e.g. use Bash and Perl during the build process, don't add also Python dependency, write it in Perl – or use Python instead of Perl.</li>
 
   124 				<li>if you e.g. use Bash and Perl during the build process, don't add also Python dependency, write it in Perl – or use Python instead of Perl.</li>
 
   125 				<li>Or if you use Java as your main language, consider not using Python/Perl for scripting and use Java for it</li>
 
   125 				<li>Or if you use Java as your main language, consider not using Python/Perl for scripting and use Java for it</li>
 
   128 			<li>if possible, always depend on abstract interfaces, not on particular implementations</li>
 
   128 			<li>if possible, always depend on abstract interfaces, not on particular implementations</li>
 
   129 		</ul>
 
   129 		</ul>
 
   130 
   130 
   131 		<h2>Easily auditable</h2>
 
   131 		<h2>Easily auditable</h2>
 
   132 		<ul>
 
   132 		<ul>
 
   133 		<li>small code footprint and minimal dependencies makes it easy to do security audit</li>
 
   133 			<li>small code footprint and minimal dependencies makes it easy to do security audit</li>
 
   134 		<li>avoid ungrounded refactoring and reformatting – they make mess and noise in the version control system and impede the audit</li>
 
   134 			<li>avoid ungrounded refactoring and reformatting – they make mess and noise in the version control system and impede the audit</li>
 
   135 		<li>refactoring/reformatting changesets should be separated from substantive changes</li>
 
   135 			<li>refactoring/reformatting changesets should be separated from substantive changes</li>
 
   136 		</ul>
 
   136 		</ul>
 
   137 
   137 
   138 		<h2>Reproducible builds</h2>
 
   138 		<h2>Reproducible builds</h2>
 
   139 		<ul>
 
   139 		<ul>
 
   140 			<li>builds should be reproducible: same code/version → same binary package</li>
 
   140 			<li>builds should be reproducible: same code/version → same binary package</li>
sane-software/sane-software-manifesto