Skip to main content

Maintainablilty

A question:

What does the following code do? 
public static string GetThing1(string s) 

     return s.Substring(s.Length / 2 - (1 - s.Length % 2), 2 - s.Length % 2); 
}

Given that code, take a look at the following, what doe this code do?

public static string GetThing2(string s)
{
    //Given a string return the middle char if odd, middle 2 if even
    string retVal = "";
    bool even = (s.Length % 2 == 0) ? true : false;
    int middle = (s.Length % 2 == 0) ? s.Length / 2 - 1 : s.Length / 2;
    if (even)
        retVal = s.Substring(middle, 2);
    else
        retVal = s[middle].ToString();
    return retVal;
}

 It probably didn't take too long to figure out they both do the same thing. They are two different answers to the following question:
Write a function to get the middle character of a string. Return the middle character if it the length is odd, or the middle 2 characters if the length is even.
Which version took less time to understand? Personally, I found the second version easier to understand. I also figure it will be easier to debug. 

And so?

I happened across these two solutions at CodeWars.com. The first answer was voted a best practice.  
Isn't maintainability a best practice? Isn't clarity a tool for enhancing maintainability? I think that under the assumption that the code I write will be looked at later by someone who has no idea what the code needs to do, I need to leave as many markers as possible. I need to be explicit in my coding. This might be an extreme example. The second version could be re-written to be more concise - especially to try and get rid of some of the extra memory used. 

 But what about making the fact that the return is value is a "this" or "that" known explicitly? The intent is obscured in the one-liner. This becomes a more interesting trade-off - will this routine be called frequently? How much are we paying in performance for the conditional? Does it need to be streamlined? How do you keep maintainability and meet that goal? 

As Abelson and Sussman phrase it in “Structure and Interpretation of Computer Programs,” “Programs must be written for people to read, and only incidentally for machines to execute.”
(quote from Code Watch: Let's be clear about code clarity)
 
These are the questions I am asking myself about this code - what about you?
Labels:

Comments

Post a Comment

Popular posts from this blog

You don't really know who you're talking to online...

The following is a story that I think highlights the assumptions that get you into trouble online... https://www.proofpoint.com/us/blog/threat-insight/i-knew-you-were-trouble-ta456-targets-defense-contractor-alluring-social-media This is particularly scary since we found so much utility in online connections during the pandemic and out of necessity, started trusting more online. Please note the timeline for this breach - it was a long, slow process, a key factor in many 'cons'. "Build trust" is a key first step, once someone has identified you as a party. You think...you're convinced you know who your talking to, but if you don't triangulate the identity with some non-online, ideally in-person information, you shouldn't trust. And even if you do get what seems like real-life confirmations of identity, you must look at questioning motives, needs, and keeping danger at arms-length. Online includes email, texting (sms), application chatbots, voice communicati...
Post a Comment
Read more

Threat Modeling Manifesto

Secure Your Code with Threat Modeling As a software developer, security should be a top priority. By proactively identifying and addressing potential vulnerabilities, you can significantly reduce the risk of breaches and data loss. What is Threat Modeling?   Threat modeling is a systematic approach to identifying, assessing, and mitigating security threats. It involves looking at your system from a hacker's perspective to uncover weaknesses and devise strategies to protect against attacks. See the  OWASP Cheat Sheet   Why is Threat Modeling Important? Proactive Security: By anticipating potential threats, you can take steps to prevent them. Risk Mitigation: Identify and address vulnerabilities before they can be exploited. Regulatory Compliance: Adhere to industry standards and regulations. Enhanced Security Posture: Strengthen your overall security posture. How to Get Started with Threat Modeling   The Threat Modeling Manifesto provides a valuable framewor...
Post a Comment
Read more

Where threat modeling can shine - an example from the EU MDCG-2019

From the  EU  MDCG 2019-16 Guidance on Cybersecurity for medical devices, December 2019 , this is the guidance on foreseeable risks.  Medical device manufacturers should ensure that a medical device is designed and manufactured in a way that ensures that the risks associated with reasonably foreseeable environmental conditions are removed or minimised. This may include the infield monitoring of the software’s vulnerabilities and the possibility to perform a device update (outside the context of a field safety corrective action) through, for example delivering patches to ensure the continued security of the device. During the risk management process, the manufacturer should foresee or evaluate the potential exploitation of those vulnerabilities that may be a result of reasonably foreseeable misuse. This, however, may depend on the specific situation. For example, using an unsecured memory-stick to enter data into a medical IT system can be considered “reasonably foreseeabl...
Post a Comment
Read more