Of late I am coming across many social media posts and blogs about refactoring. From a software quality standpoint, it is pertinent to keep the code current and tech. debt down way low. In many aspects of software development like performance and security, keeping the code clean plays an important role and there has already been any number of conference talks on this. Let’s talk about code decluttering and security
As software security gurus profess, software security is an ongoing process, not a checklist of ‘done’. A watchful eye from a software security standpoint is always needed while writing, maintaining, reviewing, committing, and deploying code. A whole bunch of tasks are involved which can/should be automated and be part of the pipelines to reduce human fatigue and boredom which might lead to security loopholes, but at the same time, there should always be human supervision on top of them. This is especially true while the code is being modified or refactored. This will prevent a lot of heartburns during Software Testing phase.
Today’s world of committing code frequently and in chunks is a reality. We cannot keep the customers waiting for months together for a simple upgrade that would take some ten minutes to commit. At the same time, are we looking at the security aspects from a bigger picture and see how that specific commit affects the security aspects is something we need to pay attention to. When code commits are done frequently and tech. debt is kept down because of the constant maintenance of the code, if the security analysis is also done as part of the review, the security vulnerabilities could be avoided/prevented preemptively.
Let me conclude this article on code decluttering and security by saying that it is important to have the security expert take part in pair programming/ensemble programming/peer reviews. I know it is tuff to get their time, but then where are they spending their time if not while the code is being prepared?
For your organisation’s software quality needs, get in touch with me.