How about, Unit-testing doubles development time
Gordon Wilson
2009-01-11 02:07:41
One of the greatest related quotes I heard a bit ago freely paraphrased "*I read twitter the other day and noticed that some management guy was complaining that unit tests are bad and hurt the product he's responsible for because now his team of bug hunters find only a fraction of the amount of bugs as they did before and now he feels a lot less safe allowing the release of new versions because of that.*"
Esko
2009-12-02 19:04:06
well, thats true if you don't know how to write unit tests.
Frank Schwieterman
2009-12-03 01:15:10
An interesting aside is that I found my rate of bugs to be about twice as high inside my unit tests as in production code. Does unit testing catch production bugs, yes, and that's priceless. Does it slow things down, yeah, not only does it find more bugs for me to fix in the production code, but I also have to hunt down all kinds of unit test bugs too! :-)
Brian Knoblauch
2010-03-18 20:10:43
This one depends on the kind of app you're writing. If you're app is highly dependent on API calls, the time spent setting up mocks can be substantial.
Billy ONeal
2010-03-18 20:49:29
+48
A:
You need to know all of your requirements ahead of time because it's too expensive to change things later in development.
In reality, no one ever knows all of their requirements ahead of time and you can develop code in such a way as to mitigate the inevitable changes and new requirements. This might not be as much as truism as it used to be now that Agile development methods have gained currency.
tvanfosson
2009-01-11 02:11:32
I don't like down voting, but this is not a truism. Numerous large corporations use Agile Methologies now, and this answer is simply a vote in favor of Agile, which is really a completely different discussion.
Jonathan Beerhalter
2009-01-11 03:31:28
Regarding requirements, it's good to get as much as possible up front, but it's not good to rely on it.
Mike Dunlavey
2009-01-11 03:52:16
@WindyCityEagle -- it may not be quite as prevalent as it used to be among developers, but I find it to still be prevalent among my customers and, to a lesser extent, the managers in our organization.
tvanfosson
2010-03-18 20:45:59
+18
A:
Everything should be done in stored procedures
or inversely
Never use stored procedures
TheTXI
2009-01-11 02:11:50
Never use stored procedures is a really great rule. Cases where stored procedures are a good idea are extremely unusual, it's pretty much always a very bad thing.
taw
2009-01-11 03:22:40
@Taw: Your statement is a broad generalization that lacks any supporting documentation whatsoever. Could you please provide some sort of statistical analysis that proves your claim? My experiences, though anecdotal at best, would argue otherwise.
Mike Hofer
2009-01-11 03:26:46
I hope that in the future there will be compilers that are smart enough to understand that some code needs to be run as a stored proc and some code in the another layer. The compiler should decide what's the best place to run a piece of code. Bring the data to the code or to bring the code to the data? The compiler or the JVM or the Common Language Runtime should make the most optimal choice.
tuinstoel
2009-12-02 21:23:58
An aside question, where did this idea start? I swear on my first day ten years ago I was told "Here is you seat, your computer, and oh by the way, Java is slow"
Jonathan Beerhalter
2009-01-11 03:26:48
Java applets, I think. Java applets have always loaded slowly and froze the browser while they were loading.
Ross
2009-01-11 03:33:30
It started back when Java was first released. Back when it really was slow.
Bill the Lizard
2009-01-11 03:35:33
The JVM has come a long way since the early releases. Back then it was all interpreted, and yes... SLOW. Since then it's got a lot of snazzy features like just in time compilation, and ever improving garbage collection. It is definitely not slow now days.
madlep
2009-01-11 04:12:54
Knock knock. Who's there? ......... ........... ........... .......... .......... ........... ............ ........... ........... ........... .......... .......... .......... ............ .......... ............ ............ Java
Jason
2009-12-03 01:32:05
@Ross: You're correct about everything except the past tense. They still load slowly and freeze the browser while loading.
Billy ONeal
2010-03-17 03:14:05
+21
A:
Documentation can be written after the software has been deployed. (We'll have time to do it then)
mezoid
2009-01-11 02:15:25
Oh man, +5 if I could have given it. this one is sometimes treated as the word of god.
shoosh
2009-01-11 02:28:52
Incorrect #defines aren't a valid argument for using magic numbers.
Bill the Lizard
2009-01-11 03:54:29
Ugh. I hate magic numbers. I'm fine with #defining (or const, or static, whatever), but PLEASE DON'T HARD CODE PLAIN NUMBERS.
jvenema
2009-12-03 14:22:45
@jvenema -- not even 0? `if (results.Count() > 0)...` really bothers you so much that you'd use a macro or a variable to hold the value.
tvanfosson
2010-03-18 22:06:06
OK, you win. 0, and potentially 1 (depending on the situation) are probably reasonable. Beyond that though...the number of times I've seen some random number hard coded in some code I'm maintaining makes me want to cry.
jvenema
2010-03-19 03:43:44
+15
A:
Our project is going to miss it's deadline!....quick lets throw more people onto the project! (ie Mythical Man Month)
mezoid
2009-01-11 02:20:16
It takes 9 months for a woman to give birth. Adding more women will not accelerate the process.
LiraNuna
2009-12-03 00:28:32
More specifically, if it takes 1 woman 9 months to give birth, 9 women can do so in 1 month.
Dolph
2010-03-17 04:11:47
@Tom: There are mythologies where gods were born that way, but from a software point of view the integration testing is awfully important.
David Thornley
2010-03-18 20:29:24
+35
A:
Lines of Code is a good way to track productivity of your developers and overall project health.
Michael Stum
2009-01-11 02:26:11
I have to admit that I read this and the stopped and thought to myself, "When was this EVER true?"
JasCav
2009-12-02 21:54:00
So true. The days I'm feeling more productive I almost always end up with less lines of code than when I started. And that is good.
Sergio Acosta
2010-03-18 20:28:54
+19
A:
Your user interface doesn't matter so long as the code works.
Garry Shutler
2009-01-11 02:29:11
+22
A:
You don't need to worry about security until later on in the project.
Garry Shutler
2009-01-11 02:44:05
+16
A:
There is one True way of programming that's suitable for everything, and any other way is always wrong. Mostly seen among OO or functional fanatics.
dsimcha
2009-01-11 03:05:26
Actually, I think that "people who like to dictate extensive coding standards" might be a better-fitting set.
Mike DeSimone
2010-03-18 20:53:54
+2
A:
Performance-related falsisms:
- To find performance problems you have to run the code as fast as possible and time it every which way, guessing where the problems are based on how long things take or how many times they are invoked.
That is fine for monitoring program health, but pinpointing problems is not about measuring. It's about finding cycles that have poor reasons. This does not require running fast. It requires detailed insight into what the program is doing (typically via sampling as much of the program state as possible and understanding in detail why it's doing what it's doing at each sample time).
- To find performance problems you need a large number of samples so as to get high measurement precision.
Typical performance problems worth pursuing take from 10% to 90% of execution time. (That is how much execution time is reduced after you fix them.) The object is to find the problem, not to know precisely how big it is. Even a small number of random-time samples is virtually guaranteed to display the problem, assuming they are taken during the overall time span when the performance problem exists.
- Compiler optimization matters.
It only matters in code that 1) you actually compile (as opposed to libraries), 2) you actually spend much time in (as opposed to code that spends all its time calling functions, explicitly or implicitly).
Mike Dunlavey
2009-01-11 03:19:24
+29
A:
Programmers at the same level are completely interchangeable
BobTheBuilder
2009-01-11 03:24:47
+8
A:
The one that irks me the most: Published "best practices" work for everyone.
Malarky.
Every company is different. The staff is different, the business model is different, the clients are different, the fiscal outlook is different, the culture is different, the politics are different, the technology is different, the long and short term goals are different, and on and on and on.
What works for one company will not necessarily work for another company. And I cannot repeat this enough: There is no silver bullet. Just because some guy (or some group of guys) wrote it in a book and slapped a fancy title on it does not make it irrefutable, beyond reproach, or an iron-clad guarantee that it will work in your situation.
You should carefully review any given "best practice" (or mediocre practice, for that matter) for its suitability for what you're doing, where you are, and where you're going before you even think about putting it in place.
Two words, folks: Risk analysis.
Mike Hofer
2009-01-11 03:32:36
I agree, although I think silver bullets do exist for certain very specific situations. As an example, for situations in which it applies, code generation is a silver bullet.
Mike Dunlavey
2009-01-11 03:42:16
Published best practices are a fancy phrase for doing whatever everybody else is doing, or to express it in one word, "mediocrity".
David Thornley
2010-03-18 20:30:22
+3
A:
Computers are really clever and will solve any problem we encounter.
From what I've seen over the years, there appears to be two distinct groups of people: those who think computers are really clever and those who think computers are really dumb. Unfortunately, most people think the former is true when in fact computers are really dumb - they do exactly what we tell them do, even if that is to start a global themonuclear war.
Skizz
Skizz
2009-05-18 10:47:48
+5
A:
Use a simple editor or IDE and you will be productive at once.
Not spending your time learning hotkeys, regex-based editing and other power features of a professional tool may save you some days and will cost you hundreds of them.
fgm
2009-05-18 10:48:30
+8
A:
"SQL in code is bad! Get the SQL out, and then we're good on data access." This simplistic thinking contains some truth but causes a lot of problems. Good data access strategy is sooooo important.
- Unless you know how and why data layers, sql functions, etc. can make things much better, just busting things out into procedures and functions can actually decrease the quality of your solution.
- Thinking simplistically that getting sql out of your code is what really matters keeps you from really thinking through your data access scheme.
- SQL in code is a bad smell. In an imperfect world though, you take short cuts, and this can be a legitimate place to cut corners. If you're not really going to separate your concerns properly, making 60 poorly named sql procedures and functions just makes life harder on the guy who has to come fix the mess a few years later. I know because I've been that guy several times.
Patrick Karcher
2009-12-02 15:01:54
+3
A:
Pair programming means double the development cost!
Pair programming. What researches say on the costs and benefits of the practice. would be a source to counter that.
JB King
2009-12-02 18:53:39
Wouldn't it be "pair programming doubles the development *cost*" because you're paying two people to work while only one "actually" works? (I.e. assuming programming is like manufacturing, and idle hands are thus lost productivity.) Shoot, pair programming should pay for itself because programmers will spend less time on CW questions on SO... ^_^;;
Mike DeSimone
2010-03-18 20:58:51
My pair programming days have gone through a bit of an evolution. While some of the time, the non-typing part of the pair may appear to be idle, he or she can be looking for typos or other optimizations to the code that may be worth exploring. It also prevents one developer from going rogue and spewing out tons of crappy code just to get something done.
JB King
2010-03-18 21:54:57
I've heard people argue that exceptions shouldn't be used, ever, because they break this rule.
Quibblesome
2009-12-03 00:56:43
This actually were true back when using languages (such as basic) that didn't have support for actual functions / procedures, but only goto. But that was a looong time ago! :-)
Rasmus Kaj
2009-12-03 01:33:11
Back when I wrote BASIC programs, we didn't necessarily limit ourselves to only one RETURN for each GOSUB.
David Thornley
2010-03-18 20:27:04
@Kevin Panko - This is one of the few cases where Joel is talking total crap. In a managed environment exceptions are MUCH better. They are more flexible, can be moved around much more easily and can instantly return a helpful message (as opposed to a code). If done correctly they are miles better than error codes they also force the developer to deal with them as opposed to making it optional. They also make the code clearer as error handling isn't munged into same logic as the "normal case" code. Your error handling can exist separately.
Quibblesome
2010-03-22 17:43:53
@Quibblesome For the record, I agree. Just wanted to point out a specific case of a person who made that argument.
Kevin Panko
2010-03-23 21:36:30
+2
A:
Exponential-time algorithms are slower than polynomial-time algorithms.
In linear programming, the simplex algorithm is exponential, but it is typically much faster than its polynomial ellipsoid algorithm counterpart.
Jordan Ryan Moore
2009-12-02 19:00:37
+2
A:
Based on a paper from 1978, people quote that maintenance is 20% corrective, 20% adaptive, and 60% perfective. These percentages came from a survey of managers' opinions, and no empirical evidence. In 2003, another group of researchers (Stephen R. Schach, Bo Jin, Liguo Yu, Gillian Z. Heller and Jeff Offutt) challenged this by studying maintenance data for Linux, RTP, and GCC, and found wildly different numbers. See their paper here: Determining the Distribution of Maintenance Categories: Survey versus Measurement.
Sarah Vessels
2009-12-02 19:04:44
+16
A:
Big-O Notation: O(1) < O(n)
We all make this mistake -- especially me :)
I can't find the post, but I remember reading a microcontroller blogger who described a case where his hardware needed to store some key/value pairs. Performance was critical and a hashtable with constant time lookup seemed to make sense; if I remember correctly, this setup performed quite well for years.
Out of curiosity, the programmer swapped the hashtable with an unsorted linked list, which easily beat the hash table for dictionaries < 20 items. Later, a sorted array and binary search, with O(lg n) lookup, absolutely demolished the hash table with items less than 500 key/value pairs, although slightly slower than a linked list for less than 10 items.
Since the original hardware never stored more than 15-30 keys at any given time, a sorted array replaced the hash table and our blogger becomes dev team hero for a day.
Juliet
2009-12-02 19:47:47
Hopefully anyone who's taken even the most basic Data Structures and Algorithms course won't be fooled by this.
Cogwheel - Matthew Orlando
2009-12-03 00:30:36
Just to clarify, the problem here is people misapplying Big O by ignoring constants, locality of reference, and other real-world concerns. Your first sentence makes it sound like Big O notation itself is flawed.
RossFabricant
2009-12-03 00:33:50
Yup. O(1) means "Constant Lookup", not "fast". If an algorithm takes 5 seconds regardless of size of the lookup, it's O(1), but inferior to something that takes (50 ms * number of items) for sets below 100 items.
Michael Stum
2009-12-03 00:54:18
People misapply Big-O by ignoring that it only really applies when N is *huge*. It's an asymptotic analysis. Some people make the same mistake with randomness, invoking the Weak Law of Large Numbers when the sample set is too small to justify it.
Mike DeSimone
2010-03-18 20:52:19
+3
A:
SQL Server specific: Stored procedures perform better than dynamic SQL because they're precompiled.
Don't know how many times I see this one, but its wrong.
See SQL Server 2000 documentation:
SQL Server 2000 and SQL Server version 7.0 incorporate a number of changes to statement processing that extend many of the performance benefits of stored procedures to all SQL statements. SQL Server 2000 and SQL Server 7.0 do not save a partially compiled plan for stored procedures when they are created. A stored procedure is compiled at execution time, like any other Transact-SQL statement. SQL Server 2000 and SQL Server 7.0 retain execution plans for all SQL statements in the procedure cache, not just stored procedure execution plans.
See SQL Server 2005/2008 documentation:
When any SQL statement is executed in SQL Server 2005, the relational engine first looks through the procedure cache to verify that an existing execution plan for the same SQL statement exists. SQL Server 2005 reuses any existing plan it finds, saving the overhead of recompiling the SQL statement. If no existing execution plan exists, SQL Server 2005 generates a new execution plan for the query.
SQL Server creates an execution plan for all SQL statements on their first invocation, then caches the execution in memory for future use. Apart from edge cases where network latency slows down transmission of huge SQL strings over a network, there is no performance benefit gained by using stored procedures over dynamic SQL.
Juliet
2009-12-02 21:49:42
That stored proc sql and dynamic sql are both precompiled doesn't prove that there are no performance benefits or drawbacks when using stored procs. Do we bring the data to the code or the code to the data? That's the question!
tuinstoel
2009-12-03 06:28:25
+7
A:
Microsoft IIS is insecure / Apache is secure
You hear this one a lot too, but the criticisms of MS/IIS security are about 10 years outdated. Compare vulnerabilities on Secunia:
Apache
- Apache 1.3.x: 22 advisories, 11 vulnerabilities, 1 unpatched (less critical)
- Apache 2.0.x: 41 advisories, 26 vulnerabilities, 4 unpatched (less critical)
- Apache 2.2.x: 17 advisories, 28 vulnerabilities, 2 unpatched (less critical)
Microsoft IIS
To look at it another way, there is a well known article from Mar 2008 which summarizes some findings by Netcraft and Zone-H. Although there are 1.66x as many Apache sites as IIS sites, Apache sites are defaced 2.32x as often, so the ratio of attacks to site is about 1.4. The Slashdot reaction to this article is worth reading.
Juliet
2009-12-03 00:08:50
My reaction is that the numbers are meaningless without some context. Vulnerabilities come in various severities, and more vulnerabilities will be publicly announced in F/OSS than proprietary software. The "0 unpatched" lines could mean that MS got all the bugs, or that MS kept quiet on vulnerabilities they found hard to fix.
David Thornley
2010-03-18 20:35:24
Apache's bug reports are public. ISS's are not. MS can have a list of 100 of them and never let you know, just like they do with IE (and we discover today zero day exploits that they knew about for months).
e-satis
2010-03-18 20:39:04
Corey Hart
2010-03-18 22:11:09
+1
A:
Design your application from the ground up: start with the database model.
Ladlestein
2009-12-03 00:20:44
+3
A:
"Premature optimization is the root of all evil" Knuth
In print it is very often used without the context of the full quote.
Additionally, neither of the two people who are said to have created it, (Hoare is the other) do not claim to have created it.
I typically associate the above quote with laziness and excuses when I hear or read it.
The full quote (whatever the origin):
"We should forget about small efficiencies, say about 97% of the time: premature optimization is the root of all evil."
The difference (by the the added qualification) is huge.
Justin
2009-12-03 00:39:01
I typically associate the above quote with genius; most developers I've worked with make code much, much less maintainable in the name of speed... that they won't ever notice or use.
Dean J
2010-03-18 20:23:56
Worth noting too that in the context of this quote's original appearance Knuth follows it up with a detailed example of an (quite low-level!) optimization that he didn't find premature.
Derrick Turk
2010-03-18 20:42:30
@Paul Nathan- The 'huge' I referred to was the difference in interpretation of the saying when comparing the short versus the long forms of the saying; there is a huge difference between the mindsets of considering optimization, performance, resource demands and resource utilization during architecture and development versus no.considerations.what.so.ever. However, if you want to quantify it, the first 10% of optimizing a program is often 100 times easier than the last 10% ;)
Justin
2010-05-03 05:32:46
+5
A:
The more design patterns you use the better.
Applying design patterns can make code better, and it's great to have a shared vocabulary for developers. However, many solutions don't require patterns, and knowledge of patterns is no substitute for understanding algorithms, data structures, and the fundamentals of problem solving.
RossFabricant
2009-12-03 00:43:54
+2
A:
From the premature-optimizations department:
Denormalize your schema up front because normalized schemas are too slow and full of joins to be usable in the Real World.
Jeffrey Hantin
2009-12-03 00:45:50
A:
Number Of Bugs per Line Of Code measures Quality (yep, not so true or relevant in the practical world as we know it today)
timarmandpour
2009-12-03 00:55:49
+8
A:
Never, ever use a goto cause they're harmful.
This was originally cited as "true" because it was noticed that code with lots of gotos was poor in quality.
This is an example of attacking the misused tool (anyone for try/catch?) instead of the real problem, which is being unable to recognize and prevent unmaintainable, poor-quality code.
wdh
2009-12-03 01:13:18
+5
A:
Reflection (in .net, not sure about Java) is very expensive and therefore extremely slow, hence it should be avoided at all costs.
Michael Stum
2009-12-03 08:10:37
Maybe not at all costs, but it certainly should be avoided for other reasons when it's not needed. It's good for things like unit tests and serialization, but most of the time if you're using Reflection to solve other problems there's a design issue.
Billy ONeal
2010-03-17 03:21:19
A:
Business Development Guy: "If I can write the spec, then anybody can write the spec...so anybody can build my product"
timarmandpour
2009-12-03 19:18:24
A:
Static typing and strong typing are the same thing.
There are plenty of languages that are strongly and dynamically typed out there; Python is a particularly popular example.
Pillsy
2009-12-03 19:27:35
That link has nothing to do with the issue. I'm talking about cases where the issue is deflated or pushed aside with a false promise to "fix it in the next version" to avoid the argument/dealing with the issue at hand, not the natural occurrence of bugs that need to be fixed.
jasonk
2010-10-19 15:05:08
+1
A:
Staying late and working overtime is the only way to make deadlines.
...sure, until you are so bloody exhausted you can barely see straight and the excessive caffeine leads to the shakes or a mental kernel panic.
... to heck with better planning/doing actual estimates/setting more realistic expectations.
jasonk
2010-03-18 20:10:53
A:
We can defer this bug as long as we document it in the release notes.
pborenstein
2010-03-18 20:46:28
A:
A more recent one :
Don't bother with that, hardware is cheap, we'll buy more servers.
Yeah, hardware is cheap. But when you buy a server, you have to pay a price every month for hosting and/or electricity and/or bandwidth. And you add an extra cost to your maintenance too. You spend more time for migrations and deployments.
Yes, hardware is cheap to buy, but unless you are a cloud-computing-virtualisation-sys-admin hero, owning a new computer has significant cost.
e-satis
2010-03-18 20:47:03
+1
A:
Low-level languages (Assembler, C) produce faster code than high-level languages (C++, Java, OCaml). Often when you show people benchmarks that prove the opposite, they even think there's some kind of "trick" involved, because "nothing can be faster than C except assembly, right?"
nikie
2010-04-29 08:37:01