When it comes to house cleaning, there are two kinds of people.
There are those who like to do a small bit of extra work each day to tidy things up and make life easier down the road, and then there are those who would rather wait until down the road is actually here, and it becomes a question of “clean or die.”
However, when it comes to software development and auditing source code, the 'put it off until another day' route can be a path to disaster. All too often, finding the time when it’s convenient to conduct a source code audit, or when you miraculously have more time, or when you have more free hands available to help, never comes.
Even worse, once you finally conduct a source code audit it's easy to get hamstrung by uncertainty about whether refactoring the code is going to do the trick, or if rewriting is going to be necessary.
We’ll take a closer look at the refactoring versus rewriting debate, define those terms, talk about when and why one might be a better choice, and finally we'll offer some solutions/daily habits that can help keep your code running smoothly.
But first of all, let’s take a look at when and why source code auditing might be a good idea.
When is Source Code Auditing Necessary?
There are a lot of reasons why you might want to look into conducting a source code audit. When you're working with code that's been created by multiple developers, code that has undergone numerous alterations and expansions, and code that was written while your team was under the gun to bring a project in on time and under budget – all of these are areas that have the potential to create future headaches.
Of course, you want to ensure that the application you’ve created through all your hard work is performing in the way it was intended and at optimal efficiency. Even top developers agree that there are times when having an outside set of eyes go over your source code to help identify any potential problems or conflicts can come in handy.
A source code audit is something that more and more companies are realizing is not a luxury, or a dreaded chore that must be completed once a year, but actually an ongoing aid to keeping their applications running optimally.
Here are a few situations when a source code audit might be on the cards:
• New Hire/New Team Member - When you bring someone new into your software development team, it’s a good idea to double-check that the code they’re creating is up to snuff.
• Performance – Ensuring that the code’s performance is optimal.
• Security Review – Making sure there are no unnoticed, unnecessary security vulnerabilities baked into your code.
• Ease of Maintenance – Ensuring your code is written in such a way as to make future alterations or expansions easy.
• Compatibility – Making sure your source code runs as intended on all the platforms for which it is designed.
• Rewriting Versus Refactoring – Assessing your source code to determine if refactoring portions of it will be sufficient to eliminate issues, or if sections will require rewriting.
Let’s start by breaking down what the differences are and when each approach might be necessary. Then we’ll look at how it's possible to approach ongoing source code clean-up in order to avoid potential pitfalls.
Source Code Auditing: What Is Code Refactoring?
Code refactoring is widely defined as the process of changing an application's source code without altering its external behavior. According to Martin Fowler, who literally wrote the book on the subject all the way back in 1999, refactoring is defined as “...a disciplined method for restructuring an existing body of code, altering its internal structure...” while leaving its external behavior intact.
Fowler notes that one way to think about code refactoring is to look at it as a “...series of small behavior preserving transformations.” While each of these individual transformations do little in isolation, when taken in sequence they can result in a significant restructuring.
Crucially, since each individual refactoring is relatively small, there is less likelihood that anything can go seriously wrong. Since the system as a whole is kept fully functioning after each tiny refactoring, there's almost zero chance that a system can be seriously broken during the process.
Source Code Auditing: What is Code Rewriting?
Code rewriting on the other hand is sometimes referred to as “the nuclear option.” Opting to go with rewriting your application's code stems from an indication that your current source code is in need of a complete overhaul and replacement. It's going to be a more expensive, more extensive, and more time-consuming process that can slow time-to-market and/or new feature delivery.
While that sounds apocalyptic, there are actually some clear advantages to rewriting if your source code audit reveals systemic issues.
Consider for instance that when doing a rewrite, you aren't exactly starting from scratch.
That's because you have the benefit of experience. You know your current application's source code – its weaknesses, its strengths, its design flaws, current requirements and road map to the future, after all.
You can plan and design your new system to reflect and build on this knowledge, making a stronger, more streamlined and better system as a result.
Refactoring vs. Rewriting: Which Is the Right Choice?
So, you've gone through your source code audit, and your application has been shown to have some issues. How do you know what the right choice is – to attempt to refactor your code a bit at a time, or to start over with a total rewrite? Here are some of the key points to consider when you're looking at whether to refactor or to rewrite.
Are these changes part of a larger architectural shift? - If the plan is for a major shift in your product's architecture, say from monolith to microservices or serverless, there might not be a better time to bite the bullet and just rewrite. It's a great opportunity to update and streamline your application from soup to nuts.
Is it the core of your business? - If the legacy system in question is the heart of your product, you are probably going to be reluctant to stop, or even to slow down or devote precious resources to a total rewrite. It's likely that progressive refactoring is the better choice in this case.
- Are the original devs who wrote the legacy system still around? - If they are, then rewriting is likely to be significantly smoother. If not, delving into the guts of a whole lot of unfamiliar code can be a recipe for delay and error, in which case refactoring might be the way to go, all else being equal.
Source Code Auditing and Avoiding the Need For Either Refactoring or Rewriting
So, yes, it's a good idea to get a source code audit done for any number of reasons, many of which we mentioned above. The fact of the matter is, studies show that each hour spent in source code review will save you 33 hours in maintenance.
But having said that, there are a few ongoing maintenance items you can look at regularly that will help to minimize the pain of a major refactoring or a rewrite. The idea isn't necessarily to do all of these every day, but to maybe do one or two each day on a rotating basis to keep your code readable, easier to maintain, and easy to work with when changes are required. Here are a few:
Eliminate commented-out code – It's distracting and confusing for devs, and just creates more work and more lost time trying to figure out what's needed and what's not.
Add or update XML documentation to public members – At the end of the day, make sure every public member on every file you've touched has XML documentation tags.
Make sure the code follows team standards – Each team should have a single agreed-upon coding standard.
Get rid of unnecessary indentation levels – This improves readability and reduces cognitive load.
Ask About Laracle Source Code Review and More
Laracle's source code review services can help you at any stage of the game, from periodic reviews during development, to auditing just before launch, to vetting new hires, to reviewing applications that are up and running.
Best of all, our team's source code audit report will not only offer recommendations regarding whether you need to refactor portions of your code or rewrite it – we're also fully prepared to perform those tasks for you. We'll help you make sure your code's readability, ease of maintenance, compatibility and security are all clean and that your products are well-positioned to take your company forward into the future with minimal headaches and issues.
Drop us a line today by clicking here, and our customer service team will reach out ASAP. The sooner you get your source code audit started, the sooner your application will be running optimally!