概述
这是为C# 开发者准备的通用性代码审查清单,可以当做开发过程中的参考。这是为了确保在编码过程中,大部分通用编码指导原则都能注意到。对于新手和缺乏经验(0 到 3 年工作经验)的开发者,参考这份清单编码会很帮助。
清单
- 确保没有任何项目警告(VS project warnings)。
- 如果先执行Code Analysis(启用所有Microsoft Rules)再消除所有警告就更好了。
- 去掉所有没有用到的 using。编码过程中去掉多余代码是个好习惯。
- 在合理的地方检查对象是否为‘null’,避免运行的时候出现 Null Reference Exception。
- 始终遵循命名规范。一般而言变量参数使用Camel 命名法,方法名和类名使用Pascal命名法。
- 请确保你意识到 SOLID 原则。
维基百科定义: 在程序设计领域,SOLID (单一职责、开闭原则、里氏替换、接口分离以及依赖反转) 是由罗伯特·C·马丁在 21 世纪早期引入的记忆术首字母缩略字,指代了面向对象编程和面向对象设计的五个基本原则。当这些原则被一起应用时,它们使得一个程序员开发一个容易进行软件维护和扩展的系统变得更加可能。SOLID 所包含的原则是通过引发编程者进行软件源代码的代码重构进行软件的代码异味清扫,从而使得软件清晰可读以及可扩展时可以应用的指南。SOLID 被典型的应用在测试驱动开发上,并且是敏捷开发以及自适应软件开发的基本原则的重要组成部分。
参考: http://en.wikipedia.org/wiki/SOLID_(object-oriented_design)
- 代码可重用性。如果一块代码已经被使用超过一次,或者你希望将来使用它,请提取成一个方法。将重复的工作做成通用的方法放在相关的类中,这样一旦你完成别人就可以使用了。将常用功能开发成用户控件(并非指ASP.NET中的用户控件),这样可以跨项目重用它们。
参考:
- 代码一致性。比方说,Int32 写成 int,String 写成 string,应该在代码里保持统一形式。不能一会二写成 int 一会儿写成 Int32。
- 代码可读性。代码应该是可维护的,便于其他开发者理解。
参考: http://msdn.microsoft.com/en-IN/library/aa291591(v=vs.100).aspx
- 释放非托管资源,比如文件I/O,网络资源等。一旦使用结束就应该释放它们。如果你想一旦超出使用范围就自动释放对象,可以使用 using 将非托管代码括起来。
- 合理实现异常处理(try/catch 和 finally 块)和记录异常。
参考: http://msdn.microsoft.com/en-us/library/vstudio/ms229005(v=vs.100).aspx
- 确保代码中方法的行数不要过多,不超过 30 到 40 行。
- 及时用代码管理工具 check-in/check-out 代码。(比如 TFS)
参考: http://www.codeproject.com/Tips/593014/Steps-Check-in-Check-Out-Mechanism-for-TFS-To-avoi
- 相互审查代码。和你的同事交换代码,实现内部审查。
- 单元测试。编写开发测试用例完成单元测试,确保代码被送到 QA 以前,基本测试完成。
- 尽量避免 for/foreach 循环嵌套和 if 条件嵌套。Avoid nested for/foreach loops and nested
if
conditions as much as possible. - 如果代码只会使用一次,请使用匿名类型。Use anonymous types if code is going to be used only once.
参考: http://msdn.microsoft.com/en-us/library/vstudio/bb397696.aspx
- 尽量使用 LINQ 查询和 Lambda 表达式,增加可读性。Try using LINQ queries and Lambda expressions to improve Readability.
- 合理使用 var、object 和 dynamic 关键字。由于很多开发者会感到困惑或者知道的很少,会觉得它们有些相似,故而交换使用,这是要避免的。Proper usage of
var
,object
, anddynamic
keywords. They have some similarities due to which most of the developers are confused or don’t know much about them and hence they use them interchangeably, which shouldn't be the case. - 使用访问限定符(private, public, protected, internal, protected internal)限定每个方法、类或变量的需要范围。比方说如果一个类只会在程序集内使用,那么定义成 internal 就足够了。Use access specifiers (private, public, protected, internal, protected internal) as per the scope need of a method, a class, or a variable. Let's say if a class is meant to be used only within the assembly, then it is enough to mark the class as internal only.
- 在需要保持解耦的地方使用接口,有些设计模式的出现也是由于接口的使用。Use interfaces wherever needed to maintain decoupling. Some design patterns came into existence due to the usage of interfaces.
参考: http://msdn.microsoft.com/en-IN/library/3b5b8ezk(v=vs.100).aspx
- 按照用法和需要将类定义为 sealed、static 或 abstract。Mark a class as
sealed
orstatic
orabstract
as per its usage and your need.参考: http://msdn.microsoft.com/en-us/library/ms173150(v=vs.100).aspx
- 如果需要多次串联,请使用 Stringbuilder 代替 string,这可以节省堆内存。Use a
Stringbuilder
instead ofstring
if multiple concatenations are required, to save heap memory. - 检查是否有不可能执行的代码,如果有,请修改。Check whether any unreachable code exists and modify the code if it exists.
- 在每个方法前注释,说明它的用法、输入类型和返回值类型信息。Write comments on top of all methods to describe their usage and expected input types and return type information.
- 使用类似 Silverlight Spy 的工具,检查和操控 Silverlight 应用在运行时对 XMAL 的渲染,以此来改善效率。这可以在设计执行 XAML 时,节省大量退回和来回修改的时间。Use a tool like Silverlight Spy to check and manipulate rendered XAML in Runtime of a Silverlight application to improve productivity. This saves lot of back & forth time between Design & Run views of the XAML.
- 使用 filddler 工具通过检查 HTTP/网络流量和带宽,来跟踪 web 应用和服务的性能。Use fiddler tool to check the HTTP/network traffic and bandwidth information to trace the performance of web application and services.
- 如果你想确认 Visual Studio 以外的方法,请使用 WCFTestClient.exe 工具,或者装载它的进程到 Visual Studio 来进行调试。Use WCFTestClient.exe tool if you want to verify the service methods out of the Visual Studio or by attaching its process to Visual Studio for debugging purposes.
- 在任何合理的地方使用 constants 和 readonly。Use constants and readonly wherever applicable.
参考:
- 尽量避免强制转换和类型转换,因为会造成性能损失。Avoid type casting and type conversions as much as possible; because it is a performance penalty.
- 对于你想提供自定义信息的类,请重载 ToString (来自 Object 类)。Override
ToString
(fromObject
class) method for the types which you want to provide with custom information.参考: http://msdn.microsoft.com/en-us/library/ms173154(v=vs.100).aspx
- 避免直接从其他代码中 ctrl+c/ctrl+v。一直建议还是自己用手敲,即使你已经找到相关代码。这样可以锻炼自己写代码能力,还能正确理解那段代码的用法。最终你永远都不会忘记那段代码。Avoid straightaway copy/pasting of code from other sources. It is always recommended to hand write the code even though if you are referring to the code from some sources. By this, you will get good practice of writing the code yourself and also you will understand the proper usage of that code; finally you will never forget it.
- 保持阅读书籍和文章的良好习惯,遵循大神们的实践指导。(比如微软专家和一些著名的专家,Martin Fowler, Kent Beck, Jeffrey Ritcher, Ward Cunningham, Scott Hanselman, Scott Guthrie, Donald E Knuth.)Always make it a practice to read books/articles, upgrade and follow the Best Practices and Guidelines by industry experts like Microsoft experts and well-known authors like Martin Fowler, Kent Beck, Jeffrey Ritcher, Ward Cunningham, Scott Hanselman, Scott Guthrie, Donald E Knuth.
- 确认代码是否有内存泄漏。如果有,请确保已修正。Verify whether your code have any memory leakages. If yes, make sure that they have been fixed.
Refer: http://blogs.msdn.com/b/davidklinems/archive/2005/11/16/493580.aspx
- 尽可能参加专家们组织的技术研讨会,可以接触到最新的软件趋势、技术和最佳实践。Try attending technical seminars by experts to be in touch with the latest software trends and technologies and best practices.
- 要透彻理解 OOP 概念,并尽可能在代码里实现。Understand thoroughly the OOPs concepts and try implementing it in your code.
- 知道项目设计架构,可以从整体上理解程序的执行流程。Get to know about your project design and architecture to better understand the flow of your application as a whole.
- 采取必要措施阻止避免任何交叉脚本攻击、SQL 注入和其他安全漏洞。Take necessary steps to block and avoid any cross scripting attacks, SQL injection, and other security holes.
- 永远记得将保密和敏感信息加密(通过使用好的加密算法),比如保存到数据库的密码和保存在 web.config 文件中的连接字符,要避免被非认证的用户操纵。Always encrypt (by using good encryption algorithms) secret/sensitive information like passwords while saving to database and connection strings stored in web.config file(s) to avoid manipulation by unauthorized users.
- 避免对已知类型(原始类型)使用默认关键字,比如 int, decimal, bool 等。多数情况下,如果不确定是值类型还是引用类型,就使用泛型类型(T)。Avoid using
default
keyword for the known types (primitive types) likeint
,decimal
,bool
, etc. Most of the times, it should be used in case of Generic types (T
) as we may not be sure whether the type is a value type or reference type.参考: http://msdn.microsoft.com/en-us/library/xwth0h0d(v=vs.100).aspx
-
微软(在代码分析条例和指导中)并不推荐使用’out’和’ref’,这些关键字是通过引用传参,请注意,’ref’参数在传入被调用方法之前,应当在调用方法中先初始化,但’out’参数就不是这样。Usage of '
out
' and 'ref
' keywords be avoided as recommended by Microsoft (in the Code analysis Rules and guidelines). These keywords are used to pass parameters by reference. Note that 'ref
' parameter should be initialized in the calling method before passing to the called method but for 'out
' parameter this is not mandatory.参考: http://msdn.microsoft.com/en-us/library/ms182131(v=vs.100).aspx
引用: http://www.codeproject.com/Articles/593751/Code-Review-Checklist-and-Guidelines-for-Csharp-De