> > What did you like about the SEI rules you suggested? I’m wondering why > _that_ one versus all the others in the universe?
For me, the book The CERT Oracle Secure Coding Standard for Java is almost as essential as Effective Java in my library of Java books. As far I know, there are no other Coding Standards for Java that: a) have a living wiki and active community, b) a printed version available to purchase if you prefer a book over a free online wiki, c) contains really great content in a similar vein with similar quality as Effective Java. Why, do you know of another that you would recommend over this one? On Mon, Jun 24, 2019 at 2:45 PM Anthony Baker <aba...@pivotal.io> wrote: > What did you like about the SEI rules you suggested? I’m wondering why > _that_ one versus all the others in the universe? > > Anthony > > > > On Jun 24, 2019, at 2:15 PM, Kirk Lund <kl...@apache.org> wrote: > > > > Apache Geode has a Code Style Guide [1] which is currently defined as > > following the Google Java Style Guide [2]. This style guide is a good > > starting point, but it deals primarily with formatting of code and is a > > fairly dated and static document that doesn't evolve much. > > > > I'd like to propose that the Geode dev community adopt a Coding Standard > in > > addition to the Style Guide. Specifically, I believe that having our > > community follow the SEI CERT Coding Standard [3] for Java [4] would > > benefit us greatly. There are also Coding Standards for C and C++ that we > > could consider if we decide to use the one for Java. > > > > SEI CERT Coding Standards are completely documented on their wiki which > is > > open to having anyone join and become involved in their community. They > are > > also available in book form (including on amazon.com). > > > > From what I've studied, I believe the Coding Standard and Google Java > Style > > Guide will be compatible, but we could decide that the Coding Standard > > supersedes anything in the Google Java Style Guide that is directly in > > conflict just in case. > > > > I'm not proposing we rigidly and blindly follow this Coding Standard. We > > can extend or even supersede portions of the adopted Coding Standard with > > our own Addendum. The Coding Standard Addendum would exist on the Apache > > Geode Wiki to define Geode-specific rules or recommendations. What I'd > like > > to see happen is for us to use the SEI CERT Coding Standard for Java as a > > starting point for our own Coding Standard. The resulting Coding Standard > > for Geode can be as static or as living and evolving as we wish. > > > > The Coding Standard can then provide helpful guidance in how we reshape > > some of the Geode code base that is in greater need of refactoring. It > > would also help guide us from following poor examples in the current code > > base when introducing new code. > > > > [1] https://cwiki.apache.org/confluence/display/GEODE/Code+Style+Guide > > [2] https://google.github.io/styleguide/javaguide.html > > [3] > > > https://wiki.sei.cmu.edu/confluence/display/seccode/SEI+CERT+Coding+Standards > > [4] > > > https://wiki.sei.cmu.edu/confluence/display/java/SEI+CERT+Oracle+Coding+Standard+for+Java > >
