A
auratius
http://www.auratius.co.za/CSharpCodingStandards.html
Complete CSharp Coding Standards
1. Naming Conventions and Styles
2. Coding Practices
3. Project Settings and Project Structure
4. Framework-Specific Guidelines
Naming Conventions and Styles
Use Pascal casing for type and method names and constants:
public class SomeClass
{
const int DefaultSize = 100;
public SomeMethod( )
{}
}
Use camel casing for local variable names and method arguments:
int number;
void MyMethod(int someNumber)
{}
Prefix interface names with I:
interface IMyInterface
{..}
Prefix private member variables with m_.
Suffix custom attribute classes with Attribute.
Suffix custom exception classes with Exception.
Name methods using verb/object pairs, such as ShowDialog( ).
Methods with return values should have names describing the values
returned, such as GetObjectState( ).
Use descriptive variable names.
Avoid single-character variable names, such as i or t. Use index or
temp instead.
Avoid using Hungarian notation for public or protected members.
Avoid abbreviating words (such as num instead of number).
Always use C# predefined types, rather than the aliases in the System
namespace. For example:
object NOT Object
string NOT String
intNOT Int32
With generics, use capital letters for types. Reserve suffixing Type
for when dealing with the .NET type Type:
//Correct:
public class LinkedList<K,T>
{...}
//Avoid:
public class LinkedList<KeyType,DataType>
{...}
Use meaningful namespace names, such as the product name or the
company name.
Avoid fully qualified type names. Use the using statement instead.
Avoid putting a using statement inside a namespace.
Group all framework namespaces together and put custom or third-party
namespaces underneath:
using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using MyCompany;
using MyControls;
Use delegate inference instead of explicit delegate instantiation:
delegate void SomeDelegate( );
public void SomeMethod( )
{...}
SomeDelegate someDelegate = SomeMethod;
Maintain strict indentation. Do not use tabs or nonstandard
indentation, such as one space. Recommended values are three or four
spaces.
Indent comments at the same level of indentation as the code that you
are documenting.
All comments should pass spellchecking. Misspelled comments indicate
sloppy development.
All member variables should be declared at the top, with one line
separating them from the properties or methods:
public class MyClass
{
int m_Number; string m_Name;
public void SomeMethod1( )
{}
public void SomeMethod2( )
{}
}
Declare a local variable as close as possible to its first use.
A filename should reflect the class it contains.
When using partial types and allocating a part per file, name each
file after the logical part that part plays. For example:
//In MyClass.cs
public partial class MyClass
{...}
//In MyClass.Designer.cs
public partial class MyClass
{...}
Always place an open curly brace ({) in a new line.
With anonymous methods, mimic the code layout of a regular method,
aligned with the anonymous delegate declaration (this complies with
placing an open curly brace in a new line):
delegate void SomeDelegate(string someString);
//Correct:
public void InvokeMethod( )
{
SomeDelegate someDelegate = delegate(string name)
{
MessageBox.Show(name);
};
someDelegate("Juval");
}
//Avoid
public void InvokeMethod( )
{
SomeDelegate someDelegate = delegate(string name)
{MessageBox.Show(name);};
someDelegate("Juval");
}
Use empty parentheses on parameter-less anonymous methods. Omit the
parentheses only if the anonymous method could have been used on any
delegate:
delegate void SomeDelegate( );
//Correct
SomeDelegate someDelegate1 = delegate( )
{
MessageBox.Show("Hello");
};
//Avoid
SomeDelegate someDelegate1 = delegate
{
MessageBox.Show("Hello");
};
Coding Practices
Avoid putting multiple classes in a single file.
A single file should contribute types to only a single namespace.
Avoid having multiple namespaces in the same file.
Avoid files with more than 500 lines (excluding machine-generated
code).
Avoid methods with more than 25 lines.
Avoid methods with more than five arguments. Use structures for
passing multiple arguments.
Lines should not exceed 80 characters.
Do not manually edit any machine-generated code.
If modifying machine-generated code, modify the format and style to
match this coding standard.
Use partial classes whenever possible to factor out the maintained
portions.
Avoid comments that explain the obvious. Code should be self-
explanatory. Good code with readable variable and method names should
not require comments.
Document only operational assumptions, algorithm insights, and so on.
Avoid method-level documentation.
Use extensive external documentation for API documentation.
Use method-level comments only as tool tips for other developers.
With the exception of zero and one, never hardcode a numeric value;
always declare a constant instead.
Use the const directive only on natural constants, such as the number
of days of the week.
Avoid using const on read-only variables. For that, use the readonly
directive:
public class MyClass
{
public const int DaysInWeek = 7;
public readonlyint Number;
public MyClass(int someValue)
{
Number = someValue;
}
}
Assert every assumption. On average, every fifth line is an assertion:
using System.Diagnostics;
object GetObject( )
{...}
object someObject = GetObject( );
Debug.Assert(someObject != null);
Every line of code should be walked through in a "white box" testing
manner.
Catch only exceptions for which you have explicit handling.
In a catch statement that throws an exception, always throw the
original exception (or another exception constructed from the original
exception) to maintain the stack location of the original error:
catch(Exception exception)
{
MessageBox.Show(exception.Message);
throw; //Same as throw exception;
}
Avoid error code as method return values.
Avoid defining custom exception classes.
When defining custom exceptions:
Derive the custom exception from Exception.
Provide custom serialization.
Avoid multiple Main( ) methods in a single assembly.
Make only the most necessary types public; mark others as internal.
Avoid friend assemblies, as they increase interassembly coupling.
Avoid code that relies on an assembly running from a particular
location.
Minimize code in application assemblies (i.e., EXE client assemblies).
Use class libraries instead to contain business logic.
Avoid providing explicit values for enums:
//Correct
public enum Color
{
Red,Green,Blue
}
//Avoid
public enum Color
{
Red = 1,Green = 2,Blue = 3
}
Avoid specifying a type for an enum:
//Avoid
public enum Color : long
{
Red,Green,Blue
}
Always use a curly brace scope in an if statement, even if it contains
a single statement.
Avoid using the trinary conditional operator.
Avoid function calls in Boolean conditional statements. Assign into
local variables and check on them:
bool IsEverythingOK( )
{...}
//Avoid:
if(IsEverythingOK( ))
{...}
//Correct:
bool ok = IsEverythingOK( );
if(ok)
{...}
Always use zero-based arrays.
Always explicitly initialize an array of reference types:
public class MyClass
{}
const int ArrraySize = 100;
MyClass[] array = new MyClass[ArrraySize];
for(int index = 0; index < array.Length; index++)
{
array[index] = new MyClass( );
}
Do not provide public or protected member variables. Use properties
instead.
Avoid using the new inheritance qualifier. Use override instead.
Always mark public and protected methods as virtual in a non-sealed
class.
Never use unsafe code, except when using interop.
Avoid explicit casting. Use the as operator to defensively cast to a
type:
Dog dog = new GermanShepherd( );
GermanShepherd shepherd = dog asGermanShepherd;
if(shepherd != null)
{...}
Always check a delegate for null before invoking it.
Do not provide public event member variables. Use event accessors
instead.
Avoid defining event-handling delegates. Use GenericEventHandler
instead.
Avoid raising events explicitly. Use EventsHelper to publish events
defensively.
Always use interfaces.
Classes and interfaces should have at least a 2:1 ratio of methods to
properties.
Avoid interfaces with one member.
Strive to have three to five members per interface.
Do not have more than 20 members per interface. The practical limit is
probably 12.
Avoid events as interface members.
When using abstract classes, offer an interface as well.
Expose interfaces on class hierarchies.
Prefer using explicit interface implementation.
Never assume a type supports an interface. Defensively query for that
interface:
SomeType obj1;
IMyInterface obj2;
/* Some code to initialize obj1, then: */
obj2 = obj1 as IMyInterface;
if(obj2 != null)
{
obj2.Method1( );
}
else
{
//Handle error in expected interface
}
Never hardcode strings that will be presented to end users. Use
resources instead.
Never hardcode strings that might change based on deployment, such as
connection strings.
Use String.Empty instead of "":
//Avoid
string name = "";
//Correct
string name = String.Empty;
When building a long string, use StringBuilder, not string.
Avoid providing methods on structures.
Parameterized constructors are encouraged.
You can overload operators.
Always provide a static constructor when providing static member
variables.
Do not use late-binding invocation when early binding is possible.
Use application logging and tracing.
Never use goto, except in a switch statement fall-through.
Always have a default case in a switch statement that asserts:
int number = SomeMethod( );
switch(number)
{
case 1:
Trace.WriteLine("Case 1:");
break;
case 2:
Trace.WriteLine("Case 2:");
break;
default:
Debug.Assert(false);
break;
}
Do not use the this reference unless invoking another constructor from
within a constructor:
//Example of proper use of 'this'
public class MyClass
{
public MyClass(string message)
{}
public MyClass( ) : this("Hello")
{}
}
Do not use the base word to access base class members unless you wish
to resolve a conflict with a subclass member of the same name or when
invoking a base class constructor:
//Example of proper use of 'base'
public class Dog
{
public Dog(string name)
{}
virtual public void Bark(int howLong)
{}
}
public class GermanShepherd : Dog
{
public GermanShepherd(string name) : base(name)
{}
override public void Bark(int howLong)
{
base.Bark(howLong);
}
}
Do not use GC.AddMemoryPressure( ).
Do not rely on HandleCollector.
Implement Dispose( ) and Finalize( ) methods based on the template in
Examples.
Always run code unchecked by default (for the sake of performance),
but explicitly in checked mode for overflow- or underflow-prone
operations:
int CalcPower(int number,int power)
{
int result = 1;
for(int count = 1;count <= power;count++)
{
checked
{
result *= number;
}
}
return result;
}
Avoid explicit code exclusion of method calls (#if...#endif). Use
conditional methods instead:
public class MyClass
{
[Conditional("MySpecialCondition")]
public void MyMethod( )
{}
}
Avoid casting to and from System.Object in code that uses generics.
Use constraints or the as operator instead:
class SomeClass
{}
//Avoid:
class MyClass<T>
{
void SomeMethod(T t)
{
object temp = t;
SomeClass obj = (SomeClass)temp;
}
}
//Correct:
class MyClass<T> where T : SomeClass
{
void SomeMethod(T t)
{
SomeClass obj = t;
}
}
Do not define constraints in generic interfaces. Interface-level
constraints can often be replaced by strong typing:
public class Customer
{...}
//Avoid:
public interface IList<T> where T : Customer
{...}
//Correct:
public interface ICustomerList : IList<Customer>
{...}
Do not define method-specific constraints in interfaces.
If a class or a method offers both generic and non-generic flavors,
always prefer using the generics flavor.
When implementing a generic interface that derived from an equivalent
non-generic interface (such as IEnumerable<T>), use explicit interface
implementation on all methods, and implement the non-generic methods
by delegating to the generic ones:
class MyCollection<T> : IEnumerable<T>
{
IEnumerator<T> IEnumerable<T>.GetEnumerator()
{...}
IEnumerator IEnumerable.GetEnumerator()
{
IEnumerable<T> enumerable = this;
return enumerable.GetEnumerator();
}
}
Project Settings and Project Structure
Always build your projects with Warning Level 4 (see Figure E-1).
Treat warnings as errors in the Release build (note that this is not
the default of Visual Studio). Although it is optional, this standard
recommends treating warnings as errors in Debug builds as well.
Avoid suppressing specific compiler warnings.
Always explicitly state your supported runtime versions in the
application configuration file:
<?xml version="1.0"?>
<configuration>
<startup>
<supportedRuntime version="v2.0.5500.0"/>
<supportedRuntime version="v1.1.5000.0"/>
</startup>
</configuration>
Figure E-1. The project Build pane
Avoid explicit custom version redirection and binding to CLR
assemblies.
Avoid explicit preprocessor definitions (#define). Use the project
settings for defining conditional compilation constants.
Do not put any logic inside AssemblyInfo.cs.
Do not put any assembly attributes in any file other than
AssemblyInfo.cs.
Populate all fields in AssemblyInfo.cs, such as company name,
description, and copyright notice.
All assembly references should use relative paths.
Disallow cyclic references between assemblies.
Avoid multi-module assemblies.
Avoid tampering with exception handling using the Exception window
(Debug -> Exceptions).
Strive to use uniform version numbers on all assemblies and clients in
the same logical application (typically, a solution). Use the
SolutionInfo.cs technique from Examples to automate.
Name your Visual Studio 2005 application configuration file
App.config, and include it in the project.
Modify the Visual Studio 2005 default project structure to your
project's standard layout, and apply a uniform structure for project
folders and files.
A release build should contain debug symbols (see Figure E-2).
Figure E-2. The Advanced Build Settings dialog
Always sign your assemblies, including the client applications.
Use password-protected keys.
Framework-Specific Guidelines
Multithreading
Use synchronization domains. Avoid manual synchronization, because
that often leads to deadlocks and race conditions.
Never call outside your synchronization domain.
Manage asynchronous call completion on a callback method. Do not wait,
poll, or block for completion.
Always name your threads:
Thread currentThread = Thread.CurrentThread;
string threadName = "Main UI Thread";
currentThread.Name = threadName;
The name is traced in the debugger Threads window, making debug
sessions more productive.
Do not call Suspend( ) or Resume( ) on a thread.
Do not call Thread.Sleep( ), except in the following conditions:
Thread.Sleep(0) is an acceptable optimization technique to force a
context switch.
Thread.Sleep( ) is acceptable in testing or simulation code.
Do not call THRead.SpinWait( ).
Do not call Thread.Abort( ) to terminate threads. Use a
synchronization object instead to signal the thread to terminate.
Avoid explicitly setting the thread priority to control execution. You
can set the thread priority based on task semantics (such as
ThreadPriority.BelowNormal for a screensaver).
Do not read the value of the ThreadState property. Use
Thread.IsAlive( ) to determine whether the thread is dead or alive.
Do not rely on setting the thread type to background thread for
application shutdown. Use a watchdog or other monitoring entity to
deterministically kill threads.
Do not use the thread local storage unless thread affinity is
guaranteed.
Do not call Thread.MemoryBarrier( ).
Never call Thread.Join( ) without checking that you are not joining
your own thread:
void WaitForThreadToDie(Thread thread)
{
Debug.Assert(Thread.CurrentThread.ManagedThreadId !=
thread.ManagedThreadId);
thread.Join( );
}
Always use the lock( ) statement rather than explicit Monitor
manipulation.
Always encapsulate the lock( ) statement inside the object it
protects:
public class MyClass
{
public void DoSomething( )
{
lock(this)
{...}
}
}
You can use synchronized methods instead of writing the lock( )
statement yourself.
Avoid fragmented locking.
Avoid using a Monitor to wait or pulse objects. Use manual or auto-
reset events instead.
Do not use volatile variables. Lock your object or fields instead to
guarantee deterministic and thread-safe access. Do not use
THRead.VolatileRead( ), Thread.VolatileWrite( ), or the volatile
modifier.
Avoid increasing the maximum number of threads in the thread pool.
Never stack lock( ) statements, because that does not provide atomic
locking:
MyClass obj1 = new MyClass( );
MyClass obj2 = new MyClass( );
MyClass obj3 = new MyClass( );
//Do not stack lock statements
lock(obj1)
lock(obj2)
lock(obj3)
{
obj1.DoSomething( );
obj2.DoSomething( );
obj3.DoSomething( );
}
Use WaitHandle.WaitAll( ) instead.
Serialization
Prefer the binary formatter.
Mark serialization event-handling methods as private.
Use the generic IGenericFormatter interface.
Always mark non-sealed classes as serializable.
When implementing IDeserializationCallback on a non-sealed class, make
sure to do so in a way that allows subclasses to call the base class
implementation of OnDeserialization( ).
Always mark unserializable member variables as non-serializable.
Always mark delegates on a serialized class as non-serializable
fields:
[Serializable]
public class MyClass
{
[field:NonSerialized]
public event EventHandler MyEvent;
}
Remoting
Prefer administrative configuration to programmatic configuration.
Always implement IDisposable on single-call objects.
Always prefer a TCP channel and a binary format when using remoting,
unless a firewall is present.
Always provide a null lease for a singleton object:
public class MySingleton : MarshalByRefObject
{
public override object InitializeLifetimeService( )
{
return null;
}
}
Always provide a sponsor for a client-activated object. The sponsor
should return the initial lease time.
Always unregister the sponsor on client application shutdown.
Always put remote objects in class libraries.
Avoid using SoapSuds.exe.
Avoid hosting in IIS.
Avoid using uni-directional channels.
Always load a remoting configuration file in Main( ), even if the file
is empty and the application does not use remoting:
static void Main( )
{
RemotingConfigurationEx.Configure( );
/* Rest of Main( ) */
}
Avoid using Activator.GetObject( ) and Activator.CreateInstance( ) for
remote object activation. Use new instead.
Always register port 0 on the client side, to allow callbacks.
Always elevate type filtering to Full on both client and host, to
allow callbacks.
Security
Always demand your own strong name on assemblies and components that
are private to the application, but are public (so that only you can
use them):
public class PublicKeys
{
public const string MyCompany =
"1234567894800000940000000602000000240000"+
"52534131000400000100010007D1FA57C4AED9F0"+
"A32E84AA0FAEFD0DE9E8FD6AEC8F87FB03766C83"+
"4C99921EB23BE79AD9D5DCC1DD9AD23613210290"+
"0B723CF980957FC4E177108FC607774F29E8320E"+
"92EA05ECE4E821C0A5EFE8F1645C4C0C93C1AB99"+
"285D622CAA652C1DFAD63D745D6F2DE5F17E5EAF"+
"0FC4963D261C8A12436518206DC093344D5AD293";
}
[StrongNameIdentityPermission(SecurityAction.LinkDemand,
PublicKey = PublicKeys.MyCompany)]
public class MyClass
{...}
Apply encryption and security protection on application configuration
files.
When importing an interop method, assert unmanaged code permission and
demand appropriate permission instead:
[DllImport("user32",EntryPoint="MessageBoxA")]
private static extern int Show(IntPtr handle,string text,string
caption,
int msgType);
[SecurityPermission(SecurityAction.Assert,UnmanagedCode = true)]
[UIPermission(SecurityAction.Demand,
Window =
UIPermissionWindow.SafeTopLevelWindows)]
public static void Show(string text,string caption)
{
Show(IntPtr.Zero,text,caption,0);
}
Do not suppress unmanaged code access via the
SuppressUnmanagedCodeSecurity attribute.
Do not use the /unsafe switch of TlbImp.exe. Wrap the RCW in managed
code so that you can assert and demand permissions declaratively on
the wrapper.
On server machines, deploy a code access security policy that grants
only Microsoft, ECMA, and self (identified by a strong name) full
trust. Code originating from anywhere else is implicitly granted
nothing.
On client machines, deploy a security policy that grants client
application only the permissions to execute, to call back the server,
and to potentially display user interface. When not using ClickOnce,
client application should be identified by a strong name in the code
groups.
To counter a luring attack, always refuse at the assembly level all
permissions not required to perform the task at hand:
[assembly:UIPermission(SecurityAction.RequestRefuse,
Window=UIPermissionWindow.AllWindows)]
Always set the principal policy in every Main( ) method to Windows:
public class MyClass
{
static void Main( )
{
AppDomain currentDomain = AppDomain.CurrentDomain;
currentDomain.SetPrincipalPolicy(PrincipalPolicy.WindowsPrincipal);
}
//other methods
}
Never assert a permission without demanding a different permission in
its place.
For more information goto
http://www.auratius.co.za
Regards
Auratius
Complete CSharp Coding Standards
1. Naming Conventions and Styles
2. Coding Practices
3. Project Settings and Project Structure
4. Framework-Specific Guidelines
Naming Conventions and Styles
Use Pascal casing for type and method names and constants:
public class SomeClass
{
const int DefaultSize = 100;
public SomeMethod( )
{}
}
Use camel casing for local variable names and method arguments:
int number;
void MyMethod(int someNumber)
{}
Prefix interface names with I:
interface IMyInterface
{..}
Prefix private member variables with m_.
Suffix custom attribute classes with Attribute.
Suffix custom exception classes with Exception.
Name methods using verb/object pairs, such as ShowDialog( ).
Methods with return values should have names describing the values
returned, such as GetObjectState( ).
Use descriptive variable names.
Avoid single-character variable names, such as i or t. Use index or
temp instead.
Avoid using Hungarian notation for public or protected members.
Avoid abbreviating words (such as num instead of number).
Always use C# predefined types, rather than the aliases in the System
namespace. For example:
object NOT Object
string NOT String
intNOT Int32
With generics, use capital letters for types. Reserve suffixing Type
for when dealing with the .NET type Type:
//Correct:
public class LinkedList<K,T>
{...}
//Avoid:
public class LinkedList<KeyType,DataType>
{...}
Use meaningful namespace names, such as the product name or the
company name.
Avoid fully qualified type names. Use the using statement instead.
Avoid putting a using statement inside a namespace.
Group all framework namespaces together and put custom or third-party
namespaces underneath:
using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using MyCompany;
using MyControls;
Use delegate inference instead of explicit delegate instantiation:
delegate void SomeDelegate( );
public void SomeMethod( )
{...}
SomeDelegate someDelegate = SomeMethod;
Maintain strict indentation. Do not use tabs or nonstandard
indentation, such as one space. Recommended values are three or four
spaces.
Indent comments at the same level of indentation as the code that you
are documenting.
All comments should pass spellchecking. Misspelled comments indicate
sloppy development.
All member variables should be declared at the top, with one line
separating them from the properties or methods:
public class MyClass
{
int m_Number; string m_Name;
public void SomeMethod1( )
{}
public void SomeMethod2( )
{}
}
Declare a local variable as close as possible to its first use.
A filename should reflect the class it contains.
When using partial types and allocating a part per file, name each
file after the logical part that part plays. For example:
//In MyClass.cs
public partial class MyClass
{...}
//In MyClass.Designer.cs
public partial class MyClass
{...}
Always place an open curly brace ({) in a new line.
With anonymous methods, mimic the code layout of a regular method,
aligned with the anonymous delegate declaration (this complies with
placing an open curly brace in a new line):
delegate void SomeDelegate(string someString);
//Correct:
public void InvokeMethod( )
{
SomeDelegate someDelegate = delegate(string name)
{
MessageBox.Show(name);
};
someDelegate("Juval");
}
//Avoid
public void InvokeMethod( )
{
SomeDelegate someDelegate = delegate(string name)
{MessageBox.Show(name);};
someDelegate("Juval");
}
Use empty parentheses on parameter-less anonymous methods. Omit the
parentheses only if the anonymous method could have been used on any
delegate:
delegate void SomeDelegate( );
//Correct
SomeDelegate someDelegate1 = delegate( )
{
MessageBox.Show("Hello");
};
//Avoid
SomeDelegate someDelegate1 = delegate
{
MessageBox.Show("Hello");
};
Coding Practices
Avoid putting multiple classes in a single file.
A single file should contribute types to only a single namespace.
Avoid having multiple namespaces in the same file.
Avoid files with more than 500 lines (excluding machine-generated
code).
Avoid methods with more than 25 lines.
Avoid methods with more than five arguments. Use structures for
passing multiple arguments.
Lines should not exceed 80 characters.
Do not manually edit any machine-generated code.
If modifying machine-generated code, modify the format and style to
match this coding standard.
Use partial classes whenever possible to factor out the maintained
portions.
Avoid comments that explain the obvious. Code should be self-
explanatory. Good code with readable variable and method names should
not require comments.
Document only operational assumptions, algorithm insights, and so on.
Avoid method-level documentation.
Use extensive external documentation for API documentation.
Use method-level comments only as tool tips for other developers.
With the exception of zero and one, never hardcode a numeric value;
always declare a constant instead.
Use the const directive only on natural constants, such as the number
of days of the week.
Avoid using const on read-only variables. For that, use the readonly
directive:
public class MyClass
{
public const int DaysInWeek = 7;
public readonlyint Number;
public MyClass(int someValue)
{
Number = someValue;
}
}
Assert every assumption. On average, every fifth line is an assertion:
using System.Diagnostics;
object GetObject( )
{...}
object someObject = GetObject( );
Debug.Assert(someObject != null);
Every line of code should be walked through in a "white box" testing
manner.
Catch only exceptions for which you have explicit handling.
In a catch statement that throws an exception, always throw the
original exception (or another exception constructed from the original
exception) to maintain the stack location of the original error:
catch(Exception exception)
{
MessageBox.Show(exception.Message);
throw; //Same as throw exception;
}
Avoid error code as method return values.
Avoid defining custom exception classes.
When defining custom exceptions:
Derive the custom exception from Exception.
Provide custom serialization.
Avoid multiple Main( ) methods in a single assembly.
Make only the most necessary types public; mark others as internal.
Avoid friend assemblies, as they increase interassembly coupling.
Avoid code that relies on an assembly running from a particular
location.
Minimize code in application assemblies (i.e., EXE client assemblies).
Use class libraries instead to contain business logic.
Avoid providing explicit values for enums:
//Correct
public enum Color
{
Red,Green,Blue
}
//Avoid
public enum Color
{
Red = 1,Green = 2,Blue = 3
}
Avoid specifying a type for an enum:
//Avoid
public enum Color : long
{
Red,Green,Blue
}
Always use a curly brace scope in an if statement, even if it contains
a single statement.
Avoid using the trinary conditional operator.
Avoid function calls in Boolean conditional statements. Assign into
local variables and check on them:
bool IsEverythingOK( )
{...}
//Avoid:
if(IsEverythingOK( ))
{...}
//Correct:
bool ok = IsEverythingOK( );
if(ok)
{...}
Always use zero-based arrays.
Always explicitly initialize an array of reference types:
public class MyClass
{}
const int ArrraySize = 100;
MyClass[] array = new MyClass[ArrraySize];
for(int index = 0; index < array.Length; index++)
{
array[index] = new MyClass( );
}
Do not provide public or protected member variables. Use properties
instead.
Avoid using the new inheritance qualifier. Use override instead.
Always mark public and protected methods as virtual in a non-sealed
class.
Never use unsafe code, except when using interop.
Avoid explicit casting. Use the as operator to defensively cast to a
type:
Dog dog = new GermanShepherd( );
GermanShepherd shepherd = dog asGermanShepherd;
if(shepherd != null)
{...}
Always check a delegate for null before invoking it.
Do not provide public event member variables. Use event accessors
instead.
Avoid defining event-handling delegates. Use GenericEventHandler
instead.
Avoid raising events explicitly. Use EventsHelper to publish events
defensively.
Always use interfaces.
Classes and interfaces should have at least a 2:1 ratio of methods to
properties.
Avoid interfaces with one member.
Strive to have three to five members per interface.
Do not have more than 20 members per interface. The practical limit is
probably 12.
Avoid events as interface members.
When using abstract classes, offer an interface as well.
Expose interfaces on class hierarchies.
Prefer using explicit interface implementation.
Never assume a type supports an interface. Defensively query for that
interface:
SomeType obj1;
IMyInterface obj2;
/* Some code to initialize obj1, then: */
obj2 = obj1 as IMyInterface;
if(obj2 != null)
{
obj2.Method1( );
}
else
{
//Handle error in expected interface
}
Never hardcode strings that will be presented to end users. Use
resources instead.
Never hardcode strings that might change based on deployment, such as
connection strings.
Use String.Empty instead of "":
//Avoid
string name = "";
//Correct
string name = String.Empty;
When building a long string, use StringBuilder, not string.
Avoid providing methods on structures.
Parameterized constructors are encouraged.
You can overload operators.
Always provide a static constructor when providing static member
variables.
Do not use late-binding invocation when early binding is possible.
Use application logging and tracing.
Never use goto, except in a switch statement fall-through.
Always have a default case in a switch statement that asserts:
int number = SomeMethod( );
switch(number)
{
case 1:
Trace.WriteLine("Case 1:");
break;
case 2:
Trace.WriteLine("Case 2:");
break;
default:
Debug.Assert(false);
break;
}
Do not use the this reference unless invoking another constructor from
within a constructor:
//Example of proper use of 'this'
public class MyClass
{
public MyClass(string message)
{}
public MyClass( ) : this("Hello")
{}
}
Do not use the base word to access base class members unless you wish
to resolve a conflict with a subclass member of the same name or when
invoking a base class constructor:
//Example of proper use of 'base'
public class Dog
{
public Dog(string name)
{}
virtual public void Bark(int howLong)
{}
}
public class GermanShepherd : Dog
{
public GermanShepherd(string name) : base(name)
{}
override public void Bark(int howLong)
{
base.Bark(howLong);
}
}
Do not use GC.AddMemoryPressure( ).
Do not rely on HandleCollector.
Implement Dispose( ) and Finalize( ) methods based on the template in
Examples.
Always run code unchecked by default (for the sake of performance),
but explicitly in checked mode for overflow- or underflow-prone
operations:
int CalcPower(int number,int power)
{
int result = 1;
for(int count = 1;count <= power;count++)
{
checked
{
result *= number;
}
}
return result;
}
Avoid explicit code exclusion of method calls (#if...#endif). Use
conditional methods instead:
public class MyClass
{
[Conditional("MySpecialCondition")]
public void MyMethod( )
{}
}
Avoid casting to and from System.Object in code that uses generics.
Use constraints or the as operator instead:
class SomeClass
{}
//Avoid:
class MyClass<T>
{
void SomeMethod(T t)
{
object temp = t;
SomeClass obj = (SomeClass)temp;
}
}
//Correct:
class MyClass<T> where T : SomeClass
{
void SomeMethod(T t)
{
SomeClass obj = t;
}
}
Do not define constraints in generic interfaces. Interface-level
constraints can often be replaced by strong typing:
public class Customer
{...}
//Avoid:
public interface IList<T> where T : Customer
{...}
//Correct:
public interface ICustomerList : IList<Customer>
{...}
Do not define method-specific constraints in interfaces.
If a class or a method offers both generic and non-generic flavors,
always prefer using the generics flavor.
When implementing a generic interface that derived from an equivalent
non-generic interface (such as IEnumerable<T>), use explicit interface
implementation on all methods, and implement the non-generic methods
by delegating to the generic ones:
class MyCollection<T> : IEnumerable<T>
{
IEnumerator<T> IEnumerable<T>.GetEnumerator()
{...}
IEnumerator IEnumerable.GetEnumerator()
{
IEnumerable<T> enumerable = this;
return enumerable.GetEnumerator();
}
}
Project Settings and Project Structure
Always build your projects with Warning Level 4 (see Figure E-1).
Treat warnings as errors in the Release build (note that this is not
the default of Visual Studio). Although it is optional, this standard
recommends treating warnings as errors in Debug builds as well.
Avoid suppressing specific compiler warnings.
Always explicitly state your supported runtime versions in the
application configuration file:
<?xml version="1.0"?>
<configuration>
<startup>
<supportedRuntime version="v2.0.5500.0"/>
<supportedRuntime version="v1.1.5000.0"/>
</startup>
</configuration>
Figure E-1. The project Build pane
Avoid explicit custom version redirection and binding to CLR
assemblies.
Avoid explicit preprocessor definitions (#define). Use the project
settings for defining conditional compilation constants.
Do not put any logic inside AssemblyInfo.cs.
Do not put any assembly attributes in any file other than
AssemblyInfo.cs.
Populate all fields in AssemblyInfo.cs, such as company name,
description, and copyright notice.
All assembly references should use relative paths.
Disallow cyclic references between assemblies.
Avoid multi-module assemblies.
Avoid tampering with exception handling using the Exception window
(Debug -> Exceptions).
Strive to use uniform version numbers on all assemblies and clients in
the same logical application (typically, a solution). Use the
SolutionInfo.cs technique from Examples to automate.
Name your Visual Studio 2005 application configuration file
App.config, and include it in the project.
Modify the Visual Studio 2005 default project structure to your
project's standard layout, and apply a uniform structure for project
folders and files.
A release build should contain debug symbols (see Figure E-2).
Figure E-2. The Advanced Build Settings dialog
Always sign your assemblies, including the client applications.
Use password-protected keys.
Framework-Specific Guidelines
Multithreading
Use synchronization domains. Avoid manual synchronization, because
that often leads to deadlocks and race conditions.
Never call outside your synchronization domain.
Manage asynchronous call completion on a callback method. Do not wait,
poll, or block for completion.
Always name your threads:
Thread currentThread = Thread.CurrentThread;
string threadName = "Main UI Thread";
currentThread.Name = threadName;
The name is traced in the debugger Threads window, making debug
sessions more productive.
Do not call Suspend( ) or Resume( ) on a thread.
Do not call Thread.Sleep( ), except in the following conditions:
Thread.Sleep(0) is an acceptable optimization technique to force a
context switch.
Thread.Sleep( ) is acceptable in testing or simulation code.
Do not call THRead.SpinWait( ).
Do not call Thread.Abort( ) to terminate threads. Use a
synchronization object instead to signal the thread to terminate.
Avoid explicitly setting the thread priority to control execution. You
can set the thread priority based on task semantics (such as
ThreadPriority.BelowNormal for a screensaver).
Do not read the value of the ThreadState property. Use
Thread.IsAlive( ) to determine whether the thread is dead or alive.
Do not rely on setting the thread type to background thread for
application shutdown. Use a watchdog or other monitoring entity to
deterministically kill threads.
Do not use the thread local storage unless thread affinity is
guaranteed.
Do not call Thread.MemoryBarrier( ).
Never call Thread.Join( ) without checking that you are not joining
your own thread:
void WaitForThreadToDie(Thread thread)
{
Debug.Assert(Thread.CurrentThread.ManagedThreadId !=
thread.ManagedThreadId);
thread.Join( );
}
Always use the lock( ) statement rather than explicit Monitor
manipulation.
Always encapsulate the lock( ) statement inside the object it
protects:
public class MyClass
{
public void DoSomething( )
{
lock(this)
{...}
}
}
You can use synchronized methods instead of writing the lock( )
statement yourself.
Avoid fragmented locking.
Avoid using a Monitor to wait or pulse objects. Use manual or auto-
reset events instead.
Do not use volatile variables. Lock your object or fields instead to
guarantee deterministic and thread-safe access. Do not use
THRead.VolatileRead( ), Thread.VolatileWrite( ), or the volatile
modifier.
Avoid increasing the maximum number of threads in the thread pool.
Never stack lock( ) statements, because that does not provide atomic
locking:
MyClass obj1 = new MyClass( );
MyClass obj2 = new MyClass( );
MyClass obj3 = new MyClass( );
//Do not stack lock statements
lock(obj1)
lock(obj2)
lock(obj3)
{
obj1.DoSomething( );
obj2.DoSomething( );
obj3.DoSomething( );
}
Use WaitHandle.WaitAll( ) instead.
Serialization
Prefer the binary formatter.
Mark serialization event-handling methods as private.
Use the generic IGenericFormatter interface.
Always mark non-sealed classes as serializable.
When implementing IDeserializationCallback on a non-sealed class, make
sure to do so in a way that allows subclasses to call the base class
implementation of OnDeserialization( ).
Always mark unserializable member variables as non-serializable.
Always mark delegates on a serialized class as non-serializable
fields:
[Serializable]
public class MyClass
{
[field:NonSerialized]
public event EventHandler MyEvent;
}
Remoting
Prefer administrative configuration to programmatic configuration.
Always implement IDisposable on single-call objects.
Always prefer a TCP channel and a binary format when using remoting,
unless a firewall is present.
Always provide a null lease for a singleton object:
public class MySingleton : MarshalByRefObject
{
public override object InitializeLifetimeService( )
{
return null;
}
}
Always provide a sponsor for a client-activated object. The sponsor
should return the initial lease time.
Always unregister the sponsor on client application shutdown.
Always put remote objects in class libraries.
Avoid using SoapSuds.exe.
Avoid hosting in IIS.
Avoid using uni-directional channels.
Always load a remoting configuration file in Main( ), even if the file
is empty and the application does not use remoting:
static void Main( )
{
RemotingConfigurationEx.Configure( );
/* Rest of Main( ) */
}
Avoid using Activator.GetObject( ) and Activator.CreateInstance( ) for
remote object activation. Use new instead.
Always register port 0 on the client side, to allow callbacks.
Always elevate type filtering to Full on both client and host, to
allow callbacks.
Security
Always demand your own strong name on assemblies and components that
are private to the application, but are public (so that only you can
use them):
public class PublicKeys
{
public const string MyCompany =
"1234567894800000940000000602000000240000"+
"52534131000400000100010007D1FA57C4AED9F0"+
"A32E84AA0FAEFD0DE9E8FD6AEC8F87FB03766C83"+
"4C99921EB23BE79AD9D5DCC1DD9AD23613210290"+
"0B723CF980957FC4E177108FC607774F29E8320E"+
"92EA05ECE4E821C0A5EFE8F1645C4C0C93C1AB99"+
"285D622CAA652C1DFAD63D745D6F2DE5F17E5EAF"+
"0FC4963D261C8A12436518206DC093344D5AD293";
}
[StrongNameIdentityPermission(SecurityAction.LinkDemand,
PublicKey = PublicKeys.MyCompany)]
public class MyClass
{...}
Apply encryption and security protection on application configuration
files.
When importing an interop method, assert unmanaged code permission and
demand appropriate permission instead:
[DllImport("user32",EntryPoint="MessageBoxA")]
private static extern int Show(IntPtr handle,string text,string
caption,
int msgType);
[SecurityPermission(SecurityAction.Assert,UnmanagedCode = true)]
[UIPermission(SecurityAction.Demand,
Window =
UIPermissionWindow.SafeTopLevelWindows)]
public static void Show(string text,string caption)
{
Show(IntPtr.Zero,text,caption,0);
}
Do not suppress unmanaged code access via the
SuppressUnmanagedCodeSecurity attribute.
Do not use the /unsafe switch of TlbImp.exe. Wrap the RCW in managed
code so that you can assert and demand permissions declaratively on
the wrapper.
On server machines, deploy a code access security policy that grants
only Microsoft, ECMA, and self (identified by a strong name) full
trust. Code originating from anywhere else is implicitly granted
nothing.
On client machines, deploy a security policy that grants client
application only the permissions to execute, to call back the server,
and to potentially display user interface. When not using ClickOnce,
client application should be identified by a strong name in the code
groups.
To counter a luring attack, always refuse at the assembly level all
permissions not required to perform the task at hand:
[assembly:UIPermission(SecurityAction.RequestRefuse,
Window=UIPermissionWindow.AllWindows)]
Always set the principal policy in every Main( ) method to Windows:
public class MyClass
{
static void Main( )
{
AppDomain currentDomain = AppDomain.CurrentDomain;
currentDomain.SetPrincipalPolicy(PrincipalPolicy.WindowsPrincipal);
}
//other methods
}
Never assert a permission without demanding a different permission in
its place.
For more information goto
http://www.auratius.co.za
Regards
Auratius