Getty Images/iStockphoto
How to choose coding standards: Development best practices
Learn how coding standards enhance quality and efficiency in software projects. Follow coding conventions and standards to achieve the five pillars of code quality.
Coding standards ensure understandable, updated code that contains minimal errors. They also strengthen collaboration and reduce technical debt.
Teams can opt to develop their own closed standards or rely on community-driven, language-specific standards. Depending on the industry, organizations might also need to satisfy specific standards that govern privacy and security.
Whichever standard the organization is bound to, it's critical that developers align on writing, reviewing, maintaining and documenting code for all projects. Teams should apply coding conventions and best practices in the application development process to achieve the pillars of code quality and develop consistent standards across projects.
What are coding standards, and why are they important?
Coding standards are rulesets, guidelines and best practices developers follow when writing applications. They play a critical role in successful development projects.
These standards improve code directly in several ways. They also facilitate adjacent practices such as collaboration, onboarding new team members and quality control. Coding standards strengthen a project as follows:
- Making code easier to read and understand, which leads to smoother developer onboarding, reduced technical debt and more efficient troubleshooting.
- Facilitating collaboration opportunities, with all participants operating under the same assumptions and guidelines.
- Improving long-term maintainability and scalability.
- Reducing the likelihood of bugs or errors by ensuring certain quality controls exist.
- Making code reviews more efficient.
The goal of coding standards is to help developers do their jobs, not to put roadblocks in front of them. Some developers might resist the initial adoption of standards, but they are crucial to the team's overall success. Coding standards are one sign of a mature development team and accompanying codebase.
Closed standards vs. open standards
Some organizations maintain an internal set of coding standards for their codebase. Organizations typically tailor these standards to their specific needs. The organization might even use specific standards for different teams or projects. Other development teams might rely on public standards maintained by a larger community.
- Closed standards. Proprietary standards a company tailors to its specific requirements. They might vary by project type or scope and might be department-specific. They are not freely available.
- Open standards. Publicly available guidelines often maintained by a specific community, such as the Python community at large.
A significant difference between closed and open standards has to do with the ways in which they change. Public contributors maintain open standards, making them more dynamic and subject to evolving best practices. Closed standards are not -- organizations maintain them internally. They change less frequently than open standards.
How to choose coding standards
Teams should create or adopt standards that help them achieve the following five pillars of code quality.
Maintainability
Maintainability standards define how easily developers can read, understand, modify and update the code. This attribute is perhaps the most important and widely observed because software is often reused or distributed for decades longer than intended. Maintenance standards can dictate factors such as comments, indenting code, clear and meaningful variable names, and digestible documentation.
Reliability
Reliability and dependability standards pertain to elements that affect the software's ability to run error-free, such as bug rates, error handling, testing guidelines, requirements and security. Reliability standards aim to help software deal with errors gracefully when defects occur. Developers should write code that can handle unexpected or erroneous inputs that might otherwise cause the program to fail. For example, if the end user enters numbers where letters are expected, a reliable application might present the user with an error message directing them to change the input instead of failing silently.
Efficiency
These coding conventions present ways to make code reusable and minimize the software's overall resource requirements, such as its memory footprint. Efficiency standards typically exist as a series of tactics to create shorter, tighter code. As an example, developers can create callable modules for commonly used functions. This approach often eliminates repetitive or redundant functions that can eat up resources when the software executes a given task.
Readability
Readability emphasizes code that is clear and logical. It includes self-explanatory naming standards and comments that aid future developers, troubleshooters or reviewers in understanding the purpose of a code block intuitively. Readability enhances collaboration and scalability as the code is modified over time.
Usability
These standards typically shape the UX of a given software project. They relate to input using keys, mouse or touch. They also include menu and data display output. These coding conventions enable organizations to address responsiveness or maximum latency demands, offer multilingual interfaces and help information, and design the aesthetic aspects of the software. For example, developers working on a client-server application might opt to implement caching and asynchronous data storage to reduce the latency that often occurs with synchronous write commits.
10 coding best practices and conventions
Standards define coding best practices and conventions. Most of the following conventions can apply to any development project.
1) Naming conventions
Covers variable, constant, function, class and component names to provide consistency and clear understanding. Some best naming convention practices include the following:
- Descriptive names for resources.
- Case standards, including camel case, snake case and pascal case.
- File, library and directory naming standards.
Example naming conventions and case standards include the following:
| Convention name | Example | Common use | Language(s) |
| kebab case |
sample-content |
CSS classes, HTML attributes |
HTML, CSS |
| snake case |
sample_content |
Functions, variables |
Python, C, Ruby |
| pascal case |
SampleContent |
Classes, types |
Python, Java, C# |
| camel case |
sampleContent |
Functions, variables, URLs |
JavaScript, Java, C# |
2) Indentation and formatting
Establishes rules for tabs, whitespace, line lengths and character placement. Some best indentation and formatting practices include the following:
- Consistent indentations -- usually two or four spaces.
- Spaces or tabs -- but not both.
- Brace and parentheses placement.
3) Commenting
Provides clarity for commenting to create concise and accurate documentation. Some best practices for commenting include the following:
- Comments explain complex components and are not necessary for simple code blocks.
- Comments provide logic or rationale, giving the code context.
4) Code organization and structure
Defines the overall code construction for consistency, logic and efficiency. Some best practices for code structure include the following:
- Line length limits -- between 80 and 120 characters is common.
- Short, self-contained functions and methods that are focused on a single task.
- Organized, logical directory structure for code components with consistent naming.
5) Error handling
Covers error and mitigation practices. Best practices for error handling include the following:
- Consistent error handling -- which might vary by language or project but should follow established patterns throughout the codebase.
- Comprehensive exception management, using try-catch blocks to capture unexpected errors and provide fallback mechanisms.
- Informative error reporting with actionable error messages.
6) General programming principles
Emphasizes reusable code and simplicity. Examples of general programming principles include the following:
- Keep It Simple, Stupid (KISS), which prioritizes straightforward solutions over complexity.
- Don't Repeat Yourself (DRY), which aims to avoid duplicating code by abstracting functionality into reusable components.
7) Version control
Sets effective version control, branching and code checkout techniques to avoid confusion and inadvertent integration of untested or unready code. Some best practices for version control include the following:
- Using a code repository, such as GitHub.
- Using code control tools, such as Git.
- Using clear version increments.
8) Dependency management
Provides controls for libraries and dependencies that an application relies on for functionality. These resources are often not developed in-house, making it challenging to guarantee security and efficiency. Best practices for dependency management include the following:
- Consistent vulnerability scanning using automated security tools.
- Version pinning and lockfiles to specify versions of dependencies across different environments.
- Dependency pruning to audit and remove unused or redundant dependencies.
9) Documentation
Some best practices for software documentation include the following:
- Creating clear, concise, well-organized and useful documentation that is helpful to both new and experienced readers.
- Procuring README documents to provide the project's purpose, installation steps, dependencies, basic usage and contribution guidelines, if any. A wiki or similar knowledge base might also be useful.
- Using visual resources and examples to offer users another avenue for understanding the application.
- Aligning documentation to current software versions. Don't let documentation fall behind or become outdated.
- Storing documentation alongside code in the repository.
- Allocating resources to documentation as part of the overall project scope.
10) Security
Addresses code's protection from vulnerabilities and attacks. Some best practices for code security include the following:
- Input validation and authentication.
- Secure code libraries.
- Regular security checks to identify and mitigate vulnerabilities.
Examples of coding standards
Specific coding standards and style guides codify general best practices and conventions based on certain constraints, such as industry regulations or language. Organizations often incorporate these specific guidelines into their broader internal coding standards or adapt these standards to fit their own organizational needs.
Language-specific style guides
Coding languages have their own standards and style guides that dictate best practices for some of the conventions listed above, such as naming conventions and formatting. Some common coding style guides organized by language include the following:
- HTML/CSS. The Google HTML/CSS Style Guide offers rules for clean markup and styling in HTML and CSS. W3Schools provides HTML and CSS conventions with practical examples.
- Python. Python Enhancements Proposals 8 (PEP8), Python's official style guide, covers conventions such as indentation, line length and naming conventions for the language.
- JavaScript. The Airbnb Style Guide is an industry standard most known for its JavaScript and React style guides. W3Schools JavaScript Coding Conventions provides naming rules for variables, rules for whitespace and other programming practices that make JavaScript code more readable and maintainable.
- C#. The Microsoft Common C# code conventions recommends patterns for naming, organizing and formatting code, as well as tools to enforce those standards. For example, the guide recommends using an editorconfig file to let the integrated development environment automatically enforce style guidelines.
Industry-specific standards
Be sure to investigate industry-specific standards as well. Several industries provide standards and best practices.
The healthcare industry relies on the following standards and guidelines:
- IEC 62304. International standard for the medical device software lifecycle, including requirements for development, verification, validation and secure coding practices.
- FDA Premarket Cybersecurity Guidance. Cybersecurity guidance for designing, developing and maintaining medical devices. The guidance includes secure coding practices.
The banking and financial industry doesn't have the same kinds of defined standards as healthcare but it does recognize and use various best practices. Examples are as follows:
- NIST Secure Software Development Framework. Integration of secure practices into all phases of the development process. Examples include code reviews, testing and adherence to common best practices.
- OWASP Secure Coding Practices. Some areas of focus in this standard include input validation, principle of least privilege access control, secure default settings, code reviews and testing.
The Gramm-Leach-Bliley Act creates a regulatory need for security measures in the finance industry, which indirectly drives the adoption of secure coding standards.
Damon Garn owns Cogspinner Coaction and provides freelance IT writing and editing services. He has written multiple CompTIA study guides, including the Linux+, Cloud Essentials+ and Server+ guides, and contributes extensively to Informa TechTarget, The New Stack and CompTIA Blogs.
