The Best Code Documentation ‘Tool’ Ever Made (opens in new tab)

(martinnormark.com)

8 pointsmartinnormark11y ago7 comments

7 comments

The method comments are where you explain the expected/accepted inputs and outputs. Its not for outlining design decisions. You also don't need to explain how the method works. It's a black box.

Your ide can be configured to show warnings if your comments don't match your parameter list. Though generally you don't change the external api of your code once you've written it. Or else you then have to update all the methods that call it.

thegreenroom11y ago

so your using function names instead of comments?

martinnormarkOP11y ago

You could say that. What I'm saying is that splitting up a function into smaller functions with good names, is way better documentation than comments.

Hermel11y ago

I can confirm this. Function names tend to be much more reliable than comments. Here's an example from Java that can lead to security problems. Consider setSeed from java.security.SecureRandom:

  /**
   * Reseeds this random object. The given seed supplements,rather than
   * replaces, the existing seed. Thus, repeated calls are guaranteed
   * never to reduce randomness.
   */
  synchronized public void setSeed(byte[] seed) {
    secureRandomSpi.engineSetSeed(seed);
  }

Note that the name of the method conveys something different than the comment says. From the method name, I would expect setSeed to set the seed, and not to add to the seed. A better name would have been "addSeed".

Unsurprisingly, some implementations of java.security.SecureRandom follow the comment, others follow the method name - causing a potential security issue. To complicate things further, note that the comment in the equivalent Android class java.security.SecureRandom requires setSeed to set the seed, see: http://developer.android.com/reference/java/security/SecureR...

Thus, security libraries implementating of java.security.SecureRandom cannot implement both, the Oracle and the Google version, at the same time in accordance with the specifications. This could have been avoided if the time spent on commenting setSeed would have been spent on finding a better method name.

pan6911y ago

How do you write unit tests for classes like this? A lot of reflection I assume?

1 more reply

j / k navigate · click thread line to collapse