DEV Community

loading...
Cover image for "Best Practices" is a hollow phrase

"Best Practices" is a hollow phrase

Davyd McColl
Code monkey extraordinaire
・1 min read

Ugh. "Best Practices". What a hollow phrase.

Best... for whom?

Best... under what context?

Please: if you want people with a clue to listen, stop using this mantra designed to give the reader FOMO.

It's bs.

Nothing is always the best. Everything sucks in its own special way. I mean that in the "kindest" way possible: there is no perfect

  • OS
  • framework
  • programming language
  • anything

Everything has pros and cons.

If you'd like me to use your fantastic tech, explain to me:

  • why I should use this?
  • how is it better than alternatives out there?
  • when does it make sense?
  • when are there simpler methods?
  • what is the tradeoff for using your tech stack vs other methods? and vice-versa?

Without real information, I'm having trouble taking your pitch seriously. And any programmer should be skeptical until you provide a concrete argument that supports your case.

I'm open to being convinced.

"best" implies you can draw some comparisons. I'm all ears.

Discussion (2)

Collapse
scottshipp profile image
scottshipp

I think that's a dangerous stance. It's fair to ask why a set of practices are considered "best practices" but you outright called them "BS." The risks of ignoring best practices are real. If you would you would like to lose your database, open your customer financial information to hackers, force yourself into 60-80 hour work weeks, and other maladies, then by all means ignore best practices.

Collapse
fluffynuts profile image
Davyd McColl Author

Read again, friend: I called leaning on the mantra of "best practices" bs -- because, imo, it is!

In other words: don't just say "you should use tech [X] or method [Y] because it's 'best practices'". Explain the why of it, for example, you perhaps want to have complex database passwords, firewalling that prevents anyone outside your infrastructure from directly accessing your databases and intrusion detection because that would mean:

  1. a hacker would need to penetrate your network and
  2. the same hacker would also have to brute-force (or use another method) to get to your database password which has been generated as 20 random characters which are alpha, numeric and sybolic in nature.
  3. whilst said hacker was trying to brute-force your system, you should already have alarm-bells going off.

See what I did there? I didn't just try to impress you with a phrase -- I explained the why of my suggestion for database security.

Too often, I'm seeing people saying things like "I'm going to show you best practices for code", then giving a code sample, or using a specific library, but not supporting their argument at all. And best of all? It's often misleading or downright wrong to say that they way they are doing it is necessarily the best! I see through that bs: people are using a catch-phrase to bolster their argument for why others should listen to them. This technique has a name: Argument from authority

I code TDD-style not because someone told me it's "best practices" -- indeed, I see plenty of people arguing against TDD as "best practice" because it didn't work for them (most likely because they weren't shown how to do it correctly). I TDD because I find that's the way I get the best quality and velocity on code production, with the least issues. And when there are issues, there are normally well-defined tests which tell me where things have gone wrong.

I've found that the only "best practice" I can advise is to be skeptical and questioning of everything. Understand the why of the strategies you want to undertake. Also understand that what's "best practice" for some situations may not be "best" for yours.