Safe code is not a coincidence
Doesn’t happen randomly, you need to work on it!
You need to care about it!
It is about time we all address this topic!
Everything I’ll tell you today, you already know!
Help users use your app or APIHelp users use your app or API
Document. Everything and a lot.Document. Everything and a lot.
Get rid of warningsGet rid of warnings
Release code asRelease code as open sourceopen source
All codeAll code shallshall get reviewedget reviewed
CodeCode shallshall be easy to readbe easy to read and understandand understand
Use theUse the same code stylesame code style everywhereeverywhere
Commit message template ochCommit message template och qualityquality
Make sure style and templates are followed!Make sure style and templates are followed!
Test the documentation
Fixed a bug? Add a test. Or two.
All that, all the time
For every commit
For every PR
All. The. Time
The curl project
>50 builds + test “rounds” per commit
Tests code style, indenting etc
Thousands of tests per build
Builds and tests on tens of platforms
20-25 hours of CI per commit
The curl project’s choice of tools
The curl project’s policy
Fix all warnings (eye roll)Fix all warnings (eye roll)
No defects leftNo defects left
Use the strictest and most picky optionsUse the strictest and most picky options
As many tests as possibleAs many tests as possible
Fix security issues as soon as possibleFix security issues as soon as possible
That takes a lot of time and is