1.2 KiB
1.2 KiB
Coding Standards
These are our opinionated code security and quality standards we use internally at Distrust, and expect from all contractors and vendors.
General Guidelines
First party Code
TBD
Third Party Code
Use the following rationale as guidelines to decide when and how to use third party dependencies
flowchart TD
A[Can it be done with the standard Library in under ~10k easily readable lines?]
A --> D{No} --> E
A --> B{Yes} --> C
E[Can it be done with a library used in the official interpreter or compiler?]
E --> F{Yes} --> X
E --> G{No} --> I
I[Does a widely used, well vetted, well reviewed, and well maintained library with exist?]
I --> J{Yes} --> X
I --> K{No} --> L
L[Is this a cryptography or security sensitive use case?]
L --> M{No} --> O
L --> N{Yes} --> P[Review by yourself and pay for reputable external security audit] --> X
O[Does -any- suitible library exist small enough for you to review yourself?]
O --> Q{No} --> C
O --> R{Yes} --> S[Review by yourself and by a peer] --> X
C[Write it yourself]
X[Document rationale and use library at specific version we have reason to trust]
Language Guidelines
Rust
TBD