Lesson 10: Pruning the Deadwood: Keeping Out The Ents
[CFL2M] Warning: This in Your Code Can Lead to Disaster
*Note: This content is from our free ColdFusion Legacy 2 Modernization E-Course [CFL2M]. Interested in getting the full course? Click here to sign up.
Like debris on a Middle-Earth battlefield, obsolete and unused code can obscure your vision, making it difficult to maneuver and maintain your applications effectively.
Deadwood complicates maintenance and creates confusion among developers.
It not only clutters your system but also poses significant security risks—akin to leaving old, unused doors within the walls of Minas Tirith.
Last email, we learned all about Continuous Integration and how amazing it is when you automate it. If you read it and did the action step, congrats! If not, now would be a good time to revisit it.
Anyway, deadwood refers to portions of the code that are no longer used or are obsolete but have not been removed from the codebase. Distinguishing active code from inactive becomes as daunting as deciphering runes in the dark depths of Moria.
Deadwood code often contains security holes because it is not regularly reviewed or maintained. This increases the likelihood of security breaches if hackers can trigger the deadwood code to run via malformed page requests.
Deadwood can be as small as a few lines in an unused CFSWITCH statement, an unused function in a CFC, a whole CFM file (often with unusual names such as “Copy of” or “Test MMDDYY” or even whole subfolders!
It’s crucial to clean out unused code! You can use tools such as code coverage testing to determine which parts of your code are still active. A combination of TestBox and FusionReactor provides code coverage testing.
Be cautious; some code may only run once a year and should not be hastily discarded. It's important to deeply understand your code and consult with users to confirm which parts are redundant and can be safely removed.
Using source control (recall lesson 6) when deleting chunks of deadwood makes it easy to roll back the chunk if you need it.
Aragorn Action Step: Check your codebase for a piece of deadwood, and prune any that you find.
Once the deadwood is gone, your application will be free from the burdens of sluggish maintenance and vulnerable security gaps.
And don't worry, we've ensured no Orcs or Goblins will sneak in to repurpose this deadwood for their own mischief!
Best,
Michaela Light
PS Next email, we’ll take a look at how to optimize your bug ticketing system using… you guessed it, a cool software 🙂