Check Point® Software Technologies Ltd. announced that its Check Point CloudGuard solution has been recognized as a Leader across three key GigaOm Radar reports: Application & API Security, Cloud Network Security, and Cloud Workload Security.
Code generation is the art of writing programs that write other programs. The most common place to use code generation is for generating libraries. In those scenarios, you have a fixed specification in a domain-specific language (DSL) and a code generator uses that to create the function or API calls representing individual requests or pieces of functionality. While code generation seems simple at first, there are many sharp corners and hidden surprises in anything beyond the most trivial scenarios.
But before you decide whether to build a code generator or not, exploring the depths, complexity, and tradeoffs is key. Sometimes, this exploration will lead you to realize your time is better spent extending common tools to meet your unique use case. But there are many scenarios where creating a custom code generator is your best option. Before you explore, let’s consider one concrete scenario were you’d want a code generator and the best practices to make it useful in the long term.
When to Write a Custom Code Generator
Imagine creating a web service that requires email address validation. To ensure the email addresses are valid, the "correct" validation regular expression is wildly complex and obtuse. That said, there are a handful of easier aspects to check — like too many characters or missing an "@" — so we can start there. Initially, you rely on standard library methods like fmt.Errorf to report errors but will find that it doesn’t give the user enough information about the error. To counter that, you add two unique error codes, "email too long" and "invalid email," to make it easier for the user to understand why their email address won’t validate.
You could embed the unique error codes as ad hoc strings within existing strings, but this lacks structure and depends on downstream developers or the user to understand your new pseudo-convention. Alternatively, you could create a function that takes a unique error code as a parameter but that still relies on strings and will lead to inconsistent implementations. So how can you uplevel the implementation?
One solution is to generate unique functions for each error you want to handle. This allows for specialized error types, facilitating observability and enabling higher-level code components to work with specific error conditions. However, manually defining all these functions is time-consuming, especially for programs with hundreds or thousands of errors.
This is where writing a custom code generator comes in handy. By defining errors in a reusable format like a YAML file, you can generate the necessary functions. This approach simplifies error management, promotes consistency, reuses these checks across projects and enables the generation of functions for multiple programming languages. You can create a unified error repository for the software, ensuring clear communication and streamlined error handling.
Code Generation Best Practices
When writing a custom code generator, you should first consider the scope and complexity of creating it. There are always trade-offs between customization and simplicity, and developers should aim to understand these up front before diving in. Once you decide to write a custom code generator, developers must keep these best practices in mind.
1. Use comments to prevent edits: You should use comments to give other developers instructions on how to use and edit the code. Comments can tell other teammates not to modify the generated code directly and point them to the source of truth where they should make changes.
2. Isolate generated files: Developers should separate generated files from human-written code by using distinct suffixes or separate directories. Isolation enhances developer experience and makes it easier to identify machine-generated files, simplifying tasks like file filtering or removing outdated generated files.
3. Use a consistent template structure: A consistent template file is crucial for writing an effective code generator because it promotes a standardized format, reduces duplication, and allows for easy modification and maintenance. It facilitates collaboration among developers and enables extensibility for future enhancements.
How to Leverage Code Generation
If you’re considering code generation, start small. Write custom tooling that you never plan on releasing to the world. Explore, play, break things, figure out strengths and weaknesses and find the bounds of what’s possible. That way, when you inevitably consider code generation in practice, you’ll better understand the effort it takes to write and maintain a custom code generator or tailor something that already exists.
With the right tools and practices, code generation is an accessible and valuable tool in your toolbox. It offers a straightforward approach to automating repetitive tasks and establishing conventions. It’s one of the many ways you can solve complex problems, and it just might help you do it in fewer lines of code.
Industry News
LaunchDarkly announced the private preview of Warehouse Native Experimentation, its Snowflake Native App, to offer Data Warehouse Native Experimentation.
SingleStore announced the launch of SingleStore Flow, a no-code solution designed to greatly simplify data migration and Change Data Capture (CDC).
ActiveState launched its Vulnerability Management as a Service (VMaas) offering to help organizations manage open source and accelerate secure software delivery.
Genkit for Node.js is now at version 1.0 and ready for production use.
JFrog signed a strategic collaboration agreement (SCA) with Amazon Web Services (AWS).
mabl launched of two new innovations, mabl Tools for Playwright and mabl GenAI Test Creation, expanding testing capabilities beyond the bounds of traditional QA teams.
Check Point® Software Technologies Ltd. announced a strategic partnership with leading cloud security provider Wiz to address the growing challenges enterprises face securing hybrid cloud environments.
Jitterbit announced its latest AI-infused capabilities within the Harmony platform, advancing AI from low-code development to natural language processing (NLP).
Rancher Government Solutions (RGS) and Sequoia Holdings announced a strategic partnership to enhance software supply chain security, classified workload deployments, and Kubernetes management for the Department of Defense (DOD), Intelligence Community (IC), and federal civilian agencies.
Harness and Traceable have entered into a definitive merger agreement, creating an advanced AI-native DevSecOps platform.
Endor Labs announced a partnership with GitHub that makes it easier than ever for application security teams and developers to accurately identify and remediate the most serious security vulnerabilities—all without leaving GitHub.
GitHub announced a wave of new features and enhancements to GitHub Copilot to streamline coding tasks based on an organization’s specific ways of working.
Mirantis launched k0rdent, an open-source Distributed Container Management Environment (DCME) that provides a single control point for cloud native applications – on-premises, on public clouds, at the edge – on any infrastructure, anywhere.
Hitachi Vantara announced a new co-engineered solution with Cisco designed for Red Hat OpenShift, a hybrid cloud application platform powered by Kubernetes.