Tidbits

Always be threat modeling

Data is a liability. You should consistently be questioning which resources need protection, system boundaries, access capabilities from all sides, and what it would take to feasibly cause a breach.

Dependency Injection is always the answer

There aren't many hills I'd die on, but DI is one I refuse to budge on.

The minor inconvenience of complexity is far out weighed by a code base's ability to be easily manipulated with minimal side effects.

A job done well means not over-engineered

Over-engineering is a complexity that burdens code bases, developers and budgets. We need to encourage each other to solve today's problems, not tomorrows.

Could, would, should

The three most powerful words I use consistently in code reviews. No condescending tones, no orders, just simple open ended questions leading the author to reevaluate and stay in control of their code.

Nest less

Nesting reduces readability and increases cognitive load. Reduce, or better yet, never nest. Return early and extract code blocks when feasible.

SOLID, KISS, DRY = suggestions, not rules

Extensibility, flexiblity and maintainability should be balanced with future effort and developer sanity and onboardability.

Often times it is okay to repeat yourself, it is okay to be verbose and straightforward.

Naming is hard

Naming and organization is one of the hardest parts of engineering. A poorly chosen name will haunt your code base for years, don't under think it.