This repository contains our team's documented coding standards for each language we use, as well as general development principles, code review guidelines and checklist, and an application development security overview.
We have decided to open these guides and standards up to the public because we feel they have value outside of our team. Please feel free to make use of the content in anyway you like, guided by the license terms below.
We have a small set of general software design principles that should be followed regardless of project or language. This document also includes specific guidelines for object oriented development.
It's vital that architects, developers and testers all have a solid understanding of the types of vulnerabilities that are common in modern web applications: how to identify them, and how to avoid them.
Peer code reviews are a vital part of our development process. They not only allow for early capture of potential issues, but also as a method of spreading knowledge through the team. This document contains the what, why and how of requesting and performing code reviews.
Although this documentation is publicly accessible, it's still a set of living documents based on the current understanding and thinking of the team here at globaldev. Feel free to submit issues and pull requests, but please don't be upset if they get closed due to discussions we have internally (although we'll always try and explain the decision we've made).
The work contained in this repository is made available under the Creative Commons Attribution-ShareAlike 3.0 license. Some elements have been adapted from documents from the OWASP Foundation, also released under CC BY-SA 3.0.