Source Code Quality
Last updated
Was this helpful?
Last updated
Was this helpful?
We consider code quality to be very serious. We set our standards way above the "good enough" level to deliver a very high quality product.
We have implemented a CI/CD( / ) pipeline based on where version control, build, tests and deploy are mainly automated.
Each line of our code is often produced by not only one but two engineers, ensuring design decisions are always subject to debate and approval.
We reinforce this by protecting our master branches and ensuring every new code snippet is reviewed by at least one other member of the team in a Pull Request. These discussions are logged for documentation and new member training purposes.
During these code reviews, we're particularly attentive to some basic concerns that every developers should know such as .
Unit and integration tests are systematically carried out on code that is produced.
Each push of new code is tested against our test portfolio in a new docker container.
Merging development branches into our main branch is not allowed if the tests fail.
Automated tests are performed each night.
If automated tests are green, we deploy on nightly instances.
With each monthly release we update our dependencies in order to integrate their latest security patches.
When they receive notification of a newly-announced vulnerability, a security alert is sent to us with the details (which part is affected, how to correct it...).
For each alert we receive, a bug ticket is created in our backlog and is attributed a high priority.
We use and to track and report vulnerabilities in our code dependencies.
Both services track public vulnerabilities listed on .