[yungporko]

i've never seen coding standards properly enforced on any large project, nobody has time to read through and scrutinize 30 files of code every time somebody creates a new feature when everybody has their own work to be doing too. at my last job we had mandatory code reviews and some days half of the entire day was just doing that. it didn't long before reading turned into skimming and skimming just turned into clicking approve.

[seanw265]

I was thinking less about self-imposed code reviews and more about regulatory frameworks—principles borrowed from architecture and construction, like mandated documentation, reviews, and inspections.

There's some precedent for this: software in medical devices face strict regulations after incidents like Therac-25.

While most software might not carry the same life-or-death risks, data breaches are increasing in frequency and impact. We should at least be thinking about how we can improve our processes as an industry.

[sho_hn]

> I was thinking less about self-imposed code reviews and more about regulatory frameworks—principles borrowed from architecture and construction, like mandated documentation, reviews, and inspections.

This exists in automotive, cf. ASPICE. And even more extensively in aviation.

And no, it doesn't help fight sprawl much sadly.

The HN crowd is mostly web and mobile and unaware how broad the software field is, even though software in safety-critical applications of course predates both.

[bobthepanda]

given that it takes medical devices billions of dollars in testing to get to market this is a great way to just crush technology entirely. and even so the FDA is recognizing the error of some of its ways and lowering the barriers to entry for things like hearing aids.

[Groxx]

Sadly I have to agree. It has to be mechanically enforced or it doesn't actually last, even with good intentions. (Or a BDFL, but those have scaling limits and Life™ stuff)

Which is a shame because I'm pretty convinced that slowing down and having time to do those reviews is net-good in the (not-very-)long run. Much of the space (and bugs) in even a very well run large project are from accumulating gaps until nobody knows how things truly work - it takes time to eliminate them and end up in a simpler, smaller, more sustainable state.