How to combine defensive programming techniques together?

Question

The question I want to ask you is quite wide but in the same time it's very concrete. First, I have to say, that I mostly interested in answers which are applicable in the .net environment.

Well, I want to increase the level of the code I produce. Now I mostly use the TDD and the static code analysis to ensure that my code is correct. Recently I've listened to Dino Esposito's speech about code contracts and now I want to use it in conjunction with other techniques. While listening to Dino I've also recalled the Debug.Assert() and Trace.Assert().

To be concrete I will ask several questions:

• How should I write the contracts and unit tests to complement each other?
• Should I use code contracts in every method or in public methods only?
• Should I prevent the usage of Debug.Assert()? When it's OK to use them? (For example, notice that invariants in .net are checked only on public method/property exit. So, is it OK to make some checks in the middle of the method by simple Assert()?)
• Could you please recommend me the open source project where all these techniques are properly used because a picture paints a thousand words?

Answer 1

You should start by studying the (rather good) manual for Contracts.

• it has a chapter and sample code about unit test integration. Much more info if you follow the Pex links.
• use contracts in all public members allways. For private members: sometimes.
• you could still use Debug.Assert() but Contracts.Assert() would be the more logical choice.
• sample projects... Don't know any. But do look at the contracts defined for the BCL.