mirror of
https://github.com/rust-lang/rust-analyzer
synced 2024-12-26 13:03:31 +00:00
8dc68ecdfc
rust-analyzer is a long-running program, so we *should* handle assertion failures. See also https://www.sqlite.org/assert.html.
679 lines
16 KiB
Markdown
679 lines
16 KiB
Markdown
Our approach to "clean code" is two-fold:
|
|
|
|
* We generally don't block PRs on style changes.
|
|
* At the same time, all code in rust-analyzer is constantly refactored.
|
|
|
|
It is explicitly OK for a reviewer to flag only some nits in the PR, and then send a follow-up cleanup PR for things which are easier to explain by example, cc-ing the original author.
|
|
Sending small cleanup PRs (like renaming a single local variable) is encouraged.
|
|
|
|
# General
|
|
|
|
## Scale of Changes
|
|
|
|
Everyone knows that it's better to send small & focused pull requests.
|
|
The problem is, sometimes you *have* to, eg, rewrite the whole compiler, and that just doesn't fit into a set of isolated PRs.
|
|
|
|
The main things to keep an eye on are the boundaries between various components.
|
|
There are three kinds of changes:
|
|
|
|
1. Internals of a single component are changed.
|
|
Specifically, you don't change any `pub` items.
|
|
A good example here would be an addition of a new assist.
|
|
|
|
2. API of a component is expanded.
|
|
Specifically, you add a new `pub` function which wasn't there before.
|
|
A good example here would be expansion of assist API, for example, to implement lazy assists or assists groups.
|
|
|
|
3. A new dependency between components is introduced.
|
|
Specifically, you add a `pub use` reexport from another crate or you add a new line to the `[dependencies]` section of `Cargo.toml`.
|
|
A good example here would be adding reference search capability to the assists crates.
|
|
|
|
For the first group, the change is generally merged as long as:
|
|
|
|
* it works for the happy case,
|
|
* it has tests,
|
|
* it doesn't panic for the unhappy case.
|
|
|
|
For the second group, the change would be subjected to quite a bit of scrutiny and iteration.
|
|
The new API needs to be right (or at least easy to change later).
|
|
The actual implementation doesn't matter that much.
|
|
It's very important to minimize the amount of changed lines of code for changes of the second kind.
|
|
Often, you start doing a change of the first kind, only to realise that you need to elevate to a change of the second kind.
|
|
In this case, we'll probably ask you to split API changes into a separate PR.
|
|
|
|
Changes of the third group should be pretty rare, so we don't specify any specific process for them.
|
|
That said, adding an innocent-looking `pub use` is a very simple way to break encapsulation, keep an eye on it!
|
|
|
|
Note: if you enjoyed this abstract hand-waving about boundaries, you might appreciate
|
|
https://www.tedinski.com/2018/02/06/system-boundaries.html
|
|
|
|
## Crates.io Dependencies
|
|
|
|
We try to be very conservative with usage of crates.io dependencies.
|
|
Don't use small "helper" crates (exception: `itertools` is allowed).
|
|
If there's some general reusable bit of code you need, consider adding it to the `stdx` crate.
|
|
|
|
**Rationale:** keep compile times low, create ecosystem pressure for faster
|
|
compiles, reduce the number of things which might break.
|
|
|
|
## Commit Style
|
|
|
|
We don't have specific rules around git history hygiene.
|
|
Maintaining clean git history is strongly encouraged, but not enforced.
|
|
Use rebase workflow, it's OK to rewrite history during PR review process.
|
|
After you are happy with the state of the code, please use [interactive rebase](https://git-scm.com/book/en/v2/Git-Tools-Rewriting-History) to squash fixup commits.
|
|
|
|
Avoid @mentioning people in commit messages and pull request descriptions(they are added to commit message by bors).
|
|
Such messages create a lot of duplicate notification traffic during rebases.
|
|
|
|
If possible, write commit messages from user's perspective:
|
|
|
|
```
|
|
# GOOD
|
|
Goto definition works inside macros
|
|
|
|
# BAD
|
|
Use original span for FileId
|
|
```
|
|
|
|
This makes it easier to prepare a changelog.
|
|
|
|
If the change adds a new user-visible functionality, consider recording a GIF with [peek](https://github.com/phw/peek) and pasting it into the PR description.
|
|
|
|
**Rationale:** clean history is potentially useful, but rarely used.
|
|
But many users read changelogs.
|
|
|
|
## Clippy
|
|
|
|
We don't enforce Clippy.
|
|
A number of default lints have high false positive rate.
|
|
Selectively patching false-positives with `allow(clippy)` is considered worse than not using Clippy at all.
|
|
There's `cargo xtask lint` command which runs a subset of low-FPR lints.
|
|
Careful tweaking of `xtask lint` is welcome.
|
|
Of course, applying Clippy suggestions is welcome as long as they indeed improve the code.
|
|
|
|
**Rationale:** see [rust-lang/clippy#5537](https://github.com/rust-lang/rust-clippy/issues/5537).
|
|
|
|
# Code
|
|
|
|
## Minimal Tests
|
|
|
|
Most tests in rust-analyzer start with a snippet of Rust code.
|
|
This snippets should be minimal -- if you copy-paste a snippet of real code into the tests, make sure to remove everything which could be removed.
|
|
|
|
It also makes sense to format snippets more compactly (for example, by placing enum definitions like `enum E { Foo, Bar }` on a single line),
|
|
as long as they are still readable.
|
|
|
|
When using multiline fixtures, use unindented raw string literals:
|
|
|
|
```rust
|
|
#[test]
|
|
fn inline_field_shorthand() {
|
|
check_assist(
|
|
inline_local_variable,
|
|
r#"
|
|
struct S { foo: i32}
|
|
fn main() {
|
|
let $0foo = 92;
|
|
S { foo }
|
|
}
|
|
"#,
|
|
r#"
|
|
struct S { foo: i32}
|
|
fn main() {
|
|
S { foo: 92 }
|
|
}
|
|
"#,
|
|
);
|
|
}
|
|
```
|
|
|
|
**Rationale:**
|
|
|
|
There are many benefits to this:
|
|
|
|
* less to read or to scroll past
|
|
* easier to understand what exactly is tested
|
|
* less stuff printed during printf-debugging
|
|
* less time to run test
|
|
|
|
Formatting ensures that you can use your editor's "number of selected characters" feature to correlate offsets with test's source code.
|
|
|
|
## Function Preconditions
|
|
|
|
Express function preconditions in types and force the caller to provide them (rather than checking in callee):
|
|
|
|
```rust
|
|
// GOOD
|
|
fn frbonicate(walrus: Walrus) {
|
|
...
|
|
}
|
|
|
|
// BAD
|
|
fn frobnicate(walrus: Option<Walrus>) {
|
|
let walrus = match walrus {
|
|
Some(it) => it,
|
|
None => return,
|
|
};
|
|
...
|
|
}
|
|
```
|
|
|
|
**Rationale:** this makes control flow explicit at the call site.
|
|
Call-site has more context, it often happens that the precondition falls out naturally or can be bubbled up higher in the stack.
|
|
|
|
Avoid splitting precondition check and precondition use across functions:
|
|
|
|
```rust
|
|
// GOOD
|
|
fn main() {
|
|
let s: &str = ...;
|
|
if let Some(contents) = string_literal_contents(s) {
|
|
|
|
}
|
|
}
|
|
|
|
fn string_literal_contents(s: &str) -> Option<&str> {
|
|
if s.starts_with('"') && s.ends_with('"') {
|
|
Some(&s[1..s.len() - 1])
|
|
} else {
|
|
None
|
|
}
|
|
}
|
|
|
|
// BAD
|
|
fn main() {
|
|
let s: &str = ...;
|
|
if is_string_literal(s) {
|
|
let contents = &s[1..s.len() - 1];
|
|
}
|
|
}
|
|
|
|
fn is_string_literal(s: &str) -> bool {
|
|
s.starts_with('"') && s.ends_with('"')
|
|
}
|
|
```
|
|
|
|
In the "Not as good" version, the precondition that `1` is a valid char boundary is checked in `is_string_literal` and used in `foo`.
|
|
In the "Good" version, the precondition check and usage are checked in the same block, and then encoded in the types.
|
|
|
|
**Rationale:** non-local code properties degrade under change.
|
|
|
|
When checking a boolean precondition, prefer `if !invariant` to `if negated_invariant`:
|
|
|
|
```rust
|
|
// GOOD
|
|
if !(idx < len) {
|
|
return None;
|
|
}
|
|
|
|
// BAD
|
|
if idx >= len {
|
|
return None;
|
|
}
|
|
```
|
|
|
|
**Rationale:** its useful to see the invariant relied upon by the rest of the function clearly spelled out.
|
|
|
|
## Assertions
|
|
|
|
Assert liberally.
|
|
Prefer `stdx::assert_never!` to standard `assert!`.
|
|
|
|
## Getters & Setters
|
|
|
|
If a field can have any value without breaking invariants, make the field public.
|
|
Conversely, if there is an invariant, document it, enforce it in the "constructor" function, make the field private, and provide a getter.
|
|
Never provide setters.
|
|
|
|
Getters should return borrowed data:
|
|
|
|
```rust
|
|
struct Person {
|
|
// Invariant: never empty
|
|
first_name: String,
|
|
middle_name: Option<String>
|
|
}
|
|
|
|
// GOOD
|
|
impl Person {
|
|
fn first_name(&self) -> &str { self.first_name.as_str() }
|
|
fn middle_name(&self) -> Option<&str> { self.middle_name.as_ref() }
|
|
}
|
|
|
|
// BAD
|
|
impl Person {
|
|
fn first_name(&self) -> String { self.first_name.clone() }
|
|
fn middle_name(&self) -> &Option<String> { &self.middle_name }
|
|
}
|
|
```
|
|
|
|
**Rationale:** we don't provide public API, it's cheaper to refactor than to pay getters rent.
|
|
Non-local code properties degrade under change, privacy makes invariant local.
|
|
Borrowed own data discloses irrelevant details about origin of data.
|
|
Irrelevant (neither right nor wrong) things obscure correctness.
|
|
|
|
## Constructors
|
|
|
|
Prefer `Default` to zero-argument `new` function
|
|
|
|
```rust
|
|
// GOOD
|
|
#[derive(Default)]
|
|
struct Foo {
|
|
bar: Option<Bar>
|
|
}
|
|
|
|
// BAD
|
|
struct Foo {
|
|
bar: Option<Bar>
|
|
}
|
|
|
|
impl Foo {
|
|
fn new() -> Foo {
|
|
Foo { bar: None }
|
|
}
|
|
}
|
|
```
|
|
|
|
Prefer `Default` even it has to be implemented manually.
|
|
|
|
**Rationale:** less typing in the common case, uniformity.
|
|
|
|
## Functions Over Objects
|
|
|
|
Avoid creating "doer" objects.
|
|
That is, objects which are created only to execute a single action.
|
|
|
|
```rust
|
|
// GOOD
|
|
do_thing(arg1, arg2);
|
|
|
|
// BAD
|
|
ThingDoer::new(arg1, arg2).do();
|
|
```
|
|
|
|
Note that this concerns only outward API.
|
|
When implementing `do_thing`, it might be very useful to create a context object.
|
|
|
|
```rust
|
|
pub fn do_thing(arg1: Arg1, arg2: Arg2) -> Res {
|
|
let mut ctx = Ctx { arg1, arg2 }
|
|
ctx.run()
|
|
}
|
|
|
|
struct Ctx {
|
|
arg1: Arg1, arg2: Arg2
|
|
}
|
|
|
|
impl Ctx {
|
|
fn run(self) -> Res {
|
|
...
|
|
}
|
|
}
|
|
```
|
|
|
|
The difference is that `Ctx` is an impl detail here.
|
|
|
|
Sometimes a middle ground is acceptable if this can save some busywork:
|
|
|
|
```rust
|
|
ThingDoer::do(arg1, arg2);
|
|
|
|
pub struct ThingDoer {
|
|
arg1: Arg1, arg2: Arg2,
|
|
}
|
|
|
|
impl ThingDoer {
|
|
pub fn do(arg1: Arg1, arg2: Arg2) -> Res {
|
|
ThingDoer { arg1, arg2 }.run()
|
|
}
|
|
fn run(self) -> Res {
|
|
...
|
|
}
|
|
}
|
|
```
|
|
|
|
**Rationale:** not bothering the caller with irrelevant details, not mixing user API with implementor API.
|
|
|
|
## Avoid Monomorphization
|
|
|
|
Avoid making a lot of code type parametric, *especially* on the boundaries between crates.
|
|
|
|
```rust
|
|
// GOOD
|
|
fn frbonicate(f: impl FnMut()) {
|
|
frobnicate_impl(&mut f)
|
|
}
|
|
fn frobnicate_impl(f: &mut dyn FnMut()) {
|
|
// lots of code
|
|
}
|
|
|
|
// BAD
|
|
fn frbonicate(f: impl FnMut()) {
|
|
// lots of code
|
|
}
|
|
```
|
|
|
|
Avoid `AsRef` polymorphism, it pays back only for widely used libraries:
|
|
|
|
```rust
|
|
// GOOD
|
|
fn frbonicate(f: &Path) {
|
|
}
|
|
|
|
// BAD
|
|
fn frbonicate(f: impl AsRef<Path>) {
|
|
}
|
|
```
|
|
|
|
**Rationale:** Rust uses monomorphization to compile generic code, meaning that for each instantiation of a generic functions with concrete types, the function is compiled afresh, *per crate*.
|
|
This allows for exceptionally good performance, but leads to increased compile times.
|
|
Runtime performance obeys 80%/20% rule -- only a small fraction of code is hot.
|
|
Compile time **does not** obey this rule -- all code has to be compiled.
|
|
|
|
|
|
# Premature Pessimization
|
|
|
|
## Avoid Allocations
|
|
|
|
Avoid writing code which is slower than it needs to be.
|
|
Don't allocate a `Vec` where an iterator would do, don't allocate strings needlessly.
|
|
|
|
```rust
|
|
// GOOD
|
|
use itertools::Itertools;
|
|
|
|
let (first_word, second_word) = match text.split_ascii_whitespace().collect_tuple() {
|
|
Some(it) => it,
|
|
None => return,
|
|
}
|
|
|
|
// BAD
|
|
let words = text.split_ascii_whitespace().collect::<Vec<_>>();
|
|
if words.len() != 2 {
|
|
return
|
|
}
|
|
```
|
|
|
|
**Rationale:** not allocating is almost often faster.
|
|
|
|
## Push Allocations to the Call Site
|
|
|
|
If allocation is inevitable, let the caller allocate the resource:
|
|
|
|
```rust
|
|
// GOOD
|
|
fn frobnicate(s: String) {
|
|
...
|
|
}
|
|
|
|
// BAD
|
|
fn frobnicate(s: &str) {
|
|
let s = s.to_string();
|
|
...
|
|
}
|
|
```
|
|
|
|
**Rationale:** reveals the costs.
|
|
It is also more efficient when the caller already owns the allocation.
|
|
|
|
## Collection types
|
|
|
|
Prefer `rustc_hash::FxHashMap` and `rustc_hash::FxHashSet` instead of the ones in `std::collections`.
|
|
|
|
**Rationale:** they use a hasher that's significantly faster and using them consistently will reduce code size by some small amount.
|
|
|
|
# Style
|
|
|
|
## Order of Imports
|
|
|
|
Separate import groups with blank lines.
|
|
Use one `use` per crate.
|
|
|
|
Module declarations come before the imports.
|
|
Order them in "suggested reading order" for a person new to the code base.
|
|
|
|
```rust
|
|
mod x;
|
|
mod y;
|
|
|
|
// First std.
|
|
use std::{ ... }
|
|
|
|
// Second, external crates (both crates.io crates and other rust-analyzer crates).
|
|
use crate_foo::{ ... }
|
|
use crate_bar::{ ... }
|
|
|
|
// Then current crate.
|
|
use crate::{}
|
|
|
|
// Finally, parent and child modules, but prefer `use crate::`.
|
|
use super::{}
|
|
```
|
|
|
|
**Rationale:** consistency.
|
|
Reading order is important for new contributors.
|
|
Grouping by crate allows to spot unwanted dependencies easier.
|
|
|
|
## Import Style
|
|
|
|
Qualify items from `hir` and `ast`.
|
|
|
|
```rust
|
|
// GOOD
|
|
use syntax::ast;
|
|
|
|
fn frobnicate(func: hir::Function, strukt: ast::Struct) {}
|
|
|
|
// BAD
|
|
use hir::Function;
|
|
use syntax::ast::Struct;
|
|
|
|
fn frobnicate(func: Function, strukt: Struct) {}
|
|
```
|
|
|
|
**Rationale:** avoids name clashes, makes the layer clear at a glance.
|
|
|
|
When implementing traits from `std::fmt` or `std::ops`, import the module:
|
|
|
|
```rust
|
|
// GOOD
|
|
use std::fmt;
|
|
|
|
impl fmt::Display for RenameError {
|
|
fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result { .. }
|
|
}
|
|
|
|
// BAD
|
|
impl std::fmt::Display for RenameError {
|
|
fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result { .. }
|
|
}
|
|
|
|
// BAD
|
|
use std::ops::Deref;
|
|
|
|
impl Deref for Widget {
|
|
type Target = str;
|
|
fn deref(&self) -> &str { .. }
|
|
}
|
|
```
|
|
|
|
**Rationale:** overall, less typing.
|
|
Makes it clear that a trait is implemented, rather than used.
|
|
|
|
Avoid local `use MyEnum::*` imports.
|
|
**Rationale:** consistency.
|
|
|
|
Prefer `use crate::foo::bar` to `use super::bar` or `use self::bar::baz`.
|
|
**Rationale:** consistency, this is the style which works in all cases.
|
|
|
|
## Order of Items
|
|
|
|
Optimize for the reader who sees the file for the first time, and wants to get a general idea about what's going on.
|
|
People read things from top to bottom, so place most important things first.
|
|
|
|
Specifically, if all items except one are private, always put the non-private item on top.
|
|
|
|
```rust
|
|
// GOOD
|
|
pub(crate) fn frobnicate() {
|
|
Helper::act()
|
|
}
|
|
|
|
#[derive(Default)]
|
|
struct Helper { stuff: i32 }
|
|
|
|
impl Helper {
|
|
fn act(&self) {
|
|
|
|
}
|
|
}
|
|
|
|
// BAD
|
|
#[derive(Default)]
|
|
struct Helper { stuff: i32 }
|
|
|
|
pub(crate) fn frobnicate() {
|
|
Helper::act()
|
|
}
|
|
|
|
impl Helper {
|
|
fn act(&self) {
|
|
|
|
}
|
|
}
|
|
```
|
|
|
|
If there's a mixture of private and public items, put public items first.
|
|
|
|
Put `struct`s and `enum`s first, functions and impls last. Order type declarations in top-down manner.
|
|
|
|
```rust
|
|
// GOOD
|
|
struct Parent {
|
|
children: Vec<Child>
|
|
}
|
|
|
|
struct Child;
|
|
|
|
impl Parent {
|
|
}
|
|
|
|
impl Child {
|
|
}
|
|
|
|
// BAD
|
|
struct Child;
|
|
|
|
impl Child {
|
|
}
|
|
|
|
struct Parent {
|
|
children: Vec<Child>
|
|
}
|
|
|
|
impl Parent {
|
|
}
|
|
```
|
|
|
|
**Rationale:** easier to get the sense of the API by visually scanning the file.
|
|
If function bodies are folded in the editor, the source code should read as documentation for the public API.
|
|
|
|
## Variable Naming
|
|
|
|
Use boring and long names for local variables ([yay code completion](https://github.com/rust-analyzer/rust-analyzer/pull/4162#discussion_r417130973)).
|
|
The default name is a lowercased name of the type: `global_state: GlobalState`.
|
|
Avoid ad-hoc acronyms and contractions, but use the ones that exist consistently (`db`, `ctx`, `acc`).
|
|
Prefer American spelling (color, behavior).
|
|
|
|
Default names:
|
|
|
|
* `res` -- "result of the function" local variable
|
|
* `it` -- I don't really care about the name
|
|
* `n_foo` -- number of foos
|
|
* `foo_idx` -- index of `foo`
|
|
|
|
Many names in rust-analyzer conflict with keywords.
|
|
We use mangled names instead of `r#ident` syntax:
|
|
|
|
```
|
|
struct -> strukt
|
|
crate -> krate
|
|
impl -> imp
|
|
trait -> trait_
|
|
fn -> func
|
|
enum -> enum_
|
|
mod -> module
|
|
```
|
|
|
|
**Rationale:** consistency.
|
|
|
|
## Early Returns
|
|
|
|
Do use early returns
|
|
|
|
```rust
|
|
// GOOD
|
|
fn foo() -> Option<Bar> {
|
|
if !condition() {
|
|
return None;
|
|
}
|
|
|
|
Some(...)
|
|
}
|
|
|
|
// BAD
|
|
fn foo() -> Option<Bar> {
|
|
if condition() {
|
|
Some(...)
|
|
} else {
|
|
None
|
|
}
|
|
}
|
|
```
|
|
|
|
**Rationale:** reduce congnitive stack usage.
|
|
|
|
## Comparisons
|
|
|
|
Use `<`/`<=`, avoid `>`/`>=`.
|
|
|
|
```rust
|
|
// GOOD
|
|
assert!(lo <= x && x <= hi);
|
|
|
|
// BAD
|
|
assert!(x >= lo && x <= hi>);
|
|
```
|
|
|
|
**Rationale:** Less-then comparisons are more intuitive, they correspond spatially to [real line](https://en.wikipedia.org/wiki/Real_line).
|
|
|
|
|
|
## Token names
|
|
|
|
Use `T![foo]` instead of `SyntaxKind::FOO_KW`.
|
|
|
|
```rust
|
|
// GOOD
|
|
match p.current() {
|
|
T![true] | T![false] => true,
|
|
_ => false,
|
|
}
|
|
|
|
// BAD
|
|
|
|
match p.current() {
|
|
SyntaxKind::TRUE_KW | SyntaxKind::FALSE_KW => true,
|
|
_ => false,
|
|
}
|
|
```
|
|
|
|
**Rationale:** The macro uses the familiar Rust syntax, avoiding ambiguities like "is this a brace or bracket?".
|
|
|
|
## Documentation
|
|
|
|
For `.md` and `.adoc` files, prefer a sentence-per-line format, don't wrap lines.
|
|
If the line is too long, you want to split the sentence in two :-)
|
|
|
|
**Rationale:** much easier to edit the text and read the diff.
|