Assigning new values to function parameters exhibits several bad coding practices and should be avoided for several reasons:
Redefining parameters: The code redefines a parameter within the function body by assigning a new value. This is considered a bad practice because it can lead to confusion and make the code harder to understand. Modifying a function parameter in this manner breaks the expected behavior and can cause unexpected side effects. It is generally best to treat function parameters as read-only values and avoid reassigning them.
Shadowing variables: The code further exacerbates the issue by using the short variable declaration := to define a new variable within the function body. This shadows the original parameter, making it inaccessible within the function. Shadowing variables can cause confusion and make the code harder to reason about. It is better to use distinct variable names to maintain clarity and avoid any unintended side effects.
To write more maintainable and understandable code, it is advisable to adhere to the following practices:
Avoid redefining function parameters.
Use descriptive and unambiguous variable names.
Avoid shadowing variables.
Maintain consistency in variable references.
By following these best practices, the code becomes more readable and easier to manage and avoids introducing unnecessary complexity and confusion.
Non-Compliant Code Examples
funcfun1(paramint){// Shadowing 'param'
param:=51}func(r*Type)fun2(paramint){param:=51}funcfun3(paramint){iftrue{// Outside of the main function body, := always shadows
param,err:=doSomething()}}
Compliant Code Examples
funcfun1(paramint){// Assign a new value to the parameter
param=doSomething()}funcfun2(paramint){// In the main function body, := with multiple variables in the left
// will reassign instead of shadowing
param,err:=doSomethingElse()}funcfun3(paramint){constfun4=func(){// Shadowing inside an inner function doesn't affect the outer function
param:=doSomething()}}
funcfun(_int){fortrue{// We don't check _ for shadowing
_,err:=doSomething()}}
func(r*Type)fun1(ctxcontext.Context){// As a special case, we allow shadowing context parameters
ctx:=context.WithCancel(ctx)}funcfun2(ctxcontext.Context){ctx:=context.WithCancel(ctx)}
Seamless integrations. Try Datadog Code Security
Datadog Code Security
Try this rule and analyze your code with Datadog Code Security
How to use this rule
1
2
rulesets:- go-best-practices # Rules to enforce Go best practices.
Create a static-analysis.datadog.yml with the content above at the root of your repository
Use our free IDE Plugins or add Code Security scans to your CI pipelines