security-hooks/.crosslink/rules/cpp.md at ebb42dbad7c1cba76dc1f899cd602c69ec7a698b - security-hooks - ```gitea

florian/security-hooks

Files

Flo ebb42dbad7 chore: add agentic tooling, cleanup

2026-03-30 13:00:31 +02:00

1.1 KiB

Raw Blame History

C++ Best Practices

Modern C++ (C++17+)

Use smart pointers (unique_ptr, shared_ptr) over raw pointers
Use RAII for resource management
Prefer std::string and std::vector over C arrays
Use auto for complex types, explicit types for clarity

// GOOD: Modern C++ with smart pointers
auto config = std::make_unique<Config>();
auto users = std::vector<User>{};

// BAD: Manual memory management
Config* config = new Config();
// ... forgot to delete

Error Handling

Use exceptions for exceptional cases
Use std::optional for values that may not exist
Use std::expected (C++23) or result types for expected failures

// GOOD: Optional for missing values
std::optional<User> findUser(const std::string& id) {
    auto it = users.find(id);
    if (it == users.end()) {
        return std::nullopt;
    }
    return it->second;
}

Security

Validate all input boundaries
Use std::string_view for non-owning string references
Avoid C-style casts; use static_cast, dynamic_cast
Never use sprintf; use std::format or streams