Skip to content

cobol.md

Latest commit

 

History

History
138 lines (108 loc) · 4.94 KB

cobol.md

File metadata and controls

138 lines (108 loc) · 4.94 KB

Enterprise COBOL Development Team Knowledge Base

This document serves as a comprehensive guide for enterprise development teams writing COBOL applications. It covers coding styles, clean code guidelines, documentation styles, and secure development best practices. Adherence to these standards ensures maintainability, readability, security, and consistency across projects.

Coding Style

General Conventions

  • Use Fixed Format or Free Format Appropriately: Stick to either fixed-format COBOL or free-format COBOL, based on the project requirements.

    • Fixed format: Columns are defined as follows:
      • Columns 1-6: Sequence number (optional)
      • Column 7: Indicator area
      • Columns 8-72: Code area
      • Columns 73-80: Comment or identification area
    • Free format: Code can begin in any column.

  • Indentation: Use 4 spaces per level for hierarchical structure. Align continuation lines properly.

  • Naming Conventions:

    • Use meaningful names for variables, sections, and paragraphs.
    • Use underscores (_) to separate words in names.
    • Example: CUSTOMER_RECORD, CALCULATE_TOTALS, END_OF_FILE.

  • Uppercase Keywords: Write COBOL keywords in uppercase and user-defined names in lowercase or mixed case.

    PERFORM calculate_totals UNTIL end_of_file.

  • Limit Line Length: Restrict lines to 72 characters in fixed format.

  • Comments:

    • Use * in column 7 for single-line comments.
    • Use *> for free-format comments.

Division and Section Order

  • Maintain standard COBOL structure: 
    IDENTIFICATION DIVISION.
ENVIRONMENT DIVISION.
DATA DIVISION.
PROCEDURE DIVISION.
  • Follow a logical order for sections within each division to enhance readability.

Clean Code Guidelines

General Principles

  • Readable Code: Use clear and consistent formatting to enhance readability.
  • Minimize GOTO Statements: Avoid excessive use of GOTO to prevent spaghetti code. Use structured programming constructs like PERFORM.
  • Small Sections and Paragraphs: Limit the length of sections and paragraphs to improve modularity.
  • Descriptive Paragraph Names: Use meaningful names for paragraphs to describe their purpose. 
    1000-READ-CUSTOMER-FILE.

Error Handling

  • Check for return codes or statuses after performing file or database operations.
  • Use a centralized error handling routine. 
    PERFORM 9000-ERROR-HANDLING.
  • Log errors and critical events to assist in debugging.

Testing

  • Write test cases for all critical paths using test data files.
  • Use tools like IBM Debug Tool or Micro Focus Animator to debug COBOL programs interactively.
  • Maintain separate test environments for unit testing and integration testing.

Documentation Styles

Code Documentation

  • Include clear comments for each division and major sections.
  • Document all file structures, data layouts, and key business rules. 
    * This program calculates monthly totals for all customers.
* Input file: CUSTOMER-FILE
* Output file: MONTHLY-REPORT-FILE

Project Documentation

  • Maintain comprehensive project documentation, including:
    • High-level architecture
    • File layouts and record structures
    • Operational procedures
    • Known limitations and assumptions

Secure Development Best Practices

Input Validation

  • Validate all input fields to ensure they meet expected formats and lengths. 
    IF CUSTOMER-ID IS NUMERIC AND LENGTH OF CUSTOMER-ID = 10
    CONTINUE
ELSE
    PERFORM 9000-ERROR-HANDLING.

Secure Coding Guidelines

  • Avoid Hardcoding: Do not hardcode sensitive information such as passwords or keys. Use configuration files or environment variables.
  • Data Sanitization: Cleanse data before using it in file or database operations to prevent injection vulnerabilities.
  • Use Compiler Options: Enable compiler options that enforce secure practices (e.g., bounds checking).

File Handling

  • Close all files explicitly after use to avoid resource leaks.
  • Check file statuses after each operation. 
    IF FILE-STATUS NOT = '00'
    DISPLAY 'Error in file operation'
    PERFORM 9000-ERROR-HANDLING.

Logging and Monitoring

  • Log critical operations, errors, and security events.
  • Avoid logging sensitive data like PII or passwords.

Build and Deployment

Build Practices

  • Use build automation tools like Jenkins or scripting languages for batch builds.
  • Integrate automated syntax checks as part of the build pipeline.

Deployment Practices

  • Maintain version control of COBOL source code using tools like Git or SVN.
  • Use separate environments for development, testing, and production.
  • Automate deployments to minimize human errors.

Conclusion

By following these guidelines, the development team can ensure that COBOL applications are maintainable, robust, and secure. This document should be updated periodically to reflect new standards and practices.