hack attibute

Hack Attribute to the Rescue

The challenge

At some point in a web project a underlying system, rest API, etc. will not be available and you must make some hacks and or fake code to enable development to continue.

But how do you ensure that the hacks and or fake code never make it into production? Typically  TODO’s, comments, PBI’s etc. are used, but to be honest I have never liked doing that.

Especially in this case as the OAuth Authorization flow was not available, so I had to fake the authentication.


Introducing the [Hack] custom attribute. It adds the ability to add the hack attribute to classes, properties, and methods.

  • When the code is compiled to Debug–  it generates a warning,
    • So the code compiles and can be deployed
  • When the code is compiled to Release – it generates an errorSo the code cannot compile, and can’t be deployed to production.

In out setup for local development, continues integration and our internal development & test server we build for debug. For pre-production & production we build for release.

Therefore I could relax knowing that the hacks could not make it into production.

The Code

namespace Foundation.Diagnostics.Infrastructure
#if !DEBUG
[Obsolete("Hack code is still present", true)]
[Obsolete("Hack code is still present")]

public class HackAttribute : Attribute
public HackAttribute(string message)
Message = message;

public string Message { get; }

It was actually quite simple to achieve by using the Obsolete attribute and the using preprocessor directives, to control if the Obsolete attribute should couase a warning or error, depending if the build was debug or release.

Hope this helps, Alan

2 thoughts on “Hack Attribute to the Rescue

  1. Jesper Hoff

    Very nice approach using compilation targets, and I can certainly see its usage.

    But (yeah sorry, there’s a but) for this particular example where the limitation is an unavailable network resource, I think I would go with a mocking-proxy to intercept the requests and return the expected response instead, with my mindset being that I’d rather try to circumvent the problem outside the codebase, than inside the codebase if that option is available.

    Definitely better than a // TODO, though 😀

    1. Alan Coates Post author

      Unfortunately it was not possible to circumvent outside the code, but we are not going live for 3-4 months just wanted to be sure all hacks removed before deploying to production, as I have said we can not deploy until we get the authentication system in place.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.