Dead code is code that is never executed. This can be a method that's no longer called, a commented out block of code, or code appearing after a return statement that's unreachable.
In any case, it often reflects functionality that no longer exists in the software and offers no value.
In this article, we'll explore the risks presented by dead code in a software project.
Dead code adds complexity
Dead code makes understanding a codebase more challenging. A developer must figure out which parts of the code are no longer used which takes considerable time, effort, and investigation.
Imagine spending a few hours understanding how a feature works and then discovering that the code implementing the feature is no longer called because it was replaced by a better implementation.
Dead code is misleading
Blocks of commented code raise more questions than answers. Is this a future TODO? Was this code buggy or slow?
There is no reason for commented code to exist because source control can always take us back to a previous version.
Dead code can come back to life
There is a risk that someone may inadvertently call the dead code and bring it back to life. This can lead to bugs and potentially disastrous results.
I recently came across a method that implemented a global password reset feature on a production site. The front-end code had been removed years ago, but the back-end code was still there. If anyone called this method accidentally, it would cause a lot of headaches and customer complaints.
During the summer of 2012, Knight Capital Group caused a major stock market disruption and suffered a loss of over $400 million when a botched software deployment caused dead order handling code to be executed. The code had not been tested in many years and resulted in a deluge of orders hitting the market that could not be cancelled.