A piggy bank of commands, fixes, succinct reviews, some mini articles and technical opinions from a (mostly) Perl developer.

Jump to

Quick reference

Non-functional checklist

When writing a user story or writing a spec for a piece of development work, consider the following non-functional aspects:

  • Authentication
  • Session management
  • Access control
  • Input validation
  • Output encoding/escaping
  • Encryption
  • Error handling and logging
  • Data protection
  • Communication security
  • HTTP security features
  • Monitoring
    • Logging of significant code paths
    • Logging of expected events and errors
    • Catching and logging of unexpected errors (crashes)
    • Metrics for stats of usage and throughput (requests)
  • Performance, e.g. response time must be <500ms


This is especially useful when building new systems like a new app or API.