2015 was my fourth CodeMash. Or maybe my fifth; the awesome sauce tends to run together a bit in my mind.

In previous years my mind has been expanded, contorted, exhausted and sullied by all manner of educational days and "socially lubricated" evenings. I've walked away with lots of new ideas and technical goals, but this was the first year that my spirit was moved by a session. For the first time in a long time, I remembered why I love programming so much.

I went into Cori Drew's "Geek Parenting Lessons Learned... so far" session hoping to learn a few practical tips for raising kids that enjoy, or at least understand, programming. Cori's 11-year-old daughter Katelyn is pretty damn amazing and I figured I'd learn a thing or two.

And I did learn a thing or two, but honestly the value of that learning is eclipsed many times over by what I felt during the session. I felt joy, and hope. 

Joy? Hope? At a technical conference?

Yup. Cori's passion for development was on full display, as was her love of the developer community and the enjoyment she gets from sharing those things with her daughter. She was truly infectious and reminded me of the early days of my own career when I'd work way into the night on a coding problem, searching for elegance amongst all of the curly braces and HTML tags. She reminded me how it felt to discover an aptitude for expressing myself through code patterns and syntax, and what it was like to discover a community of other people like me. She reminded me that what drew me to this thing was the coding itself, not the financial rewards or "leadership opportunities" that become the focus of a maturing career. She reminded me how much I love the craft of programming and sharing that craft with others.

And more than that, she was a she, talking about her own positive experiences and about a young girl finding a bit of that same joy.

You see, I spent the latter part of 2014 seeking out women to follow on Twitter. That gave me a front-row seat to GamerGate and a bunch of other proof that women in tech have a much different experience than my own. And this saddened me; it sucks to see people struggling to get in, or remain in, the industry I love. Specifically, it made me sad for my daughter's chances at following in my footsteps. Can I really encourage her to explore an industry that at best treats her as an outsider, and at worst will threaten to rape or kill her just for having an opinion?

So I feel like Cori's talk was exactly the bit of perspective I needed. It was refreshing and inspiring to see a woman sharing a positive experience. She reminded me that we're fighting this fight for a reason, so that eventually we won't have to fight any more. And so I shared in her joy, hopeful that budding programmers like Katelyn will do amazing things not only with the tech, but with the culture as well.

As usual, CodeMash was great. Good content, great people, lots of fun. But the best thing it gave me was the most unexpected: a vision of a future where my kids can, if they choose, follow a love of programming out in the open, surrounded by a supporting community, and not hiding in the back of the room on BBS systems like I did.

I'm looking forward to 2016, CodeMash, but you have some work to do. The bar has been set pretty high.

This week marks my six-year anniversary with Heuristic Solutions. My longest stint prior to this was 3 years, so this feels pretty notable to me.

Sadly, no one brought me any cake today and I haven't received a gold watch yet. I'll attribute the lack of cake to the fact that I work from home and cake doesn't travel well in a USPS AirMail envelope, but last I checked watches won't spoil if left in the sun.... Anyways, I guess I'll have to mark the occasion myself by reflecting on my experiences here and turning them into some career advice tidbits. If you're looking to find a great place to settle down and grow, here's my advice:

Work for people you trust

It's a scary thing to not trust the people you work for, or to not know the content of their character or the direction of their moral compass. By contrast, it's incredibly liberating when you DO trust those people; it frees you up to take risks, to let your guard down, to align your interests for the betterment of both parties. 

Seek purpose, mastery and autonomy

Immediately leave any job where you don't have a sense of purpose, you're not encouraged to seek mastery in your craft, and you have no sense of autonomy in your work or environment. A programmer with all 3 of those is truly livin' the dream. A programmer without purpose, without growth or learning, and with no freedom of thought or expression is miserable.

Favor "career collaboration" over "employment negotiation"

Three times over the past six years I've considered leaving, and all three times I decided not to. Each of those decisions was made following an open, honest and transparent conversation with my boss about my concerns. And I'm not talking about the "give notice and then take the counter offer" game, I'm talking about a collaborative discussion about goals, wants, desires, frustrations and intentions.  

I've been in my new house for just over a year. I have a nice little home office but the previous decor was terrible, so the first thing I did after moving in was rip up the carpet, re-paint, and buy new flooring.

You'll note that I said "buy" new flooring, and that I said nothing about installing new flooring. That's because I didn't actually get around to installing the floor; for a number of reasons, I just put that aside, set up my office on top of the bare wood subfloor, and went to work. Classy, right?

An interesting thing happens when you don't have a floor in your office. Since the floor looks like crap, there's not a lot of incentive to make anything else look nice. And over the course of the following year I worked in some pretty nasty conditions: papers everywhere, cables strung here-and-there, miscellaneous junk and empty Amazon shipping containers littering my bookshelves. It's very much like living in a "broken windows theory" experiment.

Fast forward to May of this year when I started taking over a lot more of the technical analysis tasks for my team. These aren't tasks that I necessarily enjoy doing, at least not for a sustained period of time, and I've found myself struggling to stay focused. Just moving my gaze from one end of my desk to another would turn up any number of bills to pay, still-barely-edible food items to snack on, or dusty/dirty items that suddenly needed cleaned right now who cares about that analysis deadline there are dust bunnies on the monitor!!!!!!

And then, just when I was most primed to be affected by it, the esteemed Cory House tweeted this:

Disorganization in our physical space usually translates to feeling higher stress and less control. How's your desk looking?

— Cory House (@housecor) October 1, 2014

And suddenly I realized that by maintaining such a disorganized and messy office I was making it that much harder to stay focused and on task. I was basically surrounding myself with a thousand and one disruptions and making it so damn easy for my procrastinating brain to sabotage me. I was drowning, and it was my own hand holding me under the water.

And so I fixed it. I asked my wife to disappear with the kids for a weekend day, hired a little help and laid down the new floor, assembled a new desk, and organized the s!*t out of everything. I went so far as to hide every cable and piece of non-essential equipment out of view* so that my workspace is clean, uncluttered, and totally non-distracting.

Was my life magically transformed into a utopia of "Getting Things Done"-ness or was I equipped with the powers to call forth intense focus on command? Well, no. But I do feel less stress and I have been able to focus a little bit better. I can walk into my office, take a deep breath, and feel more relaxed than I ever could before. And that's meaningful.

So what about you? What does your home or office look like? You may not be in control of life, but you can at least be in control of your environment. Try it.

* It took a ton of work but I was able to hide from view 3 USB hubs, 1 router, 1 network switch, 2 external hard drives, 1 Vonage box, 5 USB charging stations, 8 USB cables, 6 network cables, 3 standard power cables, 4 surge protectors and more wall-wart power supplies than I have fingers to keep track of. It often also holds at least 1 cat and averages less than 1 pair of pants per workday because, well, WFH and YOLO.

Visual Studio 2013 added a new feature called "Browser Link" that allows Visual Studio to communicate with linked browsers in a two-way dynamic data exchange. 

This is a great feature, but it's implemented by a super-chatty SignalR script that is dynamically injected into the website. This can be a problem if you're trying to use Fiddler to monitor or debug some traffic - the requests you care about can easily get lost in a sea of ".../arterySignalR/poll?transport-longPolling..." entries:

So how do you clean up Fiddler, without disabling Browser Link? 

Fiddler Custom Rules to the Rescue

Fiddler supports custom rules that can be easily extended to hide "noise" requests like this. To hide Browser Link traffic:

1. Open Fiddler. If not already installed, chastise yourself and wonder how you made it this far in your career. Install it posthaste.
2. Click Rules -> Customize Rules
3. Search for "OnBeforeRequest" and add the statement shown below
4. Close and restart Fiddler, bask in the sudden peace and tranquility of a "arterySignalR"-less proxy session.

Software development can be chaotic. We often need to make decisions based on missing data (or data we know is likely wrong), and it's difficult to ask outsiders for advice because the "right" answer is often context-dependent. In essence, successful software development depends on repeatedly selecting the least bad option from a set of imperfect solutions.

In practice, this means that developers cannot simply memorize solution patterns or "recipes". If I say "authentication" and you immediately think Forms Auth, then you're short-circuiting the selection process without evaluating the options. Same thing if I say "shorter feedback" and you immediately think "two week sprints". You can't make a good decision without evaluating your options, and just because you choose Solution A on a similar problem a month ago doesn't make it the appropriate solution to today's problem.

"Been there, done that" is not a decision making process! 

Making decisions is hard. The deeper you analyze a problem the more variables you identify, and the more variables you identify the harder it is to reason through the myriad ways they interact. It's so much easier to look at a problem, wait a few nanoseconds while the pattern matching functions of your subconscious mind do their magic, and then do the same thing that you did the last time you had a similar problem. After all, you tell yourself, it's the "pragmatic thing to do" because you don't have to "waste time" on analysis or research. "The devil you know", and all that.

Not so fast.

Pattern matching is a great heuristic for quickly identifying potential courses of action, but not for selecting the best one. Making the best possible decision requires greater attention to detail and greater appreciation of nuance. If you get the details wrong then it might seem like a good decision at a high level, but eventually you'll suffer death by a thousand papercuts. [Or you'll go broke under technical debt, etc. Insert your favorite metaphor here]

So how do we select from that set of imperfect solutions?

The key to making good decisions is to articulate your core values and principles, and then use them to derive a solution. Rather than memorizing specific solutions, memorize the steps you follow and the questions you ask to arrive at a solution.

For example, at Heuristic Solutions we have identified four core values that guide everything we do:

• Understanding: we can't be successful unless we know what "success" looks like
• Predictability: surprises are disruptive; we value procedures that minimize their impact
• Productivity: success requires efficient operations
• Quality: we value doing it right the first time; re-work is anathema to us

When making a decision, we frame it in context of these values to better see the trade-offs at play. For example, a low degree of Understanding means we can't be very Predictable, so we do more up-front analysis when predictability is crucial. When Productivity is necessary then we invest in Quality so that we can preserve velocity over time. 

This process forces us to consider those pesky (yet all-important) details specific to each situation. Sometimes this leads us to take radically different approaches to similar problems, but in each case we know we're maximizing for the things that truly matter to our success.

What are your core values?

What matters most to your organization? If you haven't already articulated your core values, take a minute to do so. Do you care about speed to market? What are you prepared (or not prepared) to sacrifice to get it? What does "quality" mean to you? How important are estimates to your planning process or stakeholders? Is it more important to maximize developer productivity, or team productivity?

When you're done, write them on your team board. Repeat them out loud each time you make a decision. Have discussions about which values are more important in each scenario, and then brainstorm ways to maximize those specific values. 

One parting word of advice: don't be afraid to follow your values, even if they contradict "best practices". While it's never a good idea to blindly ignore prevailing wisdom, realize that only YOU can fully appreciate the nuances of your specific situation. Core values are your compass, and by trusting them you allow yourself to select the best possible solution for this specific decision, ignoring "one size fits all" advice that might otherwise get in your way.

(Of course, if you frequently find yourself ignoring best practices then you might be thinking your situation is more unique than it really is. More on that in a later post!)

Bottom line: articulate what really matters to you, and then consciously and intentionally use those values every time you make a significant decision. You might be surprised at where this process takes you.

In a perfect world, each and every feature we build would be lovingly crafted, properly factored, elegantly architected and fully tested... and we'd have enough budget for all of it.

I'm not lucky enough to live in that world. My job is to help clients use their limited budgets in ways that maximize their overall business objectives. Sometimes that means minimizing software maintenance costs, other times it means getting an imperfect feature into production as fast as possible. These types of decisions always involve trade-offs, often sacrificing some sacred agile calves on the altar of "getting it done".

So what's a pragmatic craftsman to do? How can we intentionally leverage technical debt to meet short term goals and still maintain a high bar of general quality in our code?

The principle I use in these situations is that architecture and design are negotiable, but clean code is not. This is best explained by breaking it down into component parts:

• Architecture is negotiable. Not every project needs an n-tier separation of concerns. Not every project needs DI/IOC. Same for message buses, impersonation frameworks, 2nd level caching and so on. These things are often valuable and should not be forsaken lightly, but they do have costs. A pragmatic craftsman should be able to articulate those costs and weigh them against their value over time.
   
• Design is negotiable. By "design" I mean the low level feature code. Sometimes you can get away with a switch statement instead of a Strategy, or tight coupling or low cohesion or large method bodies. Same for violating SOLID principles. I'm not saying do these things lightly, but be pragmatic about it. Learn to identify scenarios when their benefits will be realized, and scenarios when they won't.
   
• Clean code is NOT NEGOTIABLE. Sacrificing architecture or design can be forgiven if you make it easy for future programmers to clean up and improve. This means that no matter how "dirty" your architecture is, be damn sure your code easy to read, clearly communicates your intent, and documents WHY you've made the decisions you have.

But aren't architecture and design part of "clean code"?

Absolutely. Clean design trumps comments explaining bad design every day of the week. But you will face scenarios when you have to trade away something in favor of something else (time to market, hitting a budget, risk aversion, etc). This blog post is all about identifying those parts of clean code that you can give up, and which parts you should die on your sword to keep.

Here are some of the things I consider inviolable and strategies for preserving them:

• Code should always be easy to read and understand. I don't care how nasty the architecture or design is, I don't care how stripped down the feature is, and I don't care what your budget is. You should always make it easy for the next programmer down the road to understand your intent (what you mean the code to do) and your implementation (what the code actually does).
   
• The messier the architecture or design, the more you should document with comments. Well written clean code doesn't need a lot of "here's what I was thinking" commentary. That commentary is much more valuable when you're taking shortcuts and incurring technical debt, because it can make it much easier for someone to pay back that debt later. My rule of thumb is, do it right yourself or provide clues to help the next dev make it right later. (With a huge preference on the former!)
   
• Keep your eye on the prize. In other words, always have an idea of what the end goal would be. Think about what you wish you could be implementing and try and "lean" the code in that direction. For example, think about what the very first step of refactoring would look like. Can you go ahead and take that first step now?

Closing thoughts

Like many of my posts, I'm talking about edge cases. Most of the time we should be striving for clean code including architecture and design. Too many programmers (and clients!) are far too quick to take shortcuts, and this post is NOT about taking more of them.

But if you've fought the good fight and tried everything else first, and you still need a shortcut, then be sure you do it cleanly and in a way that can be easily fixed later.

Happy coding!

One of the projects I work on contains a large database with a lot of lookup fields containing status codes, record types, processing flags, etc. A great deal of these are implemented in a typical normalized fashion with two tables and a foreign key relationship:

Pretty standard stuff, right? Sure, yet at the start of a new development phase last year I decreed Thou Shalt No Longer Do This!  

What's the big deal with lookup tables?

On this project (and on many of my others) I had noticed the following patterns:

1. The vast majority of the lookup tables contained a single "Name" field containing a human-readable description of that status code or record type.
2. Because the database is so large, a typical query might need to do five or six joins just to get the names of the lookup values.
3. The values in the lookup table rarely changed. When they did change, it was always as part of a scheduled release.

There's Got To Be A Better Way! ™

The solution that we implemented, and that we're still using nearly two years later, is simple:

• All lookup-style data (status codes, record types, etc) have a corresponding C# Enum
• A custom Attribute associates each value with a human-readable string
• A custom Attribute associates each value with a database key representation
• There are no lookup tables or foreign keys.
• The domain model contains properties of the Enum types
• In the database, each lookup field is a string, not an integer foreign key
• When we write to the database, we convert the enum into its database representation and store that value
• When we read from the database, we convert the stored string into an enum instance
• The parsing and conversion is handled via extension methods:
• String.ToEnum<T>
• Enum.ToDescription()
• Enum.ToStringConstant()

Was it worth the effort? 

After nearly two years of use I'm pleased to say that this pattern has served us well. The extension methods make the lookup values easy to use, avoiding joins improves system performance, and storing strings (rather than foreign key integers) in the tables makes the raw data a little bit easier to use. 

Of course, your mileage may vary. This technique isn't appropriate if your lookup values are dynamic (rather than a fixed set) or if you need to track a large amount of metadata in the lookup table. But if your project has the same characteristics that mine does, I recommend you give this a shot.

Happy coding!

Appendix: the source code

I slopped the code for the attribute classes and extension methods onto my Github repo.

Spend any amount of time in this industry and you'll eventually end up playing the hero. Maybe you meet that deadline by pulling a 70-hour week, or you fix that production issue by editing a script or database procedure directly on the server. You shipped the product, you fixed the bug, you "got the job done". You're a hero, right?

The only problem is, heroic behavior is dangerous. I've played the hero enough times to know what happens after the dust settles:

• You pull a 70-hour week and hit the deadline, but the code sucks. It isn't tested, it has bugs, or it just feels like a half-assed feature. 
• You hot-fix a file on the web server, but forget to update source control. The next deployment replaces your fix and re-introduces the bug.
• You hot-fix the database server, and the next deployment crashes because a table or column already exists.
• You burn out, lose focus, and make stupid mistakes.

So what's the solution? 

It's certainly easier said than done, but the solution is to stay disciplined and stick to your process. 

If that process says you write tests first and get QA feedback before committing to trunk, then that's what you need to do... even if it means missing a deadline.

If that process says you must create a formal release package to modify the production database, then that's what you do... even if it means taking longer to fix the bug.

Discipline yields predictability by forcing you to be proactive. It helps minimize future surprises and prevents you from becoming overly reactive, which can often lead to a cascading series of errors when you start jumping from fire to fire.

When to cheat

There are obviously exceptions. If the server is totally down, and you know of a quick fix to bring it back online, then maybe you should fix it. But if you've internalized these principles then you'll feel real damn uncomfortable doing it, and that discomfort will remind you to take the necessary "after-action" steps to pay back that technical debt immediately after the crisis passes.

Remember kids: avoid heroics. Real, lasting value comes from staying disciplined... especially when you feel pressure not to. 

There are many good reasons to avoid hitting a database in your tests. I agree with all of them, and I try my best to avoid doing it.

However, some tests do need to hit the database. Even the most dependency-injected and mock-infested system should hit the database when testing the data access layer... after all, what good is a test suite that doesn't test any of your actual data access logic? And if you're smart and follow the testing pyramid then you'll have some integration and acceptance tests that need a database as well.

In "Rules for Effective Data Tests" I mentioned some strategies for setting up those data tests. This post expands on those ideas and shows how to keep your setup code clean, DRY and maintainable.

What's so difficult about setting up a data test?

First, a definition. When I say "data setup" I'm talking about anything you do in the body of a test [or a setup method] to create the database records needed for a given test to execute.

While similar to the setup of a "true" unit test, interacting with a Real Life Database™ makes things a little more interesting. Some of the challenges we have to overcome are:

• Test residue: Unless we delete it, data created by each test remains in the database when the test exits. At best this just wastes space; at worst, it starts to interfere with other tests. (See here for a common solution to this problem) 
• Database constraints: Foreign key constraints are a real pain. When setting up test data you need to create the entire data graph to satisfy the database constraints, regardless of if those relationships are actually relevant to the test.  
• Verbosity: Because of the foreign key issues mentioned above, setting up data tests requires more code than setting up a unit test. This makes tests harder to write, harder to maintain, and harder to keep DRY. 
• False negatives: The more complex the setup, the greater the change that tests will fail not because your application logic is wrong, but because you screwed up the setup. 
• Painful to debug: Debugging a data test is more difficult and time consuming than a unit test. Not only does the test take longer to run, but debugging it often means poking around in both the application debugger and a database tool.

Characteristics of good setup code

The primary contributor to the quality and maintainability of your data tests is the setup code; the easier it is for someone to understand the specific scenario you are creating, the better equipped they are to maintain that test.

Conversely, the harder the scenario is to understand and maintain, the less value that test will provide over time. Tests that contain an unintelligible jumble of setup code have a very real risk of being deleted (rather than fixed) if they ever break due to new code changes.

So what is "good" setup code? It should be: 

• Highly expressive (high signal-to-noise ratio). Readers should be able to very quickly understand the scenario(s) you are creating without mentally parsing code. 
• Highly reusable through the use of default values. If I just need to create a Person, let me call "CreatePerson()" and fill in the details for me. 
• Easily customizable to each test's needs. Since the customized data are usually very relevant to the test at hand, it should be easy for a reader to spot them.  
• Maintainable; databases change, and its not uncommon to add a new required field. The fewer changes you need to make to existing test code to support these changes the better.

Data Helpers: the Object Mother pattern for DB entities

The Object Mother pattern describes a special kind of factory class that encapsulates the instantiation of an object (or group of objects) in a specific state, usually mirroring a common scenario in the underlying domain. For instance, you might have an Object Mother that creates an Order object, adds some Order Items and marks it as Shipped. The goal is to turn a complex initialization process into a one-liner so that it is easier to read and maintain.

Data Scenarios: a bunch of Object Mothers working together

Data Helpers are great when you need to create test data, especially if you want to specify a few key properties and use defaults for the rest.

But what if you want to create multiple related entities, or you want to reuse a specific setup in multiple tests? For instance, you need to create a Customer, with completed Orders in the past, and an in progress Order that's ready for checkout. In these cases, I create a special type of Data Helper that I call a "Data Scenario". 

Scenario objects have these characteristics:

• Create a large or complex set of data: Just like Data Helpers reduce individual object setup to a one-liner, Scenarios reduce multiple object setup to a one-liner.
• Model real-world scenarios: The whole point of a Scenario is to encapsulate realistic data patterns that might exist in production.
• Expose a smaller set of configurable defaults: Scenarios tend to expose fewer arguments than Data Helpers because they are better suited to creating general purpose groups of data rather than highly-specific records.
• Are often used in fixture-level setup: A common pattern is for a group of tests to share a Scenario object that is created in the test fixture's setup routine, and then provide test-specific adjustments to the Scenario via inline Data Helper calls. 
• Are instantiated, not static: Scenario objects are NOT static methods of a helper class. Instead, they are objects that get instantiated and perform their data manipulations in the constructor. This allows Scenarios to be created, manipulated and passed around as needed.
• Expose pointers to the interesting data: A Scenario object should contain public properties containing references to the entities it creates (or at least their IDs). This allows test code to further manipulate the Scenario data or to make assertions against it. 

Just as I was trying to write a good intro to this post, Jimmy Bogard tweeted:

"System.OverflowException: Value was either too large or too small for an Int32." yes. what was the original value? oh, don't know? sigh.

— Jimmy Bogard (@jbogard) July 18, 2012

I've felt that frustration myself many times. I work on large software systems and often have to troubleshoot hard-to-replicate, data-specific defects given only an error message and limited access to the production environment. Turning this limited data into an actionable bug report can be very, very difficult.

This experience has shown me that there are two types of programmers: those that intentionally craft code that it is easy to debug, and those that don't. Programmers that don't do this are, unfortunately, incredibly common and incredibly costly to an organization. Don't be that guy/gal whose code everyone hates to debug!

This post explains some coding techniques that will make your systems easier to troubleshoot and less costly to maintain. Use them; your team will love you for it!

What does "defensive programming" look like?

"Defensive Programming" refers to a collection of coding techniques that decrease maintenance costs by surfacing defects as early as possible, and by making them easy to troubleshoot. There are many articles on this topic, some arguing for and against it, and I encourage you to read them for additional insight.

Specifically, defensive programming means that you:

• Write clean, simple, intent-revealing code
• Assume inputs are tainted until proven otherwise
• If you can't avoid an error, fail early and with a useful message
• Use "fail safe" default values, where appropriate
• "Future proof" your program flow

Write clean, simple, intent-revealing code

This is a universal requirement, I don't care if you're coding defensively, offensively or somewhere in the middle. The easiest defect to fix is the one that never occurs, and simple code is less likely to contain defects than complex code, so keep your designs as simple as possible.

(If you don't agree with this statement, stop reading and go play in traffic... your team will thank you!)

Assume inputs are tainted until proven otherwise

Most applications need data to function and many programmers make assumptions about their data, such as "this string will never be empty" or "this value will always be positive". 

Unfortunately, that string can be empty in some cases, and that value will be zero at some point in time. If you don't validate your assumptions before using the data then you risk intermittent, hard-to-troubleshoot errors. 

Therefore, do sanity checks on your input BEFORE you use it. Use a "design by contract" tool like Code Contracts for .NET if you can, or do it manually if you must. In any case, validate your input before you use it and display a helpful error message if validation fails. (See below for more on helpful exceptions)

In addition to making these errors easier to diagnose, treating all input as potentially hostile is also a security best practice. Sanity check your data and make both your teammates AND your security team a little happier!

Fail early, with useful messages

This is as important as it gets.

Imagine you get an error report that says "Sequence contains no elements". What do you do next? If you're lucky enough to get a stack trace then you can trudge through the code looking for the offending line, but what happens if the offending line contains multiple statements chained together? 

Now imagine the error report says "Could not obtain order items for order 1234; sequence contains no elements". You haven't looked at a single line of code yet, and you already have way more information about the problem!

Same goes for null reference exceptions: Would you rather see "Object reference not set to an instance of an object" or "Cannot calculate sales tax for order 1234; Tax Calculator object was null"?  

The key principle here is that you should anticipate errors that might occur and throw exceptions that provide key debugging info directly in the error message:

• Help the programmer locate the statement that failed and understand WHY it failed.
• Include key pieces of data needed to reproduce it: order ID, customer ID, etc. (Obviously, be careful not to expose identifiers that could compromise the security of your system!)

Use "fail safe" default values, where appropriate

In many cases, invalid data may not necessarily require an exception. For example, ask yourself these questions about each variable or statement you write:

• Can I treat null strings the same as empty strings?
• Can I treat null sequences (lists, arrays, etc) the same as empty sequences?
• If a string parsing fails, can I substitute a default value instead of throwing an exception?

"Future proof" your program flow

I've seen a lot of defects occur when business conditions change, and something that "could never happen" when the code was written suddenly becomes possible. 

Examples:

• When you write a switch statement, always include a default branch. It's better to have the default branch throw an exception like "not implemented condition 'FOO'" than silently fall through and cause a potentially harder-to-debug error.  (Of course, you do your best to avoid switch statements, don't you?)  
• When you have a chain of if/else-ifs, always include an else branch. If it should never be reached, throw an exception that explains the conditions that occurred and why you expected them to never happen.  
• If you're dealing with combinations of different states or variables, and certain combinations "should never occur", go ahead and handle those combinations anyway. It's better to throw an exception you can control than to let the system fail on its own.  (For example, "Order 123 has status SHIPPED, but IS_CANCELLED was true; is the update service malfunctioning?")

Go, make the world a brighter place! 

Using these techniques can help you avoid errors in production and can make it easier to resolve errors that do occur.  Using them will bring joy to the hearts of men and will make you beloved amongst your teammates. Use them; do it for the children.