Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API

From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Search - "api"
-
Storytime!
Manager: Hey fullstackchris, the maps widget on our app stopped working recently...
Dev: (Skeptical, little did he know) Sigh... probably didn't raise quota or something stupid... Logs on to google cloud console to check it out...
Google Dashboard: Your bill.... $5,197 (!!!!!!) Payment method declined (you think?!)
Dev: 😱 WTF!?!?!! (Calls managers) Uh, we have HUGE problem, charges for $5000+ in our google account, did you guys remove the quota limits or not see any limit reached warnings!?
Managers: Uh, we didn't even know that an API could cost money, besides, we never check that email account!
Dev: 🤦♂️ yeah obviously you get charged, especially when there have literally been millions of requests. Anyway, the bigger question is where or how our key got leaked. Somewhat started hammering one of the google APIs with one of our keys (Proceeds to hunt for usages of said API key in the codebase)
Dev: (sweating 😰) did I expose an API key somewhere? Man, I hope it's not my fault...
Terminal: grep results in, CMS codebase!
Dev: ah, what do we have here, app.config, seems fine.... wait, why did they expose it to a PUBLIC endpoint?!
Long story short:
The previous consulting goons put our Angular CMS JSON config on a publicly accessible endpoint.
WITH A GOOGLE MAPS API KEY.
JUST CHILLING IN PLAINTEXT.
Though I'm relieved it wasn't my fault, my faith in humanity is still somewhat diminished. 🤷♂️
Oh, and it's only Monday. 😎
Cheers!10 -
An intern I was supposed to lead (as an intern) and work with. Which sounded kinda crazy to me, but also fun so I rolled with it. But when I met her I quickly found out she didn't even have a coding editor installed and when I advised one she was "scared of virusses". She had Microsoft Edge in her toolbar, and some picture of a cat as a background. We were given some project by our boss, and a freelance programmer helped us set it up on Trello. Great, lets start! Oke maybe first some R&D, she had to reaeach how to use the Twilio API. After catching her on WhatsApp a few times I realised this wasnt gonna go anywere. After a few weeks of coding and posting a initial project to git I asked her if she could show me the code of the API she made so far..
She told me she was using the quickstart guide (the last 3 FUCKING weeks) which contained some test project with specific use cases.
The one that I did 3 weeks ago that same fucking morning.
AND SHE WAS STILL NOT DONE...
A few days later I asked her about the progress (strangly, I wasn't allowed ti give her another task bcs the freelanc already did) and guess what... She got fking pissed at me
Her: "I will come to you when im done, ok?"
Me: "I just want to see how it is going so far and if you are running into any problems!"
Her: "I dont want to show you right now"
She then goes to my fucking boss to tell him I am bothering her.
And omg... Please dear god please kill me now...
Instead of him saying the she probably didn't do shit. He says to me that the girl thinks im looking down on her and she needs a stress free environment to work in. She will show me when its done. ITS A FUCKING QUICKSTART GUIDE YOU DUMB BITCH.
He then procceeded to whine to me about the email template (another project I do at the same time) which didn't look perfect in all of his clients.
Dont they understand that I am not a frontend developer? Can you stop please? I know nothing about email templates, I told you this!!!
Really... the whole fucking internship the only thing the girl did was ask people if they want more tea. Then she starts cleaning the windows, talk to people for an hour, or clean everyone's dask.
all this while I already made 50% of the fucking product and she just finished the quickstart tutorial 😭. Truly 2 months wasted, and the worse thing is I didn't get any apprication. They constantly blamed me and whined at me. Sometimes for being 3 minutes late, the other for smoking too much, or because I drink to much coffee, or that I dont eat healthy. They even forced me to play Ping Pong. While im just trying to do my job. One of the worst things they got mad at me for if when my laptop got hacked bcs it was infected with some virus. He had remote access and bought 5 iPhones 6's with my paypal while I was on break. I had to go home and quickly reset all my passwords and make sure the iPhones wouldnt get delivered. strange this was, this laptop I only used at the company. So it must have been software I had to download there. Probably phpstorm (torrent). Bcs nobody would give me a license. And the freelancer said I * have to *.
the monday after I still had to reinstall windows so I called them and said I would be late. when I came they were so disrepectfull and didn't understand anything. It went a little like this:
Boss: why u late?
Me: had to reinstall my laptop, sorry.
Boss: why didnt you do this in your own time?
Me: well, I didn't have any time.
Boss: cant you do this in the weekend or something? Because now we have to pay you several hours bcs you downloaded something at home.
Me: I am only using this laptop for work so thats not possible.
Boss: how can that even be possible? You are not doing anything at home with your laptop? Is that why you never do anything at home?
Me: uhm, I have desktop computer you know. Its much faster. And I also need to rest sometimes. Areeb (freelancer) told me to torrent the software. He gave me the link. 2 days later this happends
Boss: Ahh okeee I see.. Well dont let it happen again.
After that nobody at the compamy trusted me with anything computer related. Yes it was my own fault I downloaded a virus but it can happen to anyone. After that I never used Windows again btw, also no more auto login apps.8 -
Boss: Our customer's data is not syncing with XYZ service anynmore!
Me: Ok let me check. Did the tokens not refresh? Hmm the tokens are refreshing fine but the API still says that we do not have permissions. The scopes are fine too. I'll use our test account... its... cancelled? Hey boss, why is our XYZ account cancelled?
Boss: Oh, "I haven’t paid since I didn’t think we needed it" (ad verbatim)
😐2 -
I’m surrounded by idiots.
I’m continually reminded of that fact, but today I found something that really drives that point home.
Gather ‘round, everybody, it’s story time!
While working on a slow query ticket, I perused the code, finding several causes, and decided to run git blame on the files to see what dummy authored the mental diarrhea currently befouling my screen. As it turns out, the entire feature was written by mister legendary Apple golden boy “Finder’s Keeper” dev himself.
To give you the full scope of this mess, let me start at the frontend and work my way backward.
He wrote a javascript method that tracks whatever row was/is under the mouse in a table and dynamically removes/adds a “.row_selected” class on it. At least the js uses events (jQuery…) instead of a `setTimeout()` so it could be worse. But still, has he never heard of :hover? The function literally does nothing else, and the `selectedRow` var he stores the element reference in isn’t used elsewhere.
This function allows the user to better see the rows in the API Calls table, for which there is a also search feature — the very thing I’m tasked with fixing.
It’s worth noting that above the search feature are two inputs for a date range, with some helpful links like “last week” and “last month” … and “All”. It’s also worth noting that this table is for displaying search results of all the API requests and their responses for a given merchant… this table is enormous.
This search field for this table queries the backend on every character the user types. There’s no debouncing, no submit event, etc., so it triggers on every keystroke. The actual request runs through a layer of abstraction to parse out and log the user-entered date range, figure out where the request came from, and to map out some column names or add additional ones. It also does some hard to follow (and amazingly not injectable) orm condition building. It’s a mess of functional ugly.
The important columns in the table this query ultimately searches are not indexed, despite it only looking for “create_order” records — the largest of twenty-some types in the table. It also uses partial text matching (again: on. every. single. keystroke.) across two varchar(255)s that only ever hold <16 chars — and of which users only ever care about one at a time. After all of this, it filters the results based on some uncommented regexes, and worst of all: instead of fetching only one page’s worth of results like you’d expect, it fetches all of them at once and then discards what isn’t included by the paginator. So not only is this a guaranteed full table scan with partial text matching for every query (over millions to hundreds of millions of records), it’s that same full table scan for every single keystroke while the user types, and all but 25 records (user-selectable) get discarded — and then requeried when the user looks at the next page of results.
What the bloody fucking hell? I’d swear this idiot is an intern, but his code does (amazingly) actually work.
No wonder this search field nearly crashed one of the servers when someone actually tried using it.
Asdfajsdfk.rant fucking moron even when taking down the server hey bob pass me all the paperclips mysql murder terrible code slow query idiot can do no wrong but he’s the golden boy idiots repeatedly murdered mysql in the face21 -
micromanager: "Quick and easy win! Please have this done in 2-3 days to start repairing your reputation"
ticket: "Scrap this gem, and implement your own external service wrapper using the new and vastly different Slack API!"
slack: "New API? Give me bearer tokens! Don't use that legacy url crap, wth"
prev dev: "Yeah idk what a bearer token is. Have the same url instead, and try writing it down so you don't forget it?"
Slack admin: "I can't give you access to the slack integration test app, even though it's for exactly this and three others have access already, including your (micro)manager."
Slack: "You can also <a>create a new slack app</a>!" -- link logs me into slack chat instead. After searching and finding a link elsewhere: doesn't let me.
Slack admin: "You want a new test slack app instead? Sure, build it the same as before so it isn't abuseable. No? Okay, plan a presentation for it and bring security along for a meeting on Friday and I'll think about it. I'm in some planning meetings until then."
asdfjkagel.
This job is endless delays, plus getting yelled at over the endless delays.
At least I can start on the code while I wait. Can't test anything for at least a week, though. =/18 -
Manager: "We can't have new releases breaking older versions of the mobile app!!!!! We'll lose all our customers!!!!"
fullStackChris: "That's fine, we can do API versioning, but it will take some time to implement, I'll have to be quite careful and write some tests to implement it. Probably 2-3 weeks..."
Manager: "NO WAY, THAT TIME ESTIMATE IS WAY TOO LONG, WE DON'T HAVE TIME FOR THAT!!!"
fullStackChris: "So how do you wanna support multiple versions of the app without doing any sort of versioning?"
Manager: "...we'll think of something!"
Dev: "..."
And with 99% certainty, I expect to hear this in a week or two:
Manager: "fullStackChris, we'd like to introduce you to the highly technical concept, API versioning. It's a way to version the API so we can support multiple versions of the application our customers use! It's amazing! Please implement this immediately so we can support multiple versions of the application!"
Sigh... each day managers learn a bit more how physical reality works... you can't have your cake and eat it too.7 -
ARGH. I wrote a long rant containing a bunch of gems from the codebase at @work, and lost it.
I'll summarize the few I remember.
First, the cliche:
if (x == true) { return true; } else { return false; };
Seriously written (more than once) by the "legendary" devs themselves.
Then, lots of typos in constants (and methods, and comments, and ...) like:
SMD_AGENT_SHCEDULE_XYZ = '5-year-old-typo'
and gems like:
def hot_garbage
magic = [nil, '']
magic = [0, nil] if something_something
success = other_method_that_returns_nothing(magic)
if success == true
return true # signal success
end
end
^ That one is from our glorious self-proclaimed leader / "engineering director" / the junior dev thundercunt on a power trip. Good stuff.
Next up are a few of my personal favorites:
Report.run_every 4.hours # Every 6 hours
Daemon.run_at_hour 6 # Daily at 8am
LANG_ENGLISH = :en
LANG_SPANISH = :sp # because fuck standards, right?
And for design decisions...
The code was supposed to support multiple currencies, but just disregards them and sets a hardcoded 'usd' instead -- and the system stores that string on literally hundreds of millions of records, often multiple times too (e.g. for payment, display fees, etc). and! AND! IT'S ALWAYS A FUCKING VARCHAR(255)! So a single payment record uses 768 bytes to store 'usd' 'usd' 'usd'
I'd mention the design decisions that led to the 35 second minimum pay API response time (often 55 sec), but i don't remember the details well enough.
Also:
The senior devs can get pretty much anything through code review. So can the dev accountants. and ... well, pretty much everyone else. Seriously, i have absolutely no idea how all of this shit managed to get published.
But speaking of code reviews: Some security holes are allowed through because (and i quote) "they already exist elsewhere in the codebase." You can't make this up.
Oh, and another!
In a feature that merges two user objects and all their data, there's a method to generate a unique ID. It concatenates 12 random numbers (one at a time, ofc) then checks the database to see if that id already exists. It tries this 20 times, and uses the first unique one... or falls through and uses its last attempt. This ofc leads to collisions, and those collisions are messy and require a db rollback to fix. gg. This was written by the "legendary" dev himself, replete with his signature single-letter variable names. I brought it up and he laughed it off, saying the collisions have been rare enough it doesn't really matter so he won't fix it.
Yep, it's garbage all the way down.16 -
The nightmare continues.
Currently dealing with a code review from a “principal” dev (one step above senior), who is unironically called a “legendary dev” by some coworkers. It’s painfully obvious he didn’t read the code, and just started complaining and nitpicking.
It’s full of requests to do things that make absolutely no sense, and would make the code an unmaintainable mess.
• Ex: moving the logic and data collection from the module’s many callers into the module instead of just passing in the data.
• Ex: hiding api endpoint declarations by placing them in the module itself, and using magic instance variables to pass data to it. Basically: using global functions and variables instead of explicit declarations and calls.
• Ex: moving the logic to determine which api endpoint to use, for all callers, into the view.
More comments about methods being “too complex” (barely holds water) right next to comments saying “why are these separate? merge them together!”
Incredulously asking how many times I’m checking permissions and how ridiculous it all is. (The answer? Twice.)
Conflating my “permissions” param and method names with a supposedly forthcoming permissions system overhaul, and saying I shouldn’t use permissions because my code will all have to get rewritten. Even if that were true, and it’s likely not, the ticket still needs to use the current permissions. I can’t just ignore them because they might be rewritten someday.
Requests to revert some code cleanup because the reviewer thought the previous heavily-nested and uncommented versions (with code duplication) were easier to read. Unsurprisingly, he wrote them.
On the same ticket, my boss wants me to remove all styling and clientside validation, debouncing, and error messages from a form. Says “success” and “connection failed” messages are good enough. The form in question sends SMS and email using arbitrary user input for addresses. He also says it shouldn’t be denounced on the server, and doesn’t want me to bother checking permissions. Hello, spam!
Related: the legendary dev reviewer says he can’t think of a reason why we would want to disable the feature for consumers, so I should remove the consumer feature flag.
You can’t make this stuff up.9 -
Remember the super duper company I applied for? (Last rant)
Well, I did their coding challenge. And after many years I had to do a metric crapton of C++. It's not a fun language. It's frustrating how human-unfriendly it is, and maybe one reason why I low-key like it.
Anyways, here's hoping that I didn't fuck up too much.
On a side note, I realized tensorflow actually has a cpp api. I think I'm gonna work with that in my next mental breakdown. 🧐7 -
Manager: I want the front ends to be more dumb, too much logic is happening on the frontend.
Me: both of the sites are just multi step forms, I’m confused about the complexity part.
Manager: yea but don’t we have a bunch of third party api calls?
Me: we have 4 and they are public facing apis.
Manager: yea, make a new api and move this api calls to the backend and I want both frontend teams to send the same shape payload.
Me: but…
Manager: oh and I don’t like how the business team does the a/b testing and splitting traffic, let’s move that to the backend as well.
Me: but… that a/b testing platform they use in ran by another team and they have a full set of features for business analytics…
Manager: yea let’s just replicate those features and move them to the backend.
Me: but it’s a product!
Manager: look! You are the best backend engineer we got! I know you can do this!
Me: I lead the frontend teams…
Manager: ….
Manger: good news we are giving you a promotion with raise you are now a senior engineer.
Me: I confused but happy… I think..9 -
Frequently used answers :)
UI developer - I think API is not working
Backend developer - Front end is not sending the request correctly
Tester - Testing! Testing!
UI/UX - As per android/ios standards...
QA - Let me check one more time
PM - Let us have another meeting and get on the same page
Dev-Ops - It's very complicated you know
CTO - We're working on a next-gen solution
Founder - Let us build something that no one has built, something similar to what google...facebook...
Cridits: My EX-CPO5 -
PO: we want this new functionality, a new api call is needed in checkout process
Devs: okay, and what should happen in case of error?
PO: dont worry, it wont fail. Never.
🙃4 -
My worst interview ever was my first interview fresh out of college. After the initial phone screen, they asked me to drive 2 hours to their office to give me a "code challenge."
The challenge was to spend 4 hours writing a simple rest API for a blog type thing, but the catch was to not use any existing libraries for data access and instead write an entirely database agnostic DAL. Then after I finished they sat me in a conference room with 3 of their engineers and the CEO to just tear apart my code.
For a JUNIOR position to someone fresh out of college.
I guess I defended it well, because they asked to continue the process l, but after that I found a different position.4 -
“sEniOr tEcHniCiaN”: “I don’t know what Blazor is. I write my projects in ASP.NET. You should just use ASP.NET”
Me: …”Blazor *is* ASP. This project is running on ASP.NET 6.”
“seNioR tEchNiCiaN”: “As previously stated, I don’t use Blazor. I don’t care what version it is.”
Yes, this is a real exchange from my ongoing problems with this idiot.
His attitude is what ticks me off the most.
He doesn’t know what CORS is.
He doesn’t understand that “ASP.NET” covers Blazor, Razor Pages, the old MVC stuff, web APIs, and more.
He doesn’t understand the difference between a web request being initiated from the browser via Fetch and a web request being initiated from the server. (“My ASP site is shown in the browser, so requests to the third party API aren’t originating from the server.”)
And yet has the arrogance to repeatedly talk down to me while I try to explain basic concepts to him in the least condescending way possible.
After going around and around in circles with him, he finally admitted to me that “he doesn’t actually know what the CORS configuration looks like or how to modify it, to be honest.”
I just wanna go home.15 -
I’m fucking done….
I don’t even know what to tell.
I’m a CTO in a startu. We have pretty good traction, my salary is about average senior dev salary (plus 10%).
I’m good financially.
But I have no more pleasure in work. Like at all.
“This API call performance is bad”
Yeah I know, maybe you shpuldn’t try to call it for 1000 objects at the time ?
“We need to reduce Azure cost”
Yeah I know, but are you ready to live with performances downgrade it will generate ?
“I don’t understand on what thing you worked past week, where is a devops card ?
Fuck you, I’m in extenuating fire mode, I don’t have time for a fucking devops card
“We should migrate whole stack to modern technology, like JavaScript”
Thank you for your imput, Blazor WAS created to avoid JabaScript
“The client has only 1.000.000 records and API doesn’t return them all”
Use fucking paging moron. And BTW, I’m adding “number of authorized requests” shortly.
I can go on and on and on for hours. But the idea is : I completely lost the will or motivation to do anything. I’m considering just to quit and go back to be Junior dev for a random company.9 -
!rant
!!pride
I tried finding a gem that would give me a nice, simple diff between two hashes, and also report any missing keys between them. (In an effort to reduce the ridiculous number of update api calls sent out at work.)
I found a few gems that give way too complicated diffs, and they're all several hundred lines long. One of them even writes the diff out in freaking html with colors and everything. it's crazy. Several of the simpler ones don't even support nesting, and another only diffs strings. I found a few possibly-okay choices, but their output is crazy long, and they are none too short, either.
Also, only a few of them support missing keys (since hashes in Ruby return `nil` by default for non-defined keys), which would lead to false negatives.
So... I wrote my own.
It supports diffing anything with anything else, and recurses into anything enumerable. It also supports missing keys/indexes, mixed n-level nesting, missing branches, nil vs "nil" with obvious output, comparing mixed types, empty objects, etc. Returns a simple [a,b] diff array for simple objects, or for nested objects: a flat hash with full paths (like "[key][subkey][12][sub-subkey]") as top-level keys and the diff arrays as values. Tiny output. Took 36 lines and a little over an hour.
I'm pretty happy with myself. 😁6 -
Google cripples ad and tracking blockers: In January, Chromium will switch to Manifest V3 which removes an essential API in favour of an inferior one. As usually, Google is being deceitful and touts security concerns as pretext.
That hits all Chromium based browser, such as my beloved Vivaldi. The team argues with their own browser internal blocker, but that's far worse than uBlock Origin. One of Vivaldi's core promises was privacy, and that will go out of the window. The team simply doesn't react to people pointing that out. They're fucked, and they know it.
So what now? Well, going back to Firefox because that will include the crippled new API for extension compatibility, but also keep the powerful old one specifically so that ad and tracking blockers will keep working. Google has just handed Mozilla a major unique selling point, and miraculously, Mozilla didn't fuck it up.26 -
How tf do I explain my manager that I simply can't change the damn response coming from a 3rd party API without hurting his fragile ego but while also using crayons.4
-
OK heavy rant on 'modern' software development coming! --> don't take it to seriously though :-)
Electron... why does that shit exist? It is like stacking all the worst technologies available to mankind into an enormous pile of crap and polishing that turd to look like something wonderful. It is big, slow and overall AWFUL!
An example? ... Microsoft Teams :-( it burns your PC like fire and makes it squeal for mercy.
When a library/framework becomes the ultimate evolution of abstraction layer upon abstraction layer and it simply should stop to exist and a reset button needs to be pressed.
I would love to see some research on the real world environmental impact that all those shitty slow and bloated web technologies have.
Solution:
Software energy label!
C, C++ and Rust e.t.c. and all accompanying efficient UI libraries should be the only languages/implementations allowed to get a A, B and C label.
Python (without C libraries like Numpy), JavaScript and all those other slow interpreted scripting/Web API nonsense should get a D, E or F label by default.
Have fun!12 -
Today I found out when a user logs in in this piece of crap: 59 calls to the api just to get user permissions 😤
I'm done...8 -
Frontend dev: Hey, could you break HTTP conventions and change the API so I don't have to manage the context of the request?8
-
"It is risky to release an app that depends on APIs that you don't control."
Yeah, dude, we also live in the real world.
Better to say: "Your app should handle cases where the third party API is partially or even totally down."
God, some people, they build a wall of rules around themselves and wonder why their skills don't improve.13 -
I've got a file on my desktop called key.txt, and it's just a single line in it that is clearly some sort of API key.
Absolutely no memory of what it is for.
💩9 -
One of the guys in my uni group project accused me of bullying, shutting him out of the group, ignoring him and taking over his work. He complained to head of year, I had to have a "discussion" with head of year, welfare tutor and my personal tutor.
For supporting evidence, I brought the message he'd posted in our team Facebook group where he told me to do the thing I was doing. The discussion didn't last long, but it seemed he was unhappy with me asking questions, mean things like "I need a draft api to do my work, why don't we sit down and design it instead of the UI you're working on?"
Conclusion? He "worked on a separate project". Got to the end of the year, the whole class went for pub drinks, someone else came up to me, had been through the exact same thing, exact same person, different group project.
Group projects teach you to hate people.5 -
Me: API support, please check why I'm getting ECONNTIMEDOUT for 3% of requests
supp: before we look into this, please answer these questions: a), b), c), d), e)
Me and coleague: *spend 20 minutes gathering all the details into a nice answer. Post the answers*
Slack bot: *removes the answer [allegedly for compliance/security]*
api supp: any update?
..... I really want to smash smth. Hulk SMASH!!!3 -
The company I am currently working for is partnering with another startup. Nothing special about that. We should integrate their API into our system. I wasn't involved in the process when it came to checking there API and if it would work with our Systems. The Person who did that already left the company so I was left behind with some internal documentation. In that Documentation is already written that API is basically trash....
After I started integrating the API I found more and more flaws in the design. They are not sending any responses that would help, when a param is missing or the authentication isn't correct, only 500's . I got some documentation from the partner company so i thought it will be fine as long as the Documentation would be accurate. Turns out the documentation isn't even close to be up to date. Wrong content types wrong endpoints, wrong naming. Basically we could not work with that. We shortly contacted the partner Company. After a few WEEKS we got a response that they updated the Documentation what was right but still not everything was correct. At this point I lost my mind. I researched a little bit about them, the company is founded from 2 young people who basically came strait out of the University and doest have any experience or idea how to build an API. I investigated a little bit there websites.
They have an Admin panel on the base domain from their API but it is only accessible via HTTP. Like WTF , They use HTTP for an Admin Panel this must be a joke right?
They use Cloudflare without a HTTP to HTTPS redirection ???
I really had not that much time to research in there website but if I find these things in 5 minutes I don't want to know what I can find in like an hour.
At the end we will still use them as partners because surprise surprise our company already sold the product that uses their API.
I know that I will be the person who has to help fixing this shit when it breaks and it will break 1000% JUST FUCK THIS SHIT. FUCK THE PARTNER COMPANY. FUCK THERE API.2 -
so i had the "miscommunication" meeting with PM today. he criticized me for "not following his orders", allegedly having worked on stuff during this sprint that did not help fulfill his sprint goal, and that i should have aligned my work with him. i didn't even realize this exact goal existed specifically for my user story (even though it was at least mentioned with one single word in story description, must have read over it). however, during the whole fucking sprint, he never mentioned a single time i should align with him. every daily i'm explaining what i'm going to do, every day he sees subtasks that i created for this story, and he never disagreed or mentioned this topic, so i assumed i'm on track. and now suddenly, when sprint is over, he blames me for the misalignment?
he also criticized me for having said something rude to him during a team meeting, but he couldn't rephrase or specify what i had said, he couldn't give any details at all, and also i couldn't understand or remember what he meant. what shall i respond to that?🤷♀️
also, aligning my work with that of a colleague and brainstorming with him about how our API could look like for our stakeholders was "not on track / following his orders" for him, even though i had announced it in the daily and he hadn't disagreed.
either this guy has alzheimer's or he has a down on me, dunno what to make out of all that.
and then he mentions i appear "somewhat aggressive" to him.
hmm weird, why should someone become aggressive when they have to deal with this bullshit all the time 🤦♀️12 -
Thank God the week 233 rants are over - was getting sick of elitist internet losers.
The worst security bug I saw was when I first started work as a dev in Angular almost year ago. Despite the code being a couple of years old, the links to the data on firebase had 0 rules concerning user access, all data basically publicly available, the API keys were uploaded on GitHub, and even the auth guard didn't work. A proper mess that still gives me the night spooks to this day.3 -
how often does it happen that you have to prevent terrible architectural decisions from being made, because people who are in charge but obviously have no clue, make really weird suggestions and are really confident that this is a good idea?
PM: so please analyze functionalities X with dev Y, since module Y that dev Y develops shall provide these functionalities.
me: as i said yesterday, module Y will use my module X and shouldn't care about how this is going to be implemented.
PM: yeah, but module Y shall be able to... (lists some functionalities)
me: yes, that's what i'm currently working on in module X. my current state of the API can be used in a way that... (lists different low level functions and how a combination of them can be used to provide these functionalities)
PM: okay, hmm... i just realize that module Y will actually be a user of module X...
well.... yeah?!!
i always thought that was crystal clear?? 🤦♀️10 -
Ok, so our team is responsible for writing an app that consumes an API written by the client's team (I refuse to call it a "REST" API, despite their claims). On one of the clarification meetings we are discussing an endpoint that accepts a (logically) unique field multiple times, even though an entity is already registered in the system with that unique identifier. Our proposal would be that this API of theirs should not happily accept duplicates as many times as there are bits on a 4TB hard drive, rather it should signal an error.
The response we got is this: Due to the Separation of Concerns principle they thought that it should be our app's responsibility to not send a request if an entity with said field is already in the system. Thus there's no need for the backend to validate this.
I didn't hear the next part, because I had to collect my headphones from the other side of the room where they were flung in rage.11 -
I'm having an existential crisis with this client.
We are spending millions of $s every year to make sure the product's performance is perfect. We are testing various scenarios, fine-tuning PLABs: the environment, application, middleware, infra,... And then we provide our recommendations to the client: "To handle load of XX parallel users focusing on YY, yy and Zy APIs, use <THIS> configuration".
And what the client does?
- take our recommendations and measure the wind speed outside
- if speed is <20m/s and milk hasn't gone bad yet, add 2x more instances of API X
- otherwise add 3xX, 1xY and give more CPUs to Z
- split the setup in half and deploy in 2 completely separate load-balanced prod environments.
- <do other "tweaking">
- bomb our team with questions "why do we have slow RTs?", "why did the env crash?", "why do we have all those errors?", "why has this been overlooked in PLABs?!?"
If you're improvising despite our recommendations, wtf are we doing here???
One day I will crack. Hopefully, not sometime soon.3 -
Not ONLY does the new code a coworker wrote straight up not work (and they somehow managed to merge it to master) but it also broke an entirely unrelated endpoint due to an abstraction they tried to make. Very clear they didn't even run their code at all.2
-
If you can be locked out of it remotely, you don't own it.
On May 3rd, 2019, the Microsoft-resembling extension signature system of Mozilla malfunctioned, which locked out all Firefox users out of their browsing extensions for that day, without an override option. Obviously, it is claimed to be "for our own protection". Pretext-o-meter over 9000!
BMW has locked heated seats, a physical interior feature of their vehicles, behind a subscription wall. This both means one has to routinely spend time and effort renewing it, and it can be terminated remotely. Even if BMW promises never to do it, it is a technical possibility. You are in effect a tenant in a car you paid for. Now imagine your BMW refused to drive unless you install a software update. You are one rage-quitting employee at BMW headquarters away from getting stuck on a side of a road. Then you're stuck in an expensive BMW while watching others in their decade-old VW Golf's driving past you. Or perhaps not, since other stuck BMWs would cause traffic jams.
Perhaps this horror scenario needs to happen once so people finally realize what it means if they can be locked out of their product whenever the vendor feels like it.
Some software becomes inaccessible and forces the user to update, even though they could work perfectly well. An example is the pre-installed Samsung QuickConnect app. It's a system app like the Wi-Fi (WLAN) and Bluetooth settings. There is a pop-up that reads "Update Quick connect", "A new version is available. Update now?"; when declining, the app closes. Updating requires having a Samsung account to access the Galaxy app store, and creating such requires providing personally identifiable details.
Imagine the Bluetooth and WiFi configuration locking out the user because an update is available, then ask for personal details. Ugh.
The WhatsApp messenger also routinely locks out users until they update. Perhaps messaging would cease to work due to API changes made by the service provider (Meta, inc.), however, that still does not excuse locking users out of their existing offline messages. Telegram does it the right way: it still lets the user access the messages.
"A retailer cannot decide that you were licensing your clothes and come knocking at your door to collect them. So, why is it that when a product is digital there is such a double standard? The money you spend on these products is no less real than the money you spend on clothes." – Android Authority ( https://androidauthority.com/digita... ).
A really bad scenario would be if your "smart" home refused to heat up in winter due to "a firmware update is available!" or "unable to verify your subscription". Then all you can do is hope that any "dumb" device like an oven heats up without asking itself whether it should or not. And if that is not available, one might have to fall back on a portable space heater, a hair dryer or a toaster. Sounds fun, huh? Not.
Cloud services (Google, Adobe Creative Cloud, etc.) can, by design, lock out the user, since they run on the computers of the service provider. However, remotely taking away things one paid for or has installed on ones own computer/smartphone violates a sacred consumer right.
This is yet another benefit of open-source software: someone with programming and compiling experience can free the code from locks.
I don't care for which "good purpose" these kill switches exist. The fact that something you paid for or installed locally on your device can be remotely disabled is dystopian and inexcuseable.16 -
Our boss did always the same thing. When there was a BIG potential customer who indicates a small interest in our software, then he lied constantly about features. After the customer bought our software we got a deadline and should develop the missing features. I could remember two features: The first one was a quote tool for a car transport company. The tool should estimate a price for a transportation from an email with no structure and the other one was an API which should be possible to write dynamicly to MySQL, MariaDB, Postgres, MSSQL, DB2, Mongo or better said any possible dbms. The API should guess the structure of the dbs and offer CRUD actions. The funny thing is must write the api with go. Yeah dynamic and GO.
At some time, we told him we wont make any overtime and if the deadline is not possible we told that immediatly the customers, so that they call him. Thank god I don't work anymore in this company.1 -
JS Console: user_name is undefined
Señor Dev: can't be the API response has it!
The API response: usre_name8 -
I don't know if I'm being pranked or not, but I work with my boss and he has the strangest way of doing things.
- Only use PHP
- Keep error_reporting off (for development), Site cannot function if they are on.
- 20,000 lines of functions in a single file, 50% of which was unused, mostly repeated code that could have been reduced massively.
- Zero Code Comments
- Inconsistent variable names, function names, file names -- I was literally project searching for months to find things.
- There is nothing close to a normalized SQL Database, column ID names can't even stay consistent.
- Every query is done with a mysqli wrapper to use legacy mysql functions.
- Most used function is to escape stirngs
- Type-hinting is too strict for the code.
- Most files packed with Inline CSS, JavaScript and PHP - we don't want to use an external file otherwise we'd have to open two of them.
- Do not use a package manger composer because he doesn't have it installed.. Though I told him it's easy on any platform and I'll explain it.
- He downloads a few composer packages he likes and drag/drop them into random folder.
- Uses $_GET to set values and pass them around like a message contianer.
- One file is 6000 lines which is a giant if statement with somewhere close to 7 levels deep of recursion.
- Never removes his old code that bloats things.
- Has functions from a decade ago he would like to save to use some day. Just regular, plain old, PHP functions.
- Always wants to build things from scratch, and re-using a lot of his code that is honestly a weird way of doing almost everything.
- Using CodeIntel, Mess Detectors, Error Detectors is not good or useful.
- Would not deploy to production through any tool I setup, though I was told to. Instead he wrote bash scripts that still make me nervous.
- Often tells me to make something modern/great (reinventing a wheel) and then ends up saying, "I think I'd do it this way... Referes to his code 5 years ago".
- Using isset() breaks things.
- Tens of thousands of undefined variables exist because arrays are creates like $this[][][] = 5;
- Understanding the naming of functions required me to write several documents.
- I had to use #region tags to find places in the code quicker since a router was about 2000 lines of if else statements.
- I used Todo Bookmark extensions in VSCode to mark and flag everything that's a bug.
- Gets upset if I add anything to .gitignore; I tried to tell him it ignores files we don't want, he is though it deleted them for a while.
- He would rather explain every line of code in a mammoth project that follows no human known patterns, includes files that overwrite global scope variables and wants has me do the documentation.
- Open to ideas but when I bring them up such as - This is what most standards suggest, here's a literal example of exactly what you want but easier - He will passively decide against it and end up working on tedious things not very necessary for project release dates.
- On another project I try to write code but he wants to go over every single nook and cranny and stay on the phone the entire day as I watch his screen and Im trying to code.
I would like us all to do well but I do not consider him a programmer but a script-whippersnapper. I find myself trying to to debate the most basic of things (you shouldnt 777 every file), and I need all kinds of evidence before he will do something about it. We need "security" and all kinds of buzz words but I'm scared to death of this code. After several months its a nice place to work but I am convinced I'm being pranked or my boss has very little idea what he's doing. I've worked in a lot of disasters but nothing like this.
We are building an API, I could use something open source to help with anything from validations, routing, ACL but he ends up reinventing the wheel. I have never worked so slow, hindered and baffled at how I am supposed to build anything - nothing is stable, tested, and rarely logical. I suggested many things but he would rather have small talk and reason his way into using things he made.
I could fhave this project 50% done i a Node API i two weeks, pretty fast in a PHP or Python one, but we for reasons I have no idea would rather go slow and literally "build a framework". Two knuckleheads are going to build a PHP REST framework and compete with tested, tried and true open source tools by tens of millions?
I just wanted to rant because this drives me crazy. I have so much stress my neck and shoulder seems like a nerve is pinched. I don't understand what any of this means. I've never met someone who was wrong about so many things but believed they were right. I just don't know what to say so often on call I just say, 'uhh..'. It's like nothing anyone or any authority says matters, I don't know why he asks anything he's going to do things one way, a hard way, only that he can decipher. He's an owner, he's not worried about job security.13 -
Hi guys, I created a tiny Anime quotes API called Animechan. Totally free to use anywhere 😊✨
https://animechan.vercel.app/15 -
Apparently, HERE Maps supports transport via spaceship 😲
I don’t know if this is a joke or not but it’s in the API documentation:
https://developer.here.com/document...6 -
I just wanted to make with the Spotify API an online player. I sat 2 hours and still can't figure out how to center a fucking unordered list which is horizontal aligned
FUCK CSS7 -
Instructions on how to become suicidal:
- Create an API controller for the /file/ path
- Add an empty endpoint for POST /file/upload (will write it later!)
- Forget about this endpoint at some point
- Later, create a page for /file/upload
- GET /file/upload returns page
- POST /file/upload returns empty 200
Pure psychological horror for like an hour Googling why the fuck my razor page is returning empty responses and my breakpoint on OnPost is not fucking hitting even if I copy and paste example code from the ms website
Oh yeah, that controller.5 -
EoS1: This is the continuation of my previous rant, "The Ballad of The Six Witchers and The Undocumented Java Tool". Catch the first part here: https://devrant.com/rants/5009817/...
The Undocumented Java Tool, created by Those Who Came Before to fight the great battles of the past, is a swift beast. It reaches systems unknown and impacts many processes, unbeknownst even to said processes' masters. All from within it's lair, a foggy Windows Server swamp of moldy data streams and boggy flows.
One of The Six Witchers, the Wild One, scouted ahead to map the input and output data streams of the Unmapped Data Swamp. Accompanied only by his animal familiars, NetCat and WireShark.
Two others, bold and adventurous, raised their decompiling blades against the Undocumented Java Tool beast itself, to uncover it's data processing secrets.
Another of the witchers, of dark complexion and smooth speak, followed the data upstream to find where the fuck the limited excel sheets that feeds The Beast comes from, since it's handlers only know that "every other day a new one appears on this shared active directory location". WTF do people often have NPC-levels of unawareness about their own fucking jobs?!?!
The other witchers left to tend to the Burn-Rate Bonfire, for The Sprint is dark and full of terrors, and some bigwigs always manage to shoehorn their whims/unrelated stories into a otherwise lean sprint.
At the dawn of the new year, the witchers reconvened. "The Beast breathes a currency conversion API" - said The Wild One - "And it's claws and fangs strike mostly at two independent JIRA clusters, sometimes upserting issues. It uses a company-deprecated API to send emails. We're in deep shit."
"I've found The Source of Fucking Excel Sheets" - said the smooth witcher - "It is The Temple of Cash-Flow, where the priests weave the Tapestry of Transactions. Our Fucking Excel Sheets are but a snapshot of the latest updates on the balance of some billing accounts. I spoke with one of the priestesses, and she told me that The Oracle (DB) would be able to provide us with The Data directly, if we were to learn the way of the ODBC and the Query"
"We stroke at the beast" - said the bold and adventurous witchers, now deserving of the bragging rights to be called The Butchers of Jarfile - "It is actually fewer than twenty classes and modules. Most are API-drivers. And less than 40% of the code is ever even fucking used! We found fucking JIRA API tokens and URIs hard-coded. And it is all synchronous and monolithic - no wonder it takes almost 20 hours to run a single fucking excel sheet".
Together, the witchers figured out that each new billing account were morphed by The Beast into a new JIRA issue, if none was open yet for it. Transactions were used to update the outstanding balance on the issues regarding the billing accounts. The currency conversion API was used too often, and it's purpose was only to give a rough estimate of the total balance in each Jira issue in USD, since each issue could have transactions in several currencies. The Beast would consume the Excel sheet, do some cryptic transformations on it, and for each resulting line access the currency API and upsert a JIRA issue. The secrets of those transformations were still hidden from the witchers. When and why would The Beast send emails, was still a mistery.
As the Witchers Council approached an end and all were armed with knowledge and information, they decided on the next steps.
The Wild Witcher, known in every tavern in the land and by the sea, would create a connector to The Red Port of Redis, where every currency conversion is already updated by other processes and can be quickly retrieved inside the VPC. The Greenhorn Witcher is to follow him and build an offline process to update balances in JIRA issues.
The Butchers of Jarfile were to build The Juggler, an automation that should be able to receive a parquet file with an insertion plan and asynchronously update the JIRA API with scores of concurrent requests.
The Smooth Witcher, proud of his new lead, was to build The Oracle Watch, an order that would guard the Oracle (DB) at the Temple of Cash-Flow and report every qualifying transaction to parquet files in AWS S3. The Data would then be pushed to cross The Event Bridge into The Cluster of Sparks and Storms.
This Witcher Who Writes is to ride the Elephant of Hadoop into The Cluster of Sparks an Storms, to weave the signs of Map and Reduce and with speed and precision transform The Data into The Insertion Plan.
However, how exactly is The Data to be transformed is not yet known.
Will the Witchers be able to build The Data's New Path? Will they figure out the mysterious transformation? Will they discover the Undocumented Java Tool's secrets on notifying customers and aggregating data?
This story is still afoot. Only the future will tell, and I will keep you posted.6 -
Facebook is a giant piece of shit. Not only is their platform a massive contributor to mental illness, even their API's are fucking garbage. I'm trying to use their ads API and what it does is it hijacks the entire fucking request so you can't even extract data from the request after calling it. Fuck Facebook and everything they've ever "contributed" to society.5
-
Hello fellow devRanters, look what I found in our API constants on this fine day!
LIST_USERS: '/api/GetUsers',
USERS_WITH_QUERY:'/api/GetUsers?Query=',
MORE_USERS: '/api/GetUsers?Token=',
You get what you pay for, you get what you pay for, you get what you- AAAAAAAAAAAAAAAAAAAARRRGGGGG!!!!!!!!!7 -
I've been a bit "removed" from .NET lately and I've been slowly forgetting about it. It's like I grieved a loss, and now I was moving on, for lack of a better analogy. I was just beginning to get used to my new environment of Node JS and PHP. And, recently, I was put on track to complete a full project using Node JS.
And then suddenly a new company reached out to me, interested in my skills, and asked for me to build a simple .NET web app to showcase my abilities.
I got started, and holy crap I forgot how nice it was to be coding in this environment. Everything I had forgotten about switched on for me, like riding a bike. I was done with the app in a matter of hours. It was probably the most productive I've been with a coding assignment in forever. I was beaming with pride at the fact that I could code so fluently despite some time away. Everything here just made sense to me.
After I submitted it to the company for review I sat back and thought, damn, do I have to go back to Node/Express JS? I barely have any experience with it 😂. The only reason I know anything is because I watched a 20 minute quick tutorial on how to build an API. That's it.
I really want my current company to give me projects that are in my preferred language and they aren't and that's killing me right now. I can learn, that's not a problem, but my effectiveness as an employee is completely shot by not allowing me to build in code that I know and understand. I was fuckin hired for my specific coding experience, why not take advantage of what I know?
I should say something to my manager but I know they will just tell me no because they want it to be built in Javascript as it's the preferred language of the Gods.
Joking aside, I don't think they will go for it because it is another language that they would have to manage and maintain if I ever leave.
Oh well 🤷8 -
Employer: Hey, we are moving an API update live tomorrow morning that could affect our apps. Can you regression test the apps to make sure they all work?
Me: The API team is pushing code overtop of live endpoints that can break them?
Employer: Yes, we need the updates to work with a new product we are developing.
Me: And nobody thought about versioning these endpoints so we guarantee uptime on all existing services using them now?
Employer: We looked at that but it cost extra and required us to use the cloud solution so we don’t use versioning.
Me: Okkk… I also take it that the API’s don’t have integration tests written?
Employer: What are integration tests? Are unit tests the same thing?
Me: No, so when do I need to regression test all 7 production apps?
Employer: The API’s are moving to production at 4am and we need it signed off by 7am.
Me: I only have 3 hours to regression test 7 production apps at 4am? Each app, if I just skim over them, would take me 2 hours each. I will do my best but that’s a very short time to ensure complete functionality.
Employer: Don’t you have unit tests?1 -
Hey, we need a service to resize some images. Oh, it’ll also need a globally diverse cache, with cache purging capabilities, only cache certain images in the United States, support auto scaling, handle half a petabyte of data , but we don’t know when it’ll be needed, so just plan on all of it being needed at once. It has to support a robust security profile using only basic HTTP auth, be written in Java, hosted on-prem, and be fully protected from ddos attacks. It must be backwards compatible with the previous API we use, but that’s poorly documented, you’ll figure it out. Also, it must support being rolled out 20% of the way so we can test it, and forget about it, and leave two copies of our app in production.
You can re-use the code we already have for image thumbnails even though it’s written in Python, caches nothing and is hosted in the cloud. It should be easy. This guy can show you how it all works.2 -
Holy crap, I can't take it anymore.
I know that user acceptance testing is supposed to be done by the end user but it's as if they entirely skipped UNIT TESTING and QUALITY ENGINEERING.
Does their API work? Yes. It does.
Are their endpoints working? Sort of... why are query parameters required again?
Is it good overall? No, there are CORNER CASES ALL OVER THE PLACE (are they even still corner cases at this point?). It feels like it was made by amateurs!
Why am I doing quality testing on their services??? holy crap, they should pay ME for doing this1 -
Sometime ago I was introduced to that game "Stardew Valley", as a way to relax and unwind since it is a dynamic-pace simple-storyline and even simpler interactivity open world.
Well, it worked like a charm (sarcasm). I have a save where I am a profit-maxinizing capitalist who tries to score a million gp in an year - so a regular gamer approach. It wasn't the goal here.
So I got a second save where I just go along, getting enough to get by and no hurry to build farm buildings and whatnot, but slowly building up NPC relationships.
Man, what a good metaphor for life. That approach actually unwinds me.
But the dev in me is just like "just, woah! that is an stellar use case for GPT+3 APIs! You could have NPCs with dynamic adaptative dialog! *And* you can monetize it (piracy-proof!) by charging for API calls! No shops, no collectibles, just a unique but scalable experience!"
What is wrong with me? I gotta change into the second-save mindset...5 -
My coworker became super restless and incompetent during the initial 2020 Covid lockdown. Like playing hours of video games during work hours restless.
For one project, my coworker was working on the backend and I was working frontend. Coworker also wanted to be overlord of the epic branch.
My coworker merges the epic to our test branch and our code is broken. Coworker didn’t pull my FE changes before merging. Dude, I shouldn’t have needed to tell you to pull. You changed the api response that your BE code delivers so of course I had to update my FE code so it could work with this change.
I had to resolve the conflicts because coworker left work early to “rescue/pickup” their girlfriend from work.
You bet I leave this person on read when they try to text me on Signal1 -
!rant, but kinda
My new director wants to buy a solution for a portal environment that my institution currently has. I have no qualms over it. My only issue was the company that sells it to be known to provide close to 0 fucking support when shit arises.
During a presentation we were told that they were using state of the art JAVA technology to render items on the page and that their ApI was easy for devs to grasp. This caught my attention since I know of very few and obscure Java frameworks that work with frontend tech (as in, your frontend logic is legit in Java)
The sales people proceed to show us React. Obviously thinking that no one knows what REact was. The dude continues with "This is new Java tech" all proud and shit prompting me to interject that it is "Javascript" the dude brushes it away saying "same thing" to which I reply with "Negative, please make sure that you properly discern Java from Javascript since Java is to Javascript as car is to carpet, completely different environments" the dude sarcastically says that "oh well, didn't know one of the people here was more aware of our own technology than we are" to which I say "and not only that, but the final say in us adopting your tech is mine, so I would rather you keep the sarcasm and the attitude to yourself, bring in a tech person if need be and learn these distinctions since we don't work with Java"
My new director later on went to talk to me since he apparently thought that Java and JS were related in some way. I can't really fault it, last time the dude touched programming was in the early 2000s, previous boss was a C and COBOL developer, but the previous dude would ALWAYS take my word no questions ask, this dude was there asking me if I was sure that Javascript and Java were really completely different environments asking me to show him.
I do not like to be questioned. I shoot the shit here and don't really involve myself with more technical aspects under this platform unless it involves concrete architecture discussions and even there I really don't care with engaging on a forum concerning that. But concerning my job I really.......really do not like to be questioned by people that know way the fuck less than me. I started coding when I was 17, I am 30 now, with a degree and years of experience. I really hate to be questioned by this dude.2 -
Had anyone experienced with an impatient boss who require you to complete the project in the month you just recently got hired?
Here's the story, I recently got hired by a company, joined on 1st April 2022, the boss expect me to complete the app for Android and iOS by the end of this month. (An e-commerce applications exactly like shopee.com) Without providing me the Backend ApI , that they mentioned. They just gave me a and expect me to know what's happening at the backend.
He require me to give him a specific date that I can launch the app to play store and Apple store. (From my experience, it take days, weeks or months). He need a milestone of what I need , did , and will do (which predictably that they will reject any new ideas proposed) .
I even considering to quit, but I need opinions. Am I just too sensitive or there's something wrong?18 -
Follow up to: https://devrant.com/rants/5047721/....
1- The attacker just copy pasted its JWT session token and jammed requests on the buy gift cards route
2- The endpoint returns the gift card to continue the payment process, but the gift card is already valid
3- Clients wants only to force passwords to have strong combinations
4- Talk about a FIREWALL? Only next month
5- Reduce the token expiration from 3 HOURS to 10 minutes? Implement strong passwords first
6- And then start using refresh tokens
BONUS: Clearly someone from inside that worked for them, the API and database password are the same for years. And the route isn't used directly by the application, although it exists and has rules that the attacker kows. And multiple accounts from legit users are being used, so the person clearly has access to some internal shit7 -
Another shithole agency reached out to me out of the blue 4 weeks after my application.
The senior bro sends me an assignment with 30 requirements to build an app with multiple screens. Ofcourse no design provided and no API provided. Timeline 2 weeks.
Tried ask to expedite the process and reason with him because now Im in other processes where Im expecting an offer next week so I can send him a link to a very similar project I did, he can review and if he wants to I can jump on a technical call and I can answer all questions. Guy ignored the proposal entirely and wants to stick with his stupid timelines and stupid requirements which he wrote probably down while taking a shit with zero research.
Best part is there was no introduction, no discussions about hourly rate or expectations, nothing.
Disorganized shithole. Told them to get their shit together and withdrew my application.3 -
What the sh*t is this kind of response?! One of my corporate department's internal API returns THIS.
LOOK AT IT. LOOK. "NULL". What are those malformed closing / ending brackets?!
(request headers have accept: application/json btw)
And, as a final "f*uck you", the "IPG_API_JOBD_NC_RESP_P_COLL" is returned as JSON object if response has one element to return, but will be JSON ARRAY if result has more than one element.
Good luck, you there with strongly typed languages..... Boils my blood 😅4 -
React router is shit
I have never seen more retarded library.
Not only those suckers change the 100% of the API every fucking update for no reason, also they have the most fucked up documentation ever.
No search in the docs!!! Fucking bullshit examples with no such easy things like how to create nested routes.
Please, stop using this piece of shit, I'm tired of working with this fucking abomination. Hope they will delete their shit repo one day.22 -
i was hired to join a team of old devs (40+) in an unnamed European country "yay goodbye 3rd world it's time to enjoy the quality of life" assist with enhancing already existing software and creating new solutions.
prior to my arrival most things were slow and super buggy, looking at the code base it shouldn't be a surprise, amateur hour everyone, logic implemented that is not needed, comment driven development, last time code review was done back in 1996. lots of anti patterns.
i swear there is a for loop that does nothing but it loops through a 100+ elements list, trunk based development with tfs since git is "not really needed"
test projects are not there.
>enter me an educated fool, with genuine passion for the craft and somehow a decent amount of knowledge.
>spent the last year fixing stuff educating people on principles and qualities.
> countless hours of training and explaining. team is showing cooperation, a new requirement comes in to develop with react.
> tear my ass creating reusable shit and self explanatory code with proper naming etc using git with feature branching, monday is first deployment day.
> today a colleague was working on an item submit a pull request and self approve it
> look at the code..... WTF the dumb fuck copied and pasted the whole code from different kendo components but somehow managed to refractor the name to test component, commented out all the code that he didn't use did the api call directly from the component, has 2 useeffects that depends on the a fucking text box changes for no reason, no redux implementation, the acceptance criteria is not achieved, and it doesn't work it just look right.
> first world country shit cannot scold, cannot complain, lead by example.
>asked him why you did this, the response was yeah probably i shouldn't have done that, i really didn't understand anything in the training but didn't want to waste time!!!!
> rest of the team created a different styled disaster with different flavors they don't even name their shit the same way.
fellow developers I'm stuck in a spaceship with a bunch of imposters, seriously i never cried in my entire life now I'm teary and on the verge of a break down.
talk with management "improving needs time" and offers me to join a yoga session to release the stress as if reaching nirvana would deliver shit on monday.
i really don't know what do is this a rant, is this a cry for help, I'm not sure, any advice is welcomed.7 -
WE TEST ON THE STAGING SITE. I DON'T BUST MY ASS WITH A SEPARATE STAGING API AND HTTPS://STAGING.WHATEVERTHEFUCKYOUWANTOBUILD.COM/..., SO THAT YOU CAN MESSAGE ME THAT NOTHING IS WORKING. THAT IS BECAUSE YOU ARE NOT ON THE STAGING SITE. IF I HAVE TO REMIND YOU AGAIN, I AM NEVER TALKING TO A NON TECHNICAL PERSON AGAIN
THIS IS THE FIFTH TIME. ITS LITERALLY LIKE A BROKEN RECORD SO WHY DO I EXPECT ANYTHING TO CHANGE, EVERY CLIENT IS THE SAME, EVERY TIME, GOD I HATE IT MAKE IT STOP4 -
Well just blew up a coding interview.
Got an offer to be a Drupal dev and was expecting questions on Drupal API and module dev but got asked how to find the closest Enemy in an array and blah blah blah.
Interesting question but man. My mind got blank and got nervous. It's been a while since I've done a question like that and I've been coding for 10+ years.
I would've love to solve that in another language such as Python or C++ but got stuck on PHP because it was a Drupal position. But I only use PHP for Drupal modules and templates who are highly dependant on Drupal API. Or even WordPress plugins. But I try to avoid WordPress because is shit.
Guess the job market hasn't changed since I graduated back in 2014. So I feel a little bummed down. But I guess I'll just have to practice those type of problems as well. At least the problem solving method.
At least it will be an excuse to do those leetcode problems.9 -
I really hate sales people. My stakeholder wants to buy an address verification service but is hesitant to purchase now because the dev time needed would be substantial. Now the sales rep has planted seeds of doubt in my SH and SH thinks I grossly overestimated the labor I quoted.
Sales rep is all “major corporations have installed this in a weekend.” 🤬🤬🤬 Major corporations also have more than one developer and probably aren’t dealing with a website that has a dozen address forms that all work differently. Oh, and I DON’T WORK WEEKENDS MOFO.
My SH originally requested a labor estimate for installing the AVS on all address forms and that’s what I delivered. My audit revealed a dozen different forms. I’m working with a legacy code base that’s been bandaged together and maintained by an outside dev agency. The only thing the forms have in common is reusable address fields. They all work differently when it comes to validating and submitting data to the server and they all submit to different api endpoints. At least a quarter of those forms are broken and would need to be fixed (these are mostly admin-facing). I also had to provide an estimate on frontend implementation when I have no idea what they want the FE to look like.
My estimate was 5-8 weeks for implementation AND testing. I wrote up my findings and clearly explained the labor required, why it was needed, and the time needed. All was fine until the sales rep tried to get into SH’s head.
My SH is now asking for a new estimate and hoping for 1-2 weeks of labor, which is what will SH to buy the AVS. Then go to the outside dev agency you used to work with and ask for a second opinion. I’m sure they’d also tell you at least month if not more for testing, implementation, and deployment because you have a DOZEN FORMS you want to add this to. 1-2 weeks is only possible for a single form.
My manager doesn’t work in the same coding language I do, but he read my documentation and supports my original estimate.
I honestly want to ask my SH if this sales rep is giving a very good price for the AVS. If not, are there other companies in the mix? Because right now you have a sales rep that’s taking you for a ride and trying to pressure you all so he can get another notch in his belt for getting another “major corporation” as his account. I don’t think it’s a good idea to be locked in with a grimy sales rep.3 -
It works locally, it works in Dev, it works in Test, but fails to deploy in UAT. Is it a data issue? I don't know, I don't have permissions to see the UAT database. Literally all I know is that this API is returning 500 instead of what it's supposed to return, but only sometimes.
Guess I'll sit here all day and try to solve the problem telepathically as there is literally no way of troubleshooting other than scrolling through the code and hoping that a cartoon lightbulb appears above my head.2 -
Disclaimer: I hold no grudges or prejudices toward [CENSORED] company. I love the concept of the business model and the perks they pay their employees. Unfortunately, the company is very petty, and negligence is the core of the management. I got into an interview for the position, of Senior Software Engineer, and the interview wouldn't take place if wasn't for me to follow up with the person in charge countless times a day. The Vice President of Engineering was the most confused person ever encountered. Instead of asking challenging questions that plausibly could explain and portray how well I can manage a team, the methodology of working with various technology, and my problem-solving skills. They asked me questions that possibly indicated they don't even know what they need or questions that can easily get from a Google Search. I was given 40 hours to build a demo application whereby I had to send them a copy of the source code and the binary file. The person who contacted me don't even bother with what I told her that it is not a good practice to place the binary in cloud storage (Google Drive, OneDrive, etc) and I request extra time to complete the demo application. Since I got the requirement to hand them the repository of the codebase, it is common practice to place the binary in the release section in the Git Platform (Jire, Azure DevOps, Github, Gitlab, etc). Which he surprisingly doesn't know what that is. There's the API key I place locally in .env hidden from the codebase (it's not good practice to place credentials in the codebase), I got a request that not only subscript to an API is necessary but I have to place them in the codebase. I succeed to pass the source code on time with the quality of 40 hours, I told him that I could have done it better, clearer and cleaner if I was given more grace of time. (Because they are not the only company asking me to write a demo application prior to the assessment. Extra grace was I needed)
So long story short, I asked him how is it working in a [CENSORED] company during my turn to ask questions. I got told that the "environment is friendly, diverse". But with utmost curiosity, I contacted several former employees (Software Engineer) on LinkedIn, and I got told that the company has high turnover, despises diversity the nepotism is intense. Most of the favours are done based on how well you create an illusion of you working for them and being close to the upper management. I request shreds of evidence from those former employees to substantiate what they told me. Seeing the pieces of evidence of how they manage the projects, their method of communication, and how biased the upper management actually is led me to withdraw from continuing my application. Honestly, I wouldn't want to work for a company where the majority can't communicate. -
Okay today I wrote a very ugly api.. No f***king json mapper will handle that response in java. The values are dynamic... Good luck to anyone who will integrate into it... And good luck to anyone who will look at my code
Project manager please always give realistic deadlines2 -
Can someone please write a plugin that automatically translates bug tickets into startup-ese? It would make it very easy to present the most common offenders to higher management on quarterly reviews.
Example:
-
$< "screen A is all messed up"
$> "We are disrupting the establishment in screen A"
-
$< "API B is not responding, giving timeout errors"
$> "We are facing logistical challenges in API B"4 -
Give up. Share Target API is already on Android, even in garbage like Samsung Internet. Desktop native apps are already history, mobile apps are sure to follow. Led by Apple Silicon, we will add JS-specific hardware to the CPUs and conquer the world. JavaScript will be the only language, with an exception being C and Lisp.9
-
How the fuck does TypeScript still not have service worker support? Seriously, it's just a typings file. People have written that typings file. They would just have to include it in the lib collection shipped with the compiler. Yeah, it would have DOM calls intermixed with the SW api, but frankly, having the typings for a set of calls you can't use is infinitely better than missing them for a set of calls you can.
The relevant issue is 5 years old btw.7 -
Been getting a lot of troll / clown / clueless (?) comments on my posts recently. Select favorites include:
"Why do you have a login form on your website?" wut
"Why didn't you throw away that API key?" wut
"Why do you even need to access your apps' servers?" wut
There are just SO many amazing devs here who have NEVER had do any of those things, I'm quite literally an idiot and don't know what I'm doing, sorry for my ignorance. I'd forgotten that there is only exactly one way to build software, I wish I'd done it "that" way sooner! Foolish me.
Really not sure if trolls, clowns, or clueless. Don't care. 🤡🤡🤡11 -
"The free plan allows 200 API calls per month, while the paid plan offers unlimited API calls."
wtf is this, 1990 and you're running a raspberry pi as your server? give me a fuckin break15 -
Good morning to everyone, except that one Twitter dev who one day woke up and was like "YOU KNOW WHAT, MY APPLICATION WILL FEATURE BOTH OAUTH1 AND OAUTH2 ENDPOINTS, BUT SOME FEATURES WILL BE EXCLUSIVE TO EITHER OF THE TWO -NOT NECESSARILY THE MOST RECENT, JUST A RANDOM ONE-, AND ALSO THE OFFICIAL TWITTER LIBRARY WON'T COVER ALL THE ENDPOINTS SO PEOPLE WILL HAVE TO RESORT TO RAW HTTP REQUESTS INSTEAD OF USING MY SDK AND ALSO I'MMA MAKE DEVELOPERS FILL 2 VERY DETAILED FORMS, REQUIRING PERSONAL DATA AND ACTUAL REAL PHONE CALLS, JUST TO START DEVELOPMENT WITH 7 DIFFERENT AUTHENTICATION TOKENS, BECAUSE SOME REQUESTS WILL REQUIRE A DIFFERENT AUTHENTICATION METHOD THAN THE OTHER REQUESTS DESPITE ALL OF THEM PERTAINING TO THE SAME FUCKING ENTITY"3
-
Looks like chrome ad block extensions (and many more) gonna have trouble or even completely stop working as of January 2023.
https://theregister.com/2022/06/...
Tldr: google will drop support for its extension platform Manifest v2 (Mv2) and will only support Mv3 which doesn't have webRequest api. It does have an alternative api called declarativeNetRequest but it dowsn't support all of webRequest api features. This will be problem for many content blocking extensions.17 -
Started new job at startup and finished all the development environment setup started development it was going smooth for one week.all the created API were working fine on the next day morning without any changes API's were giving cors error.asked my senior what must be the problem he said bypass cors and figure out the problem after trying for 1hrs i couldn't figure out what was the problem but API's were back to normal without any changes. then after sometime same day in zoom call i asked what was the problem he said show me the error but I couldn't reproduced the same cors error he then lectured me for 1 hrs and after that he said that learn to solve by your own dont come with silly mistake like this to me.
I don't know what was the problem he even refused me show to what the problem was.6 -
Yesterday I killed a production server with a handful of sites running on it. 😬
Created an observer for one of my Laravel models. It was generating new translated slugs when another post gets translated by an API. While implementing also an updated method besides the created observation I obviously updated the models slug.
Pretty confident this small update will work I just pushed to production. Tested it live.
BOOM
Hard reset on the server redoing the changes. Searching where I fucked up this time...
Finding me observing the updating while updating the updating of the updating by the updating. 🤦4 -
Hey guys! lambda is amazing! Docker containers! They said the whole amazing point with containers is that they run the same everywhere! Except not really, because lambda 'containers' are an abomination of *nix standards with arbitrary rules that really don't make sense! That's ok though, you can push your shit to fargate, then it will work more like those docker containers you know and love and can run locally! Oh wait! fargate is a pain in the ass x 2 just to setup! You want to expose your REST api running on a container to the world? well ha, you'd better be ready to spend literally 2 weeks to configure every fucking piece of technology that every existed just to do that!!!! it's great, AWS, i love it, i'm so fucking big brained smart!!!
give me a break.... back in my day you'd set up an nginx instance, put your REST / websocket / graphQL service whatever behind it, and call it a day!!!!!!!
even with tools like pulumi or terraform this is a pain in the ass and a half, i mean what are we really doing here folks
way too complicated, the whole AWS infrastructure is setup for companies who need such a level of granularity because they have 1 billion users daily... too bad there are like 5 companies on the planet who need this level of complexity!!!!!!!
oh, and if your ego is bashed because of this post, maybe reread it and realize you're the 🤡
i'm unhappy because i was lied to. docker containers are docker containers, until they aren't. *nix standards are *nix standards, until they aren't
bed time.13 -
I love to develop for the web, i find JavaScript a nice language and I love the unmatched flexibility of the web platform but i hate when I have to work with the unstable or badly documented APIs which seems to be the norm in the enterprise world: wasting hours in forced breaks because suddenly the API returns nothing but 503 or the VPN suddenly dies, wasting lot of time to find the documentation you need in the slow and cumbersome enterprise API manager, making lots of tests with cURL/Paw/Postman/wethever trying to find out why a request which should work just doesn't... in these moments I envy desktop and mobile devs. The worst part of it is which microservices made everything worse since nowadays there are way more "moving parts" which can break making the API you need unavailable and unlike with monoliths often it's hard to just clone a back-end, populate a database and then work fully locals since now everything depends on a lots of things which are hard/almost impossible to replicate on your laptop.1
-
I'm hal laughting, half facepaling.
Use multiple servers they said
It's gonna balance automaticlly your load they said.
Well, they didn';t accoubnt for a MEGA badly writen API whic can block a whole server for a minute.
Or, but it's not the end !!!
So you see ? 1 at 100%, 1 at 0% ? Quick maths : Average 50%.
Autoscaling kicks in at average 40% for 2 minutes.
So it kicks in... Created a 3d server... Which is still booting !!
And some trafic redirected there.
Sooo. Users on a 100% server : Bad bad bad for them
Users on 0% server : No problems
users on a new 3d server : Wait 15 seconds, then it's like 0%.
Fun fun fun. At least I know now which fucking API does that.3 -
I hate React. I keep reading that people have problem of grasping it, but that's not the case for me. I get it, I understand it, but I hate with passion HOW it's done knowing how nice it's done elsewhere. What really triggers me is how ugly it looks, both from architecture and code level. To me it really say a lot when even code shown in documentation looks ugly, and while reading it you ask ourself constantly "why it's done this way?". When I read React being called an "elegant" solution something explodes in me. Did you saw Svelte? Vue? Damn, even Alpine.js?
I just cannot how overengineered this API is. Even doing simplest things there produces so much junk code written only because this is what library requires. Why? I feel like working with it is a punishment.
And scalability and maintainability? I've never seen large-scale projects more messed up than those wrote with React. And yes, you can blame teams working on them for lack of skills, but it is the library which encourages or not good practices also, and I've never seen such bad situation with other libraries/frameworks.8 -
How do I make my manager understand that something isn’t doable no matter how much effort, time and perseverance are put into it?
———context———
I’ve been tasked in optimizing a process that goes through a list of sites using the api that manage said sites. The main bottle neck of the process are the requests made to the api. I went as far as making multiple accounts to have multiple tokens fetch the data, balance the loads on the different accounts, make requests in parallel, make dedicated sub processes for each chunks. All of this doesn’t even help that much considering we end up getting rate limited anyway. As for the maintainer of the API, it’s a straight no-can-do if we ask to decrease the rate limit for us.
Essentially I did everything you could possibly do to optimize the process and yet… That’s not enough, it doesn’t fit the 2 days max process time spec that was given to me. So I decided I would tell them that the specs wouldn’t match what’s possible but they insist on 2 days.
I’ve even proposed a valid alternative but they don’t like it either, admittedly it’s not the best as it’s marked as “depreciated” but it would allow us to process data in real time instead of iterating each site.3 -
Im deploying a Machine Learning Model to production. We dont have an automated deployment pipeline for the models, so we do it manually exposing the models through a rest api.
I asked for the model artifact to the DS, they didn't have permissions to download files from Databricks.
I asked their manager for the artifact. He told me that he has the permissions, then bullshitted me with something about the formal process, some shit about proper permissions handling, and that they do no have a standard process for sharing files right now so i should wait.
I was like "bro, share the artifact with me to unblock my work, then stablish your process, i dont care". He said no, and just after that he started a thread involving half of the middle management and data engineers asking for feedback on how to stablish a process for sharing databricks files. Just Wtf.
I got pissed, i reach out to his superior (good friend of mine), that was on vacation btw, and i told him the situation. He opened slack and humiliated him so bad, that i almost felt bad for the manager jajajajaja.
I grabbed my model artifact and got out of there instantly.2 -
A remake of a website named Death Roulette where Twitch viewers could bet against each other on how the streamer would die in different roguelike games like Spelunky or Crypt of The Necrodancer.
The original hadn't been updated in a long time and the API it used for Twitch authentication was deprecated and removed so I built my own version in about 2 months, just in time for streamer "Vargskelethor" Joel to play Spelunky 2 with his chat when the game came out.
Needed a bit of help from another chat member to get it running at scale but all in all that was my first full-stack project.1 -
This was originally a reply to a rant about the excessive complexity of webdev.
The complexity in webdev is mostly necessary to deal with Javascript and the browser APIs, coupled with the general difficulty of the task at hand, namely to let the user interact with amounts of data far beyond network capacity. The solution isn't to reject progress but to pick your libraries wisely and manage your complexity with tools like type safe languages, unit tests and good architecture.
When webdev was simple, it was normal to have the user redownload the whole page everytime you wanted to change something. It was also normal to have the server query the database everytime a new user requested the same page even though nothing could have changed. It was an inefficient sloppy mess that only passed because we had nothing better and because most webpages were built by amateurs.
Today webpages are built like actual programs, with executables downloaded from a static file server and variable data obtained through an API that's preferably stateless by design and has a clever stateful cache. Client side caches are programmable and invalidations can be delivered through any of three widely supported server-client message protocols. It's not to look smart, it's engineering. Although 5G gets a lot of media coverage, most mobile traffic still flows through slow and expensive connections to devices with tiny batteries, and the only reason our ever increasing traffic doesn't break everything is the insanely sophisticated infrastructure we designed to make things as efficient as humanly possible.11 -
Weeks after our partner has been nagging us to release to production because we've been putting it off because their API sucks and wouldn't properly work.... we finally did....
except their production API doesnt even work LMAO -
I am building my portfolio website and added a contact section. In the API call to the backend, I am logging potential API failures to Firebase Analytics. Is it ethical to include the request data (content of the contact form) in log data?5
-
What the FUCK im fixing integrations on some dumbass's API. Biz wants this in prod on monday. It's fucking saturday. Anyway
Me: why did you give us a 200 even if its an error
Them: thats normal
Me: If it's an error it shouldnt be 200
Them: its a 200 because the api params are correct but differ in value so its not an http error but an api error
lmao2 -
Forgive me devLords, for I have sinned.
Today, I took while() loop and made it true, it was a dirty ordeal, however it's not entirely my fault, you see the api I called doesn't have a webhook of any kind and doesn't return results in real time either, you have to poll for them..... so here I am writing while(true){} to poll for results that could take seconds or even hours to finish.
😟11 -
I am so 😢🤒😡 right now. I applied for a remote job, so they gave me an assessment and the language was c++. The funny thing is that c++ was not in my resume.
So I decided to explore c++. "I don't know what the fuss is, C++ is not so hard". It was very easy for me to grasp. It took me two days to understand it.
Then I did one of those online test and I scored 58/60.
Now I went back to take the assessment test on C++ but lo and behold the assessment is now on Rest API.
But Rest API is also not on my resume. They are not assessing me on my strengths like Java or kotlin or python or my my lesser strengths like C# or JavaScript.10 -
Okay I'm doing the whole leetcode bs, interviewing with a faang like company.
I'm genuinely curious to see if their engineers are actually any good. It seems backwards to me to hire someone based on something they most likely know by heart.
It's like trying to stress test an API by calling a cached endpoint. It will look fast AF, and it will be, but it won't compute shit.
Anyway, if I get the job and the engineers aren't crappy, then I'll forever stfu about how lame this is. But if I get the job and the devs are crappy, oh boy you'll hear me for a long time.3 -
The fun with the Slack continues (context: https://devrant.com/rants/5552410/...).
I got in touch with their support (VERY pleasant experience!). Turns out, even though I specify a `filetype` when uploading a file via Slack's API, Slack ignores it and still scans the payload and tries to determine its type itself. They say Slack needs to be absolutely certain that the file will be readable within Slack.
IDK about you, but that raises some flags for me. I again have that itch to password-zip all the files I'm sending over.
I've raised this concern to the support rep. Waiting for his comments.6 -
Let's say you're working on a web application, and you notice that one of the pages is not displaying the correct data. You investigate further and realize that the data is being retrieved from an API endpoint, but for some reason, the API is returning the wrong data.
You start looking into the code that calls the API and notice that it's passing in the correct parameters, so you dig deeper into the API code itself. After hours of poring over the code, you finally discover that the bug is caused by a typo in the database query that the API is using to retrieve the data.
You fix the typo and think the problem is solved, but then you realize that the data is still not displaying correctly on the page. After even more investigation, you discover that the bug is actually being caused by a caching issue on the client side.
At this point, you're feeling incredibly frustrated and overwhelmed. You've spent hours trying to track down this bug, and it feels like every time you think you've found the root cause, another issue pops up. This is just one example of the many challenges that developers face on a daily basis.7 -
Must be great to be a giant fucking dumbass company raking in more than enough money, that you can't add 40-50 more characters on why your API doesn't like our call.
"Here's an API call with 3 different ways to make a call, we will show you an example for only the easiest method, AND if you get the more complex ways wrong, we'll just respond with an error code 422 with the error message "validation failed".
fuck.
you!!!!!!!!
I don't give a fuck about calling them out:
Its Bexio.5 -
I'm trying to build VoIP into my browser-based game, and holy shit are sound processing people bad at explaining stuff.
Every stackoverflow answer has badly named variables, noone names the algorithms they're using (which makes research near impossible), and literally every single Web Audio API pipeline I have seen so far contains at least one unexplained effect with no parameters, but it's a different effect each time.
One guy had implemented some kind of smoothing for catching up with the stream after interruptions (where the playback speed is proportional to how far we're behind the intended latency), without ever mentioning it anywhere. And this is meant to be a basic example!4 -
Client wants some CMS text to be automatically translated. So I checked and Google seems to have a solution for that. I thought to to be as simpel as doing a request and parsing the response. That's how API's work, right?
No. First I must create an account, that account must have a credit card, then I need to setup credentials, the default ones working with path variables, an API key... etc etc etc.
I feel so stupid for just not understanding their docs. I'm just a dude that installs a CMS and makes pretty CSS for it. I've worked with REST APIs before (Mollie, Carerix) but none of them ever demanded the level of knowledge and setup the Google Translate API demands.
Am I just a bad developer or is this shit just too complex for your average web developer?9 -
If you really think about it, asking a person what their pronouns are, he/she/they etc., is basically sending a REST OPTIONS request. What a technically pure and proven thing to do.
You assume OPTIONS response of an API, you get "400 Fuck You". Or, if that API is nice, you can get "426 Get Out Of Your Cave", but that's the best you're gonna get.7 -
my brain feels like an AI. It just slices things it sees and layers them over and over again. It doesn’t even change things, leaving them pristine and intact, it doesn’t filter stuff out. I cite memes exactly, word by word, with the exact intonation, because I literally just lip syncing to that meme playing in my head as if I was watching a youtube video. Some days I’m not even conscious of my surroundings, I don’t realize where I am, what I do, I’m just caught in that process I can barely put in words. People ask me to do something for them, I do it, and they’re like “no! it’s not what I asked for, well, it is, but not in this sense!” If they asked me if I could make their company the most profitable one in their niche, my brain will probably decide to instead sink and destroy other companies there. All that unspoken, “common sense” knowledge, I don’t understand. I feel detached, as if everyone else was “in” on something, some common notion, meanwhile I’m alone with my perfect things. I feel like a perfect Haskell codebase trying to interact with biker bar gloryhole dirty equivalent of an API. I want things to be exact, I want things to be precise, I want words you say to have specific meaning that I can understand, and I’ll ask you even though it takes overcoming my anxiety and guilt for asking “stupid” questions. If you throw in some clue, my brain will generate a Vsauce video worth of elaboration on that, and I’ll just tell it to you. Sometimes I feel like I just don’t fit, I can’t have fun at party with other people, if there are more than five of them, I’ll probably cry for no apparent reason. My consciousness operates smoothly, and then it don’t, it overheats, crashes and burns, then comes the numbness and derealisation.
I’m not okay. Now more than ever, I sometimes want to just end it.5 -
4 f*ing years since the app is published and f*ing QA team still can't read f*ing logs and find out why the f*ing backend messed up and f*ing blaming it on the frontend in a f*ing scenario that has nothing to do with the f*ing REST API. F**********CK!7
-
I have to add an endpoint to integrate an API and I want to vomit when I think about this major security issue they introduce.
What type of prehistoric dumbass thought GET requests with username and password in the query parameters is a good idea to burden your partner with.4 -
Just JIRA things:
We've got a very descriptive ticket with the title: "API Interface"
Can't wait for the rest of this Friday to play out, I'm already joyful and in the holiday spirit.2 -
If you feel it’s time to change I have a great job offer for you…
proceeds with offer with maximum wage that is half what you earn and by the way you need to know React, TypeScript, NextJS, Redux, NodeJS, ES6, Webpack, RESTful i GraphQL API
Nice to have is Python and Go
Girl you need to decide if it’s great offer or technology mishmash.
Hell no, glad you didn’t mentioned young and dynamic team cause I clearly see some dynamic technology stack there.
Company helps people find medical treatment clearly forgot about treatment on their stack.
Someone needs to tell them their tech leads are complete morons but since you’re not looking for head of technology it won’t be me lol. -
Today after longer vacation I came back to work.
Edit: wrote this rant long time ago, but never finished. Was too pissed.
Some easy meetings, then wanted to start on an easy job.
Just migrating some things from bash regex voodoo to proper tools like JQ.
Finished in roughly 1 h. Lovely.
Made some tea, ate some cookies.
Set up dev environment, found no documentation what so ever, got it running after half an hour.
Annoying, but ok.
Then I tried my scripts...
They worked... Except they didn't.
Console log empty, response code 200 with state: GENERATE_NO_FILES.
Eh. Fuck you. Just fuck you.
Fixed the logging configuration, which was broken since uhm... 2 years plus?
Well... Another half another hour gone...
Kinda pissed now.
Still script return failed...
Poking and trying to sprinkle debug all over that shit cause everything seems ... An incohesive, inconsistent diarrhea.
3 hours later...
Made the ticket to rewrite it.
I did nothing wrong at all.
The API just has no workflow at all. The
*seperate* API calls have to be in an **specific** order - as otherwise the generation will fail, as the prerequisites for the generation are not fulfilled.
Yeah. Completely logical. Especially not to give out any kind of warning or an error message like requirements not met, blablabla.
I drank that evening 2 six packs of beer. I was raging mad....
Then gave that shit to another manager, as I never want to touch that nuclear waste again....
How can someone be so brain damaged -.-1 -
So I made an update to my React Native app. I changed UI of a couple of screen, added a few animations here and there, refactored how my graphQL resolvers work in the backend(no breaking changes), changed how data gets loaded into the database etc.
It worked in dev so I figured hey let's deploy it. Today is(was because it's now 3am but more on that later) a national holiday so no one goes to work so no one will use my app so I have an entire day to deploy.
I started at 15:00(because i woke up at 13:00 lol). I tested the update once again in dev and proceeded to deploy it to prod. I merged backend to master, built docker images, did migrations on the db, restarted docker-compose with new images. And now for the app. I run ./gradlew assembleRelease and it starts complaining that react-native-gesture-handler is not installed. Ugh, rm -rf node_modules && yarn install. It worked. But now gradlew crashes and logs don't tell me anything. Google tells me to change a bunch of gradle settings but none of them work. Fast forward 5h, it's around 20:00 and I isolated the issue to, again, react-native-gesture-handler. They updated from 2.2.4 to 2.3.0 which didn't fucking compile. 2 more hours passed (now 22:00) and I got v2.3.1 working which fixed the problem in 2.3.0 but made my app crash on startup. YOUR FUCKING LIBRARY GETS 250K WEEKLY DOWNLOADS AND YOU DONT EVEN BOTHER CHECKING IF IT COMPILES IN PROD ON ANDROID?! WHAT THE FUCK software-mansion?
After I solved that, my app didn't crash. Now it threw an error "Type errors: Network Request Failed" every time I fetch my legacy REST API(older parts use rest and newer use graphql. I'll refactor that in the next update). I'll spare you the debugging hell i went through but another 5h passed. Its 3am. My config had misspelled url to prod but good for dev... I hate myself and even more so react-native-gesture-handler.3 -
I would like to call out the moron who decided to control docker through HTTP when the maximum time the server can take to finish the task is longer than the HTTP timeout.
If you expect things might time out, you don't use a HTTP request. You use a resource and poll it, or Websockets, or possibly SSE.
Shoehorning your API into a frame that obviously doesn't fit doesn't help anyone. Just admit that you don't know what HTTP is and use a regular TCP socket with regular pings.2 -
I can work with Angular, even though it's pain in the but.
My current Angular job is actually the job with the first manager that had decent human values and ethics, I like my team, and yeah, what we building is shit. But it's only 30% shit because of Angular, another 30% are due to SAFe, and the rest is the usual stuff.
Still enjoy my job and respect my team.
But please do not expect me to pretend Angular is on a comparable level to React. Angular hasn't brought any actual innovation in most major versions but releases those breaking major updates still at least twice a year.
Ivy might be awesome, but only because Angular told the world 3 years ago also to have Ivy compatible compile targets for their libs/packages doesn't mean everybody cared.
And the ngcc, the awesome compatibility compiler, mutates node modules in place. So ne parallel stuff, no using yarn2 or pnpm.
At the same time, React brought so many innovations into the frontend world but is basically backwards compatible.
Not sure how the Angular partial compilation and whatever needs to go on works, but it seems like there's hardly anyone that really knows, so you can't use Vite or whatever other new tool.
And sure, if you're really good, you can write Angular without producing memory leaks.
But it's really hard. Do you know what's also quite hard: Producing memory leaks with React!
And for sure, Angular Universal, which isn't used by anyone, it feels like, will still be on a comparable level to an open source product that's used all over the world, builds the basis for an open source company, and is improved by thousand of issues day by day.
And sure, two kinds of change detection are a great idea. And yeah, pretending Angular comes with all included makes it worth it that the API is fucking huge and you're better of knowing nothing, because you have to read up things, than knowing quite a lot, since making assumptions and believing apis work in a similar way and follow similar contentions...
Whatever... I work with it. Like the time. Like the company, even my poss. But please don't expect my lying to you this was a good idea, or Angular is even remotely the same level of React.15 -
Today I wrote a python messenger bot which listens to only one command;
get ip
It then replies with its public IP address. I figured this would be the easiest hotfix until I fix my dynamic DNS client.
Now thinking of it I could also make an "update domain" command for doing the API call, and then link the two with a loop and minute delay. Marvelous.4 -
a friend of mine has applied at a company who have sent them this task* to complete before the job interview.
They gave about 10 days to complete this.
*I rewrote it
Personally I think this is super overblown and way too much to complete as a test before the first interview.
They expect the applicant to configure an SQL database, a backend with a custom API and a UI.
It's like a fullstack prototype software, not a task.
Im not in web development and I wouldn't feel confident learning these technologies in my free time in just a few days.
I said that this felt like some HR manager writing up the test or that they want the applicant to create a prototype for free.
Am I being too extreme here? To me it feels overkill, what do you all think? Is this common?
Oh and I should mention, this is for an internship position for a bachelors student.21 -
Me: API support team, 3% of our requests to your API during a load test are getting ECONNTIMEDOUT errors. Can you check why is that?
API supp: Please check connectivity to our API
....
I don't know how it makes me feel, but it is not a good feeling.1 -
A new update was just released to AltRant!
This update features:
- Massive UI responsiveness fixes and enhancements, including many fixes for UI bugs, fixes and things that needed tweaking
- A COMPLETE overhaul of all devRant API methods (a switch to my new library, SwiftRant)
- Progress with Android compatibility (replaced incompatible libraries for compliance with Mutata)
- Enhanced security with the Keychain
Here’s the link to join again:
https://testflight.apple.com/join/...7 -
I don't know what to think of Vue 3 Composition API anymore. At first I hated it because it's nothing but one big ole rip off of React, and I hate React so much; its hook system is the most disgusting anti-pattern I've ever seen in the entire JS ecosystem. This gave me the incentive to try out Svelte instead, but after doing so, I look back at Vue 3 and noticed that they're kinda similar... why are so many JS devs allergic to classes? You can have much better written code that way. Idk, I'm waiting for vue-class-component and vue-property-decorator to fully migrate. In the mean time, if I'm gonna be forced to write composition based code, I might as well use Svelte.3
-
Actually kinda sad, that there is no pure rust ui framework out there, but rather mere adaptations of c/c++ frameworks for rust. It's better than nothing for sure, it just would be nice, if i could use a framework, that doesn't create a massive memory leak, because i looked at it funny.
In particular i'm using fltk-rs, and everytime I'm applying a font to some widget, 500kb get added as leaked memory. Doesn't sound like a lot, but for one it's a dynamically built application, so the order and amount of widgets changes, and this application is supposed to run days, if not weeks.
thanks to heaptrack i was able to pinpoint that to libpango, which i'm not even interacting with directly, but rather indirectly through the api.
Annoying, that i chose to use a language for actively preventing leaks and dangling pointers and stuff, but end up leaking memory because of a dependency somewhere.7 -
well that's curious... Apparently, when uploading a csv file via bot, Slack now appends a .py suffix to it.
I wonder what's the logic behind it. Trick as many users as possible into executing potentially malicious code?21 -
8 months ago, me and my teammate developed an API and a web application for one of our client. The API was supposed to be consumed by mobile app which another team was working upon. Now my suggestion for the mobile team was to use something like ionic or react-native. This was purely to keep technical debt on lower side since hybrid apps don't deviate too far for both Android and iOS platforms. But mobile team went with the native apps and developed two separate apps which both have some differences.
The client didn't even use the iOS app since past 6 months. Now all of a sudden she reported several bugs and the person managing the mobile devs put that all on us. I tested some of the bugs and seems like the same feature is working on Android but not on iOS.
Came to know later that the iOS developer who was working on the app had resigned and left the company exactly 6 months ago. Right after the apps first launch. And since then mobile team hasn't put any replacement person for the project. That fucker was trying to buy some time by putting it all on us.
And now here I am, experimenting again with Flutter. So far it seems quite decent.3 -
I'm still using .then().catch() instead of the async await.
So, first of all, Fuck you for calling it a STANDARD now. its nowhere near to be called standard. You wanna get some data from an API? Wanna call it using axios or fetch? What if the server is down? what if there's an error that you don't even know existed? Where do I get that kinda error in async await? try-catch? no thanks :| I'm good -_-8 -
Until about two weeks ago I thought serverless functions looked like this:
api.example.com/Cart.addToCart('product-1234', 1)
Turns out they're just normal API endpoints1 -
Do you have a routine? I work from home everyday since quarantine and I don't think we are going back to the office.
I would like to be more productive, not in the sense of forcing myself to do more job and add more stress, no one is complaining about the time it takes me to finish tasks.
I'm looking for a way to scatter my working hours so I have chunks of focus and chunks of breaks in which I go out for a walk or something instead of a big chunk of focus mixed with distraction. I'm behaving as if it were a "9-5 job" when it is actually "8 hours per day" with flexible schedule.8 -
I would have never considered it but several people thought: why not train our diffusion models on mappings between latent spaces themselves instead of on say, raw data like pixels?
It's a palm-to-face moment because of how obvious it is in hindsight.
Details in the following link (or just google 'latent diffusion models')
https://huggingface.co/docs/... -
Yesterday, the Project Manager forwarded an email from a staff member who worked on a donations campaign. Staff member was confused about a Cloudflare challenge that appeared before the user was sent to the donation page. It’s a less than 5 second JavaScript check. He thought it looked fishy.
I had to explain that it’s a security measure that’s been up for almost a month. PM knows this but left it to me to explain because ownership of the site is on me. The donations page and api gets hit by a lot of bots because it’s a public api and there are no security measures like captchas to deter the bots. I’m inheriting this website and I didn’t build it.
Staff member says other staff want to know if the Cloudflare page can be customized so it looks more legit. Um, Cloudflare is a widely known legit service. Google it.
A few thoughts pop into my head:
1. Engineering communicated to stakeholders about the Cloudflare messaging a month ago.
2. Wow, stakeholders don’t share relevant info with their staff who aren’t on these emails.
3. Woooow, stakeholders and staff don’t look at the website that often.2 -
The Zen Of Ripping Off Airtable:
(patterned after The Zen Of Python. For all those shamelessly copying airtables basic functionality)
*Columns can be *reordered* for visual priority and ease of use.
* Rows are purely presentational, and mostly for grouping and formatting.
* Data cells are objects in their own right, so they can control their own rendering, and formatting.
* Columns (as objects) are where linkages and other column specific data are stored.
* Rows (as objects) are where row specific data (full-row formatting) are stored.
* Rows are views or references *into* columns which hold references to the actual data cells
* Tables are meant for managing and structuring *small* amounts of data (less than 10k rows) per table.
* Just as you might do "=A1:A5" to reference a cell range in google or excel, you might do "opt(table1:columnN)" in a column header to create a 'type' for the cells in that column.
* An enumeration is a table with a single column, useful for doing the equivalent of airtables options and tags. You will never be able to decide if it should be stored on a specific column, on a specific table for ease of reuse, or separately where it and its brothers will visually clutter your list of tables. Take a shot if you are here.
* Typing or linking a column should be accomplishable first through a command-driven type language, held in column headers and cells as text.
* Take a shot if you somehow ended up creating any of the following: an FSM, a custom regex parser, a new programming language.
* A good structuring system gives us options or tags (multiple select), selections (single select), and many other datatypes and should be first, programmatically available through a simple command-driven language like how commands are done in datacells in excel or google sheets.
* Columns are a means to organize data cells, and set constraints and formatting on an entire range.
* Row height, can be overridden by the settings of a cell. If a cell overrides the row and column render/graphics settings, then it must be drawn last--drawing over the default grid.
* The header of a column is itself a datacell.
* Columns have no order among themselves. Order is purely presentational, and stored on the table itself.
* The last statement is because this allows us to pluck individual columns out of tables for specialized views.
*Very* fast scrolling on large datasets, with row and cell height variability is complicated. Thinking about it makes me want to drink. You should drink too before you embark on implementing it.
* Wherever possible, don't use a database.
If you're thinking about using a database, see the previous koan.
* If you use a database, expect to pick and choose among column-oriented stores, and json, while factoring for platform support, api support, whether you want your front-end users to be forced to install and setup a full database,
and if not, what file-based .so or .dll database engine is out there that also supports video, audio, images, and custom types.
* For each time you ignore one of these nuggets of wisdom, take a shot, question your sanity, quit halfway, and then write another koan about what you learned.
* If you do not have liquor on hand, for each time you would take a shot, spank yourself on the ass. For those who think this is a reward, for each time you would spank yourself on the ass, instead *don't* spank yourself on the ass.
* Take a sip if you *definitely* wildly misused terms from OOP, MVP, and spreadsheets.5 -
Why is mobile development still a thing?
Hear me out. All these simple apps, like shopping centre discount, eshops, vinted, other kinds of webapi consumers. Many have a website and a phone app.
Why??? Why the phone app? What's wrong with just embedding your responsive webpage into a webview and call it a day ffs?
I mean, maintenance becomes trivial and there's no split brain. No? What am I missing?
Not talking about apps that rely on android/ios api, for like camera, calls, storage access, sensors etc11 -
A guy using our tool that automate rest api calls requests a feature to add the request body in the logs.
He was using “get” calls with no request body as a proof of missing feature.2 -
It's incredible how many sites don't check / handle localStorage permissions.. they usually just completely break.
That is they use a div to block the view despite the page usually still working ..
There literally is an API to check for permissions..2 -
"Please integrate the Facebook Conversion API into our website".
Is that enough information for a dev to act on? I've been reading up on how FB's Conversion API works but the more I read the less I understand what my clients wants. Or what I am supposed to do.5 -
Project with partner company, during the meeting I asked them how can we secure the communication between two services. I suggested api keys, tokens. They were like nope, no need. But I asked them for their IPs to do whitelisting on our side in Nginx.
But their side, nah not even whitelisting, no tokens, no validations. If one has address, can send anything from anywhere.
How hard would it be to do at least, AT LEAST simple token validation. And they are using the very old IIS server. I think for them as long as data flows in as expected, it is fine.3 -
Did this question really deserve a down vote?
https://softwareengineering.stackexchange.com/...
Stackexchange community is so annoying at times. It's just that a few handful of experts are helpful.
But again my recent questions on stackoverflow were answered by myself only after a week or so 😐9 -
Me: You decided some records in system A should be obsolete, but the records are tied to active user accounts on the website. Now, I have users emailing and asking why their profile’s last name field says “shell record - do not use.”
Stakeholder: Oh…can’t you stop those profiles from loading? Or redirect the users to the right record in system A? In system A, we set up a relationship between the shell record and the active one.
Me: 😵 Um, no and no. If I stop a user’s profile from on the website, that’s just going to cause more confusion. And the only way to identify those shell record is to look at the last name field, a text field, for that shell record wording. Also, the website uses an API to query data from system A by user id. Whatever record relationship you established isn’t reflected in the vendor’s API. The website can’t get the right record from system A if it doesn’t have the right user id.7 -
in my previous company , we used to create 4 custom ui states for just 1 screen in android app, and we would have task to create 3-4 new feature screens in 1 sprint (of 14 days) the states would be :
empty state : a state where data is not available. usually consisted of message, a graphic and some action button
data state : the usual state where data is filled on various elements
loading : a shimmer ui showing loading. it was supposed to be pixel perfect to that of the data state. it was basically a different xml, but with grey colored views instead of colorful. the tricky part would usually he to create the dynamic views
error/no connection state : as most of the screens couldbget api error or no internet error, this would be the screen for asking user to retry connection
all of these screens combined with their ui in xmls + kotlin code with barely any stuff being reusable , made the life incredibly difficult. however a lot of our customers would appreciate the interactivity of our app
doing these stuff again nd again , i had become trained to do all those 3-4 (x4) screens and the whole ui stuff in first 4 days of the sprint. but now i am in a company where i am getting passed on to managers after managers and getting tasks to change documentation in 1 week, i find those coding stuff incredibly tough.
gotta get back to shape -
I did not think that making a serverless Discord bot would be such a learning experience. The code itself was easy. The hard part was the infrastructure, because I decided to automate it all with Terraform and deploy it on AWS.
Before this project, I had no idea how API Gateways worked. Now I still have very little idea how they work but I managed to build one anyway. Eventually. And then I had to figure out how to automate the deployment of a lambda layer and function that would both still be managed in the Terraform state, with any code changes triggering a rebuild and update for the resource.
And then I had to untangle a dependency mess because API Gateways have some weird issues where two resources that have no explicit dependencies on each other will throw an error if they don't deploy in the right order.
And then I went the wrong way with Github actions trying to conditionally chain multiple workflows together before I realized I could just put multiple jobs with conditions in a single workflow.
And now after all that work over the course of 2 days, I have a bot that does this:2 -
Just started Online Banking at my bank. Checked how much money I have and what I can do on the website.
Afterwards I opened the dev tools and see that there is a js warning. So I open the console and the fucking first thing I see is: Loglevel set to INFO. WHAT THE FUCK?!?
Other things I found out:
API Endpoints are logged here. Two deprecation warnings for a function used. A warning about a deprecated service used.
The log level is now set to WARN. Several more deprecation warnings for the framework from before.
The fuck is this?12 -
Fuck Facebook!
Disabling apps without warnings or anything which means no customer login. This is a huge pain since the solution doesn't have any way to login to the same account with another credential.
"Oh did you use that? Now you can't. And the only way to do anything is to submit a form to 'appeal' the case which we'll just reject without any notifications or emails"
Normally I won't rant like this or use that much swearing.. but in this case:
Fuck you, Facebook. Fuck. You.7 -
Can we take a moment to recognize how absolutely retarded JS' event system is?
Events aren't objects. No, they're managed by an object, and identified by a string.
To subscribe to an event, you call object.addEventListener(name, callback). Because for some reason we can't just have an event object. Events MUST have an owner.
But to unsubscribe you don't call the function addEventListener returned, you don't use the token it returned either. No, you pass the same function to removeEventListener.
Because we don't use serializable tokens like in PP, and we don't return functions like in FP, no, we use functions as tokens, realising idiomatic DFP.2 -
Given a competitive multiplayer simulator game where you can program your own flight computer, what programming model would you like it to support?
- in-game programming with a DSL which can have artificial resource limits to regulate the extent of automation and can maintain the atmosphere of the game in the process of programming
- in-process Webassembly executor which makes artificial resource limits feasible to the extent that people can't just throw image recognition and AI at every problem, but it loses the atmosphere
- API-based unrestricted remote control10 -
Feel utterly deflated today. Working with an API that gives no feedback what so ever. Going around in circles and making little progress. What’s worse is we quoted 1 days work.
With all my experience I should be better!2 -
I was on Instagram and I saw a boy advertising to sell 5k followers and I was wondering, how do they do that? Can they programmically create and control those accounts? I know they can use the Instagram API to some degree but I feel like Instagram probably has security set up to detect that type of stuff (5k accounts following someone at the same time, etc). Does anybody know? I’m actually really curious7
-
I hate CRUD operations so much.
I'm so tired of programming CRUD demo applications and then filling it with some logic only in services. It's so ugly. No domain model. Just entity, repository, service, controller.
I hope I'll be able to work on something better soon, but cmon, why are we forced to work like this.
I've recently started reading book about DDD and it's at least a bit more interesting than just writing some fancy API for database8 -
GraphQL question here!
So i recently noticed (few years after everyone?) That graphql seems popular... I decided to try it out, but after playing with it a bit, the conclusion I came to is, that it's a great idea from FE point of view, but for the backend not so much.. a simple sql to return data to ui turns into a bunch of parts, all independant and with even the simplest relationship to some other entity the whole thing becomes very not optimized and when googling about it, all i found were some very awkward libs for work arounds to force everything into 1 optimized query again... But wait, i already have 1 optimized query in my rest api 😆
I don't understand if I'm missing the brilliance of graphql that everyone saw, or is everyone fell for the hype and use a stupid tool and pretend it's cool? 🫣4 -
I've actually already discussed this one on here I believe
I see this job looking for an android developer for Kotlin with UI experience with XD & Figma and experience with Firebase. I have all of these qualifications so I throw my resume into the fray within an 2 hours the recruiters contact me. they have an offer of 76,000 and I'm looking for junior so I'm like, eh whatever, I give them a copy of my resume and we hold discussion for a few days and then radio silence. I then see a job posting EXTREMELY similar but with a "different company" so I throw my resume in and again within 2 hours I get a call only THIS TIME ITS THE INTERNAL HR. She sounds interested we have a good conversation and sets me up for 96,000 and they schedule me for my first interview within the week. Interview goes great, next I meet with the CTO and we have a pretty good conversation, I'm expecting a technical exam but it doesn't happen instead they give me a case study. they send me requirements for an app API to use, architecture, and a week time span to do it. I finish the app with extra features within 6 days, in my understanding of MVVM and I was excited and happy about this app because its JUST NICE. a week goes by and I meet with the tech team. They grill me on my application, scalability, use cases, how would I advertise or place advertisement and I'm answering everything they love the UI (I included mockups I made on XD), they say everything sounds good everyone leaves with smiles they say they have to find out on what team to place me because they have multiple apps and that HR will be in contact with me in the next few days... A WEEK GOES BY and I randomly get the declination email that next Friday. When I asked for feedback they said it wasn't true MVVM. I was devastated until the next week when I was accepted for a higher paying job that didn't require me to move. After I accepted this job guess who calls? THE FIRST RECRUITER and for this long I was wondering if this was the same job due to the very similar job description so I ask "is your client XXXXXXX?" it was I just told him "I'm good" and hung up4 -
When a senior asks me, the guy who started 4 months ago about documentation on something that they’ve been using for several years. Haha, yeah bro, wouldn’t all of our job be a lot easier? I’ve been going down entire rabbit hole networks trying to find credentials and API tokens for the last month because there was no documentation 🤷🏻♂️6
-
"Did you know that this popup saved the life of countless API calls by preventing users from frantically clicking the 'Continue' button?'
Another funny line I added to a dialog in my project today as one of its finishing touches :D -
I have a few side project ideas. I started one of them a few months ago (project setup, dependencies, git repo, index page, very basic API and client functionality). But I cannot get myself to work on it or even think about it (for months now). The reason? I do not want to work on the client/frontend! I do not want to deal with React or Vue or Svelte or fuckjs or even jquery. It's a fucking mess.
For the backend, the requests are stateless: you get a request, handle it, and respond back. Need to update state? Database. That's it!
For the frontend, there's just tooo many states I can't keep up with! When the user checks or unchecks this checkbox, I need to maintain the state of the checkbox and maintain the all effects of changing the checkbox while syncing with the backend and making sure the elements are still styled correctly with the applied effects. Multiply that with all the expected interactive elements on the page. It's exhausting!4 -
Built a pretty slick chat bot for my company’s conferences that used Google’s Dialogflow for natural language processing and conversation state
It worked from a web chat or SMS. Allowed manual responding by agents as well as the chat bot. Pulled dynamic answers through a 3rd party API integration
Most common questions “what is the wifi password” and “tell me a joke”
Project was killed after 2 conferences - thankfully it only took me a few weeks to build4 -
If you ever need a good example for bad API design, just use IndexedDB. While it might still be far above absolute zero, it should definitely be low enough for any practical purpose.
And as a bonus, it wouldn't actually have been needed if the SQLite status quo would just have been adopted as the standard back then. We could have a complete RDBMS with almost full SQL support in the browser... -
I built an api to sync data between two systems. It is simple, if I have new data to send, I call their api with data. If success, get Json response back or error if not.
Today the guy from other side asked me for "acknowledgement" endpoint. I was literally WTF?
He explained me very clear, when I call their api, it can be either success or fail, so for those success or fail, he will send the response to my "ACKNOWLEDGEMENT ENDPOINT" to tell me if success or not.
*facepalm*8 -
How the fuck is Firebase still a thing? I just spent hours debugging a random "not authorised" error, only to find out you need to enable a deprecated API even if you're only using the new (recommended) one. Do they tell you about it? Fuck no, they keep it disabled by default, they tell you to only use the new API, and they make it pretty much impossible to find the deprecated API you need to enable without a direct link.
And why the fuck does the official SDK send image URL as { "imageUrl": "http://..." }, when the endpoint expects it to be { "image": "http://..." }? Why the fuck does the documentation mention both options interchangeably, while only the latter one actually works?7 -
I'm not a Wordpress pro, but i've done some work on it and... well, the HTML + PHP mix is the only evidence you need to convince someone, there is no god, only satan, but other then that, it's hard to find anything else that your clients will accept & can use. And yes it's the most important thing - at the end of day, they are the one giving you money.
Besides:
- the Wordpress dev community is pretty cool.
- everything has been invented, so the development is pretty easy.
- if you have something more fancy to do, there is always a Wordpress API.
PS - fuck HTML + PHP mix.1 -
Just to show you.
The overhead between actual SQL requests and the stack :
.Net 6 =>
Web API =>
EntityFramework core 6 =>
(middleware) GraphQl.EntityFramework =>
GraphQl =>
SQL
Seems a lot ? Yep. But actually... that shit just scales. More sql requests will not cost much. And this stack will take care of generating optimal querry better than me by hand.
(These querries on screenshot are fairly complex).
I like it. So, so much checks done for me and front end people love it too ! They don't need to open a tiocket when they need a new field.
So, /adpoted by me.
PS : And pair it with Blazor, miam.1 -
! rant, but should I be concerned?
I'm writing an election results API and I imported the bottlepy+pandas and prepped the CSV that contains the data. The first row contains the column names, followed by the actual data.
As I typed my routes, VSCode kept suggesting route names, parameters, and return values. At first I was "nice!" but then it kept suggesting my intent, as if someone was reading my brain. I do have GitHub Co-pilot installed, but I didn't realize my access had been approved.
How many layers of tin foil do I need?3 -
Are you content with your job or always searching for greener pastures?
I'm split inbetween. Current pay is very decent and working conditions are flexible. However, the work itself is not always that great. I find it to be comedically true how "hard workers" don't get promoted or bonuses, they get more work. There has recently been a heavy influx of what I'd like to classify as "shit tickets" since a guy who was the main "shit ticket doer" left the company after being burnt out.
I work with a small-ish digital agency as a BE dev, so I'm mostly dealing with small to medium scale projects built with WordPress/WooCommerce, with often custom API/ERP integrations on top. I'm not a big fan of the stack as a developer but as a contractor I can understand the business reasons why it is used. Part of me wants to find something else, part of me thinks I'm looking for a perfect company that doesn't exist and I should lower my expectations -- I might find better work for sure, but with the same pay and conditions? It seems unlikely at the moment. The company was recently acquired, so I'm hopeful for the future.4 -
We had made an api which had endpoints for each different domain model, so /user, /company, the usual. Beyond being restful they all had basic filtering and pagination.
We also had an endpoint to return an entity from any set based on guid for when you needed to attach the related entity to notifications and logging and such.
We received a bug report on how you couldn't use filtering or pagination on this endpoint, and after weeks of asking what they need it for we just had to implement it.
You can imagine how non-trivial it is to "just" filter across different datasets, but we eventually got it working so now you can get a user via /user/123 or /entity?type=user&id=123. They only use it for one type and id at the time.2 -
I got a long weekend. I decided to see what React has been up to these days.
I happen to learn more about Suspense that now it allows f**king data fetching with relay.
I decided to give it a try . First time I am actually inclined towards trying out relay just so I can see what the f**king fuss about `Suspense` is all about.
Honestly the API is much better than what it looks like .
However what the fuck is this fucking relay. They have a page in their doc called glossary and most of the sections says TODO .
I wanted to see how the fuck data driven code splitting works . Due to the lack of proper documentation about it I could not get it right for two days . I stumbled upon couple of docs / blogs / github issues about it and then finally managed to get it working .
Well the end result wasn't as cool as I thought it would. The fucking API's to achieve this needless method of code splitting is insane
There are lot of better ways to achieve this with Suspense and the API relay offers is so shitty and not fucking type safe.
Now today I wanna learn more about the directives relay offers and there is no fucking documentation about them except for a fucking bold `TODO` explanation under the sections.
If relay developers thinks that they are fucking wizards and talk all about improving fucking performance . Please don't fucking over engineer API's and make it un un maintainable for the consumers of the library
Wow this feels good . first Day in rant and I m feeling great4 -
ah yes. have to add the permission for literally any specific endpoint on AWS for my root user... love it5
-
"Code"
And the website says "Lonely geeky people do need apply"
So I put my on my glasses and I went in to ask him why
He said you look like a fine outstanding young man, I think you'll do
So I shook his hand and, I said "I am glad I will be working for you."
Code, code, everywhere there's code
Neo vision, tweakin' my mind
Do code this, and API that, can't you read the fucking manual
And the sign says "If you want to use this site you must accept our cookies"
So I found the CEOs address and doxxed him all night!
To put up a dialog and block content from my sight.
If Todd was here, he'd tell it to your face, man, "it just works"
Code, code, everywhere there's code
Neo vision, tweakin' my mind
Do code this, and API that, can't you read the fucking manual
Oh, say now mister, can't you code
You got to have a laptop and a hoodie to get a job
You can't work, no you can't standup, you ain't supposed to be here
And the website says "You got to have an employee ID to get inside" - yo!
And the website says "Everybody welcome, come in, code and share"
But then they passed around a git pull at the end of it all
And I didn't have a character to code
So I got me laptop and I made up my own fuckin' code
I typed, "Thank you OSS for thinking 'bout me, I'm alive and doing fine", yeah
Code, code, everywhere there's code
Neo vision, tweakin' my mind
Do code this, and API that, can't you read the fucking manual
Code, code, everywhere there's code
Neo vision, tweakin' my mind
Do code this, and API that, can't you read the fucking manual
Yes! Some old song, called "Code code", I wish we did write that one, but
We didn't - git blame!
Hello World!6 -
>start new job, not very professionally experienced dev
>spend couple of months working on a feature that is supposed to be an MVP kind of thing, be rushed to finish and told to cut corners because it's "just an MVP", still lose sleep and have relationship suffer (and ultimately ruined) as I try to not lose deadlines created by the boss with questions like "you can have this done by <very soon>, right?"
>frontend created by fellow developer is a garbled mess of repeated code and questionably implemented subpages, frontend dev apparently copies CSS from Figma and pastes it into new non-reusable React components as envisioned by designer, I am tasked with making sense of the mess and adding in API consumption, when questioning boss what to do with the mess I am often told to discard stuff that the frontend dev has made and just reuse his styling; all of this on top of implementing the backend feature that a previous developer wasn't able to do
>specs change along the way, I had been using a library as a helper in some part of the original feature, now the boss sees that and (without further testing the library) promises CEO that we'll add that as a separate subfeature, but the performance of the library is garbage for larger inputs and causes problems, is basically shit that might not have been shit if we had implemented it ourselves, however at this point CEO has promised new feature to some customers, all the actual sense of responsibility falls upon my hands
>marketing folk see halfway done application and ask for more changes
>everything is rushed to launch, plenty of things aren't implemented or are done halfway
>while I'm waiting for boss to deploy, I'm called up to company office by CEO, and get new task that is pretty cool and will actually involve assessing various algorithms and experiment with them, rather than just stitching API calls and endpoints together, it involves delving into a whole new field of CS that I never had the opportunity to delve into before
>start working on cool task, doing research, making good progress
>boss finally deploys feature I had been originally implementing
>cut corners of original boring insane feature start showing up, now I have to start fixing them instead of working on cool task, however the cool task also has a deadline which is likely expected to be met
I'm not sure if I'm having it bad or not, is this what a whole career in software development will look like?6 -
Wtf is wrong with AWS CDK? I add one EC2 instance and it deletes all my queues and api resources, then fails to create my EC2, does some fucking rollback then attempts and fails at some fucking rollback clean up.
So it nuked my entire fucking stack because why?
Because FUCKING WHY JEFF. WHY IS YOUR ROCKET SHAPED LIKE A PENIS AND WHY IS YOUR SHITTY FUCKING DEPLOYMENT SYSTEM FUCKING WITH ME LIKE THIS.
I can’t do this anymore. I’ve been doing this for months now. I really don’t know whether to laugh or have a mental break down.
Complete Disaster Kunt. That’s what I’m calling this shit from now on. I just don’t get how it can fuck itself up so much4 -
I hate it when I want to implement a 3rd party API and their docs have no hint at how to create a test account.. Why do they make me call their sales team / bother their support for that?4
-
everything is going as planned! :)
Learned Rust Lang. i loved it (that doesn't mean i am done learning na? No! never stop)
new language i could do game memory hacking in without worrying about C++ memory leaks or issues. it also compiles to assembly! another of my favorite languages!
(i use rust for game development and other stuff)
i am not leaving C / C++ though that would be harsh!,
i abandoned javascript for react and typescript.
to be honest the developer just made javascript and left us with a [object Object]
finished learning the android java api so im basically set anything i want to make i can just go on my pc, listen to music and write it out in a couple of days.
well phazor what are you going to do now?!
i will code till i am old.
i will leave my mark like a shid that made its skid in the bowl :)5 -
Why the fuck does jsoncpp change their file name with every version? Somebody who knows about this, please enlighten me.9
-
Welp. I think I witnessed a new job application hack. Someone listed my team’s general engineering email address for their Employee Referral.
That email address is listed publicly, but I’m pretty sure no one on my team told the applicant to list it as a referral contact. I suspect someone got the email from a Slack workspace. I had posted a job listing, in a threaded comment someone had complimented my employer’s public API, and I shared our engineering email and said we’d love to see what he builds.
It looks like someone else from that Slack saw this and decided to list the engineering email as an employee referral. I get that employee referral can mean different things to different people and it might be someone who’s new to job searching and doesn’t know better.
For my employer’s online application, an employee referral requires a name and email address for the employee. I’m curious what the applicant listed for the employee referrer’s name. Wonder if it was my name. If it is, guess I have to give my manager a heads up and tell him that I do not know this applicant.
This occurrence is a new one for me and I don’t think it’s happened to us before. And it’s not really a good tactic to get a resume read at my workplace. Where I work, my manger reviews the resumes and tells HR who he wants to set up calls with. It’s not HR or an ATS that screens resumes and sends them to my manager. -
I graduate college in December and I got my first fulltime job offer today! I've been working in my university's oit department for 3 semesters, lol most of rants are about that job. I guess a lot of my frustration stemmed from being capable but hitting a wall in the sort of things I worked on. I didnt feel like I was growing and had no avenues to express concerns/feedback towards the end. Plus the job was not one where they could give me a job after graduation, so I just felt unseen and discardable day to day.
But turns out this job worked out for me! There's an opening in a whole other division that does api development and data warehousing with Snowflake/Attacama and they want me specifically for it. If the benefits/pay ends up being decent, I'm leaning towards accepting it. -
When you're using openapi generators and stuff for generating SDK code and let "the architect" handle the data structure and nomenclature, don't you hate having to add 33 (I counted) models, most of which are just the same class with different name or one property apart from each other, serialization of which gives request body overhead 56-132x (actual calculated results depending on the model complexity) the size of actual data you want to send, just to add support for one endpoint that needs just one model that started this whole madness?
I just had to add this one top level model reference and this happened to me. Those 33 models are not including the ones I already had included in my project so they didn't have to import them again.
For the love of <your_belief_here /> and all that's holy, never ever agree on generating code based on openapi if the person responsible for that is unexperienced. It will do more harm than good, trust me.
Before we decided to go with generated SDK my compiled product was a bit over 30KB, and worked just fine, but required a bit of work on each breaking API change. Every change in the API requires now 75% of that work and the compiled package is now over 8MB (750KB of which is probably my code and actually needed dependencies).
Adding an endpoint handler before? Add url, set method and construct the body with the bare minimum accepted by the server
Now? Add 33 models (or more), run full-project find&replace and hope it will work with the method supplied by the generated code, because it's not a mature tech and it's not always guaranteed it will work. -
I am implementing an API. How do I know what to do? Read the docs! Unless... there's none on the website. Asked by email and they could provide a PDF, which contains some graphics which you're free to interpret ...
Machine readable description? Nope.
How do I get to know about updates to the API? *blank stare*4 -
Update to watchRant!
(my second and probably last post about it)
watchRant client is mostly complete now!
Added: logging in, notif page, ranting, commenting, ++/-- of rants, search, amoled theme,
A surprise me btn for a random Rant (why is this not in the official app @_@, its in their API)
And the best:
Sick rant animation of the client of @Simmorsal!!
https://github.com/SIMMORSAL/...
some things are still missing: voting comments, stories page, comment/ranting with images (nobody takes images with a watch haha) ...
watchRant is also available on the PlayStore now (as sideloading to a watch isnt very convinient), but the latest updates will always be on github first
For context: https://devrant.com/rants/6340608/...13 -
Day of days! Insomnia supports environment variables! And has for a long time! I just missed it is all!
-
In an object/dictionary/map config object where multiple source paths are mapped to destinations, which structure makes more sense to you (and why)?
1. { "src/path.ext": "dest/path.ext" }
2. { "dest/path.ext": "src/path.ext" }
Could also be a URI redirect map3 -
I had a pretty good year! I've gone from being a totally unknown passionate web dev to a respected full stack dev. This will be a bit lengthy rant...
Best:
- Got my first full time employment dev role at a company after being self-taught for 8+ years at the start of the year. Finally got someone to take the risk of hiring someone who's "untested" and only done small and odd jobs professionally. This kickstarted my career, super grateful for that!
- Started my own programming consulting company.
- Gained enough confidence to apply to other jobs, snatched a few consulting jobs, nailed the interviews even though I never practiced any leet code.
- Currently work as a 99% remote dev (only meet up in person during the initialization of some projects.) I never thought working remotely could actually work this well. I am able to stay productive and actually focus on the work instead of living up to the 9-5 standard. If I want to go for a walk to think I can do that, I can be as social and asocial as I want. I like to sleep in and work during the night with a cup of tea in the dark and it's not an issue! I really like the freedom and I feel like I've never been more productive.
- Ended up with very happy customers and now got a steady amount of jobs rolling in and contracts are being extended.
- I learned a lot, specialized in graph databases, no more db modelling hell. Loving it!
- Got a job where I can use my favorite tools and actually create something from scratch which includes a lot of different fields. I am really happy I can use all my skills and learn new things along the way, like data analysis, databricks, hadoop, data ingesting, centralised auth like promerium and centralised logging.
- I also learned how important softskills are, I've learned to understand my clients needs and how to both communicate both as a developer and an entrepeneur.
Worst:
- First job had a manager which just gave me the specifications solo project and didn't check in or meet me for 8 weeks with vague specifications. Turns out the manager was super biased on how to write code and wanted to micromanage every aspect while still being totally absent. They got mad that I had used AJAX for requests as that was a "waste of time".
- I learned the harsh reality of working as a contractor in the US from a foreign country. Worked on an "indefinite" contract, suddenly got a 2 day notification to sum up my work (not related to my performance) after being there for 7+ months.
- I really don't like the current industry standard when it comes to developing websites (I mostly work in node.js), I like working with static websites (with static website generators like what the Svelte.js driver) and use a REST API for dynamic content. When working on the backend there's a library for everything and I've wasted so many hours this year to fix bugs and create workarounds related to dependencies. You need to dive into a rabbit hole for every tool and do something which may work or break something later. I've had so many issues with CICD and deployment to the cloud. There's a library for everything but there's so many that it's impossible to learn about the edge cases of everything. Doesn't help that everything is abstracted away, which works 90% of the time but I use 15 times the time to debug things when a bug appears. I work against a black box which may or may not have an up to date documentation and it's so complex that it will require you to yell incantations from the F#$K
era and sacrifice a goat for it to work properly.
- Learned that a lot of companies call their complex services "microservices". Ah yes, the microservice with 20 endpoints which all do completely unrelated tasks? -
Spent 15min automating our Spotify playlist.
Task Scheduler runs a PowerShell script at system startup and 15:00, based on the time it will either start our "daily music" or "shitty memes" playlist using the Spotify API. -
Bloody cunts at Twitter could provide the fucking grammar for their filtering rules...
Now I have to write the grammar for the lexer and the parser from scratch (in fucking JavaScript to boot 😡).
Mind you, I know my lex and bison, but I haven't done this shit in fucking ages, and the combo of JavaScript debauchery and being rusty, is making me want to send angry tweets to Elon musk, see if they can provide decent tools for their shit API.3 -
My first rant but wanted to get it out!
New job - simple enough I think - it's a website with a login and profile that serves videos and shows your progression and asks you questions when you finish one.
Wrong - Kubernates microservice madness - functions and cosmos instances galore!
There is a full aspnetcore stack microservice with a restful API that stores..... drum roll please - a person's gender against a profile id....
Todays Architects are stupid fools. -
One of the most headache-inducing things about being a developer is having to find a solution to every little ailment that software has.
An example would be: working with a particular stack. LEAN, MEAN, LAMP, WAMP,.. The nightmare of having to deal with every single error in PHP, NodeJS, Apache Server, Nginx, the HTTP spec intricacies, the HTML5 spec, API problems..
Sometimes it's just a lot to deal with and I'm trying not to lose my patience.9 -
I'm working with an API where, for some reason, half of the numbers are returned as numbers and half as strings. I'm baffled more than David composing hallelujah.5
-
Does anyone use pushover.net or know a reliable / cheap push notification app with an api behind It?
Im trying to setup some monitoring alerts back to my phone, using slack / teams etc for personal projects seems pointless.
Emails are currently being sent but this relies on me actually looking at them and I tend to miss a few important ones. 😂
Not to worried about daily / monthly limits, it's going to be < 20 notifs a day kind of thing on a terribly bad day.6 -
OK I need some help. I need to make sure I’m not losing my mind.
We are using an ERP which is hosted by another company. We are supposed to be able to access the data via a REST API. This works fine using Insomnia or Postman, but when I attempt to hit the API from my web application, CORS blocks the localhost origin.
I contacted the company’s technical team to request that they change the CORS configuration to allow localhost. They keep running me around in circles telling me that I don’t know what I’m talking about because localhost isn’t a DNS resolvable name and I’m doing something wrong and they don’t need to change any configuration.
They insist that if anything would need white listed, it would be my IP, not localhost.
I sent them screenshots and stack overflow posts and documentation links, showing them exactly what headers need to be set and where the configuration needs to be set in the ERP. They tell me I don’t know what I’m talking about.
They tell me that if I can hit the API from Postman, I can hit it from my browser.
Am I losing my mind? Have I fundamentally misunderstood CORS all these years? I’m sure I’m right. But I’m starting to feel like I’m crazy.19 -
I tried to post a comment to someone's post and without UI feedback I get the API response in the HTTP request: "Comment not valid". This isn't enough information for me to troubleshoot what is a valid comment.4
-
Just fucking hate how expensive and hard to find a cheap SMS gateway
And as in cheap, I mean cheap as send email
I found Cheap Global SMS and it doesn't have a professional website nor a good API but it is way more cheap
Downside? I must pay with a payment gateway made by the same company (coincidence?)
And NO WAY I'm sending my id to a payment gateway that no one uses
I'll try sending some random image to see if they accept it
But, still, no confidence to put my credit card in there2 -
I had to contact technical support for an API. I’m pretty sure I was emailing with a bot because I was getting all sorts of stupid replies.
Me: I’m using your SDK for language X. It’s returned null for some properties. In the user portal, I can see there are values for those properties for the transaction. I don’t know why I’m not receiving them on my end.
Tech Support: Hi! I see the following was sent in the API response. [Sends api response to me.] You can also go the the portal to see those values.
Me: Yeah, I know. You just repeated everything I wrote to you. I don’t want to go to the portal. I told you I want to figure out why your SDK doesn’t seem to map those properties correctly when I receive the api response.
TS: Let me look at the docs. I think you need to send the properties you want in your request in order to get them back in the reply from the api. Such as <property>value<property> in the xml message.
🤨 The docs do not say that. They don’t even imply that.
Me: What the fuck?! That makes absolutely no sense. We have already established that the api **is** returning values for those properties. I want to troubleshoot why your SDK is mapping them as NULL. -
Microsoft Windows can burn.
I have this feature where I configure a remote API via some endpoints and the API pushes data back to some webhooks in my API.
Yesterday I set everything up for the final test; fired up my own API with some test data, added some configuration and started trace logging to ensure that everything works as expected when the remote site tries to send me data.
I was ready to collect ! Enter this morning: Windows have forcibly rebooted to install an update and shut everything down.
inb4 install Linux; No, I can not. Windows is company policy and I am required to use shit that is only designed for Windows.6 -
Question.. architecting a large system. I’ve broken it down to microservices for the DB and rest API / gateway
I want there to be some some processes that run continuously not event driven via rest. Say analytics for example what is the best way todo that? Just another service running on on a server? And said service has its own API? That when the other rest APIs are called could then hop and call the new service?
Or say we had a PDF upload via rest should that service then do the parsing before uploading to DB .. or should the rest api that does the uploading then call another rest api to another service dedicated todo the parsing and uploading to the db?
I think the bigger way to explain the question is the encapsulation between DAL.. data access layer which I have existing.. but then there’s the BLL .. buisness logic layer which I don’t know if it should have its own APIs via own microservices running in the background.10 -
Postman freaking sucks now. It's bloated and can't easily do what's it's supposed to do without hassle. You have to login first, then it will inexplicably lose all your previous API requests.
I guess the company has forgotten who their base customers are.6 -
How many keywords are appropriate to put in a "skills" section on a resume?
Technically I've played with a lot of tech and stacks, and done tiny one offs, tutorials and independent projects but nothing that wasnt more than a day on any one of them.
Basically im fast at picking up a language and api and just rolling with it and getting something done, even without tutorials or tons of googling. Though I find myself constantly relying on manuals and reading apis.
Is this normal or should entry level be familiar with the api of something from the get go?
I see a lot of people say to game the system just to get your foot in the front door past the automated keyword filters and on to an interviews where the real requirements are listed.
But I'd rather not list under the skill section something I only used for all of ten hours in one or two sittings.
Also is it acceptable to list a "learning", "would like to learn/know more of", or "planned skill additions" section?
Also what do I add for extras? "Achievements"? "Volunteer work"? "Hobby projects?", "past times?"
Is any of this seen as necessary or well rounded?
If it is really just about the numbers I'll just go scrape junior and entry level positions and take their keywords and automatically fill out template resumes to automate applying.
Could even use SQLite to store the results and track progress lol.
I've never worked as a professional programmer, but it's the only thing I ever enjoyed doing for 12 hours a day.16 -
I recently built an automated payout functionality for bank-to-bank transfers, and we initially looked at using the pain.001 XML schema to do it. Luckily, we ended up finding a service that has a simple REST API to do this instead. (Thank god we didn't go with the XML method, I know how much of a headache that could become, I can imagine the treasure trove of memes with naming an XML schema with the name PAIN)
Anyway, for one of our big-brained product managers, this will forever be the infamous "XML Task" that he continues to ask about and bring up. I've already clarified a few times that we have long chosen a solution process that has nothing to do with XML, but to no avail, it will forever be his "XML Task". Wonder what name he'll pick next time we need XML in a solution? "Second XML Task?" Let's just keep the mental overhead idiot train going!3 -
Quick update on our partner's API that doesn't work (see previous rant).
They gave the wrong URL! Wow!! Well we have the new URL but
the production credentials don't work!!!2 -
CREA DDF (Canada Real state listings API) is what you get when government fucks with technology.
Holy shit! So f*cking inefficient to use it, test it and get data.
I get the protection behind sensitive data but fuck me if there is not a lot of waiting behind their fucking application process just to fetch some testing data.1 -
I hate group project so much.
I yet again successfully stirred up a big drama in my project group. For project, I proposed a CDN cache system for a post only database server. Super simple. I wanted to see what ideas other people come up with. So I said I am not good at the content and the idea is dumb. Oh man, what a horrible mistake. One group member wants to build a chat app with distributed storage. We implemented get/put for a terribly designed key value store and now they want to build a freaking chat app on top of a more stupid kV store using golang standard lib. I don't think any of those fools understand the challenges that comes with the distributed storage.
I sent a video explaining part of crdt. "That's way too complicated. Why are you making everything complicated."
Those fools leave too much details for course stuff's interpretation and says
"course stuff will only grade the project according to the proposal. It's in the project description".
I asked why don't they just take baby steps and just go with their underlying terribly designed kV store.
"Messaging app is more interesting and designing kV store with generic API is just as difficult"
😂 Fucking egos
Then I successfully pissed off all group members with relatively respectful words then pissed off myself and joined another group.1 -
#Suphle Rant 3: Road to PHP8, Flow travails
Some primer: Flows is a feature that causes the framework to bypass handling the request now but read it from cache. This cache entry is meant to be populated without warming, based on the preceding request. It's sort of like prefetching but done on the back end
While building Suphle, I made some notes on some chapters about caveats and gotchas I may forget while documenting. One such note was that when users make the Flow request, the framework will attempt to determine who user is, using authentication mechanism defined on the first module (of the modular monolith)
Now, I got to this point during documentation and started wondering whether it's impossible for the originating request to have used a different authentication mechanism, which would result in an empty entry for returning user. I *think* it's possible cuz I've got something else called "route mirroring", where web based routes can be converted to API routes. They'll then return JSON, get served under defined API path, use JWT, all automatically. But I just couldn't connect the dots for the life of me, regarding how any of this could impact authentication on the Flow request
While trying to figure out how to write the test for this or whether it was even necessary (since I had no use case), it struck me that since Flow requests are not triggered by an actual user, any code attempting to read authenticated user will see nothing!
I HATE it when I realize there's ambiguity or an oversight, after the amount of attention and suffering devoted. This, along with a chain of personal troubles set off despondency for a couple of days. No appetite for food or talk. Grudgingly refactored in this update over some days. Wrote some tests, not all passed. More pain. May have to convert them to unit tests
For clarity, my expectation is, I built this. Nothing should be impossible for me
Surprisingly, I caught a somewhat lucky break –an ex colleague referred me to the 1st gig I'm getting in 1+ year. It's about writing a plugin for some obscure forum software. I'm not too excited cuz it's poorly documented and I'll have to do a lot of groping, they use arrays instead of objects etc. There's no guarantee I'll find how to implement all client's requirements
While brooding last night, surfing the PHP subreddit, stumbled on a post about using Rector to downgrade a codebase. I've always been interested in the reverse but didn't have any incentive to fret over it. Randomly googled and saw a post promising a codebase can be upgraded with 3 commands in 5 minutes to PHP 8. Piqued my interest around 12:something AM. Stayed up all night upgrading it, replacing PHPSTAN with Psalm, initializing the guy's project, merging Flow auth with master etc. I think it may have taken 5 minutes without the challenge of getting local dev environment to PHP 8
My mood is much lighter than it was, although the battle is not won yet –image tests are failing. For some weird reason, PHP8 can't read generated test images. Hope I can ride on that newfound lease on life to study the forum and get the features working
I have some other rant but this is already a lot to digest in one sitting. See you in rant #4 -
Recently, Apple rolled out Push Notifications for PWA websites as a beta feature on iOS 16.4 devices. And let me tell you, it's a game-changer! But, when a client asked me to implement push notifications for their iOS users via web and service worker, I knew it wouldn't be a walk in the park.
Why, you ask? Well, their backend code base was written in Plain F*cking Vanilla PHP, which felt like I had time-traveled back to the 1980s! Plus, since the ios web push feature is still in its early stages, there were hardly any resources to guide me through the process of sending push notifications to Apple WebPush API using plain php.
Despite the obstacles, I managed to successfully send notifications to Mozilla and Google Chrome users. But Safari? Not so much. The client needed the task done within 24 hours, but due to delays, it ended up taking me three days to figure out the kinks. In the end, I had to refund the client, but I'm not one to give up easily.
In fact, I've created a public GitHub repo for a Quotes App in Flutter (https://github.com/GiddyNaya/...) that can send PN to iOS users via web. I'm diving down the rabbit hole to figure out how to make it work seamlessly, and I won't stop until I've cracked the code. Wish me luck!15 -
What did I do while down for the count with Covid?
* Setup a static React site
* Hosted the site at Cloudflare Pages
* Protected the page through CF access
* Extracted the JWT
* Setup a Rails API to validate the token
Now I have static React UIs with a nice rich API backend.2 -
New strategy to combat managers:
If you claim we can't afford the additional time for the tests that come with the feature, I won't build the feature.
If you claim we can't afford the additional time for the proper API versioning that comes with the feature, I won't build the feature.
And finally, if the internationalized texts, designs, and image assets are not complete when it comes time for development, I won't build the feature.
It's time to rise and stand against the "You're an engineer! do it all!" notions. I'm not a designer. I'm not a translator. I'm not a by-hand manual customer tester. And I'm certainly not going to take any more of your shit.2 -
Web Push notifications for PWA finally coming to iOS 2023
API is already there at experimental features settings9 -
What did the CS student say when he totally killed his web API class and got an A?
"REST easy now."1 -
I decided to use Docker Compose on a tiny project that essentially consists of an API and a Caddy server that serves static files and proxies to the API, all of this running on an EC2 t1-nano. I made this admittedly odd choice because I wanted to learn Compose and simultaneously forego figuring out why the node-gyp bindings for sqlite3 refuse to build on EC2 even though it builds just fine on my machine.
I am storing secrets in .env which is committed into the private GH repo. Just now I came across a rant that described the same security practice and it sounded pretty bad from an outside perspective so I decided to research alternatives.
Apparently professional methods for storing secrets generally have higher system requirements than a t1-nano. I'm not looking for a complex service orchestration system, I'm not trying to run an enterprise on this poor little cloud-based raspberry pi. I just want to move my secrets out of the Git repo,
Any tips?9 -
The thing about startups is that you have the opportunity to be involved in a lot of different things. I easily get bored with repetitively doing almost the same thing day in day out.
In my current company, I have been working on the same mobile app for close to two years. It’s the same basic thing, build UI, make API calls, and fix bugs. I am so bored that I’m fit to climb a wall. Anyways, I’ve started applying for backend positions.
But then startups are volatile and things are almost always unorganised.2 -
macOS - just nothing makes sense.
You try to go away from the deprecated stuff, use the new shinier API to stop and start services with launchctl (bootstrap/bootout vs. load/unload). And how does this stellar OS thank you for that? By crashing your service. Thanks for nothing.
From developer perspective this whole OS is just such a nightmarish clusterfuck. If you want to set up code signing with some special entitlements and you try to use the provisioning profiles as advertised, it's like pulling the one-armed bandit. It will plunder your coins and sanity. You try to compile it, it fails or the executable will be killed - you enable and disable the automatic codesigning in Xcode, or delete and download you old code signing cert and suddenly it works. It's just random - and you have to perform random walks on the Xcode project settings to make it run. So Apple turned us into Xcode clicking monkeys... -
I think I have a slight problem in my API.
Snapshot 1 : API entrey point
Snapshot 2 : on "return" statement from API.
No biggies, 8 GB of RAM used.
The API ? Adds 1 ligne in database.
That's gonna be a fun debug8 -
i am feeling angry and frustrated. not sure if it's a person ,or codebase or this bloody job. i have been into the company for 8 months and i feel like someone taking a lot of load while not getting enough team support to do it or any appreciation if i do it right.
i am not a senior by designation, but i do think my manager and my seniors have got their work easy when they see my work . like for eg, if on first release, they told me that i have to update unit tests and documentation, then on every subsequent release i did them by default and mentioning that with a small tick .
but they sure as hell don't make my work easy for me. their codebase is shitty and they don't give me KT, rather expect me to read everything on my own, understand on my own and then do everything on my own, then raise a pr , then merge that pr (once reviewed) , then create a release, then update the docs and finally publish the release and send the notification to the team
well fine, as a beginner dev, i think that's a good exercise, but if not in the coding step, their intervention would be needed in other steps like reviewing merging and releasing. but for those steps they again cause unnecessary delay. my senior is so shitty guy, he will just reply to any of my message after 2-3 hours
and his pr review process is also frustrating. he will keep me on call while reviewing each and every file of my pr and then suggest changes. that's good i guess, but why tf do you need to suggest something every fucking time? if i am doing such a shitty coding that you want me to redo some approach that i thought was correct , why don't you intervene beforehand? when i was messaging you for advice and when you ignored me for 3 hours? another eg : check my comment on root's rant https://devrant.com/rants/5845126/ (am talking about my tl there but he's also similar)
the tasks they give are also very frustrating. i am an android dev by profession, my previous company was a b2c edtech app that used kotlin, java11, a proper hierarchy and other latest Android advancements.
this company's main Android product is a java sdk that other android apps uses. the java code is verbose , repetitive and with a messed up architecture. for one api, the client is able to attach a listener to some service that is 4 layers down the hierarchy , while got other api, the client provides a listener which is kept as a weak reference while internal listeners come back with the values and update this weak reference . neither my team lead nor my seniors have been able to answer about logic for seperation among various files/classes/internal classes and unnecessary division of code makes me puke.
so by now you might have an idea of my situation: ugly codebase, unavailable/ignorant codeowners (my sr and TL) and tight deadlines.
but i haven't told you about the tasks, coz they get even more shittier
- in addition to adding features/ maintaining this horrible codebase , i would sometimes get task to fix queries by client . note that we have tons of customer representatives that would easily get those stupid queries resolced if they did their job correctly
- we also have hybrid and 3rd party sdks like react, flutter etc in total 7 hybrid sdks which uses this Android library as a dependency and have a wrapper written on its public facing apis in an equally horrible code style. that i have to maintain. i did not got much time/kt to learn these techs, but once my sr. half heartedly explained the code and now every thing about those awful sdls is my responsibility. thank god they don't give me the ios and web SDK too
- the worst is the shitty user side docs. I don't know what shit is going there, but we got like 4 people in the docs team and they are supposed to maintain the documentation of sdk, client side. however they have rasied 20 tickets about 20 pages for me to add more stuff there. like what are you guys supposed to do? we create the changelog, release notes , comments in pr , comments in codebase , test cases, test scenarios, fucking working sample apps and their code bases... then why tf are we supposed to do the documentation on an html based website too?? can't you just have a basic knowledge of running the sample, reading the docs and understand what is going around? do i need to be a master of english too in addition to being a frustrated coder?
just.... fml -
Yeah... I spent way too much fucking time thinking my multi threading was fucked up. When in actuality I had a parameter in a JSON payload for an API call I neglected to check for changes.
A fucking form id! Just one parameter had me frustrated for 2 hours.1 -
Finally im starting to get hang of how nextjs works. Still no idea how query params work, routing api calls, the proper structure, useEffect vs useState, SSR vs static props, etc but i wrote the messiest spaghetti code youve ever seen, and it works! I built a frankenstein. And its alive. Cleaning this shit up is the least difficult part4
-
@dfox For some reason, I can favorite my own rants if I send a request to do it manually, I guess that's not... good?9
-
I am trying to build a forex trading bot using node.js and meta-api.
I have no knowledge of bots before this.
Anyone has worked on this or want to collaborate, It would be great.2 -
Is JAXB explicitly DESIGNED to be the most brittle and frustrating API in the entire Java ecosystem? Sure fucking seems like it. Feels like every damn JDK upgrade or dependency upgrade requires screwing around with JAXB-related code, and not always in trivial ways, or a trek back into dependency management hell for a while. ARGH!!1
-
Consider an API that uses the HTTP path to represent position in a tree that literally represents a file tree with minimal constraints, and GET/PUT/DELETE methods to read, write and destroy the nodes. How would you encode read/write operations to per-node metadata? The kinds of metadata are static and around 4, so inventing HTTP verbs for each of them is infeasible but filtering is not necessary.
Options considered so far:
- toplevel resources alongside a namespaced /data such as /acl, /lock
- magic keywords to the Range header (this is apparently compliant)
- mimetypes such as text/plain+acl
- SETPROP / PROP methods in the spirit of WebDAV
- headers (I worry this may become an immitigable bottleneck really fast)
I'm looking for any kind of suggestion or insight, not perfect answers.
I read the WebDAV specification and I won't even suggest that I'm trying to align with it, the only protocol I'd seen in the past with comparable scope bloat is WebRTC.23 -
Apparently there's a limit to how many API endpoints you can deploy in a second using CDK. Thanks for not having an error message that says that and wasting two weeks.1
-
Twitter developers will authenticate half of their endpoints with some authentication method and the other half with a totally different one (which doesn't work) and their sales team will have the guts to contact you to check if you're still interested to access their API.
My only interest is feeding your corpse to the ravens.2 -
Was working on a nestjs api and building it on a starter template. After a year of work nest framework has been upgraded by two major version and api is unupgradable and in dependency hell.
Solved it by doing a transplant into new codebase built using cli. Only took two days. Everything went better than expected. -
Hi mates 👋
Am going to dedicate myself to dev & open source communities.
I want to build an API that solves something, and I'm looking for your suggestions: what problems in your day-to-day dev life that you would love to have it automated/have it available programmatically?10 -
Do we need compression on api level? say I have a rest api sending json data on requests. So if compression is needed then should it be in the server when returning the json response or in the client side when receiving it? which one is ideal?13
-
Is there a portable DB format like sqlite but stores data like Mongo.
Each record contains key value pairs.
I guess I could install Mongo again... But kinda want to play with the data first. Pulls from a web api
I guess other alternative is to just save the json responses to disk in separate folders and files for now...
And abstract the DB layer behind an interface6 -
I completely *detest* that the MongoDB *shell* is just a fucking jS interpreter with extra API calls sprinkled on top and whoever came up with that idea should have all their commits reverted immediately, working with that thing is a punishment!
I don't even know a way to parse and chew through the json it spits out in my own json viewers, as it's "Extended", and none of my editors understand that!
Ugh, haven't been this frustrated with a tool for a while...5 -
It’s a huge nightmare to develop a React front-end when:
- you have to adapt Bootstrap 3/jQuery based components to React
- the “back-end” is a sparse collection of micro services with cryptic URLs and finding the correct name means searching on a laggy WSO2 API manager
- the documentation of said micro services can be outdated and that means wasting a lot of time trying requests on cURL rather than in doing actual development and continuously breaking your concentration
- sometimes the micro services just become unavailable altogether
- the back-end shuts down at
6PM everyday, usually when after I finally achieved a flow and I’m doing meaningful progress2 -
Hi devs
So been working on a medical and healthcare digital platform and I'm thinking of having a 3rd part API
I created a google form for those interested in testing out and using the API when its release kindly fill in the form
https://docs.google.com/forms/d/...6 -
Quick question for you all: How do you deal with a problem in production that you cannot fix, even over an extended period of time (say 2 months)?
For context I feel like I’m losing my sanity here, we’ve had this problem on our production API since the beginning of March this year. I’ve done so much testing, got in contact with various teams of my company to try to figure out any potential candidate that would explain the bug, but none worked out. No need to say I’ve spent a considerable amount of time searching on the internet for others with the same problem or similar… We’ve even opened a ticket with the cloud host to see if they would have more details about the problem without success. So how do you deal with that ?5 -
Begin to hate Java, moving to kotlin soon . For android development at least with Jetpack compose. Java is deprecated in almost every API.
-
I just love when an API returns a set of results, some have property X as a string and some as a JSON array. Wtf? Good people had put great API wrappers and it works if X is string as per service specification, but breaks otherwise, unsurprisingly.
I had to do a pull request to the wrapper repository to account for this inconsistency 😶3 -
I want extract data from a pdf and turn it into a json object then serve it as an api, I’ve never scraped data from pdf before, what’s the best way to do that?2
-
I'm thinking of making a email validation api that can check if an email address is temporary disposable email, tld domain, from a free email provider, mx detals, delivery availability etc.
Is this even a good API idea?6 -
i always get sucked into this "cute code" hell whenever i am working with a b2c codebase, and especially with kotlin code.
here's a scenario:
task : build a debounce logic for an input view where each user input is currently triggerring an api call.
my steps
1. read what debouncing is.
2. see if any code is available on the internet
=> found a code piece on the internet with some level of abstraction ( basically a simple final class that implements the input event callback and encapsulates the debounce logic)
3) copy it, run it , it wokrs
------
for any sane coder, these steps are hardly 10-30 mins and they can move on with life. but its your truly that made this task into a 6hour research only to come up at similar solution. my curiosity led me to stupid places
1) why this class is final? what if someone else wanna use it but with a different behaviour? lets try open(non final class) .
2) why even use a class? it extends an interface, lets try to wrap the logic in interface itself (kotlin supports interfaces that don't require implementation)
3) umm , the interface works but it looks ugly, with all its global overridden variables. what about we make it extension?
4) yeah the extension approach is also not very good, lets go back to open class.
5) but extend is super nice to look! lets keep the extension and open class too
6) can we optimise the implementation? why it uses an additional handler? what if we provided everything in constructor? how about builder pattern?
FUCK MY BRAIN! there are so much fucking options that i forgot that i spent 4 hours on this small thing
the simplest approach would have been tk just shove all the listeners and everything in activity and forget about it :/
senior devs on this platform, how do you stop yourself from adding every concept that you know into the smallest possible task?6 -
Who the fuck thinks that an private international api should have a limit of 5 tps (transactions per second) lol. Sadly I can't say the name but damn if I have 5 users just browsing our application, it will be throttled.
Mailed the guy why I need a lot more and now its very silent, really hope he can push the limit.6 -
I have the following scenario with a proposed solution, can anyone please confirm it is a secure choice:
- We have critical API keys that we do not want to ship with the app because de-compiling will give access to those keys, and the request is done before the user logs in, we are dealing with guests
Solution:
- Add a Lambda function which accepts requests from the app and returns the API keys
- Lambda will accept the following:
1. Android app signing key sha1
2. iOS signing certificate sha1
- If lambda was able to validate them API keys are sent back.
My concerns:
- Can an attacker read the request from the original (non-tampered) apk and see what the actual sha1 value is on his local network?
- If the answer to the question above is yes, what is the recommended way to validate that the request received is actually from the app that we shipped and not from curl/postman/script/modified version of the app11 -
All the microservices are planning to communicate via kafka. And they are planning to put a REST API between kafka and the service. So all services hit the REST API with the events and the REST API send events to kafka.
I don't see any benefit of having a REST API between the service and kafka. What are the opinions in the wild?12 -
Node server with webpack poly fill on embedded device. Why 😂 .
Replacing node-fetch with node http instead of waiting for native node fetch API. Why 😂
All npm scripts on package.json are dead. Why 😂
Node server is not even sharing TS interfaces with frontend.
Customers are complaining about MeM0r1 L3k and let's build more features on stupid node.
Fucking kill me.1 -
Utility libraries, because I actually get to see my life improve because I have them. Creating new projects becomes easier because I put parts I reuse somewhere else.
There was an old config file generator/manager I kept using for a while, some string conversion libraries between formats, some REST/WebRTC API wrappers, I have a web audio API I create tunes with in various projects. CI/CD scripts for laziness so I never have to know how to set anything up again. Lately the thing I'm most happy about is I turned some free text saving service into a makeshift database and it's been working well for about half a dozen projects now. Wouldn't handle large amount of users but can't beat free and easy.
I also find merit in prototypes/old projects, because I can reference random things I did in them in newer unrelated projects. Things too small to warrant their own utility library, argh! -
The frontend rightfully can't call APIs marked experimental from our public API. So teams go and implement everything as private APIs so no one can do anything with our public API since there are hardly any endpoints.
-
so i am trying to checkout devrant apis on
i want to get access to all rants of my original account "curioustools", so i tried this get api (id is correct, i generated via another user api) .
https://devrant.io/rants/...
it is giving 404, but user does exists . anyone have idea about this api or what am i doing wrong8 -
It's not GDPR compliance unless it comes from the GDPR region of Brussels.
Otherwise it's just a sparkling high latency CRUD API over Email enforced by law.3 -
After completing the startup, all about api calls;
Supabase as server, netlify calls for storing data into supab, some frontend and stripe as payment method, using webhooks to do some logic behind,
I never thought that I could finish it, now I'm answering questions on Quora about it and doing content for it. Feels odd and want to code AGAIN!2 -
Fucking taiga wasting my day.
Client asked to set up a private taiga (taiga.io, some open source Jira alternative).
All goes fine and dandy until you need to link domain user creation to taiga user creation.
Seems I have to choose between having public registration (allows to programmatically create users, but also randoms to sign up) or use their private registry API that asks for a fucking token that is supposed to be returned from their membership/invitation API, that, guess what, doesn't return any bloody token. You can only get the token on the Django admin control panel.
Guess I'll have to end setting up LDAP or integrating with their existing gitlab, but this gig is already starting to smell, and we are close to the weekend 😡1 -
I now know why Google Clouds sucks compared to AWS, and Azure.
1. No free tier
2. Pricing is confusing and designed for comp scis
3. Too componentized.
I wanted to translate text in an image like Google Translate/Lens.
Google: after a long search of the site's developer docs, I need the Translate and Vision APIs which have separate pricing specified in hours and task type
Microsoft: search Translate API,
Does images, first 5 million characters are free8 -
I feel like the "DEL | PUT | PATCH" verb are overrated. I still cannot see it's usefulness to this day.18
-
Question for someone who uses Mongo Atlas Search:
If I'm only interested in autocomplete from the start of the text, which is more performant?
1) standard analyzer + edgeGram tokenizer
2) keyword analyzer + edgeGram tokenizer
I don't see why I should index separate words if I don't care about random positions :/
Thank you6 -
hey, so i have recently started learning about node js and express based backend development.
can you suggest some good github repositories that showcase real life backend systems which i can use as inspiration to learn about the tech?
like for eg, i want to create a general case solution for authentication and profile management : a piece of db+api end points + models to :
- authenticate user : login/signup , session expire, o auth 2 based login/signup, multi account login, role based access, forgot password , reset password, otp login , etc
- authorise user : jwt token authentication, ip whitelisting, ssl pinning , cors, certificate based authentication , etc (
- manage user : update user profile, delete user, map services , subscriptions and transactions to user , dynamic meta properties ( which can be added/removed for a single user and not exactly part of main user profile) , etc
followed by deployment and the assoc concepts involved : deployment, clusters, load balancers, sharding ,... etc
----
these are all the buzzwords that i have heard that goes into consideration when designing a secure authentication system for a particular large scale website like linkedin or youtube. am not even sure how many of these concepts would require actual codelines and how many would require something else.
so wanted inspiration from open source content to learn about it in depth, replicate and create new better stuff if possible .
apart from that, other backend architectures like video/images storage system, or just some server for movie, social media, blog website etc would also help.2 -
Trying to make a nodejs backend is pure hell. It doesn't contain much builtin functionality in the first place and so you are forced to get a sea of smaller packages to make something that should be already baked in to happen. Momentjs and dayjs has thought nodejs devs nothing about the fact node runtime must not be as restrained as a browser js runtime. Now we are getting temporal api in browser js runtime and hopefully we can finally handle timezone hell without going insane. But this highlights the issue with node. Why wait for it to be included in js standard to finally be a thing. develop it beforehand. why are you beholden to Ecma standard. They write standards for web browser not node backend for god sake.
Also, authentication shouldn't be that complicated. I shouldn't be forced to create my own auth. In laravel scaffolding is already there and is asking you to get it going. In nodejs you have to get jwt working. I understand that you can get such scaffolding online with git clone but why? why express doesn't provide buildtin functions for authentication? Why for gods sake, you "npm install bcrypt"? I have to hash my own password before hand. I mean, realistically speaking nodejs is builtin with cryptography libraries. Hashmap literally uses hashing. Why can't it be builtin. I supposed any API needed auth. Instead I have to sign and verfiy my token and create middlewares for the job of making sure routes are protected.
I like the concept of bidirectional communication of node and the ugly thing, it's not impressive. any goddamn programming language used for web dev should realistically sustain two-way communication. It just a question of scaling, but if you have a backend that leverages usockets you can never go wrong. Because it's written in c. Just keep server running and sending data packets and responding to them, and don't finalize request and clean up after you serve it just keep waiting for new event.
Anyway, I hope out of this confused mess we call nodejs backend comes clean solutions just like Laravel came to clean the mess that was PHP backend back then.
Express is overrated by the way, and mongodb feels like a really ludicrous idea. we now need graphql in goddamn backend because of mongodb and it's cousins of nosql databases.7 -
In a Backend API team, should the product owner know about all the flows that our APIs are used for, as in, should the product owner be the source of truth for this? Obviously it is best for engineers to know this information, but is it the POs responsibility to know this?2
-
Just asked our devops guy to create 2 environments for 2 repos (BE and FE). He said this would take around 10h. Is this normal? Nothing fancy just a NestJS API and a React FE. It’s in AWS.8
-
How to separately host the backend and the frontend ???
I have express API repository which is currently hosted in Heroku along with its documentation site written in ejs.
But now I'm planning on separating the docs website with gatsby and moving it into another repo and hosting it on netlify while the API service still remains in Heroku.
Here is the end goal :
"/" : the docs website.(netlify)
"/api" : the API services.(heroku)
Can someone help me with how to implement this in the actual application?3 -
Last year I did a statistics course, and my classes were completely remote. When it came down to exam season, instead of studying I learned python's data analysis libraries, I passed with flying colors. I have an idea, if exams continue to be online I will be spending a lot of my time trying to get the answers from whatever API they are using, hopefully, they have poor security. If it's hopeless, I'll just study1
-
Can you recommend me some simple php+mysql based backend framework in order to build a simple rest api (with login, signup, scope data) ?6
-
postman to manually check api endpoint works
try again later, doing what you think was the exact same shit, which you've documented, reread your document get 404
fuck csrf
use debugger
find out its returning a 404 when the code i added fails, welp4 -
One of our previous clients is not paying the rest of the payments after receiving the codes. What are the things we can/should do digitally to make them pay the payment?
btw, it was a web app. we worked on the front end and the backend of the app. So, naturally we know all the API endpoints, we have the database access, and so on. So yeah, we can do so many things.
But still I wanna ask you guys, what would you do to make someone pay?3 -
Okay...How the heck do I get this Twitter API? I wanted this API for a project that required elevated access. submitted the application and got rejected.
Then I changed my use case and only needed simple Access to implement Login with Twitter. used my university email, and was rejected again.
Do they even give this API to anyone?4 -
I'm try to make a color picker browser extension and I want to open eyedropper element in firefox using `EyeDropper` api but it doesn't support in firefox it is only support in chrome, is there any alternative of it in firefox?8
-
Just built out my first app using Cloudflare Workers, Typescript, and DurableObjects. Holy shit, this is nice stuff.
It's taken little to no time to build out:
* JSON API written in Typescript
* JWT verification against my OAuth backend (SAML support too)
* CI Automated Deployments including unit tests
* DurableObject support
* 3rd party HTTP calls + caching (built in to the framework!) to reduce network latency and hiccups.
* Cron-like tasks on each stored object so they can awaken the app on a schedule and update themselves as necessary
* Rapid deployment to new environments
The local testing with coordinated "miniflare" is dreamy too. -
how do I test long scenarios? I have an app with 10 screens to complete. I have a dropdown on the first screen which creates a table row element on the last screen. should I do selenium or unit test or both? selenium will have to click through the whole app and call every API just for 1 assertion. unit test will only check the dropdown has the right options which are subject to change and not really worth testing. I run into this problem every time I want to write a test. i always miss something in my manual testing and introduce defects. what should I do?3
-
Is there up-to-date API documentation for devrant? I am stuck on the posting API calls, especially on what data is required.8
-
Backend developer does not even sort his API results by ID or name. Damn. I hate dependencies like this. Simple things but they are too lazy to do.1