Oh, man, I just realized I haven't ranted one of my best stories on here!

So, here goes!

A few years back the company I work for was contacted by an older client regarding a new project.

The guy was now pitching to build the website for the Parliament of another country (not gonna name it, NDAs and stuff), and was planning on outsourcing the development, as he had no team and he was only aiming on taking care of the client service/project management side of the project.

Out of principle (and also to preserve our mental integrity), we have purposely avoided working with government bodies of any kind, in any country, but he was a friend of our CEO and pleaded until we singed on board.

Now, the project itself was way bigger than we expected, as the wanted more of an internal CRM, centralized document archive, event management, internal planning, multiple interfaced, role based access restricted monster of an administration interface, complete with regular user website, also packed with all kind of features, dashboards and so on.

Long story short, a lot bigger than what we were expecting based on the initial brief.

The development period was hell. New features were coming in on a weekly basis. Already implemented functionality was constantly being changed or redefined. No requests we ever made about clarifications and/or materials or information were ever answered on time.

They also somehow bullied the guy that brought us the project into also including the data migration from the old website into the new one we were building and we somehow ended up having to extract meaningful, formatted, sanitized content parsing static HTML files and connecting them to download-able files (almost every page in the old website had files available to download) we needed to also include in a sane way.

Now, don't think the files were simple URL paths we can trace to a folder/file path, oh no!!! The links were some form of hash combination that had to be exploded and tested against some king of database relationship tables that only had hashed indexes relating to other tables, that also only had hashed indexes relating to some other tables that kept a database of the website pages HTML file naming. So what we had to do is identify the files based on a combination of hashed indexes and re-hashed HTML file names that in the end would give us a filename for a real file that we had to then search for inside a list of over 20 folders not related to one another.

So we did this. Created a script that processed the hell out of over 10000 HTML files, database entries and files and re-indexed and re-named all this shit into a meaningful database of sane data and well organized files.

So, with this we were nearing the finish line for the project, which by now exceeded the estimated time by over to times.

We test everything, retest it all again for good measure, pack everything up for deployment, simulate on a staging environment, give the final client access to the staging version, get them to accept that all requirements are met, finish writing the documentation for the codebase, write detailed deployment procedure, include some automation and testing tools also for good measure, recommend production setup, hardware specs, software versions, server side optimization like caching, load balancing and all that we could think would ever be useful, all with more documentation and instructions.

As the project was built on PHP/MySQL (as requested), we recommended a Linux environment for production. Oh, I forgot to tell you that over the development period they kept asking us to also include steps for Windows procedures along with our regular documentation. Was a bit strange, but we added it in there just so we can finish and close the damn project.

So, we send them all the above and go get drunk as fuck in celebration of getting rid of them once and for all...

Next day: hung over, I get to the office, open my laptop and see on new email. I only had the one new mail, so I open it to see what it's about.

Lo and behold! The fuckers over in the other country that called themselves "IT guys", and were the ones making all the changes and additions to our requirements, were not capable enough to follow step by step instructions in order to deploy the project on their servers!!!

[Continues in the comments]

I'm drunk and I'll probably regret this, but here's a drunken rank of things I've learned as an engineer for the past 10 years.

The best way I've advanced my career is by changing companies.

Technology stacks don't really matter because there are like 15 basic patterns of software engineering in my field that apply. I work in data so it's not going to be the same as webdev or embedded. But all fields have about 10-20 core principles and the tech stack is just trying to make those things easier, so don't fret overit.

There's a reason why people recommend job hunting. If I'm unsatisfied at a job, it's probably time to move on.

I've made some good, lifelong friends at companies I've worked with. I don't need to make that a requirement of every place I work. I've been perfectly happy working at places where I didn't form friendships with my coworkers and I've been unhappy at places where I made some great friends.

I've learned to be honest with my manager. Not too honest, but honest enough where I can be authentic at work. What's the worse that can happen? He fire me? I'll just pick up a new job in 2 weeks.

If I'm awaken at 2am from being on-call for more than once per quarter, then something is seriously wrong and I will either fix it or quit.

pour another glass

Qualities of a good manager share a lot of qualities of a good engineer.

When I first started, I was enamored with technology and programming and computer science. I'm over it.

Good code is code that can be understood by a junior engineer. Great code can be understood by a first year CS freshman. The best code is no code at all.

The most underrated skill to learn as an engineer is how to document. Fuck, someone please teach me how to write good documentation. Seriously, if there's any recommendations, I'd seriously pay for a course (like probably a lot of money, maybe 1k for a course if it guaranteed that I could write good docs.)

Related to above, writing good proposals for changes is a great skill.

Almost every holy war out there (vim vs emacs, mac vs linux, whatever) doesn't matter... except one. See below.

The older I get, the more I appreciate dynamic languages. Fuck, I said it. Fight me.

If I ever find myself thinking I'm the smartest person in the room, it's time to leave.

I don't know why full stack webdevs are paid so poorly. No really, they should be paid like half a mil a year just base salary. Fuck they have to understand both front end AND back end AND how different browsers work AND networking AND databases AND caching AND differences between web and mobile AND omg what the fuck there's another framework out there that companies want to use? Seriously, why are webdevs paid so little.

We should hire more interns, they're awesome. Those energetic little fucks with their ideas. Even better when they can question or criticize something. I love interns.

sip

Don't meet your heroes. I paid 5k to take a course by one of my heroes. He's a brilliant man, but at the end of it I realized that he's making it up as he goes along like the rest of us.

Tech stack matters. OK I just said tech stack doesn't matter, but hear me out. If you hear Python dev vs C++ dev, you think very different things, right? That's because certain tools are really good at certain jobs. If you're not sure what you want to do, just do Java. It's a shitty programming language that's good at almost everything.

The greatest programming language ever is lisp. I should learn lisp.

For beginners, the most lucrative programming language to learn is SQL. Fuck all other languages. If you know SQL and nothing else, you can make bank. Payroll specialtist? Maybe 50k. Payroll specialist who knows SQL? 90k. Average joe with organizational skills at big corp? $40k. Average joe with organization skills AND sql? Call yourself a PM and earn $150k.

Tests are important but TDD is a damn cult.

Cushy government jobs are not what they are cracked up to be, at least for early to mid-career engineers. Sure, $120k + bennies + pension sound great, but you'll be selling your soul to work on esoteric proprietary technology. Much respect to government workers but seriously there's a reason why the median age for engineers at those places is 50+. Advice does not apply to government contractors.

Third party recruiters are leeches. However, if you find a good one, seriously develop a good relationship with them. They can help bootstrap your career. How do you know if you have a good one? If they've been a third party recruiter for more than 3 years, they're probably bad. The good ones typically become recruiters are large companies.

Options are worthless or can make you a millionaire. They're probably worthless unless the headcount of engineering is more than 100. Then maybe they are worth something within this decade.

Work from home is the tits. But lack of whiteboarding sucks.

I recently joined the dark side - an agile consulting company (why and how is a long story). The first client I was assigned to was an international bank. The client wanted a web portal, that was at its core, just a massive web form for their users to perform data entry.

My company pitched and won the project even though they didn't have a single developer on their bench. The entire project team (including myself) was fast tracked through interviews and hired very rapidly so that they could staff the project (a fact I found out months later).

Although I had ~8 years of systems programming experience, my entire web development experience amounted to 12 weeks (a part time web dev course) just before I got hired.

I introduce to you, my team ...

Scrum Master. 12 years experience on paper.
Rote memorised the agile manifesto and scrum textbooks. He constantly went “We should do X instead of (practical thing) Y, because X is the agile way.” Easily pressured by the client to include ridiculous (real time chat in a form filling webpage), and sometimes near impossible features (undo at the keystroke level). He would just nag at the devs until someone mumbled ‘yes' just so that he would stfu and go away.

UX Designer. 3 years experience on paper ... as business analyst.
Zero professional experience in UX. Can’t use design tools like AI / photoshop. All he has is 10 weeks of UX bootcamp and a massive chip on his shoulder. The client wanted a web form, he designed a monstrosity that included several custom components that just HAD to be put in, because UX. When we asked for clarification the reply was a usually condescending “you guys don’t understand UX, just do <insert unhandled edge case>, this is intended."

Developer - PHD in his first job.
Invents programming puzzles to solve where there are none. The user story asked for a upload file button. He implemented a queue system that made use of custom metadata to detect file extensions, file size, and other attributes, so that he could determine which file to synchronously upload first.

Developer - Bootlicker. 5 years experience on paper.
He tried to ingratiate himself with the management from day 1. He also writes code I would fire interns and fail students for. His very first PR corrupted the database. The most recent one didn’t even compile.

Developer - Millennial fratboy with a business degree. 8 years experience on paper.
His entire knowledge of programming amounted to a single data structures class he took on Coursera. Claims that’s all he needs. His PRs was a single 4000+ line files, of which 3500+ failed the linter, had numerous bugs / console warnings / compile warnings, and implemented 60% of functionality requested in the user story. Also forget about getting his attention whenever one of the pretty secretaries walked by. He would leap out of his seat and waltz off to flirt.

Developer - Brooding loner. 6 years experience on paper.
His code works. It runs, in exponential time. Simply ignores you when you attempt to ask.

Developer - Agile fullstack developer extraordinaire. 8 years experience on paper.
Insists on doing the absolute minimum required in the user story, because more would be a waste. Does not believe in thinking ahead for edge conditions because it isn’t in the story. Every single PR is a hack around existing code. Sometimes he hacks a hack that was initially hacked by him. No one understands the components he maintains.

Developer - Team lead. 10 years of programming experience on paper.
Writes spaghetti code with if/else blocks nested 6 levels deep. When asked "how does this work ?”, the answer “I don’t know the details, but hey it works!”. Assigned as the team lead as he had the most experience on paper. Tries organise technical discussions during which he speaks absolute gibberish that either make no sense, or are complete misunderstandings of how our system actually works.

The last 2 guys are actually highly regarded by my company and are several pay grades above me. The rest were hired because my company was desperate to staff the project.

There are a 3 more guys I didn’t mention. The 4 of us literally carried the project. The codebase is ugly as hell because the others merge in each others crap. We have no unit tests, and It’s near impossible to start because of the quality of the code. But this junk works, and was deployed to production. Today is it actually hailed as a success story.

All these 3 guys have quit. 2 of them quit without a job. 1 found a new and better gig.

I’m still here because I need the money. There’s a tsunami of trash code waiting to fail in production, and I’m the only one left holding the fort.

Why am I surrounded by morons?
Why are these retards paid more than me?
Why are they so proud when all they produce is trash?
How on earth are they still hired?

And yeah, FML.

Perhaps not "best", but certainly most amusing, so what the heck!

Years ago as an intern, I applied to a large pharmaceutical company. On part of the application form, you had to enter the code of the department you were applying to.

What I *should have* put down was "IT", which is the department that houses all their devs. However, I didn't actually read any of what the codes meant, assumed that was the department for helping people with how to mail merge, and put down "COMPSCI" instead. This was computational sciences - loosely summarised as computational data analysis on various druggable molecules.

I do *not* have any sort of biology or chemistry background, so the interview was rather... interesting, and I muddled through on the basis of getting some more interview practice assuming it was a no go.

To my amazement, got a phone call saying that they'd been thinking they wanted someone more technical on the team, and despite my lack of scientific experience they thought I'd be a good fit. I was unsure as to whether I should accept for a while, but then decided to just go for it - and had a fantastic internship there, working on a great variety of stuff, and learning tons all under a supervisor who I'm still in touch with to this day.

tl;dr - Applied for the wrong job. Coincidentally got it anyway, and miraculously had a fantastic year working there.

Manager: 'Please remove this checkbox from that page.'

Me: 'Sure thing, it was stupid anyway. Just gimme a couple of minutes.'

Legacy code: 'LOL the checkbox is wired to everything else and if you simply remove it the backend will shit itself. There is several hundred lines of inline Javascript in the HTML template with some Thymeleaf stuff managing the form data or just are there to make the code less readable. The controller for the page is a bit more than a thousand lines of spaghetti, no easy way to find where is that specific data necessary and where can be easily removed. Class variables declared between methods, dozens of nested if statements checking shit in every method and the data is passed through like half a dozen other classes. Good luck with that!'

Me: '💩.'

I've had my share of incompetent coworkers. In order of appearance:

1. A full stack dev. This one guy never, and I mean NEVER uses relationships in their tables. No indexing, no keys, nada. Couple of months later he was baffled why his page took ten seconds to load.

2. The same dev as (1). Requirement was to create some sort of "theme" feature for a web app. Hacked it by putting !important all over the place.

3. The same dev again. He creates several functions that if the data exists returns a view, and if it doesn't, "echo '0'". No, not return 0 or return false or anything, but fucking echo. This was PHP. If posted a rant about this a few months ago.

4. Same dev, has no idea what clean code is. No, not just reusable functions, he doesn't even get indenting right. Some functions have 4 spaces, some 2 tabs, some 6 tabs! And this is inside the same function. God wait until he tries Python...

5. Same dev now suggests that he become the PM. GM approves (very small company). Assigns me to travel to a client since they needed "technical assistance about the API". Was actually there to lead a UAT session.

Intermezzo, that guy went from fullstack dev to PM to sales (yes, one who calls clients to offer products) to business development, to product analyst in the span of two years.

After a year and a half there, I quit.

6. New company, a "QA engineer" who also assumes the role as the product owner. Does absolutely no tests other than "functional tests" in which he NEVER produces any form of documentation. Not even a set of test cases. He goes by "intuition".

7. Same guy as (6), hands me requirements for a feature. By "hands me" I mean he did that verbally. No spec documents, no slack chat, no Trello card. I ended up writing it as a card in Trello. Fast forward to the due date, he flips out because that wasn't what he wanted. Showed him the card. He walked away, without thinking of a solution how this mess should be handled.

Despite all this, I really don't want him (6&7) to leave the company. The devs get really stressed out at this job and he does make a really good person to laugh with/at.

I wonder why banks are always so terribly insecure, given how much money there's for grabs in there for hackers.

Just a while ago I got a new prepaid credit card from bpost, our local postal service that for some reason also does banking. The reason for that being that - thank you 'Murica! - a lot of websites out there don't accept anything but credit cards and PayPal. Because who in their right mind wouldn't use credit cards, right?! As it turns out, it's pretty much every European I've spoken to so far.

That aside, I got that card, all fine and dandy, it's part of the Mastercard network so at least I can get my purchases from those shitty American sites that don't accept anything else now. Looked into the manual of it because bpost's FAQ isn't very clear about what my login data for their online customer area now actually is. Not that their instruction manual was either.

I noticed in that manual that apparently the PIN code can't be changed (for "security reasons", totally not the alternative that probably they didn't want to implement it), and that requesting a forgotten PIN code can be done with as little as calling them up, and they'll then send the password - not a reset form, the password itself! IN THE FUCKING MAIL.

Because that's apparently how financial institutions manage their passwords. The fact that they know your password means that they're storing it in plain text, probably in a database with all the card numbers and CVC's next to it. Wouldn't that be a treasure trove for cybercriminals, I wonder? But YOU the customer can't change your password, because obviously YOU wouldn't be able to maintain a secure password, yet THEY are obviously the ones with all the security and should be the ones to take out of YOUR hands the responsibility to maintain YOUR OWN password.

Banking logic. I fucking love it.

As for their database.. I reckon that that's probably written in COBOL too. Because why wouldn't you.

After work I wanted to come home and work on a project. I have a few ideas for a few things I want to do, so I started a Trello board with the ideas to start mapping things out. But there were guys redoing the kitchen tile and it was noisy as fuck. So I packed up and headed to the library.

So I get all set up, and start plugging away. Currently working on a database design for a project that is a form for some user data collection for my dad, for an internal company thing. I am not contracted for this - I just know the details so I am using it as a learning exercise. Anyway...

I'm fucking about in a VM in MySQL and I feel someone behind me. So I turn and it's this girl looking over my shoulder. She asks what I am doing, and it turned into a 2 hour conversation. She is only a few years older than me (21) but she was brilliant. She (unintentionally) made me feel SO stupid with her scope of knowledge and giant brain. I learned quite a bit from talking to her and she offered to help me further, if I liked.

And she was really cute. We exchanged phone numbers...

What kind of supercomputer you have to use to get these fucking websites to work smoothly????

I'm on a fucking gigabit connection, ryzen 7 7700x, 32GB ram, and a fucking nvme, all it takes is opening a fucking recipe site and I'm instantly transported back to the 80s. I swear if i see another 4k asset I'm gonna punch something.

WHAT THE FUCK HAPPENED TO FUNCTION OVER FORM????

Oh do you want me to disable my addblocker??? How about: you make a site that works you fuck. No i will not fucking subscribe to your brain-dead newsletter why the fuck would I???
And since when are cookies needed for a fucking plaintext site you asshat??? Tracking??? I swear if you could you would generate metadata from my clipped fingernails if it meant you could stick "Big data" next to that zip-bomb you call a website.

I WOULD like to read your article, possibly even watch a couple of ads on my sidebar for you, but noooooo you had to have the stupid fucking google vinegrette or however the fuck they are calling the fucking thing now.

The age of the web sucks the happiness out of life, and despite having all of this processing power, I am jealous of my fathers RSS feeds.

I'm sorry web people, I know it's not your fault, I know designers and management don't give a shit how long a website takes to load. I just wanted to make a fucking omelette.

Stupid annoying client want me to add 2 new fields on a form. Ok I said, my estimation is that I need 2 days to make the changes on form, database and all the scripts that posting and getting data, plus testing. His reply was, come one do you really want 48 hours to just add 2 fields, its sooo easy!!!! WTF dude... if it is sooo easy why are you fucking bother me??? Do it your self!!!!

Hahaha, the DPC (Data Protection Commission) has asked Facebook in a letter to stop transferring Europeans' data to the US.

Since the Privacy Shield agreement is off the table, it's illegal regardless to send any kind of PII data from the EU to the US.

How about we stop nicely asking and start giving fines in the form of millions every time PII data is transferred from the EU to the US by Facebook?

If the EU could grow some balls, that'd be fucking great.

3 rants for the price of 1, isn't that a great deal!

1. HP, you braindead fucking morons!!!

So recently I disassembled this HP laptop of mine to unfuck it at the hardware level. Some issues with the hinge that I had to solve. So I had to disassemble not only the bottom of the laptop but also the display panel itself. Turns out that HP - being the certified enganeers they are - made the following fuckups, with probably many more that I didn't even notice yet.

- They used fucking glue to ensure that the bottom of the display frame stays connected to the panel. Cheap solution to what should've been "MAKE A FUCKING DECENT FRAME?!" but a royal pain in the ass to disassemble. Luckily I was careful and didn't damage the panel, but the chance of that happening was most certainly nonzero.
- They connected the ribbon cables for the keyboard in such a way that you have to reach all the way into the spacing between the keyboard and the motherboard to connect the bloody things. And some extra spacing on the ribbon cables to enable servicing with some room for actually connecting the bloody things easily.. as Carlos Mantos would say it - M-m-M, nonoNO!!!
- Oh and let's not forget an old flaw that I noticed ages ago in this turd. The CPU goes straight to 70°C during boot-up but turning on the fan.. again, M-m-M, nonoNO!!! Let's just get the bloody thing to overheat, freeze completely and force the user to power cycle the machine, right? That's gonna be a great way to make them satisfied, RIGHT?! NO MOTHERFUCKERS, AND I WILL DISCONNECT THE DATA LINES OF THIS FUCKING THING TO MAKE IT SPIN ALL THE TIME, AS IT SHOULD!!! Certified fucking braindead abominations of engineers!!!

Oh and not only that, this laptop is outperformed by a Raspberry Pi 3B in performance, thermals, price and product quality.. A FUCKING SINGLE BOARD COMPUTER!!! Isn't that a great joke. Someone here mentioned earlier that HP and Acer seem to have been competing for a long time to make the shittiest products possible, and boy they fucking do. If there's anything that makes both of those shitcompanies remarkable, that'd be it.

2. If I want to conduct a pentest, I don't want to have to relearn the bloody tool!

Recently I did a Burp Suite test to see how the devRant web app logs in, but due to my Burp Suite being the community edition, I couldn't save it. Fucking amazing, thanks PortSwigger! And I couldn't recreate the results anymore due to what I think is a change in the web app. But I'll get back to that later.

So I fired up bettercap (which works at lower network layers and can conduct ARP poisoning and DNS cache poisoning) with the intent to ARP poison my phone and get the results straight from the devRant Android app. I haven't used this tool since around 2017 due to the fact that I kinda lost interest in offensive security. When I fired it up again a few days ago in my PTbox (which is a VM somewhere else on the network) and today again in my newly recovered HP laptop, I noticed that both hosts now have an updated version of bettercap, in which the options completely changed. It's now got different command-line switches and some interactive mode. Needless to say, I have no idea how to use this bloody thing anymore and don't feel like learning it all over again for a single test. Maybe this is why users often dislike changes to the UI, and why some sysadmins refrain from updating their servers? When you have users of any kind, you should at all times honor their installations, give them time to change their individual configurations - tell them that they should! - in other words give them a grace time, and allow for backwards compatibility for as long as feasible.

3. devRant web app!!

As mentioned earlier I tried to scrape the web app's login flow with Burp Suite but every time that I try to log in with its proxy enabled, it doesn't open the login form but instead just makes a GET request to /feed/top/month?login=1 without ever allowing me to actually log in. This happens in both Chromium and Firefox, in Windows and Arch Linux. Clearly this is a change to the web app, and a very undesirable one. Especially considering that the login flow for the API isn't documented anywhere as far as I know.

So, can this update to the web app be rolled back, merged back to an older version of that login flow or can I at least know how I'm supposed to log in to this API in order to be able to start developing my own client?

Just before you, my fellow system programmer, scroll past this, let me say this:

🍬 The web is actiually simple. 🍬

Both HTML and CSS is declarative. It's all easy when you understand the concepts, learn how to be idiomatic and quit trying to do that imperative bullshit in languages that aren't imperative.

HTML is simple. You know the boilerplate: doctype, head, body, that's all. Just mark it up and do NOT look at it before you end, mark it up as it were article or something. The appearance is up to css.

CSS is simple. You may even forget bem or rscss, you're already a skilled software developer. Use common sense and your code-splitting and naming skills you gained reading The Code Complete or doing software development for years.

Forget mockups. Forget absolute positioning, forget setting width and height in pixels. Go to awwwards, find some inspiration. Draw some buttons and fields on paper with your good old pencil. Then go and write some css. Feel free to steal some shadows and transitions from codepen.

Read about 8-pixel grid system. Let every element push away from others by setting something like margin: 16px; and whoops! You've just got fully responsive and got great vertical rhythm without even using media queries!

Oh my god, do NEVER set width and height explicitly! Type something like button { width: 120px; } and bang! The entire web page is broken. Quit that shit. Let it resize as it should. It will resize itself to fit its contents.

HTML is by default ready for your template engine. That's how you receive data from server — as server-side rendered, plain old HTML page. On the other hand, the form element is the most axiomatic and simple way to send the data to server. That's how you send it — as plain old GET or POST that every webserver can handle.

All of there are true:
1. It's easy to get great 100% responsiveness without media queries.
2. It's easy to align items in row, it's just one line of css. Maybe two, if you still want elements to wrap, but want to use flexbox:
.parent {
display: flex;
flex-wrap: wrap;
}
3. HTML and CSS are fast by default.
4. You don't need mockups to achieve great visual experience. Mockups is imperative, web is declarative.
5. You may not even need JavaScript to make great website.

Go on, ask me a question about web! I'll ready to answer everything.

What I'm posting here is my 'manifesto'/the things I stand for. You may like it, you may hate it, you may comment but this is what I stand for.

What are the basic principles of life? one of them is sharing, so why stop at software/computers?
I think we should share our software, make it better together and don't put restrictions onto it. Everyone should be able to contribute their part and we should make it better together. Of course, we have to make money but I think that there is a very good way in making money through OSS.

Next to that, since the Snowden releases from 2013, it has come clear that the NSA (and other intelligence agencies) will try everything to get into anyone's messages, devices, systems and so on. That's simply NOT okay.
Our devices should be OUR devices. No agency should be allowed to warrantless bypass our systems/messages security/encryptions for the sake of whatever 'national security' bullshit. Even a former NSA semi-director traveled to the UK to oppose mass surveillance/mass govt. hacking because he, himself, said that it doesn't work.

We should be able to communicate freely without spying. Without the feeling that we are being watched. Too badly, the intelligence agencies of today do not want us to do this and this is why mass surveillance/gag orders (companies having to reveal their users' information without being allowed to alert their users about this) are in place but I think that this is absolutely wrong. When we use end to end encrypted communications, we simply defend ourselves against this non-ethical form of spying.
I'm a heavy Signal (and since a few days also Riot.IM (matrix protocol) (Riot.IM with end to end crypto enabled)), Tutanota (encrypted email) and Linux user because I believe that only those measures (open source, reliable crypto) will protect against all the mass spying we face today.
The applications/services I strongly oppose are stuff like WhatsApp (yes, encryted messages but the metadata is readily available and it's closed source), skype, gmail, outlook and so on and on and on.

I think that we should OWN our OWN data, communications, browsing stuffs, operating systems, softwares and so on.

This was my rant.

Forgive me father, for I have sinned.  Alot actually, but I'm here for technical sins.  Okay, a particular series of technical sins.  Sit your ass back down padre, you signed up for this shit.  Where was I?  Right, it has been 11429 days since my last confession.  May this serve as equal parts rant, confession, and record for the poor SOB who comes after me.

Ended up in a job where everything was done manually or controlled by rickety Access "apps".  Many manhours were wasted on sitting and waiting for the main system to spit out a query download so it could be parsed by hand or loaded into one of the aforementioned apps that had a nasty habit of locking up the aged hardware that we were allowed.  Updates to the system were done through and awful utility that tended to cut out silently, fail loudly and randomly, or post data horrifically wrong.

Fuck that noise.  Floated the idea of automating downloads and uploads to bossman.  This is where I learned that the main system had no SQL socket by default, but the vendor managing the system could provide one for an obscene amount of money.  There was no buy in from above, not worth the price.

Automated it anyway.  Main system had a free form entry field, ostensibly for handwriting SELECT queries.  Using Python, AutoHotkey, and glorified copy-pasting, it worked after a fashion.  Showed the time saved by not having to do downloads manually.  Got us the buy in we needed, bigwigs get negotiating with the vendor, told to start developing something based on some docs from the vendor.  Keep the hacky solution running as team loves not having to waste time on downloads.

Found SQLi vulnerability in the above free form query system, brought it up to bossman to bring up the chain.  Vulnerability still there months later.  Test using it for automated updates.  Works and is magnitudes more stable than update utility.  Bring it up again and show the time we can save exploiting it.  Decision made to use it while it exists, saves more time.  Team happier, able to actual develop solutions uninterrupted now.  Using Python, AutoHotkey, glorified copy-pasting, and SQLi in the course of day to day business critical work.  Ugliest hacky thing I've ever caused to exist.

Flash forward 6 years.  Automation system now in heavy use acrossed two companies.  Handles all automatic downloads for several departments, 1 million+ discrete updates daily with alot of room for expansion, stuff runs 24/7 on schedule, most former Access apps now gone and written sanely and managed by the automation system.  Its on real hardware with real databases and security behind it.

It is still using AutoHotkey, copy-paste, and SQLi to interface with the main system.  There never was and never will be a SQL socket.  Keep this hellbeast I've spawned chugging along.

I've pointed out how many ways this can all go pearshaped.  I've pointed out that one day the vendor will get their shit together they'll come in post system update and nothing will work anymore.  I've pointed out the danger in continuing to use the system with such a glaring SQLi vulnerability.

Noone cares.  Won't be my problem soon enough.

In no particular order:
Fuck management for not fighting for a good system interface
Fuck the vendor for A) not having a SQL socket and B) leaving the SQLi vulnerability there this long
Fuck me for bringing this thing into existence

The bossman asked if our signup service sends an automated email after we successfully process someone's payment or when we promote them to full customer.

That sounds like a simple query, yeah?

Well.

Here's some background:

We have four applications; one in React, three in Rails. I'll replace their names to retain some anonymity.
1) "IceSkate" is the React app, and it's a glorified signup form. (I wrote this one.)
2) "Bogan" is the main application, and is API-only; its frontend has been long since deprecated by the following two:
3) "Bum" is a fork of "Bogan" that has long since diverged. It now contains admin-only tools.
4) "Kulkuri" is also a fork of "Bogan" that has long since diverged. It now contains tools specifically for customers, which they can access.

All but IceSkate (obv) share a database.

Here's how signups happen:

Signups come in from IceSkate, which hits a backend API on Bogan. Bogan writes the data to the database, charges the card immediately, and leaves the signup for moderation.

And here's how promotion from signup to customer happens:

Bum has a view allowing admins to validate, modify, and "promote" a signup to a full customer. Upon successful promotion, Bum calls "ServerWrap", a module which calls actions on the other applications; in this case: Bogan.

Bogan routes execution through three separate models before calling "ServerWrap" again, this time calling KulKuri.

Finally, KulKuri actually creates the customer!

After KulKuri finishes creating the customer, execution resumes on Bogan, which then returns, causing execution to resume on Bum. Bum then runs through several other models, references the newly-created customer object (as all three share a database), and ... updates the customer with its current data, and then updates the signup object. After all of this, it finally shows the admin the "new customer" view.

It took me 25 minutes to follow the chain of calls, and I still don't know quite what's going on. I have no idea if any of it sends an email or not -- I didn't see any signs of this, but I very easily could have overlooked something.

So, to answer bossman's question... I asked the accounting people if they send the email manually. If they don't, it's automatic, which means I missed something and get to burrow through that mess all over again!

I really hope I missed something; otherwise I need to figure out how and where (and when!) to send the email...

just...
errrrgghh

Government Fucking Websites.

Slow as fuck, disorganized, errors from 2004, UI from 2001.

You have to use them at a time when you really don't feel like waiting 30 fucking seconds for each page load.

Or filling out a fucking form that, ok, they made SOME kind of attempt to save your data, but it's overly complex and annoying.

Government websites. Making tasks that should take 5 minutes, 5 hours, since 1998.

Assholes.

Dear Managers,
This is not efficient:

Boss: * calls *
Me: * answers *
B: there's a bug in feature ABC! The form doesn't work!
M: ABC uses a lot of forms. Is it Form A, B, or C?
B: Umm... let's just go on a Zoom call!
* 5 minutes trying to set up a Zoom call *
* 3 more minutes trying to find the form *
B: This form in here.
M: It works fine for me. What data are you inputting?
B: * takes 5 minutes trying to reproduce the bug * (in the meantime, the call is basically an awkward silence)

You spent 5 minutes wasting both of our times trying to set up a Zoom meeting, and another 8 wasting MY tine trying to find the bug.

This is efficient:
B: There is a bug in form C. If I try to upload this data, it malfunctions.
M: Thank you. I'll look into it.

You saved me 8 minutes of staring at a screen and saved us both another 5 minutes of setting up a meeting.

Man I really hate it when people think that coding doesn't take any concentration and can just interrupt you while you're thinking about how to solve problems

So the other day I was working on how to solve a problem with filtering data with JS, and I had to urgently update one of our pages on our website. I had to update that page according to the content of a Word file, which I didn't check how long it was.

About 15 minutes later everything was ready and published, so I set myself back to my problem.

I get an email from her, "you mixed up things" and she showed up in my office. "There are four pages in this word doc and you copied wrong parts", I was like "ok, I'll fix it". Fixed it two minutes later, went back to code.

Received another email, with another subject, again with another problem. Start getting pissed off for being interrupted for nonsense. Fixed it instantly and put my manager in the email loop so she is aware my other colleague pisses me off.

And again, another direct email "can you fix this?!". I started ignoring her requests because I need some work to be done, and I already lost 2 hours. Got again interrupted by her personal visit to point me which things are wrong, repeating everything twice as I am stupid to her. Man I can't code in peace. I fixed her shit, exactly as she wants and decided to pay my manager a visit to tell her I'm really pissed about being interrupted all the time.

Five minutes before the end of the day, she comes panicking in the office about ANOTHER WORTHLESS issue. Told her it's nothing and went away.

Day is over, thought it was over - a whole afternoon spent correcting her fucking page that gets 10 visits a year.

On the next morning, "there is something wrong with your form, can you check it?!!?" with an attached screenshot. FFFFFFFFUUUUUUUUU STOP ANNOYING ME WITH YOUR FUCKING SHIT CANT WORK ANYMORE. PUT YOUR FUCKING PAGE RIGHT UP YOUR ASS AND FIX IT YOURSELF.

She doesn't have any access to the back end.

Guess I'll have to fix it then...

The nightmare continues.

Currently dealing with a code review from a “principal” dev (one step above senior), who is unironically called a “legendary dev” by some coworkers. It’s painfully obvious he didn’t read the code, and just started complaining and nitpicking.

It’s full of requests to do things that make absolutely no sense, and would make the code an unmaintainable mess.
• Ex: moving the logic and data collection from the module’s many callers into the module instead of just passing in the data.
• Ex: hiding api endpoint declarations by placing them in the module itself, and using magic instance variables to pass data to it. Basically: using global functions and variables instead of explicit declarations and calls.
• Ex: moving the logic to determine which api endpoint to use, for all callers, into the view.

More comments about methods being “too complex” (barely holds water) right next to comments saying “why are these separate? merge them together!”

Incredulously asking how many times I’m checking permissions and how ridiculous it all is. (The answer? Twice.)

Conflating my “permissions” param and method names with a supposedly forthcoming permissions system overhaul, and saying I shouldn’t use permissions because my code will all have to get rewritten. Even if that were true, and it’s likely not, the ticket still needs to use the current permissions. I can’t just ignore them because they might be rewritten someday.

Requests to revert some code cleanup because the reviewer thought the previous heavily-nested and uncommented versions (with code duplication) were easier to read. Unsurprisingly, he wrote them.

On the same ticket, my boss wants me to remove all styling and clientside validation, debouncing, and error messages from a form. Says “success” and “connection failed” messages are good enough. The form in question sends SMS and email using arbitrary user input for addresses. He also says it shouldn’t be denounced on the server, and doesn’t want me to bother checking permissions. Hello, spam!

Related: the legendary dev reviewer says he can’t think of a reason why we would want to disable the feature for consumers, so I should remove the consumer feature flag.

You can’t make this stuff up.

pushed an error ajax to production: alert( data + "form not submitted you cunt"); I forgot to remove it. 😂😂

Well, it wasn't fun, but I switched jobs this month. And sadly, it was mostly because my old company started building custom applications for our larger customers. Now, normally that wouldn't be too bad (other than the fact that it distracts us form working on our main product...) but... it was decided that we would use the back end of our user-generated forms module as the data storage layer. Someone outside of my department thought it would be a great idea, and my boss kinda just rolled over without a fight because he always just figures he can "make it work" if he works hard enough...

You shoulda seen the database and SQL code...

Because of that decision, everything took at least 3x as long to write and there was always the looming possibility that the user could change the schema on a whim and break the app.

I think the reasoning behind it was to try and keep the customers tied to the aging flagship product (with a pricy subscription model), but IMO, it was not with it. Our efforts could've had much greater impact somewhere else. Nobody seemed to care what I thought about it though...

I had to start over as a front-end dev, but I'm trying to look on the bright side and seeing it as an opportunity to sharpen my skills in that area. I'm already learning a lot. And although it's a little scary at times, it's also so refreshing to work at a place where I know I'm not the smartest guy in the room.

To the future!

On my former job we once bought a competing company that was failing.

Not for the code but for their customers.

But to make the transition easy we needed to understand their code and database to make a migration script.

And that was a real deep dive.

Their system was built on top of a home grown platform intended to let customers design their own business flows which meant it contained solutions for forms and workflow path design. But that never hit of so instead they used their own platform to design a new system for a more specific purpose.

This required some extra functionality and had it been for their customers to use that functionality would have been added to the platform.

But since they had given up on that they took an easy route and started adding direct references between the code and the configuration.

That is, in the configuration they added explicit class names and method names to be used as data store or for actions.

This was of cause never documented in any way.

And it also was a big contributing cause to their downfall as they hit a complexity they could not handle.

Even the slightest change required synchronizing between the config in the db and the compiled code, which meant you could not see mistakes in compilation but only by trying out every form and action that touched what you changed.

And without documentation or search tools that also meant that no one new could work the code, you had to know what used what to make any changes.

Luckily for us we mostly only needed to understand the storage in the database but even that took about a month to map out WITH the help of their developer ;)

It was not only the “inner platform” it was abusing and breaking the inner platform in more was I can count.

If you are going down the inner platform, at least make sure you go all the way and build it as if it was for the customers, then you at least keep it consistent and keep a clear border between platform and how it is used.

Material-UI.

I'm exhausted, so I'll keep this short.

I changed a TextField to a TimePicker, and noticed my className prop didn't apply anymore.

I thought it was my mui/redux-form wrapper for that component since I had just written it, but that was basically a straight copy/paste from the other wrappers, and both receives and passes the prop just fine.

After a lot of fighting, I finally found a workaround: if I add a `data-work-you-piece-of-garbage` prop alongside it, only then will the className show up on the rendered element. Why? I have no freaking clue. I tested it three times and got the same results. I looked through the MUI source and it still doesn't make any sense.

Fucking whatever, only three hours wasted.

SWIFT!!!!! I understand that you're a relatively new language so I forgave you for all of your wrong doings..BUT WHAT THE FINGER IS THIS SHIT YOU HAVE IMPLEMENTED IN YOUR STRING DATATYPE? WHY THE FUCK CAN'T YOU FORM A CHARACTER FROM AN EMPTY STRING? AND WHAT THE ACTUAL FUCK HAPPENED TO THE SUBSCRIPT OPERATOR? WHY NOT JUST ADOPT THE "\0" AS OTHER LANGUAGES? But NOOOOO...We're Apple we'll not adopt it..I WAS UNDER THE IMPRESSION THAT STUPIDITY AND LUCK OF INNOVATION RAN IN THE IPHONE TEAM BUT APPARENTLY ITS EVERYWHERE..Its annoying because the String datatype is one of the most common and basic data types so the last thing you expect is this shit..APPLE........SERIOUSLY AND SINCERELY FUCK OFF

OCR (The exam board for my course) are fucking thick in the head when it comes to anything computing.

- I get a mark or two for saying open source software is worse than thier propritary counterparts
- ALL open source software forks must also be make open source. They spend so much time going over the legal stuff BUT HAVE NEVER HEARD OF OPEN SOURCE LICENCING!
- One exam paper had a not gate picture with 2 inputs...
- I have to differentiate between portable and handheld! YOU MEAN HANDHELD DEVICES ARE NOT PORTABLE!?!!?!?
- In level 2 education, OCR say 1 MB = 1024 KB - In level 3, they say 1 MB = 1000 KB, and 1 MiB = 1024 KiB, and expect you to differentiate. Why do you expect the wrong answer in level 2!?
- INFORMATION FORMATS AND STYLES ARE COMPLETELY DIFFERENT THINGS! If you look up synonyms for "style", "form" is there, and if you look up synonyms for "format", "style" is there.
- When asked for storage devices, I have to say "smartphone", "tablet", "desktop PC" - I mean yeah they store data but when you ask me for storage devices I will say "hard disk drive", "solid state drive", "SD card", etc. >.>

I could probably go on an on about this...
I sure do love being asked to copy-paste existing HTML/JS/CSS and being asked to just tweak it here and there, and then wait for other people's incompetence in copy-pasting... I sure do love being stuck with this sort of "education" ._.

So, I was gonna rant about how it can be difficult to design event-based Microservices.

I was gonna say some shit about gateways APIs and some other stuff about data aggregation and keeping things idempotent.

I was going to do all this but then as I was stretching out the old ranting fingers I decided to draw a diagram to maybe go along with the rant.

Now I’m not here to really rant about all that Jazz...

I’m here to give you all a first class opportunity to tear apart my architecture!

A few things to note:

Using a gateway API (Kong) to separate the mobile from the desktop.

This traffic is directed through to an in intermediate API. This way the same microservices can provide different data, and even functionality for each device.

Most Microservices currently built in golang.

All services are event based, and all data is built on-the-fly by events generated and handled by each Microservices.

RabbitMQ used as a message broker.

And finally, it is hosted in Google Cloud Platform.

The currently hosted form is built with Microservices but this will be the update version of things.

So, feel free to rip it apart or add anything you think should change.

Also, feel free to tell me to fuck right off if that’s your cup of tea as well.

Peace ✌🏼

I know people complain about Android Gradle takes so long to build (and I know the reason why, thanks to @DRHAX34) but for me that isn't what I have to wait for.

It's the shitty WiFi at work that causes issues/bugs I'll never experience normally lol

When my app builds I have to also connect to the internet and check for updates against the umbraco server, and it works if it fails to connect (naturally) but our internet somehow manages to stay connected enough to trick the app into doing continuous checks or some form of tiny and long downloads

I've been tempted and sometimes do use my own mobile data which would waste my tiny data (at the time)

Anyways fuck you shiternet lol

You know GDPR compliance is going to create a whole new form of scam where scammers impersonate users and send data requests to companies to get people's info.

My code review nightmare?

All of the reviews that consisted of a group of devs+managers in a conference room and a big screen micro-analyzing every line of code.
"Why did you call the variable that? Wouldn't be be more efficient to use XYZ components? You should switch everything to use ServiceBus."
and/or using the 18+ page coding standard document as a weapon.

PHB:"On page 5, paragraph 9, sub-section A-123, the standards dictate to select all the necessary data from the database. Your query is only selecting 5 fields from the 15 field field table. You might need to access more data in the future and this approach reduces the amount of code change."
Me: "Um, if the data requirements change, wouldn't we have change code anyway?"
PHB: "Application requirements are determined by our users, not you. That's why we have standards."
Me: "Um, that's not what I ..."
PHB: "Next file, oh boy, this one is a mess. On page 9, paragraph 2, sub-section Z-987, the standards dictate to only select the absolute minimum amount of the data from the database. Your query is selecting 3 fields, but the application is only using 2."
Me: "Yes, the application not using the field right now, but the user stated they might need the data for additional review."
PHB: "Did they fill out the proper change request form?"
Me: "No, they ...wait...Aren't the standards on page 9 contradictory to the standards on page 5?"
PHB: "NO! You'll never break your cowboy-coding mindset if you continue to violate standards. You see, standards are our promise to customers to ensure quality. You don't want to break our promises...do you?"

I am much too tired to go into details, probably because I left the office at 11:15pm, but I finally finished a feature. It doesn't even sound like a particularly large or complicated feature. It sounds like a simple, 1-2 day feature until you look at it closely.

It took me an entire fucking week. and all the while I was coaching a junior dev who had just picked up Rails and was building something very similar.

It's the model, controller, and UI for creating a parent object along with 0-n child objects, with default children suggestions, a fancy ui including the ability to dynamically add/remove children via buttons. and have the entire happy family save nicely and atomically on the backend. Plus a detailed-but-simple listing for non-technicals including some absolutely nontrivial css acrobatics.

After getting about 90% of everything built and working and beautiful, I learned that Rails does quite a bit of this for you, through `accepts_nested_params_for :collection`. But that requires very specific form input namespacing, and building that out correctly is flipping difficult. It's not like I could find good examples anywhere, either. I looked for hours. I finally found a rails tutorial vide linked from a comment on a SO answer from five years ago, and mashed its oversimplified and dated examples with the newer documentation, and worked around the issues that of course arose from that disasterous paring.

like.
I needed to store a template of the child object markup somewhere, yeah? The video had me trying to store all of the markup in a `data-fields=" "` attrib. wth? I tried storing it as a string and injecting it into javascript, but that didn't work either. parsing errors! yay! good job, you two.

So I ended up storing the markup (rendered from a rails partial) in an html comment of all things, and pulling the markup out of the comment and gsubbing its IDs on document load. This has the annoying effect of preventing me from using html comments in that partial (not that i really use them anyway, but.)

Just.
Every step of the way on building this was another mountain climb.
* singular vs plural naming and routing, and named routes. and dealing with issues arising from existing incorrect pluralization.
* reverse polymorphic relation (child -> x parent)
* The testing suite is incompatible with the new rails6. There is no fix. None. I checked. Nope. Not happening.
* Rails6 randomly and constantly crashes and/or caches random things (including arbitrary code changes) in development mode (and only development mode) when working with multiple databases.
* nested form builders
* styling a fucking checkbox
* Making that checkbox (rather, its label and container div) into a sexy animated slider
* passing data and locals to and between partials
* misleading documentation
* building the partials to be self-contained and reusable
* coercing form builders into namespacing nested html inputs the way Rails expects
* input namespacing redux, now with nested form builders too!
* Figuring out how to generate markup for an empty child when I'm no longer rendering the children myself
* Figuring out where the fuck to put the blank child template markup so it's accessible, has the right namespacing, and is not submitted with everything else
* Figuring out how the fuck to read an html comment with JS
* nested strong params
* nested strong params
* nested fucking strong params
* caching parsed children's data on parent when the whole thing is bloody atomic.
* Converting datetimes from/to milliseconds on save/load
* CSS and bootstrap collisions
* CSS and bootstrap stupidity
* Reinventing the entire multi-child / nested params / atomic creating/updating/deleting feature on my own before discovering Rails can do that for you.

Just.
I am so glad it's working.
I don't even feel relieved. I just feel exhausted.

But it's done.
finally.

and it's done well. It's all self-contained and reusable, it's easy to read, has separate styling and reusable partials, etc. It's a two line copy/paste drop-in for any other model that needs it. Two lines and it just works, and even tells you if you screwed up.

I'm incredibly proud of everything that went into this.
But mostly I'm just incredibly tired.

Time for some well-deserved sleep.

I just tried to sign up to Instagram. I made a big mistake.

First up with Facebook related stuff is data. Data, data and more data. Initially when you sign up (with a new account, not login with Facebook) you're asked your real name, email address and phone number. And finally the username you'd like to have on the service. I gave them a phone number that I actually own, that is in my iPhone, my daily driver right now (and yes I have 3 Androids which all run custom ROMs, hold your keyboards). The email address is a usual for me, instagram at my domain. I am a postmaster after all, and my mail server is a catch-all one. For a setup like that, this is perfectly reasonable. And here it's no different, devrant at my domain. On Facebook even, I use fb at my domain. I'm sure you're starting to see a pattern here. And on Facebook the username, real name and email domain are actually the same.

So I signed up, with - as far as I'm aware - perfectly valid data. I submitted the data and was told that someone at Instagram will review the data within 24 hours. That's already pretty dystopian to me. It is now how you block bots. It is not how Facebook does it either, at least since last time I checked. But whatever. You'd imagine that regardless of the result, they'd let you know. Cool, you're in, or sorry, you're rejected and here's why. Nope.

Fast-forward to today when I recalled that I wanted to sign up to Instagram to see my girlfriend's pictures. So I opened Chromium again that I already use only for the rancid Facebook shit.. and it was rejected. Apparently the mere act of signing up is a Terms of Service violation. I have read them. I do not know which section I have violated with the heinous act of signing up. But I do have a hunch.

Many times now have I been told by ignorant organizations that I would be "stealing" their intellectual property, or business assets or whatever, just because I sent them an email from their name on my domain. It is fucking retarded. That is MY domain, not yours. Learn how email works before you go educate a postmaster. Always funny to tell them how that works. But I think that in this case, that is what happened.

So I appealed it, using a random link to something on Instagram's help section from a third-party blog. You know it's good when the third-party random blog is better. But I found the form and filled it in. Same shit all over again for info, prefilling be damned I guess. Minor convenience though, whatever.

I get sent an email in German, because apparently browsing through a VPS in Germany acting as a VPN means you're German. Whatever... After translating it, I found that it asks me to upload a picture of myself, holding a paper in my hands, on which I would have a confirmation code, my username, and my email address.. all hand-written. It must not be too dark, it must be clear, it must be in JPEG.. look, I just wanted to fucking sign up.

I sent them an email back asking them to fix all of this. While I was writing it and this rant, I thought to myself that they can shove that piece of paper up their ass. In fact I would gladly do it for them.

Long story short, do not use Instagram. And one final thing I have gripes with every time. You are not being told all the data you'll have to present from the get-go. You're not being told the process. Initially I thought it'd just be email, phone, username, and real name. Once signed up (instantly, not within 24 hours!) I would start setting up my account and adding a profile picture. The right way to ask for a picture of me! And just do it at my own pace, as I please.

And for God's sake, tackle abuse when it actually happens. You'll find out who's a bot and who isn't by their usage patterns soon enough. Do not do any of this at sign-up. Or hell, use a CAPTCHA or whatever, I don't fucking care. There's so many millions of ways to skin this cat.

Facebook and especially Instagram. Both of them are fucking retarded.

Just discovered a major bug in a frontend app of ours that might have been collecting wrong data in a form for months already :)

That is what happens when you put a back end Dev to do front end and back end while demanding rework every fucking 2 days for 9 months straight.

Oh fucking Huawei.
Fuck you.
Inventory:
- Honor 6x (BLN-L22C675)
- Has EMUI4.1 Marshmallow
- Cousin brother 'A' (has bricking XP!)
- Uncle 'K'
- Has Mac with Windows VM
Goal:
- Stock as LineageOS / AOSP

Procedure (fucking seriously):
- Find XDA link to root H6X
- Go to Huawei page and fill out form
- Receive and use bootloader code
- Find latest TWRP
- Flash latest TWRP
- TWRP not working? Bootloops
- XDA search "H6X boot to recovery"
- Find and try modded TWRP
- TWRP fails, no bootloop
- Find & flash TWRP 3.1.0
- Yay! TWRP works
- Find and download LineageOS and SuperSU
- Flash via TWRP
- Yay! Success.
- Attempt boot
- Boot fails. No idea why
- Go back to TWRP
- TWRP gives shitload of errors
"cannot mount /data, storage etc."
- Feel fucked up
- Notice that userdata partition exists,
but FSTAB doesn't take
- Remembers SuperSU modded boot
image and FSTABS!
- Fuck SuperSU
- Attempt to mod boot image
- Doesn't work (modded successfully
but no change)
- Discover Huawei DLOAD
Installer for "UPDATE.APP" OTAs
Note: Each full OTA is 2+ GB zipped
- Find, download, fail on 4+ OTAs
- Discover "UPDATE.APP Extractor"
Runs on Windows
Note: UPDATE.APP custom format
Different per H6X model
- Uses 'K''s VM to test
- My H6X model does not have
a predefined format
- Process to get format requires
TWRP, which is not working
- FAIL HERE
- Discover "Firmware Finder"
Windows app to find Huawei
firmwares
- Tries 'K''s VM
- Fails with 1 OTA
- Downloads another firmware ZIP
- Unzips and tries to use OTA
- Works?!
- Boots successfully?!
- Seems to have EMUI 5.0 Nougat
- Downloads, flashes TWRP
- TWRP not working AGAIN?
- Go back to XDA page
- Find that TWRP on EMUI 5 - NO
- Find rollbacks for EMUI5 -> EMUI4
- Test, fail 2-4 times (Massive OTAs)
- DLOAD accepts this one?!!!
- I HAVE ORIG AGAIN!!!
- Re-unlock and reflash TWRP
- Realise that ROMs aren't working on
EMUI 4.1; Find TWRPs for EMUI5
- Find and fail with 2-3 OTAs
Note: Had removed old OTAs for
space on Chromebook (32GB)
- In anger, flash one with TWRP
instead of DLOAD (which checks
compatability)
- Works! Same wasn't working with
DLOAD
- Find and flash a custom TWRP
as old one still exists (not wiped in
flash)
- Try flashing LineageOS
- LineageOS stuck in boot
- Try flashing AOSP
- Same
- Try flashing Resurruction Remix
- Same
- Realise that need stock EMUI5
vendor
- Realise that the firmware I installed
wasn't for my device so not working
- FUCK NO MORE LARGE DLs
- Try another custom TWRP
- Begin getting '/cust mounting' errs
- Try reflashing EMUI5 with TWRP
- Doesn't work
- Try DLOADing EMUI5
- Like before, incompatability
- DLOAD EMUI4
- Reunlock and reflash TWRP
- WRITE THIS AS A BREAK
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAARRRRRRRRRRRRRRRRRRRRRRRRGGGGGGGGGGGGGGGGGGGGGGGGGHHHHHHHHHHHHHH

For fucks sake, how many times can you get the same error before giving up?

So, there's this form, and it's used quite frequently without fail, and there's this 1 user receiving an error that some data is incorrect, so... they submit the form again, and again, and again, and 6 more times with the same bloody error all because changing 1 fucking field is obviously to hard to recognise as the problem when the error says "you can not have 'x' in field 'y'"

Fuck it, do I need to replace 'x' with a blank, just because you can't read a fucking error message?

I work as the entire I.T. department of a small business which products are web based, so naturally, I do tech support in said website directly to our clients.

It is normal that the first time a new client access our site they run into questions, but usually they never call again since it is an easy website.

There was an unlucky client which ran into unknown problems and blamed the server.
I couldn't determine the exact cause, but my assumption was a network error for a few seconds which made the site unavailable and the user tried to navigate the site through the navbar and exited the process he was doing. It goes without saying but he was very angry.

I assured him there was nothing wrong with the site, and told him that it would not be charged for this reason. Finally i told him that if he had the same problem, to let me know instead of trying to fix it himself.

The next time he used the site I received a WhatsApp message saying:
- there is something clearly wrong with the site... It has been doing this for so long!
And attached was a 10 second video which showed that he filled a form and never pressed send (my forms have small animations and text which indicates when the form is being send and error messages when an error occurs, usually not visible because the data they send is small and the whole process is quite fast)

To which I answer
- It seems that the form has not been send that's why it looks that way
- So... What an I supposed to do?
- click send
It took a while but the client replied
- ok

To this day I wonder how much time did the client stared at the form cursing the server.

I’m trying to add digit separators to a few amount fields. There’s actually three tickets to do this in various places, and I’m working on the last of them.

I had a nightmare debugging session earlier where literally everything would 404 unless I navigated through the site in a very roundabout way. I never did figure out the cause, but I found a viable workaround. Basically: the house doesn’t exist if you use the front door, but it’s fine if you go through the garden gate, around the back, and crawl in through the side window. After hours of debugging I eventually discovered that if I unlocked the front door with a different key, everything was fine… but nobody else has this problem?

Whatever.
Onto the problem at hand!

I’m trying to add digit separators to some values. I found a way to navigate to the page in question (more difficult than it sounds), and … I don’t know what view is rendering the page. Or what controller. Or how it generates its text.

The URL is encrypted, so I get no clues there. (Which was lead dev’s solution to having scrapeable IDs instead of just, you know, fixing them). The encryption also happens in middleware, so it’s a nightmare to work through. And it’s by the lead dev, so the code is fucking atrocious.

The view… could be one of many, and I don’t even know where they are. Or what layout. Or what partials go into building it.

All of the text on the page are “resources” — think named translations that support plus nested macros. I don’t know their names, and the bits of text I can search for are used fucking everywhere. “Confirmation number” (the most unique of them) turns up 79 matches. “Fee” showed up in 8310 places before my editor gave up looking. Really.

The table displaying the data, which is what I actually care about, isn’t built in JS or markup, but is likely a resource that goes through heavy processing. It gets generated in a controller somewhere (I don’t know the resource name so I can’t find it), and passed through several layers of “dynamic form” abstraction, eventually turned into markup, and rendered as a partial template. At least, that’s how it worked in the previous ticket. I found a resource that looks right, and there’s only the one. I found the nested macros it uses for the amount and total, and added the separators there… only to find that it doesn’t work.

Fucking dead end.

And i have absolutely nothing else to go on.

Page title? “Show”
URL? /~LiolV8N8KrIgaozEgLv93s…
Text? All from macros with unknown names. Can’t really search for it without considerable effort.
Table? Doesn’t work.
Text in the table? doesn’t turn up anything new.
Legal agreement? There are multiple, used in many places, generates them dynamically via (of course) resources, and even looking through the method usages, doesn’t narrow it down very much.

Just.
What the fuck?
Why does this need to be so fucking complicated?

And what genius decided “$100000.00” doesn’t need separators? Right, the lot of them because separators aren’t used ANYWHERE but in code I authored. Like, really? This is fintech. You’d think they would be ubiquitous.

And the sheer amount of abstraction?
Stupid stupid stupid stupid stupid.

The people who wrote the specs for SAP OCI should be hanged by rusty barbed wire while being tickled by krusty the clown.
Which one of these stinky hobbits thought it was a great idea to require a (catalog) server to handle a POST request by sending back an HTML form which has to execute a POST request immediately by JavaScript on load?
Why not fucking respond with the actual god damn fucking data?
Some "senior" (read "senile") software "engineer" has to get decapitated.

Quote from the specification (OCI Function: VALIDATE, section 2.3.2):
"The product catalog replies with an HTML page that contains a form with the productdata in OCI format. [...] The HTML page may not contain any visible elements ([...]). The form must be sent automatically by JavaScript after the page has been loaded."

The only thing that should get sent after loading would be these people's asses to hell after my minigun has finished loading.

SAP is the kind of company who earns a huge junk of money from utter, stinking, filthy crap and they like to piss in their customers' "müesli".

TLDR: Find a website that requires a subscription but doesn't check their cookies' integrity, now I'm on a website for free.

>be me
>wonder if it's possible to intercept browser data
>download Wireshark
>download Fiddler
>find that none of these really fit me
>go to youtube, search how to intercept POST data
>find something called BurpSuite
>Totally what I was looking for
>start testing BurpSuite on devrant
>neat!
>I can see all the data that's being passed around
>wonder if I can use it on a website where my subscription recently ended.
>try changing my details without actually inputting anything into the website's form
>send the data to the server
>refresh the page
>it worked
>NEAT!
>Huh what's this?
>A uid
>must be a userID
>increment it by 1 and change some more details
>refresh the page
>...
>didn't work 😐
>Hmmm, let's try forwarding the data to the browser after incrementing the uid
>OH SHIT
>can see the details of a different user
>except I see his details are the details I had entered previously
>begin incrementing and decrementing the uid
>IFINITE POWER
>realize that the uid is hooked up to my browsers local cookie
>can see every user's details just by changing my cookie's uid
>Wonder if it's possible to make the uid persistent without having to enter it in every time
>look up cookie manipulator
>plug-in exists
>go back to website
>examine current uid
>it's my uid
>change it to a different number
>refresh the webpage
>IT FUCKING WORKED
>MFW I realize this website doesn't check for cookie integrity
>MFW I wonder if there are other websites that are this fucking lazy!!!
>MFW they won't fix it because it would require extra work.
>MFuckingFW they tell me not to do it again in the future
>realize that since they aren't going to fix it I'll just put myself on another person's subscription.

I spent two weeks writing a WordPress plugin to take some form data, process it through another website, and take the result to Salesforce. the client had a "Salesforce specialist" doing everything on the Salesforce side and refused to give me access to see if the data was properly pushed through.

Finally I got it in working condition when suddenly it stopped working, I hadn't changed anything since it worked so I asked if he could have possibly changed something. We argued for over 4 hours about who changed something, the whole time I was looking for the error in my code. At 6pm I finally told him I would need to take a look at it tomorrow.

Overnight he sent me an email:
"Hey, sorry about the confusion yesterday, I set Salesforce to deny duplicate email entries, looks like once I removed that everything is working."

So I joined this financial institution back in Nov. Selling themselves as looking for a developer to code micro-services for a Spring based project and deploying on Cloud. I packed my stuff, drove and moved to the big city 3500 km away. New start in life I thought!
Turns out that micro-services code is an old outdated 20 year old JBoss code, that was ported over to Spring 10 years ago, then let to rot and fester into a giant undocumented Spaghetti code. Microservices? Forget about that. And whats worse? This code is responsible for processing thousands of transactions every month and is currently deployed in PROD. Now its your responsibility and now you have to get new features complied on the damn thing. Whats even worse? They made 4 replicas of that project with different functionalities and now you're responsible for all. Ma'am, this project needs serious refactoring, if not a total redesign/build. Nope! Not doing this! Now go work at it.
It took me 2-3 months just to wrap my mind around this thing and implement some form of working unit tests. I have to work on all that code base by myself and deliver all by myself! naturally, I was delayed in my delivery but I finally managed to deliver.
Time for relief I thought! I wont be looking at this for a while. So they assign me the next project: Automate environment sync between PROD and QA server that is manually done so far. Easy beans right? And surely enough, the automation process is simple and straightforward...except it isnt! Why? Because I am not allowed access to the user Ids and 3rd party software used in the sync process. Database and Data WareHouse data manipulation part is same story too. I ask for access and I get denied over and over again. I try to think of workarounds and I managed to do two using jenkins pipeline and local scripts. But those processes that need 3rd party software access? I cannot do anything! How am I supposed to automate job schedule import on autosys when I DONT HAVE ACCESS!! But noo! I must think of plan B! There is no plan B! Rather than thinking of workarounds, how about getting your access privileges right and get it right the first time!!
They pay relatively well but damn, you will lose your sanity as a programmer.
God, oh god, please bless me with a better job soon so I can escape this programming hell hole.
I will never work in finance again. I don't recommend it, unless you're on the tail end of your career and you want something stable & don't give a damn about proper software engineering principles anymore.

Corp: you will get a four hour assignment to work out
Me: cool nice.
Corp: here it is, build a dragon with conflicting requirements, stocks but without any form of pricing mixed in. Then slay that dragon and post it to the static backend we created.
Me: cringe much?
Corp: yeah, you can spend more than 4h but be sure to spice things up abit. Since it is frontend, and all we spin up from the backend is flat data. But it must exhale an exciting user experience.
Me: stop the cringe pls!

made a Facebook app once that allowed users to submit their stories for a competition to win a tablet. The HTML form had no limit on length but ORM defaulted to 1000 characters in database, imagine the sourprise when we exported the data for the client at the end...

Apart from having a baby which is the hardest in the world，i think the hardest project is to learn to code.

I studied philosophy and anthropology but gamed a lot. Me and a good mate decided to work together and he told me hed teach me coding.

The guy is a genius but he is a reckless rebel genius who tells everybody to fuck off.

So，after 1 year in a half of intense coding where i had to learn linux， networks， and im not shitting you html and css as well and of course javascript.

He has now put me on， for the last 2 month， in charge of our front end backoffice. I have to design forms that do the right http requests，do the unit testing， play with redux-form， react-redux and he has thrown me into the basic java backend so i can begin working with entites and how i serve the data and link it to the database and even create tables.

Every time i fail hemakes me remake everything.

I actually came on devrant to study the dev community (i always gamed a lot but this is a whole different community). The dev community is pretty awesome and unique.

Anyhow， i remember when i saw him as me to complete an exercise and i didnt event know which words were the reserved language ones and those i could use myself. It was like fucking magic.

TL;DR: Stop using React for EVERYTHING. It's not the end-all solution to every application need.

My team is staffed about 50/50 with tenured devs, and junior devs who have never written a full application and don't understand the specific benefits of different libraries/framworks. As a result, most of these junior devs have jumped on the React train, and they're under the impression that React is the end-all answer to any possible application need. Doesn't matter what type of app is, what kind of data is going to be flowing through the app, data scale, etc. In their eyes, React is always the answer. Now, while I'm not a big fan of React myself, I will say that it does its job when its tasked with a data-heavy application that needs to be refreshed/re-rendered dynamically and frequently (like Facebook.) However, my main gripe is that some people insist on using it for EVERYTHING. They refuse to acknowledge that there can be better library/framework choices (Angular, Vue, or even straight jQuery,) and they refuse to learn any other frameworks. You can hit them with countless technical reasons as to why React isn't a good choice for a particular application, and they'll just spout off the same tidbits from the "ReactJS Makes My Nips Hard 101" handbook: "React is the future," "Component-based web architecture is the future," (I'm not arguing with that last one) "But...JSX bro.," "Facebook and Netflix use it, so that's how you know it's amazing." They'll use React for a simple app, and make it overly-complex, and take months to write something that should have taken them a week. For example, we have one dev who has never used any other frameworks/libraries apart from React, and he used React (via create-react-app) to write what is effectively a single form and a content widget inside of a bootstrap template. It took him 4 MONTHS to write this, and it still isn't fully functioning. The search functionality doesn't really work (in fact, it's just array filtering,) and wont return any results if you search for the first word in an entry. His repo is a mess, filled with a bunch of useless files that were bootstrap'd in via create-react-app. We've built apps like this in a week in the past using different libraries/frameworks, and he could have done the same if he didn't overly-complicate the project by insisting on using React. If your app is essentially a dynamic form, you don’t need a freaking virtual DOM.

This happens every time a big new framework hits the scene. New young developers get sucked into it, because it's the cool hip new framework (or in React's case, library.) and they use it for everything, even when it's not the best choice. It happened with Angular, Rails, and now it's happening with React.

React has its benefits, but please please please consider which library/framework is the best choice from a technical standpoint before immediately jumping on the React train because "Facebook uses it bro."

There you are, fiddling with next.js webpack settings, because your isomorphic JS-in-CSS-in-JS SSR fallback from react-native-web to react-dom throws a runtime error on your SSR prerendering server during isomorphic asynchronous data prefetching from Kubernetes backend-for-frontend edge-server with GraphQL.

You have all that tech to display a landing page with an email form, just to send spam emails with ten tracking links and five tracking beacons per email.

Your product can be replaced by an Excel document made in two days.

It was developed in two years by a team of ten developers crunching every day under twelve project managers that can be replaced with a parrot trained to say “Any updates?”

Your evaluation is $5M+. You have 10,000 dependency security warnings, 1000 likes on Product Hunt, 500 comments on Hacker News, and a popular Twitter account.

Your future looks bright. You finish your coffee, crack your knuckles and carry on writing unit tests.

My very first rant here was about the mess of ticket submission and ticket tracking applications we use, and about how we were moving to a single unified system some day.

Well, that day is today. And, predictably, it went horribly wrong.

So the way it's supposed to work is people login to the portal, search for what they want to request, then fill in details and submit. It creates a request ticket assigned to the appropriate team. (The old way involved a bunch of nonsense that you can see in my first rant).

The thing is, I found out about this today, when I got a company-wide email saying the new system was live as of this morning. None of us knew it would happen today. Not that I could've foreseen any issues just by getting the announcement early, but still, usually people find out about these things beforehand.

So, ecstatic to finally be rid of the old ticket tracking system, I log into the new system and look for our request form, which is, of course, not there. I check the old system and see that they combined every single "general request" into a single request where you pick which team the request goes to.

So I finally find the right request, pick the right department from the drop-down, and see that the request looks much better than it did on the old system. Out of curiosity, I look at the list of people who are part of that department.

I am not on the list.

My ENTIRE TEAM is not on the list.

Because they migrated the team data to the new system a year ago, when the issue tracking/reporting portion of it went live. My current team was hired approximately six months after that and apparently updating the team data in the new system isn't part of our Onboarding process yet.

So... Bright side is I guess I will have a lot of free time soon since nobody can submit new project work to my team?

tl;dr: they took a great software product and implemented it so poorly that our team can't use it.

I once agreed to maintain and develop an application used in a different section of the school to keep inventory and make sure everything is where it is supposed to be.

At first there was enthusiasm, together with 2 of my classmates we agreed and git clone-d the .NET application that now graduated students built and maintained for the past few years. What could go wrong right?!

It became clear that the original students that worked on it followed an older curriculum, meaning they still got taught .NET instead of the core variant that we get now, not only that but it also seemed that they either did not fully grasp the Clean/Onion architecture or didn't get it in class since there were infrastructure components in the 'Domain' project of the solution. Think of 2 DBContexts in the domain model, yep.

One of us bailed in the first week, the other one and I felt bad for the people using the app so we went on and tried to work on the first bugs that were described in a document. One of these bugs was 'whenever I filter on something in the list, everybody gets to see that filter on their screen instead of only me'. Woah that's weird! Let's see how they put that together!

Oh god, they are using a _static_ variable to store filters, no wonder that it doesn't work properly. Ever heard of sessions?!

Second bug: Sometimes people can't create an account when we sign them up from the admin panel. Alright that is weird, let's figure that one out! Wait a second it seems to work in development? What's this about.

Oh wait I can't create an account on production either? Oh that's weird, wait a second... Why do I have to put my e-mail in a form that was sent to me through e-mail? Why is my address not filled in already? OOH, if someone types in the wrong e-mail address (which is easy since our school has 4 variants of the same f*cking e-mail address) it won't work since it can't recognize the user! Brilliant! Remove e-mail input box and make a token/queryparam determine the user account.

Ah that seems good, it's a mess but it seems a tiny bit better now, great! We're making progress and some sweet buck.

Next bug, trillions of 50x errors on random pages, that's a weird one.

Hm everything works in development, that's odd. Is the production data corrupted?

DID I MENTION that in order to get into the system in development we have to load in a f*cking production database backup ON OUR DEVELOPMENT MACHINE and then ask one of the users' password to login to it and create an account for ourselves? Seeding? What's that, right?!

Anyway, back to bug fixing. I e-mail the the people responsible for the app and get a production admin account, oh I also can't ssh into it because of policies so I have to do everything over e-mail and figure out what's causing the errors. I somehow also wonder if they have any kind of virtualization in place, giving students a VM to do that stuff in doesn't seem so weird does it ? Even with school policies?

Oh btw, 'deploying' means sending a .zip file to a guy in another building and telling him how to configure it, apparently this resulted in a missing folder that the application needed to work and couldn't make on its own. This after 2 weeks of e-mailing back and forth.

After 3 months i quit out of despair and sadness, and due to the fact that I just couldn't do it anymore. I separated everything into logical subprojects and let the last guy handle it, he was OK with that and understood why I left.

Luckily, around that time I already had an actual job at a software development company :)

So here's my problem. I've been employed at my current company for the last 12 months (next week is my 1 year anniversary) and I've never been as miserable in a development job as this.

I feel so upset and depressed about working in this company that getting out of bed and into the car to come here is soul draining. I used to spend hours in the evenings studying ways to improve my code, and was insanely passionate about the product, but all of this has been exterminated due to the following reasons.

Here's my problems with this place:

1 - Come May 2019 I'm relocating to Edinburgh, Scotland and my current workplace would not allow remote working despite working here for the past year in an office on my own with little interaction with anyone else in the company.

2 - There is zero professionalism in terms of work here, with there being no testing, no planning, no market research of ideas for revenue generation – nothing. This makes life incredibly stressful. This has led to countless situations where product A was expected, but product B was delivered (which then failed to generate revenue) as well as a huge amount of development time being wasted.

3 - I can’t work in a business that lives paycheck to paycheck. I’ve never been somewhere where the salary payment had to be delayed due to someone not paying us on time. My last paycheck was 4 days late.

4 - The management style is far too aggressive and emotion driven for me to be able to express my opinions without some sort of backlash.

5 - My opinions are usually completely smashed down and ignored, and no apology is offered when it turns out that they’re 100% correct in the coming months.

6 - I am due a substantial pay rise due to the increase of my skills, increase of experience, and the time of being in the company, and I think if the business cannot afford to pay £8 per month for email signatures, then I know it cannot afford to give me a pay rise.

7 - Despite having continuously delivered successful web development projects/tasks which have increased revenue, I never receive any form of thanks or recognition. It makes me feel like I am not cared about in this business in the slightest.

8 - The business fails to see potential and growth of its employees, and instead criticises based on past behaviour. 'Josh' (fake name) is a fine example of this. He was always slated by 'Tom' and 'Jerry' as being worthless, and lazy. I trained him in 2 weeks to perform some basic web development tasks using HTML, CSS, Git and SCSS, and he immediately saw his value outside of this company and left achieving a 5k pay rise during. He now works in an environment where he is constantly challenged and has reviews with his line manager monthly to praise him on his excellent work and diverse set of skills. This is not rocket science. This is how you keep employees motivated and happy.

9 - People in the business with the least or zero technical understanding or experience seem to be endlessly defining technical deadlines. This will always result in things going wrong. Before our mobile app development agency agreed on the user stories, they spent DAYS going through the specification with their developers to ensure they’re not going to over promise and under deliver.

10 - The fact that the concept of ‘stealing data’ from someone else’s website by scraping it daily for the information is not something this company is afraid to do, only further bolsters the fact that I do not want to work in such an unethical, pathetic organisation.

11 - I've been told that the MD of the company heard me on the phone to an agency (as a developer, I get calls almost every week), and that if I do it again, that the MD apparently said he would dock my pay for the time that I’m on the phone. Are you serious?! In what world is it okay for the MD of a company to threaten to punish their employees for thinking about leaving?! Why not make an attempt at nurturing them and trying to find out why they’re upset, and try to retain the talent.

Now... I REALLY want to leave immediately. Hand my notice in and fly off. I'll have 4 weeks notice to find a new role, and I'll be on garden leave effective immediately, but it's scary knowing that I may not find a role.

My situation is difficult as I can't start a new role unless it's remote or a local short term contract because my moving situation in May, and as a Junior to Mid Level developer, this isn't the easiest thing to do on the planet.

I've got a few interviews lined up (one of which was a final interview which I completed on Friday) but its still scary knowing that I may not find a new role within 4 weeks.

Advice? Thoughts? Criticisms?

Love you DevRant <3

wrote some JS to make sure that eForm fields which are hidden/disabled via checkboxes are nullified before the form submission. Checking the request and the fields are definitely empty. But the tester says the data is still appearing in the DB. So i am moving immediately to Nepal where i intend to live as a goat.

User: This web page form is too hard to use and is prone to have wrong data filled out.

Me: Uh...ok. Here is a redesign. You literally fill out one text field and a date picker.

User: Oh this is great, thanks.

*checks the database and the very first entry they created had the wrong date.*

Fuck me.

Pull-to-refresh is useless.

If you are a mobile app developer, please get rid of pull-to-refresh. Your users will thank you.

I have the impression that mobile app developers choose to implement the pull-to-refresh gimmick just in order to make their app comply with a design trend. It seems like a desperate attempt to appear "modern" and "fancy", not because of the actual usefulness of the gesture.

Pull-to-refresh is one of those things that are well-intended but backfire. It appears helpful on first sight, but turns out to be a burden.

It takes effort and cognitive strain to avoid triggering a pull-to-refresh. The user can't use the app relaxed but has to walk on eggshells.

Every unwanted refresh wastes battery power, mobile data (if it is an Internet-connected app), and can lead to the loss of form data.

To avoid pull-to-refresh, the user has to resort to finger gymnastics like a shorter swipe for scrolling up or swiping slightly up before down. Pull-to-refresh could even be triggered while pinch-zooming in or out near the top of a page, if the touchscreen does not recognize one of the two fingers.

Pull-to-refresh also interferes with the double-tap-swipe zoom gesture. If one of the two taps are not recognized, a swipe-down to zoom in can trigger a pull-to-refresh instead.

To argue "if you don't like pull-to-refresh, just don't use it" is like blaming a person who stepped on a mine, since the person moved and the mine was stationary.

A refresh button can be half a second away in the menu bar, URL bar, or a submenu, where it is unlikely to be pressed accidentally. There is no need for a gesture that does more harm than good.

Using a mobile app with pull-to-refresh feels like having Windows StickyKeys forcibly enabled at all times. The refresh circle animation sticks to the finger.

If the user actually wants to refresh, pull-to-refresh is slower than a refresh button in a menu if the page is not at the top, meaning pull-to-refresh is useless as a shortcut anyway if the page is in any other position than the top.

An alternative to pull-to-refresh is pull-for-details. Samsung did it in some of their apps. Pulling down against the top reveals additional information such as the count and total size of selected items.

If you own a website, add this CSS to make browsing your website on the pre-installed Android web browser not a headache:

html,body { overscroll-behavior: none; }

Why is this necessary? In 2019, Google took the ability to deactivate the pull-to-refresh gesture on their Chrome browser for Android OS away from users. On Chrome for Android, pull-to-refresh can only be disabled on the server side, not the user side. The avalanche of complaints? Neglected.

Good thing several third-party browsers let the user turn off this severe headache.

Sooooo

First of all sorry for lack of ranting
But this people started to behave.

UNTIL YESTERDAY. You gonna love it.

Junior coding front end. HE NOT TOUCHING BACKEND THANK GOD.
He realises his suggestion made him to do some changes in the code. Apparently that is the end of the wolrd "a developer proposing a change and then the code must be changed??? No no" that's how his brain works. Check this.

He decides not to do two pages for creating models so he