Designer: Need to file a bug, I'm not getting an option to login with FaceID

Me: Oh weird bug. Is it setup on the phone you are testing with?

Designer: yes, use it in all other apps

Me: Did you get an error during onboarding on the FaceID screen?

Designer: nope no error

Me: ..... hhhmm, can you show me your settings?

Me: ... eh, says you have FaceID disabled for this app ... did you click "No" to FaceID during onboarding?

Designer: Yes, to test edge cases

Me: ................ ok ........ if you setup the app and told it to not allow FaceID to login ......... you won't get the ability to use FaceID to login .......... like .... by design .... on purpose ...... cause .... you told it to do that

Designer: No no, it needs to have a setting on the login screen to allow me to turn that back on incase I forget my passcode

Me: the fuck it does. Yeah we can't have anything on the login page that says, without authorization, change my settings

*Deep breath*

Me: Remember we had this conversation previously, where you didn't want the user to create a passcode during onboarding as it was too much friction, and wanted to do FaceID only. With your backup plan being to allow the user to create a NEW passcode on the login screen if FaceID failed .... remember that discussion we had about security? ... and how its important? ... and that we like having any? Ok so its the same reason as that, just with a different setting this time

Designer: ... hhmm i'm not sure I like this

Me: ... tough luck then, not happening

Me: oh and btw, remember we had that other talk about reproduction steps for bugs? Like when the app crashed and you told me it was because its in light mode, and nothing else at all? So disabling FaceID, is very relevant info to the problem of "I can't login with FaceID", please tell me these things first

Root gets ignored.

I've been working on this monster ticket for a week and a half now (five days plus other tickets). It involves removing all foreign keys from mass assignment (create, update, save, ...), which breaks 1780 specs.

For those of you who don't know, this is part of how rails works. If you create a Page object, you specify the book_id of its parent Book so they're linked. (If you don't, they're orphans.) Example: `Page.create(text: params[:text], book_id: params[:book_id], ...)` or more simply: `Page.create(params)`

Obviously removing the ability to do this is problematic. The "solution" is to create the object without the book_id, save it, then set the book_id and save it again. Two roundtrips. bad.

I came up with a solution early last week that, while it doesn't resolve the security warnings, it does fix the actual security issue: whitelisting what params users are allowed to send, and validating them. (StrongParams + validation). I had a 1:1 with my boss today about this ticket, and I told him about that solution. He sort of hand-waved it away and said it wouldn't work because <lots of unrelated things>. huh.

He worked through a failed spec to see what the ticket was about, and eventually (20 minutes later) ran into the same issues Idid, and said "there's no way around this" (meaning what security wants won't actually help).

I remembered that Ruby has a `taint` state tracking, and realized I could use that to write a super elegant drop-in solution: some Rack middleware or a StrongParams monkeypatch to mark all foreign keys from user-input as tainted (so devs can validate and un-taint them), and also monkeypatch ACtiveRecord's create/save/update/etc. to raise an exception when seeing tainted data. I brought this up, and he searched for it. we discovered someone had already build this (not surprising), but also that Ruby2.7 deprecates the `taint` mechanism literally "because nobody uses it." joy. Boss also somehow thought I came up with it because I saw the other person's implementation, despite us searching for it because I brought it up? 🤨

Foregoing that, we looked up more possibilities, and he saw the whitelist+validation pattern quite a few more times, which he quickly dimissed as bad, and eventually decided that we "need to noodle on it for awhile" and come up with something else.

Shortly (seriously 3-5 minutes) after the call, he said that the StrongParams (whitelist) plus validation makes the most sense and is the approach we should use.

ffs.
I came up with that last week and he said no.
I brought it up multiple times during our call and he said it was bad or simply talked over me. He saw lots of examples in the wild and said it was bad. I came up with a better, more elegant solution, and he credited someone else. then he decided after the call that the StrongParams idea he came up with (?!) was better.

jfc i'm getting pissy again.

So I've been applying to jobs. I, purposely, have been putting down that I am female (since they all harp on diversity, I'd like to see if they even bother reaching out to me. Also anything to get my resume past the bots).

Spoiler alert - getting similar ratios to male counterparts, 100+ applications sent, maybe 4 phone interviews. No offers yet. Still made to do code challenges.

Well, I just found out where all that diversity hiring went to. Buddy of mine who works at a mid tier company said that they have a special program that onboards women into tech.

Specifically, women who have literally zero background in computers.

Teachers, social workers, etc. They get a week or so of some coding bootcamp and then get full time positions over more skilled applicants.

This infuriates me. I literally would be in a better situation to be hired had I not have had any technical background, taken this particular bootcamp and finally net the elusive entry level position I need.

And guess what? That move has antagonized the existing male employees who see that they have zero interest and zero competency instead of having an integrated workplace.

10/10 for incredible bullshit.

Diary of an insane lead dev: day 447

pdf thumbnails that the app generates are now in S3 instead of saved on disk.

when they were on disk, we would read them from disk into a stream and then create a stream response to the client that would then render the stream in the UI (hey, I didn't write it, I just had to support it)

one of my lazy ass junior devs jumps on modifying it before I can; his solution is to retrieve the file from the cloud now, convert the stream into a base64 encoded string, and then shove that string into an already bloated viewmodel coming from the server to be rendered in the UI.

i'm like "why on earth are you doing that? did you even test the result of this and notice that rendering those thumbnails now takes 3 times as long???"

jr: "I mean, it works doesn't it?"

seriously, if the image file is already hosted on the cloud, and you can programmatically determine its URL, why wouldn't you just throw that in the src attribute in your html tag and call it a day? why would you possibly think that the extra overhead of retrieving and converting the file before passing it off to the UI in an even larger payload than before would result in a good user experience for the client???

it took me all of 30 seconds to google and find out that AWS SDK has a method to GetPreSignedURL on a private file uploaded to s3 and you can set when it expires, and the application is dead at the end of the year.

JFC. I hate trying to reason with these fuckheads by saying "you are paid for you brain, fucking USE IT" because, clearly these code monkeys do not have brains.

Learned over Xmas, my brother-in-law works at a company with NO CENTRALIZED VERSION CONTROL. They just... pass around zip files of the latest code? Or something? Like jfc, even as a student we at least used TortoiseSVN!

I was ok with their marriage last summer, but now I feel that my sister deserves better. Can't imagine a company like that attracts the best and brightest. Here's hoping he actually exceeds the expectations, and leads the company into a glorious, gitty future.

So, I got my very first gaming laptop on March 2015. Took a break from the almighty PC Master Race.

It's an Asus ROG G751JT. It was doing great, running my favourite games at 60FPS on high-ultra settings.
Few months after purchasing it, I've been getting a lot of BSODs with the same error (IRQL_NOT_LESS_OR_EQUAL)

As told by the guys at a local forum, I was told to try replacing the RAMs and I was stupid enough, I did. It has 4x 8GB HyperX Impact DDR3L.
The error still won't go away until I changed my SSDs. Which worked for a while until a week ago.

Getting the same BSOD countless times. This time I decided to directly talk to an expert, which is a friend of mine and guess what. It was the motherboard after all. Spent a lot of $$$$ to fix ONE BSOD.

Now I'm stuck with an Asus T100TF for about a month because I had to send it for warranty claim.

smh jfc anasmy y u so stupid for a year and a half. 10/10 worst experience (since it involved a lot of money)

What do you think of my stupidity? Comment below (10 marks).

I have a lab at uni where my lab group have to refactor some code from an open source project. We got assigned some Apache project and jfc that code is a mess. Little to no documentation, hard to navigate, tests that you have no idea what it's testing, and so on. On top of that the teacher expects us to spend more time than we have on it. I'll be glad when this course is over :))

fuck iText.
fuck Aspose.
fuck Adobe.
fuck PDFs.

It will be all too soon if I never have anything to do with programming an app to do PDF generation/manipulation ever again.

I see this in code:

bool status;
status = true;

It makes me want to hit things. INLINE THAT SHIT! bool status = true; It's not hard. JFC. And of course I don't have the authority to change it.

SINGLE

RESPONSIBILITY

FUNCTIONS

HOLY GARBAGE UNTESTABLE DIFFICULT TO DEBUG JFC SHIT.

FUNCTIONS DO ONE THING AND DO ONE THING WELL. LEARN IT, LIVE IT, LOVE IT, OR JUMP INTO A LAKE

that is all.

my cat waits for me to be really engrossed into coding and then decides she will take up residence on my desk and chase me off by biting my shoulders, arms, scratching my hands, face jfc

raaghhhh

what is this new habit and why

I only get this engrossed like 2 hours a day come on. WHY YOU RUINING MY JIVE

So the infra folks finally considers OpenStack after doing their own thing that is prone to breaking whenever they add new stuff on the IaaS

ABOUT FUCKING TIME

Some cheapskate insists on writing a guide to selfhost <software> on Heroku and wants to add it to the official documentation, promising to maintain it (since none of the other devs are using or planning to use Heroku). I volunteer to give them a chance on grounds of it being high quality and maintained by that person in the future which they both promise.
Our docs are written as markdown files on github.

So here we go:
Starts a pull request: uploads their """guide""" as a docx. The content is completely unformatted, basically just an enumerated list.

Tell them to format it as markdown, suggest using github gists.
They go ahead and copy pasta their unformatted list into a gist.txt "allright i made it into gist for ya"

Tell them that they did not format it as markdown.
"sorry updated it in markdown :P"

I look at the file, it is still raw text in a gist.txt. Maybe a bit more spaced out, not that I would care to notice any changes at this point.

Tell them it is still not markdown and link them to a perfect example of another guide that takes advantage of code fragments for commands etc and is properly rendered since it uses .md

"I updated it to the markdown this time XP Can you give me some suggestions on how it looks?"

"How it looks"... "how it LOOKS"... I click the link for the 5th time and IT IS STILL JUST A RAW FUCKING GIST.

Jfc that person has some serious reading/thinking disability. To imagine them to be proactively keeping their guide up to date in the future is absolutely impossible. At that point I pulled out my support for the request since it was already taking more effort to even get a readable version of guide than I estimated for the whole process of adding it.

Oh, and one of the steps originally suggested in the """guide""" was adding the credentials file into the vcs.

Run dual boot Mac Catalina and Win 10. Got a bunch of Razer shit from wife for Bday... super stoked. Big mat, mouse, keyboard.

Works like a charm on Win.

Works for fuck all on Mac. The app to manage device is no longer supported.

Went waaay down the rabbit hole trying to sniff the packets that were being sent to the devices via USB to sync their colors and patterns.

Finally give up that route.

I have now built a VM for windows to run synergy... then a VM for Linux for Polychomatic because the keyboard is older and not supported by synergy.

And I found if I boot them both then quit them both the settings for the peripherals stay until the next reboot.

But JFC... I literally have to boot three operating systems to pull it off.

Talk about some gift of the magi shit... I was so happy with the gift and at this point it has wasted dozens of hours.

Fuck fucking Razer. Looks cool. Doesn’t work.

Stakeholder: Users are unable to buy tickets on the website. IT says Azure’s health check is showing an unhealthy status.

[It’s Sunday. Web Engineering is not on call so no one sees this right away.]

Stakeholder: IT restarted the Azure website twice, but users still can’t place orders.

Me: There was never an issue with the Azure site. That health check is inaccurate. There is a rewrite rule that sends the Azure supplied domain to our custom domain. The Azure health check doesn’t like that so it returns an unhealthy status. The problem is the ticketing server that the website has to communicate with. The ticketing server is overwhelmed and can’t handle more requests. IT should have checked the ticketing server’s logs. This has happened before and it’s never been an Azure issue. It’s a ticketing server issue.

Stakeholder and IT: Oops 😅

—-

JFC. Stop trying to make this web engineering’s problem. Stop trying to make it look like engineering dropped the ball. The ticketing server has experienced this issue multiple times. The ticketing server is maintained by a different team. The website’s symptoms are always the same and there are steps you need to take before you make the decision to restart the website, which will cause the website to show a blue screen of death that says 503 service unavailable for a few minutes. And we have a switch to shut off all transactions. Why do you not want to use it when it’s clear the website can’t process transactions???

Smiling legendary golden boy #3 says:

HEY LETS PUT OUR INTERNAL GEMS IN THIS PROTECTED GEM SERVICE IT’LL BE GREAT :)

HEY EVERYONE SIGN UP FOR THIS NEW SERVICE! YOU GOTTA OR YOU WONT BE ABLE TO DEV! :)

HEY SO I COPIED THE INTERNAL GEM I WROTE INTO THE MONOLITH REPO INSTEAD OF USING THE SERVICE BECAUSE IM A FUCKING GENIUS :)

YOU WANNA USE IT IN YOUR PROJECT? HAHA GET FUCKED :)

jfc

Jfc why do phone meetings always have like 20 cumulative minutes of radio silence? I swear, I ask a question and I may as well be listening for a pin to drop over there because no one in team leadership is saying a n y t h i n g.

It's upsetting because it makes me painfully anxious because Oh God What Did I Say but more than that, it feels like this huge waste of time to just...sit there. On the phone. And then when we go over time later in the middle of pointing a user story leadership's like, "Hey, can we wrap this up?" like sorry? That's not...my fault? I'm...

And I totally get it if you can't answer my question immediately, but if it takes you more than like a minute to come up with something just gimme a, "I'll get back to you on that," and move on. No need to wait for the end days, dude. We've got lives to live and better things to do, Clearly.

JFC people, if you can't understand why some people are losing their shit about MS acquiring GitHub, google "Embrace, Extend, Exterminate" and spend some time reading up about ALL the shady shit MS has done past.

I feel like the more I learn, the less I actually understand about what I'm doing. It literally took me the whole day to figure out how to upload and download files using Volley in Android. Jfc

JFC, who thought that handling multilingual menus like that is even remotely a good idea?

When you add menu item in one language it will show up in EVERY language regardless if it's translated or not. Every godforsaken module that's supposed to fix it breaks something else and the only way to make it work is patching the FREAKING CORE.
And what's worse people in issues ticket have the GAL to question if showing menu item only in its given language by default is the intuitive approach.
Plus there's no way to preview menu structure in any language other than default admin language, except adding language switcher to admin pages manually, that shit should show up automatically the moment I enabled menu localization.

FUCK Drupal8+ and its "We integrated that module in the core! Except we shaved off half the functionality!" approach.

And if you want me to use Drupal Console, then FUCKING FIX IT, it's been uninstallable for the past three months!

So half of the Internet is down again.

Jfc Cloudflare, you just gonna let Russia, China, and Skynet fuck with you like that?

Bitch ass.