My last internship (it was awesome). A programmer developed a vacation/free day request application for internal use.
Asked if I could test it for security.
The dev working on it thought that was a very good idea as he wasn't much into security and explained how the authentication process worked.
I immediately noticed a flaw just from his explanation. He said it was secure anyways (with an explanation but his way of thinking was wrong in this case). Asked if I was allowed to show him. He said he was intrigued by this so gave me a yes right away.

For the record, user levels were normal user, general admin and super admin (he was the only super admin).

Wrote a quick thingy server side (one of my own servers/domains) for testing purposes.

Then I started.

Went from normal user to super admin (his account) through a combination of XSS and Session Hijacking within 15 seconds.

Explained him where he went wrong and he wrote a patch under my guidance 😃.

That felt so fucking awesome.

The programmer and the interns part 3.

Many of you asked me to keep posting about the interns that I'm responsible for.

I had the intention but never had the time or the energy. Since the interns only kept doing stupid, unthinkable things and just filtering out the good ones is a task of its own.

Time has passed, some interns left us by their choice, others were fired (for obvious reasons). Some stayed loyal and were given permanent positions. New ones joined. I no longer am directly responsible for their wellbeing, yet, somehow I am still their tech-lead and the developer of their tools.

Without further delay,

Case 0:
New guy get's into the internship, has his LinkedIn title set to ‘HTML Technician’.
Didn’t know about the existence of HTML5.
Been building static web pages in the early 2000s. The kind with embedded, inline CSS.
Claims that he is about to finish an engineering degree (sadly I believe him).
Fails the entry level Linux test. Complains about the similarity of the answer options.
Fails the basic web-standars test because "they change so fast, but the foundation is HTML and it's rock-solid!".
Get's caught taking home onions and milk from the kitchen.
Is spotted eating in a restaurant under our offices in his day off. Thrice. He lives a 30 minute drive away and comes here on a bicycle or by bus.
Apparently didn't know that the scrolling wheel on the mouse is clickable.
Said that his PC experience is mostly from his PlayStation (PC = PlayCtation apparently).
Get's fired, says that he'll go to the press. Never does.

Case 1:
Yet another new intern. He seems very eager to learn and work, capable, even charismatic. Has an impressive CV.
Does nothing.
Learns from the "case 0" guy and spends time with him until he is fired.
Comes to work at 8:00 AM and immediately goes to sleep on an office puff. In front of everyone.
Keeps dining alone, without a notice, at different times, for hours. Sometimes brings food into the office and loudly eats it there.
On his evening shifts keeps disappearing for long periods of time. Apparently drinking in the nearby bars and hitting on girls.
Keeps bragging about his success with getting their numbers and rants about those who reject him.
For over a year he fails his final training test and remains a trainee, without the ability to work on a real case.
Not fired yet.

Case 2:
Company retreat. Beautiful, exotic views, warm sun beams, all inclusive package for everyone on a huge half-island.
Simon (he's still with us, now as a true engineer!) brings his MacBook to the beach in order to work and impress all others.
Everybody get's drunk and start throwing huge inflatable balls at each other. One hits his laptop and it immediately is flattened.
Upset Simon is going in circles and ranting about the situation, looking for a solution.
Loses his phone on the beach.
Takes his broken laptop with him while searching for the phone.
Dips the laptop in the river while drunkenly ducking in order to pick a clam.

Case 3:
Still company retreat.
Drunk intern makes out with an employee's drunk wife.
Huge verbal fight. The husband says that he files for a divorce. Intern get's fired.

Case 4:
Still company retreat.
Three interns each take an inflatable swimming mattress and drift with the current. Get found on the other side of the resort three hours later, with red skin and severely dehydrated.

Case 5:
Still company retreat.
The 'informally fired' intern gets drunk again, climbs through a window into a room and makes out with an employee's drunk wife.
Again, gets caught when the husband returns to find a locked door but can see them though the window.

Case 6:
Still company retreat.
We all get ferociously drunk and wander off to the unknown in search of more booze.
Everybody does something stupid and somebody finds Simon's phone.
Simon is lost.
Frenzied horde of drunks is roaming the half-island in search of ethanol and the lost comrade.
Simon's phone get's permanently lost.
Five people step on sea urchins but find that out only hours later and then are unable to walk.
The mob, now including more drunk people who joined voluntarily, finds the sexually active intern making out with the enraged employee's wife yet again.
Surprisingly Simon is found sleeping in a room nearby.

Things have been a little too quiet on my side here, so its time for an exciting new series:

practiseSafeHex's new life as a manager.

Episode 1: Dealing with the new backend team

It's great to be back folks. Since our last series where we delved into the mind numbing idiocy of former colleagues, a lot has changed. I've moved to a new company and taken a step up as a Dev manager / Tech lead. Now I know what you are all thinking, sounds more dull and boring right? Well it wouldn't be a practiseSafeHex series if we weren't ...

<audience-shouting>
DEALING! ... WITH! ... IDIOTS!
</audience-shouting>

Bingo! so lets jump right in and kick us off with a good one.

So for the past few months i've been on an on-boarding / fact finding / figuring out this shit-storm, mission to understand more about what it is i'm suppose to do and how to do it. Last week, as part of this, I had the esteemed pleasure of meeting face to face with the remote backend team i've been working with. Lets rattle off a few facts to catch us all up:

- 8 hour time difference to me
- No documentation other than a non-maintained swagger doc
- Swagger is reporting errors and several of the input models are just `Type: String`
- The one model that seems accurate, has every property listed as optional, including what must be the primary key
- Properties go missing and get removed at the drop of a hat and we are never told.
- First email I sent them took 27 days to reply, my response to that hasn't been answered so far 31 days later (new record! way to go team, I knew we could do it!!!)
- I deal directly with 2 of them, the manager and the tech lead. Based on how things have gone so far, i've nick named them:
1) Ass
2) Hole

So lets look at some example of their work:

- I was trying to test the new backend, I saw no data in QA. They said it wouldn't show up until mid day their time, which is middle of the night for us. I said we need data in our timezone and I was told: a) "You don't understand how big this system is" (which is their new catch phrase) b) "Your timezone is not my concern"

- The whole org started testing 2 days later. The next day a member from each team was on a call and I was asked to give an update of how the testing was going on the mobile side. I said I was completely blocked because I can't get test data. Backend were asked to respond. They acknowledged they were aware, but that mobile don't understand how big the system is, and that the mobile team need to come up with ideas for the backend team, as to how mobile can test it. I said we can't do anything without test data, they said ... can you guess what? ... correct "you don't understand how big the system is"

- We eventually got something going and I noticed that only 1 of the 5 API changes due on their side was done. Opened tickets. 2 days later asked them for progress and was told that "new findings" always go to the bottom of the backlog, and they are busy with other things. I said these were suppose to be done days ago. They said you can't give us 2 days notice and expect everything done. I said the original ticket was opened a month a go *sends link* ......... *long silence* ...... "ok, but you don't understand how big the system is, this is a lot of work"

- We were on a call. Product was asking the backend manager (aka "Ass") a question about a slight upgrade to the new feature. While trying to talk, the tech lead (aka "Hole") kept cutting everyone off by saying loudly "but thats not in scope". The question was "is this possible in the future" and "how long would it take", coming from management and product development. Hole just kept saying "its not in scope", until he was told to be quiet by several people.

- An API was sending down JSON with a string containing a message for the user with 2 bits of data inside it. We asked for one of those pieces to also come down as a property as the string can change and we needed it client side. We got that. A few days later we found an edge case and asked for the second piece of data to be a property too. Now keep in mind, they clearly already have access to them in order to make the string. We were told "If you keep requesting changes like this, you are going to delay the release of the backend by up to 2 weeks"

Yes folks, there you have it, the most minuscule JSON modifications, can delay your release by up to 2 weeks ........ maybe I should just tell product, that they don't understand how big the app is, and claim we can't build it on our side? Seems to work for them

Thats all the time we have for today,

Tune in for more, where we'll be looking into such topics as:

- If god himself was an iOS developer ... not
- Why automate when you can spend all day doing it by hand
- Its more time-efficient to just give everything a story point of 5
- Why waste time replying to emails ... when you can do nothing instead

See you all next week,
practiseSafeHex

My biggest dev blunder. I haven't told a single soul about this, until now.

👻👻👻👻👻👻

So, I was working as a full stack dev at a small consulting company. By this time I had about 3 years of experience and started to get pretty comfortable with my tools and the systems I worked with.

I was the person in charge of a system dealing with interactions between people in different roles. Some of this data could be sensitive in nature and users had a legal right to have data permanently removed from our system. In this case it meant remoting into the production database server and manually issuing DELETE statements against the db. Ugh.

As soon as my brain finishes processing the request to venture into that binary minefield and perform rocket surgery on that cursed database my sympathetic nervous system goes into high alert, palms sweaty. Mom's spaghetti.

Alright. Let's do this the safe way. I write the statements needed and do a test run on my machine. Works like a charm 😎

Time to get this over with. I remote into the server. I paste the code into Microsoft SQL Server Management Studio. I read through the code again and again and again. It's solid. I hit run.

....

Wait. I ran it?

....

With the IDs from my local run?

...

I stare at the confirmation message: "Nice job dude, you just deleted some stuff. Cool. See ya. - Your old pal SQL Server".

What did I just delete? What ramifications will this have? Am I sweating? My life is over. Fuck! Think, think, think.

You're a professional. Handle it like one, goddammit.

I think about doing a rollback but the server dudes are even more incompetent than me and we'd lose all the transactions that occurred after my little slip. No, that won't fly.

I do the only sensible thing: I run the statements again with the correct IDs, disconnect my remote session, and BOTTLE THAT SHIT UP FOREVER.

I tell no one. The next few days I await some kind of bug report or maybe a SWAT team. Days pass. Nothing. My anxiety slowly dissipates. That fateful day fades into oblivion and I feel confident my secret will die with me. Cool ¯\_(ツ)_/¯

At one of my former jobs, I had a four-day-week. I remember once being called on my free Friday by an agitated colleague of mine arguing that I crashed the entire application on the staging environment and I shall fix it that very day.

I refused. It was my free day after all and I had made plans. Yet I told him: OK, I take a look at it in Sunday and see what all the fuzz is all about. Because I honestly could fathom what big issue I could have caused.

On that Sunday, I realized that the feature I implemented worked as expected. And it took me two minutes to realize the problem: It was a minor thing, as it so often is: If the user was not logged in, instead of a user object, null got passed somewhere and boom -- 500 error screen. Some older feature broke due to some of my changes and I never noticed it as while I was developing I was always in a logged in state and I never bothered to test that feature as I assumed it working. Only my boss was not logged in when testing on the stage environment, and so he ran into it.

So what really pushed my buttons was:

It was not a bug. It was a regression.

Why is that distinction important?

My boss tried to guilt me into admitting that I did not deliver quality software. Yet he was the one explicitly forbidding me to write tests for that software. Well, this is what you get then! You pay in the long run by strange bugs, hotfixes, and annoyed developers. I salute you! :/

Yet I did not fix the bug right away. I could have. It would have just taken me just another two minutes again. Yet for once, instead of doing it quickly, I did it right: I, albeit unfamiliar with writing tests, searched for a way to write a test for that case. It came not easy for me as I was not accustomed to writing tests, and the solution I came up with a functional test not that ideal, as it required certain content to be in the database. But in the end, it worked good enough: I had a failing test. And then I made it pass again. That made the whole ordeal worthwhile to me. (Also the realization that that very Sunday, alone in that office, was one of the most productive since a long while really made me reflect my job choice.)

At the following Monday I just entered the office for the stand-up to declare that I fixed the regression and that I won't take responsibility for that crash on the staging environment. If you don't let me write test, don't expect me to test the entire application again and again. I don't want to ensure that the existing software doesn't break. That's what tests are for. Don't try to blame me for not having tests on critical infrastructure. And that's all I did on Monday. I have a policy to not do long hours, and when I do due to an "emergency", I will get my free time back another day. And so I went home that Monday right after the stand-up.

Do I even need to spell it out that I made a requirement for my next job to have a culture that requires testing? I did, and never looked back and I grew a lot as a developer.

I have familiarized myself with both the wonderful world of unit and acceptance testing. And deploying suddenly becomes cheap and easy. Sure, there sometimes are problems. But almost always they are related to infrastructure and not the underlying code base. (And yeah, sometimes you have randomly failing tests, but that's for another rant.)

Here's a true story about a "fight" between me and my project manager...

I've been working as a Frontend developer for nearly two years, managed to acquire a decent amount of knowledge, in some cases well above the rest of my coworkers, and one day I got into a bit of a disagreement with my project manager.

Basically he wanted me to copy/paste some feature from another project (needless to say, that... "thing" has more bugs than an ant farm), and against his orders I started doing that feature from scratch, to build a solid foundation from the very start.
I had a lengthy deadline to deliver that feature, they were expecting me to take some time to fix some of the bugs as well, but my idea was to make it bug-free from the moment the feature was released. Both my method and the one I should be copying worked the exact same, but mine was superior in every way, had no bugs, was scalable and upgradeable with little effort, there was no reason not to accept it.

We use scrum as our work methodology, so we have daily meetings. In one of those, the project manager asked me how was the progress on that new feature, and I told him I was just polishing up the code and integrating it with the rest of the project, to make sure everything was working properly. I still had a full day left before the deadline set for that feature, and I was expecting to take about half an hour to finish up a couple lines of code and test everything, no issues so far...

But then he exploded, and demanded to know why wasn't I copying the code from the other project, to which I answered "because this way things will work better".
Right after he said that the feature was working on the other project, copying and pasting it should take a few minutes to do and maybe a couple of extra hours to fix any issues that might have appeared...
The problem here is, the other project was made by trainees, I honestly can't navigate through 3 pages without bumping into an average of 2 errors per page, I was placed into this new project because they know I do quality code, and they wanted this project to be properly made, unlike the previous one, so I was baffled when he said that he preferred me to copy code instead of doing "good" code...
My next reply was "just because something has been made and is working that doesn't mean that it has been properly made nor will work as it should, I could save a few hours copying code (except I wouldn't save any, it would take me more time to adapt the code than to do it from scratch) but then I'll be wasting weeks of work because of new bugs that will be reported over time, because trust me, they will appear... "

I told him this in a very calm manner, but everybody in the meeting room paused and started staring at me, not many dare challenge that specific project manager, and I had just done that...
After a few seconds of silence the PM finally said... "look, if you manage to finish your task inside the set deadline I'll forget we ever had this conversation, but I'll leave a note on my book, just in case..."

I finished that task in about 30 mins, as expected, still had 7 hours till deadline, and I completely forgot about that feature until now because it has never given any issues whatsoever, and is now being used for other projects as well.

It was one of my proudest/rage inducing moments in this project, and honestly, I think I have hit my PM with a very big white glove because some weeks after this event the CEO himself came to the whole team to congratulate us on the outstanding work being made so far, in a project that acted against the PM's orders 90% of the time.

Story time. My first story ever on devRant.

To my ex-company that I bear for a long time... I joined my ex-company 3 years ago. My ex-company assigned me and one girl teammate to start working on a brand new big web project (big one - two members - really?)

My teammate quitted later, I have to work alone after then. I asked if someone can join this project, but manager said other people are busy. Yea, they are fucking busy reading MANGA shit everyday... Oops, I saw it because whenever I about to leave my damn chair, they begin chanting some hotkey magic and begin doing "poker face" like "I'm doing some serious shit right here".. FUCK MY CO-WORKERS!

My manager didn't know shit about software development, and keep barking about Agile, Waterfall and AI shit... He didn't even fucking know what this project should look like, he keep searching the internet for similar functions and gave me screenshots, or sometimes they even hold a meeting of a bunch of random non-related guys who even not working on the project, to discuss about requirements, which last for endless hours... FUCK MY MANAGER!

I was the one in charge for everything. I design the architecture, database, then I fucking implement my own designed architect myself, and I fucking test functions that I fucking implemented myself based on my fucking design. I was so tried, I don't know what the fuck I am working on. Requirement changes everyday. My beautiful architecture began to falling off. I was so tired and began use hack fixes here and there many places in the project. I knew it's bad, but I just don't have time to carefully reconsider it. My test case began becoming useless as requirements changed. My manager's boss push him to finish this project. He began to test, he start complaining about bug here and there, blaming me about why functions are broken, and why it not work as he expected (which he didn't even tell my how he expected). ... I'm not junior developer, but this one-man project is so overwhelmed for me... FUCK MY JOB!

At this time, I have already work this project for almost 2.5 years. I felt very upset. I also feel disappointed about myself, although I know that is not all my entire faults. The feeling that you was given a job, but you can not get it done, I feel like a fucking LOSER. I really wanted to quit and run away from this shithole. But on the other hand I also want to finish this project before I quit. My mind mixed. I'm a hard-worker. I keep pushing myself, but the workplace is so toxic, I can feel it eating up my motivation everyday. I start questioning myself: "Is the job I am doing important?", "If this is really important project, didn't they should assign more members?", I feel so lonely at work... MY MIND IS FUCKED UP!

Finally, after a couple months of stress. I made up my mind that no way this project is gonna end within my lifespan. I decide to quit. Although my contract pointed that I only need to tell one month in advance. I gave my manager 3 months to find new members for project. I did handle over what I know, documents, and my fucked up ultra complexity source code with many small sub-systems which I did all by myself.

Well, I am with a new employer right now. They are good company. At least, my new manager do know how to manage things. My co-workers are energy and hard-working. I am put to fight on the frontline as usual (because of my "Senior position"). But I can feel my team, they got my back. My loneliness is now gone. Job is still hard, but I know for sure that I'm doing things on purpose, I am doing something useful. And to me that is the greatest rewards and keep me motivative! From now, will be the beginning for first page of my new story...

Thanks for reading ...

it's funny, how doing something for ages but technically kinda the wrong way, makes you hate that thing with a fucking passion.

In my case I am talking about documentation.

At my study, it was required to write documentation for every project, which is actually quite logical. But, although I am find with some documentation/project and architecture design, they went to the fucking limit with this shit.

Just an example of what we had to write every time again (YES FOR EVERY MOTHERFUCKING PROJECT) and how many pages it would approximately cost (of custom content, yes we all had templates):

Phase 1 - Application design (before doing any programming at all):
- PvA (general plan for how to do the project, from who was participating to the way of reporting to your clients and so on - pages: 7-10.
- Functional design, well, the application design in an understandeable way. We were also required to design interfaces. (Yes, I am a backender, can only grasp the basics of GIMP and don't care about doing frontend) - pages: 20-30.
- Technical design (including DB scheme, class diagrams and so fucking on), it explains it mostly I think so - pages: 20-40.

Phase 2 - 'Writing' the application
- Well, writing the application of course.
- Test Plan (so yeah no actual fucking cases yet, just how you fucking plan to test it, what tools you need and so on. Needed? Yes. but not as redicilous as this) - pages: 7-10.

- Test cases: as many functions (read, every button click etc is a 'function') as you have - pages: one excel sheet, usually at least about 20 test cases.

Phase 3 - Application Implementation
- Implementation plan, describes what resources will be needed and so on (yes, I actually had to write down 'keyboard' a few times, like what the actual motherfucking fuck) - pages: 7-10.
- Acceptation test plan, (the plan and the actual tests so two files of which one is an excel/libreoffice calc file) - pages: 7-10.
- Implementation evalutation, well, an evaluation. Usually about 7-10 FUCKING pages long as well (!?!?!?!)

Phase 4 - Maintaining/managing of the application
- Management/maintainence document - well, every FUCKING rule. Usually 10-20 pages.
- SLA (Service Level Agreement) - 20-30 pages.
- Content Management Plan - explains itself, same as above so 20-30 pages (yes, what the fuck).
- Archiving Document, aka, how are you going to archive shit. - pages: 10-15.

I am still can't grasp why they were surprised that students lost all motivation after realizing they'd have to spend about 1-2 weeks BEFORE being allowed to write a single line of code!

Calculation (which takes the worst case scenario aka the most pages possible mostly) comes to about 230 pages. Keep in mind that some pages will be screenshots etc as well but a lot are full-text.

Yes, I understand that documentation is needed but in the way we had to do it, sorry but that's just not how you motivate students to work for their study!

Hell, students who wrote the entire project in one night which worked perfectly with even easter eggs and so on sometimes even got bad grades BECAUSE THEIR DOCUMENTATION WASN'T GOOD ENOUGH.

For comparison, at my last internship I had to write documentation for the REST API I was writing. Three pages, providing enough for the person who had to, to work with it! YES THREE PAGES FOR THE WHOLE MOTHERFUCKING PROJECT.

This is why I FUCKING HATE the word 'documentation'.

I don't want to write clean code anymore :(

I read Clean Code, Clean Coder, and watched many uncle bob's videos, and I was able to apply best practices and design patterns
I created many systems that really stood the test of time...

Management was kind enough to introduce me to uncle bob clean code in the first place, letting us watch it during work hours. after like one year, my code improved 400% minimum because I am new and I needed guidance from veterans...

That said, to management I am very slow, compared to this other guy, they ask me for a feature and my answer would be like "sure, we need to update the system because it just doesn't support that right now, it is easy though it would take 2 days tops"

they ask the same thing for the other guy : "ok let me see what I can do", 1 hour later, on slack, he writes : done. he slaps bunch of if-statement and make special case that will serve the thing they asked for.

oh 'cool' they say -> but it doesn't do this -> it needs to do that -> ok there is a new bug,-> it doesn't work in build mode-> it doesn't work if you are logged in as a guest, now its perfect ! -> it doesn't work on Android -> ok it works on android but now its not perfect anymore.

and they feel like he is fast (and to be fair he is), this feature? done. ok new bugs? solved. Android compatibility ? just one day ... it looks like he is doing doing doing.

it ends up taking double the time I asked for, and that is not to mention the other system affected during this entire process, extra clean up that I have to do, even my systems that stood the test of time are now ruined and cannot be extracted to other projects. because he just slaps whatever bools and if statements he needs inside any system, uses nothing but Singleton pattern on everything. our app will never be ready-for-business, this I can swear. its very buggy. and to fix it, it needs a change in mentality, not in code.
---------------

uncle bob said : write your code the right way, and the management will see that your code generates less errors, with time, you will earn respect even though they will feel you are slow at first.

well sorry uncle, I've been doing it for a year, my image got bad, you are absolutely right, only when there is no one else allowed to drop a giant shit inside your clean code.

note: we don't really have a technical lead.
-------------------
its been only two days since my new "hack n' slash" meta, the management is already kind of "impressed" ... so I'll keep hacking and slashing until I find a better job.

This is my most ridiculous meeting in my long career. The crazy thing is I have witnessed this scenario play out many times during my career. Sometimes it sits in waiting for a few years but then BOOM there it is again and again. In each case the person that fell into the insidious trap was smart and savvy but somehow it just happened. The outcomes were really embarrassing and in some cases career damaging. Other times, it was sort of humorous. I could see this happening to me and I never want it to happen to you.

Once upon a time in a land not so far away there was a Kickoff Meeting for an offsite work area recovery exercise being planned for our Oklahoma locations. Eleven Oklahoma high ranking senior executives were on this webinar plus three Enterprise IT Directors (Ellen, Jim and Bob) who would support the business from the systems side throughout the exercise.

The plan was for Sam Otto, our Midwest Director of Business Continuity to host this webinar. Sam had hands-on experience recovering to our third party recovery site vendor and he always did a great job. He motivated people to attend the exercise with the coolest breakfasts and lunches you could imagine. Donuts, bagels, pizza, wings, scrumptious salads, sandwiches, beverages and desserts. He was great with people and made it a lot of fun.

At the last minute Charles 'Don't Call Me Charlie' Ego-Smith, the Global Business Continuity Senior Vice President, decided to grand-stand Sam. He demanded the reins to the webinar. Pulled a last-minute power-play and made himself the host and presenter. You have probably seen the move at some point in your career. I guess the old saying, 'be careful what you wish for' has some truth to it - read on and let me know if you devRanters agree...

So, Charlie, I mean Charles, begins hosting the session and greets all of the attendees. Hey, good so far! He starts showing some slides in the PowerPoint presentation and he fields a few questions, comments and requests from the Oklahoma executives. The usual easy to handle requests such as, 'what if we are too busy to do recover all systems', 'what if we recover all of our processes from home', 'what if we have high profile visitors that month?' Hey you can't blame them for trying. You are probably thinking to yourself, 'been there - heard that!' But luckily our experienced team had anticipated the push-back. Fortunately, Senior Management 'had our backs' and committed that all processes and systems must participate and test - so these were just softball requests, 'easy-peasy' to handle. But wait, we are just getting started!

Now the fireworks begin. Bob, one if the Enterprise IT directors started asking a bunch of questions. Well, Charles had somewhat of a history with Bob from previous exercises and did not take kindly to Bob's string of questions. Charles started getting defensive and while Bob was speaking Charles started IM'ing. He's firing off one filthy message after another to me and our teammate Sam.

'This idiot Bob is the biggest pain in the ass that I ever worked with'; 'he doesn't know shit', 'he never shuts the f up', 'I wanna go over to his office and kick his f'in ass...!'

Unfortunately...the idiot Charles had control of the webinar and was sharing his screen so every message he sent was seen by all of the attendees! Yeah, everyone including Bob and the Senior Oklahoma executives! We could not instant message him to stop as everyone would have seen our warnings, so we tried to call Charles' cell phone and text him but he did not pick up. He just kept firing ridiculously embarrassing dirty IM messages and I guess we were all so stunned we just sat there bewildered. We finally bit the bullet and IM'ed him to STOP ALREADY!!! Whoa, talk about an embarrassing silence!

I really felt sorry for Bob. He is a good guy. Deservedly, Charlie 'Yes I am going to call you CHARLIE' got in big time hot water after the webinar with upper management. For one reason or another he only lasted another year or so at our company. Maybe this event played a part in his demise.

So, the morale is, if you use IM - turn it off during a webinar if you are the host. If you must use it, be really careful what you say, who you say it to and pray nothing embarrassing or personal is sent to you for everyone to see.

Quick Update - During the past couple of months I participated on many webinars with enterprise software vendors trying to sell me expensive solutions. Most of the vendors had their IM going while doing webinars and training. Some very embarrassing things came flying across our screens. You learn a lot reading those messages when they pop-up on the presenters' screen, both personal and business related. Some even complaints from customers!

My advice to employees and vendors is to sign-out of IM before hosting a webinar. Otherwise, it just might destroy your credibility and possibly your career.

I have been gone a while. Sorry. Workplace no longer allows phones on the lab and I work exclusively in the lab. Anyway here is a thing that pissed me off:

Systems Engineer (SE) 1 : 😐 So we have this file from the customer.
Me: 😑 Neat.
SE1: 😐 It passes on our system.
Me: 😑 *see prior*
Inner Me (IM): 🙄 is it taught in systems engineer school to talk one sentence at a time? It sounds exhausting.
SE1: but when we test it on your system, it fails. And we share the same algorithms.
Me: 😮 neat.
IM: 😮neat, 😥 wait what the fuck?
Me: 😎 I will totally look into that . . .
IM: 😨 . . . Thing that is absolutely not supposed to happen.

*Le me tracking down the thing and fixing it. Total work time 30 hours*

Me: 😃 So I found the problem and fixed it. All that needs to happen is for review board to approve the issue ticket.
SE1: 😀 cool. What was the problem?
Me: 😌 simple. See, if the user kicked off a rerun of the algorithm, we took your inputs, processed them, and put them in the algorithm. However, we erroneously subtracted 1 twice, where you only subtract 1 once.
SE1: 🙂 makes sense to me, since an erroneous minus 1 only effects 0.0001% of cases.

*le into review board*

Me: 😐 . . . so in conclusion this only happens in 0.0001% of cases. It has never affected a field test and if this user had followed the user training this would never have been revealed.
SE2: 🤨 So you're saying this has been in the software for how long?
Me: 😐 6 years. Literally the lifespan of this product.
SE2: 🤨 How do you know it's not fielded?
Me: 😐 It is fielded.
SE2: 🤨 how do you know that this problem hasn't been seen in the field?
Me: 😐 it hasn't been seen in 6 years?
IM: 😡 see literally all of the goddamn words I have said this entire fucking meeting!!!
SE2: 😐 I would like to see an analysis of this to see if it is getting sent to the final files.
Me: 🙄 it is if they rerun the algorithm from our product. It's a total rerun, output included. It's just never been a problem til this one super edge case that should have been thrown out anyway.
SE2: 🤨 I would still like to have SE3 run an analysis.
Me: 🙄 k.
IM: 😡 FUUUUUUUUUCK YOOOOOU

*SE3 run analysis*

SE3: 😐 getting the same results that Me is seeing.
Me: 😒 see? I do my due diligence.
SE2: 😐 Can you run that analysis on this file again that is somehow different, plus these 5 unrelated files?
SE3: 😎 sure. What's your program's account so I can bill it?
IM: 😍 did you ever knooooow that your my heeeerooooooo.

*SE3 runs analysis*

SE3: 😐 only the case that was broken is breaking.
SE2: 😐 Good.
IM: 🤬🤬🤬🤐 . . . 🤯WHY!?!?
Me: 😠 Why?
SE2: 😑 Because it confirms my thoughts. Me, I am inviting you to this algorithm meeting we have.
Me/IM: 😑/😡 what . . . the fuck?

*in algorithm meeting*

Me: 😑 *recaps all of the above* we subtract 1 one too many times from a number that spans from 10000 to -10000.
Software people/my boss/SE1/SE3: 🤔 makes sense.
SE2:🤨 I have slides that have an analysis of what Me just said. They will only take an hour to get through.
Me: 😑 that's cool but you need to give me your program's account number, because this has been fixed in our baseline for a week and at this point you're the only program that still cares. Actually I need the account to charge for the last couple times you interrupted me for some bullshit.

*we are let go.*

And this is how I spent 40+ useless hours against a program that is currently overrunning for no reason 🤣🤣🤣

Moral: never involve math guys in arithmetic situations. And if you ever feel like you're wasting your time, at least waste someone else's money.

This is something that happened 2 years ago.

1st year at uni, comp sci.

Already got project to make some app for the univ that runs in android, along with the server

I thought, omg, this is awesome! First year and already got something to offer for the university 😅
(it's a new university, at the time I was the 2nd batch)

Team of 12, we know our stuffs, from the programming POV, at least, but we know nothing about dealing with client.

We got a decent pay, we got our computers upgraded for free, and we even got phones of different screen sizes to test out our apps on.

No user requirement, just 2-3 meetings. We were very naive back then.

2 weeks into development, Project manager issues requirement changes

we have a meeting again, discussing the important detail regarding the business model. Apparently even the univ side hadn't figure it out.

1 month in the development, the project manager left to middle east to pursue doctoral degree

we were left with "just do what you want, as long as it works"

Our projects are due to be done in 3 months. We had issues with the payment, we don't get paid until after everything's done. Yet the worse thing is, we complied.

Month 3, turns out we need to present our app to some other guy in the management who apparently owns all the money. He's pleased, but yet, issued some more changes. We didn't even know that we needed to make dashboard at that time.

The project was extended by one month. We did all the things required, but only got the payment for 3 months.

Couldn't really ask for the payment of the fourth month since apparently now the univ is having some 'financial issues'.

And above all: Our program weren't even tested, let alone being used, since they haven't even 'upgraded' the university such that people would need to use our program as previously planned.

Well, there's nothing to be done right now, but at least I've learned some REALLY valuable lesson:

1. User Requirement is a MUST! Have them sign it afterwards, and never do any work until then. This way, change of requirements could be rejected, or at least postponed

2. Code convention is a MUST! We have our code, in the end, written in English and Indonesian, which causes confusion. Furthermore, some settle to underscore when naming things, while other chooses camel case.

3. Don't give everyone write access to repository. Have them pull their own, and make PR later on. At least this way, they are forced to fix their changes when it doesn't meet the code convention.

4. Yell at EVERYONE who use cryptic git commit message. Some of my team uses JUST EMOTICONS for the commit message. At this point, even "fixes stuffs" sound better.

Well, that's for my rant. Thanks for reading through it. I wish some of you could actually benefit from it, especially if you're about to take on your first project.

So I'm back from vacation! It's my first day back, and I'm feeling refreshed and chipper, and motivated to get a bunch of things done quickly so I can slack off a bit later. It's a great plan.

First up: I need to finish up tiny thing from my previous ticket -- I had overlooked it in the description before. (I couldn't test this feature [push notifications] locally so I left it to QA to test while I was gone.)

It amounted to changing how we pull a due date out of the DB; some merchants use X, a couple use Y. Instead of hardcoding them, it would use a setting that admins can update on the fly.

Several methods deep, the current due date gets pulled indirectly from another class, so it's non-trivial to update; I start working through it.

But wait, if we're displaying a due date that differs from the date we're actually using internally, that's legit bad. So I investigate if I need to update the internals, too.

After awhile, I start to make lunch. I ask my boss if it's display-only (best case) and... no response. More investigating.

I start to make a late lunch. A wild sickness appears! Rush to bathroom; lose two turns.

I come back and get distracted by more investigating. I start to make an early dinner... and end up making dinner for my monster instead.

Boss responds, tells me it's just for display (yay!) and that we should use <macro resource feature> instead.

I talk to Mr. Product about which macros I should add; he doesn't respond.

I go back to making lunch-turn-dinner for myself; monster comes back and he's still hungry (as he never asks for more), so I make him dinner.

I check Slack again; Mr. Product still hasn't responded. I go back to making dinner.

Most of the way through cooking, I get a notification! Product says he's talking it through with my boss, who will update me on it. Okay fine. I finish making dinner and go eat.

No response from boss; I start looking through my next ticket.

No response from boss. I ping him and ask for an update, and he says "What are you talking about?" Apparently product never talked to bossmang =/ I ask him about the resources, and he says there's no need to create any more as the one I need already exists! Yay!

So my feature went from a large, complex refactor all the way down to a -1+2 diff. That's freaking amazing, and it only took the entire day!

I run the related specs, which take forever, then commit and push.

Push rejected; pull first! Fair, I have been gone for two weeks. I pull, and git complains about my .gitignore and some local changes. fine, whatever. Except I forgot I had my .gitignore ignored (skipped worktree). Finally figure that out, clean up my tree, and merge.

Time to run the specs again! Gems are out of date. Okay, I go run `bundle install` and ... Ruby is no longer installed? Turns out one of the changes was an upgrade to Ruby 2.5.8.

Alright, I run `rvm use ruby-2.5.8` and.... rvm: command not found. What. I inspect the errors from before and... ah! Someone's brain fell out and they installed rbenv instead of the expected rvm on my mac. Fine, time to figure it out. `rbenv which ruby`; error. `rbenv install --list`; skyscraper-long list that contains bloody everything EXCEPT 2.5.8! Literally 2.5 through 2.5.7 and then 2.6.0-dev. asjdfklasdjf

Then I remember before I left people on Slack made a big deal about upgrading Ruby, so I go looking. Dummy me forgot about the search feature for a painful ten minutes. :( Search found the upgrade instructions right away, ofc. I follow them, and... each step takes freaking forever. Meanwhile my children are having a yelling duet in the immediate background, punctuated with screams and banging toys on furniture.

Eventually (seriously like twenty-five minutes later) I make it through the list. I cd into my project directory and... I get an error message and I'm not in the project directory? what. Oh, it's a zsh thing. k, I work around that, and try to run my specs. Fail.

I need to update my gems; k. `bundle install` and... twenty minutes later... all done.

I go to run my specs and... RubyMine reports I'm using 2.5.4 instead of 2.5.8? That can't be right. `ruby --version` reports 2.5.8; `rbenv version` reports 2.5.8? Fuck it, I've fought with this long enough. Restarting fixes everything, right? So I restart. when my mac comes back to life, I try again; same issue. After fighting for another ten minutes, I find a version toggle in RubyMine's settings, and update it to 2.5.8. It indexes for five minutes. ugh.

Also! After the restart, this company-installed surveillance "security" runs and lags my computer to hell. Highest spec MacBook Pro and it takes 2-5 seconds just to switch between desktops!

I run specs again. Hey look! Missing dependency: no execjs. I can't run the specs.

Fuck. This. I'll just push and let the CI run specs for me.

I just don't care anymore. It's now 8pm and I've spent the past 11 hours on a -1+2 diff!

What a great first day back! Everything is just the way I left it.

"I'm almost done, I'll just need to add tests!"

Booom! You did it, that was a nuke going off in my head.

No, you shouldn't just need to add tests. The tests should have been written from the get go! You most likely won't cover all the cases. You won't know if adding the tests will break your feature, as you had none, as you refactor your untested mess in order to make your code testable.

When reading your mess of a test case and the painful mocking process you went through, I silently cry out into the void: "Why oh why!? All of this suffering could have been avoided!"

Since most of the time, your mocking pain boils down to not understanding what your "unit" in your "unit test" should be.

So let it be said:

- If you want to build a parser for an XML file, then just write a function / class whose *only* purpose is: parse the XML file, return a value object. That's it. Nothing more, nothing less.
- If you want to build a parser for an XML file, it MUST NOT: download a zip, extract that zip, merge all those files to one big file, parse that big file, talk to some other random APIs as a side-effect, and then return a value object.

Because then you suddenly have to mock away a http service and deal with zip files in your test cases.

The http util of your programming language will most likely work. Your unzip library will most likely work. So just assume it working. There are valid use cases where you want to make sure you acutally send a request and get a response, yet I am talking unit test here only.

In the scope of a class, keep the public methods to a reasonable minimum. As for each public method you shall at least create one test case. If you ever have the feeling "I want to test that private method" replace that statement in your head with: "I should extract that functionality to a new class where that method public. I then can create a unit test case a for that." That new service then becomes a dependency in your current service. Problem solved.

Also, mocking away dependencies should a simple process. If your mocking process fills half the screen, your test setup is overly complicated and your class is doing too much.

That's why I currently dig functional programming so much. When you build pure functions without side effects, unit tests are easy to write. Yet you can apply pure functions to OOP as well (to a degree). Embrace immutability.

Sidenote:

It's really not helpful that a lot of developers don't understand the difference between unit, functional acceptance, integration testing. Then they wonder why they can't test something easily, write overly complex test cases, until someone points out to them: No, in the scope of unit tests, we don't need to test our persistance layer. We just assume that it works. We should only test our businsess logic. You know: "Assuming that I get that response from the database, I expect that to happen." You don't need a test db, make a real query against that, in order to test that. (That still is a valid thing to do. Yet not in the scope of unit tests.)

So here is my week 72 as a reviewer. But first, let me ask y'all. Am I weird to think that you should finish coding the thing and testing the thing before kicking it out to review? Cuz that's how I do it. And that is the process at my work place.

So anyway, I was doing this review. And it was very wrong. Like really, really wrong. We give a thorough intro to our product (perhaps too thorough) so this guy should have known every test case he had to cover. Or at least, if he was unsure, asked. It was all documented.

Anyway, he kicks out this peer review. First thing I notice, it is not following the standard. Fair enough, we didn't give him the coding standard. BUT HE DIDN'T EVEN MAINTAIN THE FORMAT OF THE ORIGINAL FILE. HE JUST DID HIS OWN THING!!! So I email him the coding standard and make a comment in the review. He denies the finding. No reason. Just turns it down. Strike 1.

Then, I'm going through and he didn't even cover all of the core cases. I found several core cases that he missed. And every edge case. Make a not of it. He fixes only the couple of examples I gave him. Strike 2.

Guy decided to redesign a major chunk of our interfaces. Our interfaces are not just used by us (hence interfaces). We designed them the way they were for a reason. It was not a fun design process. Myself, the architect, one of our customers, and the guy that did the implementation all told him to roll back his change. Especially since it wasn't in the scope of what he was doing. He wouldn't. Strike 3.

I go to the lead and bring him in. He has a talk with him. All of the sudden he is putting out multiple builds per finding. Like most times I will put out like 2 to 4 for the whole peer review. No he kicks out minimum one per finding and chokes the review queue. Strike 4.

Strike 5: he tells me, a former DBA, that I didn't know what I was talking about when I told him to move something into a new table, even after I told him that "while in database terms it doesn't make sense, this is for product robustness".

Strike 6: he was just a condescending asshole. Bragging about how he did this job and that job over his career. His longest position held was about 18 months. Bragged about working at my company and being some hotshot at the company: only worked here for 8 months and that was 5 years ago.

You know. I have never really wanted to fight someone after about undergrad. But he came close.

Watch out for these fucking bug bounty idiots.

Some time back I got an email from one shortly after making a website live. Didn't find anything major and just ran a simple tool that can suggest security improvements simply loading the landing page for the site.

Might be useful for some people but not so much for me.

It's the same kind of security tool you can search for, run it and it mostly just checks things like HTTP headers. A harmless surface test. Was nice, polite and didn't demand anything but linked to their profile where you can give them some rep on a system that gamifies security bug hunting.

It's rendering services without being asked like when someone washes your windscreen while stopped at traffic but no demands and no real harm done. Spammed.

I had another one recently though that was a total disgrace.

"I'm a web security Analyst. My Job is to do penetration testing in websites to make them secure."
"While testing your site I found some critical vulnerabilities (bugs) in your site which need to be mitigated."
"If you have a bug bounty program, kindly let me know where I should report those issues."
"Waiting for response."

It immediately stands out that this person is asking for pay before disclosing vulnerabilities but this ends up being stupid on so many other levels.

The second thing that stands out is that he says he's doing a penetration test. This is illegal in most major countries. Even attempting to penetrate a system without consent is illegal.

In many cases if it's trivial or safe no harm no foul but in this case I take a look at what he's sending and he's really trying to hack the site. Sending all kinds of junk data and sending things to try to inject that if they did get through could cause damage or provide sensitive data such as trying SQL injects to get user data.

It doesn't matter the intent it's breaking criminal law and when there's the potential for damages that's serious.

It cannot be understated how unprofessional this is. Irrespective of intent, being a self proclaimed "whitehat" or "ethical hacker" if they test this on a site and some of the commands they sent my way had worked then that would have been a data breach.

These weren't commands to see if something was possible, they were commands to extract data. If some random person from Pakistan extracts sensitive data then that's a breach that has to be reported and disclosed to users with the potential for fines and other consequences.

The sad thing is looking at the logs he's doing it all manually. Copying and pasting extremely specific snippets into all the input boxes of hacked with nothing to do with the stack in use. He can't get that many hits that way.

Let me tell you the story of how a feature request no one asked for got put in an early grave:

PM walks into weekly meeting with a single use case that one user called in about, despite never having this issue during the past year and a half that our app has been in production. PM's boss (genuinely one of the best people i have ever worked with) happens to sit in this particular meeting for no reason other than he felt like he should once in a while.

PM brings up use case and wants to devote 3 weeks' development time and another 3 weeks to test RIGHT NOW while other projects are already in motion. PM's boss speaks up with this: "Listen if this guy is really this upset, we can just tell him to build his own service. All the other end users have no problems with this, so it's not worth spending the resources on, i don't think."

And that is how i went from "this is bullshit" to "i love you" in the span of 20 minutes.

I'm going to kill management.
After a serious migration fiasco at one of our biggest costumers the platform was finally usable again (after two days instead of 10 hours) and, of course, users started to report bugs. So good old po came in ranting that we as qa did a horrible job and basically tried to fault us for a fucked up update (because we produced user pain, which of course not being able to log in didn't do). Among the issues: If the user has more than a hundred web pages the menu starts looking ugly, the translation to dutch in one string on the third submenu of a widget doesn't work and a certain functionality isn't available even if it's activated.
Short, they were either not a use case or very much minor except for that missing function. So today we've looked through the entire test code, testing lists, change logs and so on only to discover that the function was removed actively during the last major update one and a half years ago.

Now it's just waiting for the review meeting with the wonderful talking point "How could effective QA prevent something like this in the future" and throwing that shit into his face.

I mean seriously, if you fuck shit up stand by it. We all make mistakes but trying to pin it on other people is just really, really low.

The story of how I got my dream job.

I was working for a company with a job I got just after graduating university. It was ok, not very exciting tech but I learned a lot by just surrounding myself with professional code monkeys. I was there for about a year when my company bought parts of another company and there was talk about people getting fired. This made me worried since I was the last one to get hired, so I started looking around for other jobs. I received this e-mail from a company saying they were looking for interns, what a coincidence! I adjusted my CV and sent it in.

--A few weeks pass--

It's Friday and I'm at a dinner party, it's 10pm and someone is calling me. I pick up and it's a recruiter from this company. I get very nervous but the alcohol helps me keep my cool, I pass the initial idiot test and they invite me for an interview. Yay!

I go to work on Monday and in a 1-on-1 and I tell my boss about the upcoming interview, he gives me a high-five :)

The interview is approaching and I'm feeling that I'm about to get sick, I refuse to believe this so I start taking a lot of medicine (painkillers, cough medicine etc.). I feel a bit better and thank the gods for medication.

--D-day--

I wake up, put on my nicest clothes and get on the train. I had one hour to spare just in case, which was well needed because the fucking train is late by 30 minutes. I'm still heavily medicated because of my ongoing fever. When I arrive I basically have to run there and somehow I manage to pick up a coffee on the way there which I devour in two seconds. I'm ready for the interview!

Some guy meets me in reception and the first thing he says is "My colleague doesn't speak our language so we'll have to speak english". This is fine, I speak good english but I was not prepared for this so it caught me off-guard and made me even more nervous. We get in and start talking. Things are going OK despite my numbed brain. I try to make eye-contact to make a good impression with the foreign engineer but he keeps staring somewhere which is making me nervous.

We get to the technical part on a whiteboard and this is where my brain decides to stop communicating. I'm presented a simple task which I'm struggling with finishing, and I feel the embarrassment coming over me. "NOOOOO THIS IS MY DREAM JOB, THIS CANNOT BE HAPPENING!" I'm thinking to myself. After making myself look like a complete arsehole for some time we wrap it up and just before I step out the door I say to the engineer "You should checkout my Github page, I have lots of interesting stuff there" and he says "I'll be sure to do that" but I don't believe him.

I leave the office in fury (of myself) and make my way to the train station and even though it's the middle of the day I quickly devour two beers to calm my nerves and make me feel a bit better. I was so damn disappointed in myself, I wasted the opportunity of a lifetime! I go back home to my regular (now shitty) job.

--Two days later--

I get a call from an unknown number. I pick up the phone and it's the same recruiter guy. "So how did you think it went?" he says. "To be honest, I think it went really bad", I replied. "What? Really? Because they loved you, you got the job". (this was an obvious recruiter lie) "... wat, are you sure you called the correct person?" I said and he just laughed. The day after I quit my old job the whole department gets fired - such impeccable timing.

--A few months later--

I finish my internship and they want to keep me. I'm so happy. The engineer that was in the interview works on my team. I ask him "Why did you hire me? You know as well as I do that my interview was horrible". It turns out he _did_ look at my Github profile and that's how he knew I could write code. I also heard later that for my position there was about 2000 applicants and somehow I made the interviews.

I still work there today and I couldn't be happier (Sorry for the long text).

Storytime!

I got a ticket near the end of the day, asking to install a printer on a computer. The branch in question was in a different time zone (I'm in US-Pacific [GMT-07] and the computer was in US-Eastern [GMT-04]). I figured I wouldn't worry about it; after all, I had other tickets to work on that were much higher priority.

The next day I come into work and immediately get a message from one of my East Coast coworkers, telling me that this branch is calling and asking how the printer is coming. I told him to tell them I would call them a bit later. I do a couple of easy jobs and then begrudgingly call the branch. I listen to the phone tree that they have (which requires two button presses instead of one in order to speak with someone) and finally get in contact with a person... only to have the call disconnect.

I call back and ask for the person who called in the ticket and then followed up, who had apparently gone to lunch. I informed the person that I was just going to install the printer and it would be good to go. This would be fine... up until she mentioned she needed scanning functionality.

Now I wasn't sure if the driver we have in AD is set up with the scan functionality, so I said okay, but that meant I would have to get the driver from the website. The connection to our branches are about 1Mbps, so even downloading Java updates (60-ish MB) take about 5-10 minutes on a good day. The file for this printer was about 700MB (thanks HP). So I went and did other stuff while that downloaded.

I come back after it finished and started the install process. Right away it asks to re-seat the USB cable. So I call the branch. The call disconnects. I call again. It disconnects. I call one more time, and finally get the person who called the ticket in. I instruct him to re-seat the cable. He does. The driver starts doing its thing. I tell him I'll call back if I run into any issues and we hang up.

The driver goes through the install process for about 20 minutes, stops at 99%, then fails. I want to restart the computer, just in case there's a conflict somewhere, but that would require calling the store again, so I put it off.

About an hour later I get a message from another East Coast coworker, telling me the branch is calling about the printer again. I was in the middle of another call and said I would call back later. I do. It disconnects. I call again, and get the person who called the ticket in again. I tell him I want to restart the computer, but wasn't sure if it was okay. He checks with the people using it, who says it's okay, so I reboot. I hang up.

Once the computer comes back up I start the install process again. It asks to re-seat the cable. Fuck. I don't want to call the store again, so I open notepad and say "Please take out the printer's USB connection from the back of the computer."

Three. Fucking. People. Saw it. They moved the window and one even tried to close it, but they didn't re-seat the cable. I opened another window, telling them to call me at my number. They didn't. I called them. Got disconnected. I called them again, finally got someone, told them to re-seat the printer cable again. They do, thank god.

I say thank you and hang up. Continue the installer. It stops at 99% again and fails. I reboot the computer; screw it, I'm just going to install the driver from Active Directory. Check Devices and Printers. It's installed successfully. Hallelujah!

I get the printer set up for the various programs they use and print a test page. I call them one last time; their phone system sounding like they were connected via an underwater line connected by tin cans. I get someone.

$me: Hi, I want to know if the printer has printed something.

$them (garbled): -et me shee... yesh, it -rint-d a *beezelborp*.

$me: Perfect, I'm going to close this ticket! Thanks, goodbye! *hangs up*

tl;dr - I hate printers

Slowly getting better with RegEx problems! Warning, lots of non-computer linguistic geekiness ahead.

Been working on some functions recently to replicate the furigana (Chinese character annotation) functions available over at JP.SE in PHP for a project.

Managed to get the basic cases down fairly quick:

[Chinese character][reading] => <ruby><rb>Chinese Character</rb><rt>Reading</rt></ruby>

However I realized this evening that there are patterns where this repeats twice for one word, such as the following:

[Chinese Character][helper Japanese character(s)][Chinese Character][possibly optional word ending][reading for the whole thing]

Managed to get it working for both cases initially, but then I found out that adding a Japanese character to either of my test strings (see graphic) would cause the annotations to fall grossly out of sync. The next two hours disappeared pretty fast before discovering that the issue was that I was removing the wrong string length from the annotation string, and just happened to luck out with a test case where it worked the first time.

Probably going to do a code review of it with the intern next time he's in. One of the things I've been stressing to him lately is that however easy a task may be for a human, there are all kinds of extra things that need to be tracked in order for a computer to be able to follow your logic.

I'm a contractor at a product company and today I had the pleasure of working with some jQuery.

A function needed to be called before another function, hard work right?

So I moved the call to the function 3 rows higher, checked it in, set the task as ready for test and started to look for other tasks.
Within a couple of minutes I get a direct message from another dev, let's call him Steve.
Steve wanted me to set the task to ready for code review instead of test, so I did just that and tried to move on.

Some minute or two later Steve contacts me again:
"It would be great if you'd move the comment so it'd be over the call to the function"

Well, I'm not one of those who likes comments... If you need a comment, it's probably not good/readable code. In some cases sure, it might be a complex block coming up.
Sorry, lost my train of thought.

I answered Steve : "Are you sure, I could just remove it instead?"

(for readability S will be Steve and M will be me)

S: Well, it's always good to have comments
M: In this case I think it will be alright.
S: But it's nice to see what the function is doing.
M: I'll do it if you really want me to.
S: It's better to have the comment than to not have it and needing it.
M: Okay then

The name of the function : LoadOrganizationTree()

And this is the comment :
//Load organization tree

hey ranteros! i like to dream and i know many of us dream of a nice machine to do anything on it, if you want to post the specs of your ideal build(s) (even a laptop, pre-built pc, space gray macbook pro... doesn't matter). and your current one.

here's mine:

ideal: {
type: desktop-pc,
cpu: intel i7-8700K (coffee lake),
gpu: nvidia geforce gtx 1080ti,
ram: 32gb ddr4,
storage: {
ssd: samsung 960 evo 500gb,
hdd: 2tb wd black
},
motherboard: any good motherboard that supports coffee lake and has a good selection of i/o,
psu: anything juicy enough, silver rated,
cooling: i don't care about liquid cooling that much, or maybe i'm just afraid of it,
case: i accept any form factor, as long as it's not too oBNoxi0Us,
peripherals: {
monitor: 1080p, maybe 1440p, i can't 4k because of the media i consume (i have tons of shit i watch in 720p) + other reasons,
keyboardmousecombo: i like logitech stuff, nothing fancy, their non mechanical keyboards are nice, for mice the mx master 2 is nice i think, i also don't care about rgb because i think it's too distracting and i'm always in darkness so some white backlight is great
},
os: windows 10, tails (i have some questions about tails i'll be asking in a different post,
}

i think this is enough for ideal, now reality:

current: {
type: laptop,
brand: acer (aspire 7736z),
cpu: pentium dual-core 2.10ghz,
gpu: geforce g210m 2gb (with cuda™!),
ram: 4gb ddr3,
storage: hdd 500gb wd blue 5400rpm (this motherfucker stood the test of time because it's still working since i bought this thing (the laptop as it is) used in late 2009 although it's full of bad sectors and might anytime, don't worry i have everything backed up, i have a total of 5 hdds varying from 320gb to 1tb with different stuff on them),
screen: 17 inch hd-ready!!! (i think it's a tn panel), i've never done a test on color accuracy, but to my eyes it's bright, colorful, and has some dust particles between the lcd and backlight hah,
other cool things: dvd player/burner, full-sized keyboard with numeric keypad, vga, hdmi, 4 usb ports, ethernet, wi-fi haha, and it's hot, i mean so hot, hotter than elsa jean and piper perri combined,
os: windows 10, tails
}

if you read this whole thing i love you, and if you have some time to spare on a sunday you can share your dream rig and the sometimes cruel current one if you dare. you don't have to share them both. i know many will go b.o.b and say "what you're hoping to accomplish, i already did bitch.", that's cool as well, brag about your cool rig!

The "unit" in unit test does not mean your ENTIRE APPLICATION. Ever heard of scope!?

I am amazed how often people write overblown test setups, mock hundreds of unrelated services, just to test one tiny bit of logic.

That bit of logic could have been a pure function.

For that pure function you could write a dead simple unit test. Given that input, I expect that output. Nothing more, nothing less. (It helps even more if the pure functions only accepts primitives, like string and numbers, or very simple immutable value objects).

No I don't care that the service is used by another service, as your mocked interaction also doesn't test the service as a whole but you just assume the happy case most of the time anyway. You want to test the entire application? Let's not use unit tests for that but let's use a different kind of test for that (integration test, functional tests, e2e-tests).

If you write code in a way that easily allows for unit testing, your need to mock goes away.

If only they allow us to write unit test at work, its not that It is forbidden but we are not given time to do so :\

Done my test on my side project and now I can happily move to the next step.

Though I'd be happy if someone answers this:
1. When I have to execute functions by order, do I write all their code in one single function and divide them into regions (speaking of C# #reagion)

OR

2. I keep them split and implement the order attribute for XUnit?

My test case is basically just to make sure CRUD methods inside my repositories are working as expected, noting complex

A bug is born
... and it's sneaky and slimy. Mr. Senior-been-doing-it-for-ears commits some half-assed shitty code, blames failed tests on availability of CI licenses. I decided to check what's causing this shit nevertheless, turns out he forgot to flag parts of the code consistently using his new compiler defines, and some parts would get compiled while others needed wouldn't .. Not a big deal, we all make mistakes, but he rushes to Teams chat directing a message to me (after some earlier non-sensible argument about merits of cherry picking vs re-base):
Now all tests pass, except ones that need CI license. The PR is done, you can use your preferred way to take my changes.

So after I spot those missing checks causing the tests to fail, as well as another bug in yet another test case, and yet another disastrous memory related bug, which weren't detected by the tests of course .. I ponder my options .. especially based on our history .. if I say anything he will get offended, or at best the PR will get delayed while he is in denial arguing back even longer and dependent tasks will get delayed and the rest of the team will be forced to watch this show in agony, he also just created a bottleneck putting so many things at stake in one PR ..

I am in a pickle here .. should I just put review comments and risk opening a can of worms, or should I just mention the very obvious bugs, or even should I do nothing .. I end up reaching for the PM and explained the situation. In complete denial, he still believes it's a license problem and goes on ranting about how another project suffering the same fate .. bla bla bla chipset ... bla bla bla project .. bla bla bla back in whatever team .. then only when I started telling him:
These issues are even spotted by "Bob" earlier, since for some reason you just dismissed whatever I just said ..
("Bob" is another more sane senior developer in the team, and speaks the same language as the PM)
Only now I get his attention! He then starts going through the issues with me (for some reason he thinks he is technical enough to get them) .. He now to some extent believes the first few obvious bugs .. now the more disastrous bug he is having really hard time wrapping his head around it .. Then the desperate I became, I suggest let's just get this PR merged for the sake of the other tasks after may be fixing the obvious issues and meanwhile we create another task to fix the bug later .. here he chips in:
You know what, that memory bug seems like a corner case, if it won't cause issues down the road after merging let's see if we need even to open an internal fix or defect for it later. Only customers can report bugs.

I am in awe how low the bar can get, I try again and suggest let's at least leave a comment for the next poor soul running into that bug so they won't be banging their heads in the wall 2hrs straight trying to figure out why store X isn't there unless you call something last or never call it or shit like that (the sneaky slimy nature of that memory bug) .. He even dismissed that and rather went on saying (almost literally again): It is just that Mr. Senior had to rush things and communication can be problematic sometimes .. (bla bla bla) back in "Sunken Ship Co." days, we had a team from open source community .. then he makes a very weird statement:
Stuff like what Richard Stallman writes in Linux kernel code reviews can offend people ..

Feeling too grossed and having weird taste in my mouth I only get in a bad hangover day, all sorts of swear words and profanity running in my head like a wild hungry squirrel on hot asphalt chasing a leaky chestnut transport ... I tell him whatever floats your boat but I just feel really sorry for whoever might have to deal with this bug in the future ..

I just witnessed the team giving birth to a sneaky slimy bug .. heard it screaming and saw it kicking .. and I might live enough to see it a grown up having a feast with other bug buddies in this stinky swamp of Uruk-hai piss and Orcs feces.

Used a starter to scaffold a new project. Have never used that starter before but it has more than 1400 starts on Github.

Two days after.... so far so good. The created project structure used some tools I haven't used before, some are good, others are not so good, but anyway I am towards the first release of my codes. I have done countless 'npm run build', 'npm run test', 'npm run fix', etc., but.... my fault, I haven't committed once since starting the project, thinking I would commit when the next function is implemented, next test case passed.... after all, what could go wrong anyway?

Finally, one last test case passed, I think I will commit and run 'npm publish'.... but wait, had a glimpse of the scripts section in package.json, there's a command named 'all'. An voice came out of nowhere was talking to my subconscious mind, "all.... build, lint, prettier, test..... yeah you should run all... it's another build script, the worst you can get is just some harmless error messages.....", and my fingers typed 'npm run all'...

Time stopped for a few seconds, file structure in project explorer was shifting, files & folders were disappearing & appearing, what's happening... and I looked at the 'all' script closely for the first time....

WHAT THE HELL, WHO SHOULD PUT 'git reset --hard' IN A BUILD SCRIPT WITHOUT ANY PROMPT????!!!!!!!

MY PLAN WAS TO COMMIT AND GO TO SLEEP, IT'S 1AM NOW!!! WHERE CAN I RECOVER THE LOST FILES????

Don't reuse your fixtures!

Each test case should be isolated. Don't ever think just because some function requires a similar input, it's safe to reuse it ALL OVER THE PLACE.

Why? Because someday, you want to change one functionality of one unit.

And you adapt your tests, fix your code, and suddenly, by changing one fixture, you break dozens if not hundreds of unrelated tests and now you have to clean up that mess.

It's even worse for functional tests with all those interwoven parts so that it becomes hard to reason about the scope of your tests when lacking proper documentation.

How I know? BECAUSE I AM CLEANING UP YOUR MESS RIGHT NOW!

Alrighty, saturday morning rant time!

I just recieved a mail from one of my not-so-much-loved colleagues.

Now Background first: I work in IT-Support. We provide services for other companies. One of those services is monitoring servers and clients for various things. I recently took over the project (was assigned to do it) and restructured everything, wrote new scripts to test more stuff, successfully tested it internally and rolled it out over the last 2 weeks.

Now one of these scripts hooks into the Windows Update API and looks at the update history. It filters for known Windows Update Agent strings (UpdateOrchestrator, AutomaticUpdates and AutomaticUpdatesWuApp in case you also want to do something like this) and then looks for installation errors over the last 24 hours and wherever there have even been any successful updates over the last one and a half months.

Back to that mail.

My colleague sent me this lovely mail about a ticket i opened about his customers servers beeing all out-of-date on updates.

"This is all wrong, everything's fine. I disabled the checks."

...

It's on bitch.

So i logged on to my work PC via TeamViewer, opened my script, connected to the customer and was ready to debug the shit out of my script, knowing i probably won't even need to.

I looked at the update history via Windows Update itself and behold: 1st April. That's almost 50 days in the past.

So the script works, go figure.

Great, so search for new Updates then.
>None found.

Hm. What could it be? Did my super special colleague forget to care about his very special totally-needs-WSUS-customer WSUS again?

Yup.

Online-Search finds a ton of new Updates.

Screenshot, write pissed mail to colleague, re-enable checks, breakfast.

TLDR boss is an idiot.

Boss has an issue. Sends screenshot, and a one sentence explanation, boss-style (not really clear, but the screenshot helps).
I set to solve it, not a minute passes, the boss os calling.
Explains the issue, i tell him I'm working on it, will msg when done. He explains the problem again, and tells me to hurry. I tell him, sure, let's hang up, give me five minutes, so he starts explaining again, that it's IMPORTANT.

Finally hangs up, it didn't take more than 3 minutes to solve it, msg him, it's done. test it, screenshots for the two parts i solved (of the one he wanted corrected and one where a similar case is still as it's supposed to be, not altered).

He calls me, I start telling him this us what I did, the screenshot.... *Interrups*
This is not what he needed, it's important, IMPORTANT i say, and tells the problem again.
I'm pretty annoyed by now, and just calm fuckoff mood comes over. I practically told him to click the link and see for himself....

if you want to take 10 minutes for something i would explain in 2 sentences, is it really that important....

WHY WON'T YOU LET ME HAVE THE SATISFACTION?!!

My code works, their test case is garbage.. 😒

story of a release
v2.1.0 major changes went live : new features, bug fixes, optimisations. also included releases for 2 associated libraries
release process tasks:
- do code
- update test cases
- test sample app
- test on another sample app
- get code reviewed and approved by senior ( who takes his own sweet time to review and never approves on first try)
- get code reviewed again
- merge to develop after 20 mins( coz CICD pipeline won't finish and allow merging before that)
- merge to master after 20 mins( coz CICD again)
- realise that you forgot to update dates in markdown files as you thought the release will be on 10th sept and release is happennig on 12th sept coz of sweet senior's code fucking/reviewing time
- again raise a branch to develop
- again get it a review approval by sr (who hopefully gives a merge approval in less time now)
- again get it merged to develop after waiting for 20 mins
- again get it merged to master after waiting for 20 mins
- create a clean build aar file
- publish to sonatype staging
- publish to sonatype release
- wait for 30 mins to show while having your brain fucked with tension
- create a release doc with all the changes
- update the documentation on a wyswig based crappy docs website
- send a message to slack channels
- done

===========

why am i telling you this? coz i just found a bug in a code that i shipped in that release which still got in after all the above shitty processes. its a change of a 3 lines of code, but i will need to do all the steps again. even though i am going through the same shitty steps for another library version upgrade that depends on this library 😭😭

AND I AM THE ONE WHO CAUGHT IT. it went unnoticed because both of those shitty samples did not tested this case. now i can keep mum about it and release another buggy build that depends on it and let the chaos do its work, or i can get the blame and ship a rectification asap. i won't get any reward or good impression for the 2nd, and a time bomb like situation will get created if i go with 1st :/

FML :/

When the CTO/CEO of your "startup" is always AFK and it takes weeks to get anything approved by them (or even secure a meeting with them) and they have almost-exclusive access to production and the admin account for all third party services.

Want to create a new messaging channel? Too bad! What about a new repository for that cool idea you had, or that new microservice you're expected to build. Expect to be blocked for at least a week.

When they also hold themselves solely responsible for security and operations, they've built their own proprietary framework that handles all the authentication, database models and microservice communications.

Speaking of which, there's more than six microservices per developer!

Oh there's a bug or limitation in the framework? Too bad. It's a black box that nobody else in the company can touch. Good luck with the two week lead time on getting anything changed there. Oh and there's no dedicated issue tracker. Have you heard of email?

When the systems and processes in place were designed for "consistency" and "scalability" in mind you can be certain that everything is consistently broken at scale. Each microservice offers:

1. Anemic & non-idempotent CRUD APIs (Can't believe it's not a Database Table™) because the consumer should do all the work.
2. Race Conditions, because transactions are "not portable" (but not to worry, all the code is written as if it were running single threaded on a single machine).
3. Fault Intolerance, just a single failure in a chain of layered microservice calls will leave the requested operation in a partially applied and corrupted state. Ger ready for manual intervention.
4. Completely Redundant Documentation, our web documentation is automatically generated and is always of the form //[FieldName] of the [ObjectName].
5. Happy Path Support, only the intended use cases and fields work, we added a bunch of others because YouAreGoingToNeedIt™ but it won't work when you do need it. The only record of this happy path is the code itself.

Consider this, you're been building a new microservice, you've carefully followed all the unwritten highly specific technical implementation standards enforced by the CTO/CEO (that your aware of). You've decided to write some unit tests, well um.. didn't you know? There's nothing scalable and consistent about running the system locally! That's not built-in to the framework. So just use curl to test your service whilst it is deployed or connected to the development environment. Then you can open a PR and once it has been approved it will be included in the next full deployment (at least a week later).

Most new 'services' feel like the are about one to five days of writing straightforward code followed by weeks to months of integration hell, testing and blocked dependencies.

When confronted/advised about these issues the response from the CTO/CEO
varies:

(A) "yes but it's an edge case, the cloud is highly available and reliable, our software doesn't crash frequently".
(B) "yes, that's why I'm thinking about adding [idempotency] to the framework to address that when I'm not so busy" two weeks go by...
(C) "yes, but we are still doing better than all of our competitors".
(D) "oh, but you can just [highly specific sequence of undocumented steps, that probably won't work when you try it].
(E) "yes, let's setup a meeting to go through this in more detail" *doesn't show up to the meeting*.
(F) "oh, but our customers are really happy with our level of [Documentation]".

Sometimes it can feel like a bit of a cult, as all of the project managers (and some of the developers) see the CTO/CEO as a sort of 'programming god' because they are never blocked on anything they work on, they're able to bypass all the limitations and obstacles they've placed in front of the 'ordinary' developers.

There's been several instances where the CTO/CEO will suddenly make widespread changes to the codebase (to enforce some 'standard') without having to go through the same review process as everybody else, these changes will usually break something like the automatic build process or something in the dev environment and its up to the developers to pick up the pieces. I think developers find it intimidating to identify issues in the CTO/CEO's code because it's implicitly defined due to their status as the "gold standard".

It's certainly frustrating but I hope this story serves as a bit of a foil to those who wish they had a more technical CTO/CEO in their organisation. Does anybody else have a similar experience or is this situation an absolute one of a kind?

Yesterday while learning some basic php stuff, prof was telling us about text fields and how php auto converts HTML and JavaScript.

He said to test it out before class, he wrote a lil JS script and submitted it to a text field using IE and then again using Chrome.

IE let the script run no problems (big surprise) but chrome blocked the script from running.

He doesn’t use Firefox, but I just recently switched from chrome to FF so I tested it out in class on FF.

I was surprised to see FF ran the script no problem. Surprised because I made the switch because of security reasons, my partner helped me secure all my shit and we both switched to FF cause every resource suggested it.

This is just one small case that I feel isn’t a huge deal, my prof said any decent dev will strip tags or whatever, but made me think: are there any other security concerns with FF? Am I right to consider it a more secure and therefore “better” browser?

How do you test unreachable code or part that is considered an edge case?

For example I catch exceptions in case IO failed and data was not written on database, but that only happens if hardware failure, or no disk space left, how do I mimic that?

I also have unreachable code for example, in one layer I fetch data (lets call it function x) and always return success result unless item not found I throw KeyNotFound exception. But in the calling function I handle the case of Status == Failed
Just in-case in the future I change function x and start returning failed status, so my logic already written but never reachable

There was this tech guy in our project. I don't really know how techy nor what his role was, but I do know he was a techie.

Lately we'd noticed he was behaving more and more managerish. Orchestrating resources over slack, scheduling meetings, the managerial slang... Bulletpoints... It was obvious what's going to happen - he was striving for a manager's chair. Cool. He seemed like a guy who can indeed do this well. And the fact that he's a techie was promising - he should understand so many things.

Boy did that come around and bite us in our asses. Turns out this guy is a googler. If we are working on some case [as we always are] he jumps in and offers his opinion, although he is far from our technical area. We explain how/why it is not a good idea. Then he does some googling and comes back with a different idea! And insists on testing it out... FTR, a single test in our project could take from 1 to 6 hours. And he's a manager now!! We can't just ignore his requests...

Allright, we do that testing. Results are far from satisfying. We continue investigating. He does as well. We'd like to try something out, but there he comes with a new idea! And ofc we are asked to test it out as well.

Our own testing is postponed again.

A few days like this one pass by. In a daily meeting we are blamed for taking that long to do our investigation and we are questioned as engineers.

Superb...

Honestly? I'm having second thoughts about this new role. It's supposed to be fun and challenging and all, but this kind of shit is just too much...

!rant

Ever find something that's just faster than something else, but when you try to break it down and analyze it, you can't find out why?

PyPy.
I decided I'd test it with a typical discord bot-style workload (decoding a JSON theoretically from an API, checking if it contains stuff, format and then returning it). It was... 1.73x the speed of python.

(Though, granted, this code is more network dependent than anything else.)

Mean +- std dev: [kitsu-python] 62.4 us +- 2.7 us -> [kitsu-pypy] 36.1 us +- 9.2 us: 1.73x faster (-42%)

Me: Whoa, how?!
So, I proceed to write microbenches for every step. Except the JSON decoding, (1.7x faster was at least twice as slow (in one case, one hundred times slower) when tested individually.
The combination of them was faster. Huh.

By this point, I was all "sign me up!", but... asyncpg (the only sane PostgreSQL driver for python IMO, using prepared statements by default and such) has some of it's functionality written in C, for performance reasons. Not Cython, actual C that links to CPython. That means no PyPy support.

Okay then.

So i had two jobinterviews at a company and i was basically through for a test. It just so happens that the person who should give the test is sick for a couple of weeks. So instead they asked me to send them some code to evaluate.

Today i got an email telling me that the level of my code doesn’t match my years of experience so the process stops here.

Somehow i can’t help myself but to wish that the guy who evaluated my code now just is sick for at least
another moth!

Funfact: in one of the interviews i was told that they don’t work with junior people. I personally think everyones view on jobtitle/rank is different so i’m not a big fan of it in any case.

However this company LITERALLY has a blog describing how they hired someone without any working experience and thus being a junior.

Guess i’ll be stuck in my current deadend job for a while.

TLDR, need suggestions for a small team, ALM, or at least Requirements, Issue and test case tracking.

Okay my team needs some advice.

Soo the powers at be a year ago or so decided to move our requirement tracking process, test case and issue tracking from word, excel and Visio. To an ALM.. they choice Siemens Polarion for whatever reason assuming because of team center some divisions use it..

Ohhh and by the way we’ve been all engineering shit perfectly fine with the process we had with word, excel and Visio.. it wasn’t any extra work, because we needed to make those documents regardless, and it’s far easier to write the shit in the raw format than fuck around with the Mouse and all the config fields on some web app.

ANYWAY before anyone asks or suggests a process to match the tool, here’s some back ground info. We are a team of about 10-15. Split between mech, elec, and software with more on mech or elec side.
But regardless, for each project there is only 1 engineer of each concentration working on the project. So one mech, one elec and one software per project/product. Which doesn’t seem like a lot but it works out perfectly actually. (Although that might be a surprise for the most of you)..
ANYWAY... it’s kinda self managed, we have a manger that that directs the project and what features when, during development and pre release.

The issue is we hired a guy for requirements/ Polarion secretary (DevOps) claims to be the expert.. Polarion is taking too long too slow and too much config....

We want to switch, but don’t know what to. We don’t wanna create more work for us. We do peer reviews across the entire team. I think we are Sudo agile /scrum but not structured.

I like jira but it’s not great for true requirements... we get PDFs from oems and converting to word for any ALM sucks.. we use helix QAC for Misra compliance so part of me wants to use helix ALM... Polarion does not support us unless we pay thousands for “support package” I just don’t see the value added. Especially when our “DevOps” secretary is sub par.. plus I don’t believe in DevOps.. no value added for someone who can’t engineer only sudo direct. Hell we almost wanna use our interns for requirements tracking/ record keeping. We as the engineers know what todo and have been doing shit the old way for decades without issues...

Need suggestions for small team per project.. 1softwar 1elec 1mech... but large team over all across many projects.

Sorry for the long rant.. at the bar .. kinda drunk ranting tbh but do need opinions...

So I became a team leader ("promotion").
One of the team is a senior by title, but fuck he is just a refactoring machine. Seeks for architecture design in fucking everything. Even in fucking tests instead of just writing them he is inventing convoluted architectures and systems...

Fuuuuuuck - just write the fucking tests, no one gives a shit if you have a fucking factory in the test case!

#Suphle Rant 3: Road to PHP8, Flow travails

Some primer: Flows is a feature that causes the framework to bypass handling the request now but read it from cache. This cache entry is meant to be populated without warming, based on the preceding request. It's sort of like prefetching but done on the back end

While building Suphle, I made some notes on some chapters about caveats and gotchas I may forget while documenting. One such note was that when users make the Flow request, the framework will attempt to determine who user is, using authentication mechanism defined on the first module (of the modular monolith)

Now, I got to this point during documentation and started wondering whether it's impossible for the originating request to have used a different authentication mechanism, which would result in an empty entry for returning user. I *think* it's possible cuz I've got something else called "route mirroring", where web based routes can be converted to API routes. They'll then return JSON, get served under defined API path, use JWT, all automatically. But I just couldn't connect the dots for the life of me, regarding how any of this could impact authentication on the Flow request

While trying to figure out how to write the test for this or whether it was even necessary (since I had no use case), it struck me that since Flow requests are not triggered by an actual user, any code attempting to read authenticated user will see nothing!

I HATE it when I realize there's ambiguity or an oversight, after the amount of attention and suffering devoted. This, along with a chain of personal troubles set off despondency for a couple of days. No appetite for food or talk. Grudgingly refactored in this update over some days. Wrote some tests, not all passed. More pain. May have to convert them to unit tests

For clarity, my expectation is, I built this. Nothing should be impossible for me

Surprisingly, I caught a somewhat lucky break –an ex colleague referred me to the 1st gig I'm getting in 1+ year. It's about writing a plugin for some obscure forum software. I'm not too excited cuz it's poorly documented and I'll have to do a lot of groping, they use arrays instead of objects etc. There's no guarantee I'll find how to implement all client's requirements

While brooding last night, surfing the PHP subreddit, stumbled on a post about using Rector to downgrade a codebase. I've always been interested in the reverse but didn't have any incentive to fret over it. Randomly googled and saw a post promising a codebase can be upgraded with 3 commands in 5 minutes to PHP 8. Piqued my interest around 12:something AM. Stayed up all night upgrading it, replacing PHPSTAN with Psalm, initializing the guy's project, merging Flow auth with master etc. I think it may have taken 5 minutes without the challenge of getting local dev environment to PHP 8

My mood is much lighter than it was, although the battle is not won yet –image tests are failing. For some weird reason, PHP8 can't read generated test images. Hope I can ride on that newfound lease on life to study the forum and get the features working

I have some other rant but this is already a lot to digest in one sitting. See you in rant #4

Rubber ducking your ass in a way, I figure things out as I rant and have to explain my reasoning or lack thereof every other sentence.

So lettuce harvest some more: I did not finish the linker as I initially planned, because I found a dumber way to solve the problem. I'm storing programs as bytecode chunks broken up into segment trees, and this is how we get namespaces, as each segment and value is labeled -- you can very well think of it as a file structure.

Each file proper, that is, every path you pass to the compiler, has it's own segment tree that results from breaking down the code within. We call this a clan, because it's a family of data, structures and procedures. It's a bit stupid not to call it "class", but that would imply each file can have only one class, which is generally good style but still technically not the case, hence the deliberate use of another word.

Anyway, because every clan is already represented as a tree, we can easily have two or more coexist by just parenting them as-is to a common root, enabling the fetching of symbols from one clan to another. We then perform a cannonical walk of the unified tree, push instructions to an assembly queue, and flatten the segmented memory into a single pool onto which we write the assembler's output.

I didn't think this would work, but it does. So how?

The assembly queue uses a highly sophisticated crackhead abstraction of the CVYC clan, or said plainly, clairvoyant code of the "fucked if I thought this would be simple" family. Fundamentally, every element in the queue is -- recursively -- either a fixed value or a function pointer plus arguments. So every instruction takes the form (ins (arg[0],arg[N])) where the instruction and the arguments may themselves be either fixed or indirect fetches that must be solved but in the ~ F U T U R E ~

Thusly, the assembler must be made aware of the fact that it's wearing sunglasses indoors and high on cocaine, so that these pointers -- and the accompanying arguments -- can be solved. However, your hemorroids are great, and sitting may be painful for long, hard times to come, because to even try and do this kind of John Connor solving pinky promises that loop on themselves is slowly reducing my sanity.

But minor time travel paradoxes aside, this allows for all existing symbols to be fetched at the time of assembly no matter where exactly in memory they reside; even if the namespace is mutated, and so the symbol duplicated, we can still modify the original symbol at the time of duplication to re-route fetchers to it's new location. And so the madness begins.

Effectively, our code can see the future, and it is not pleased with your test results. But enough about you being a disappointment to an equally misconstructed institution -- we are vermin of science, now stand still while I smack you with this Bible.

But seriously now, what I'm trying to say is that linking is not required as a separate step as a result of all this unintelligible fuckery; all the information required to access a file is the segment tree itself, so linking is appending trees to a new root, and a tree written to disk is essentially a linkable object file.

Mission accomplished... ? Perhaps.

This very much closes the chapter on *virtual* programs, that is, anything running on the VM. We're still lacking translation to native code, and that's an entirely different topic. Luckily, the language is pretty fucking close to assembler, so the translation may actually not be all that complicated.

But that is a story for another day, kids.
And now, a word from our sponsor:

<ad> Whoa, hold on there, crystal ball. It's clear to any tzaddiq that only prophets can prophecise, but if you are but a lowly goblinoid emperor of rectal pleasure, the simple truths can become very hard to grasp. How can one manage non-intertwining affairs in their professional and private lives while ALSO compulsively juggling nuts?

Enter: Testament, the gapp that will take your gonad-swallowing virtue to the next level. Ever felt like sucking on a hairy ballsack during office hours? We got you covered. With our state of the art cognitive implants, tracking devices and macumbeiras, you will be able to RIP your way into ultimate scrotolingual pleasure in no time!

Utilizing a highly elaborated process that combines illegal substances with the most forbidden schools of blood magic, we are able to [EXTREMELY CENSORED HERETICAL CONTENT] inside of your MATER with pinpoint accuracy! You shall be reformed in a parallel plane of existence, void of all that was your very being, just to suck on nads!

Just insert the ritual blade into your own testicles and let the spectral dance begin. Try Testament TODAY and use my promo code FIRSTBORNSFIRSTNUT for 20% OFF in your purchase of eternal damnation. Big ups to Testament for sponsoring DEEZ rant.

I've just joined a new company out of despair after several month out of jobs without being able to even get interviews.
I've been warned about the code being a bit behind with modern Android stack, they needed to migrate from rx to coroutine and compose is not a priority at the moment.
Fine with it, I like handling and planning migration, that's a nice challenge.
But if only that were the only problems !! Far from it, the code is a formidable mess, I've never seen so much amateurism... Most of it was written from the previous Lead Dev who stayed there for years and touched everything with their very bad practices.
I don't even know where to start honestly...
While the code is in Kotlin, it stink Java. Nothing wrong about Java, but if you code in kotlin, you need to understand what kotlin try to achieve. And that's not the case here. There is freaking nullable everywhere, for no reason at all, the data classes contains lot of var in their constructors, equals are override to compare only one or 2 params and no hashcode override with it.
Sealed class, what for ?! Let me just write a List<Pair<Enum, Any>> and cast your any depending on the enum !
Oh and you know what, let's cast everywhere, no check, and for once no null safe, there is enough nullable in the code !

What about the reactive part ? well let's recreate a kind of broken eventbus with rx ! Cause why not ?!
The viewmodel observable don't contain data, they just contain enum for the progress of the states we're checking.
In the viewmodel function we update that enum states and emit it to be observed and make the data available as a var for the view to pick it up when needed.
But why put the business logic in the viewmodel, let's put in the views, and grab and check the variable contain in the viewmodel whenever it fits.
Testing the business logic ? uh let me just test my variable initialisation in the viewmodel instead.
The vm, the views, make about 2000 lines, the test over 3000, and not a single test really test the business logic in it ! I've made big refactoring we're all the tests stayed green, while the function are full of side effects ! WTF ?!
Oh and what about that migration from rx to coroutine ? well better not break the existing code and continue writting like rx, everything is cold flow ! We just need to store a boolean saying if we already did our call to the data layer then we decide to start our flow or not.
As for the RecyclerView, having too many viewHolder is just so annoying, let's put all our different views in one, and hide what we don't need.
Keystore has been push on the repo, but it's private no ? So who cares ?!
And wait i'm not done ! Some of the main brick of the apps depends on library that hasn't been updated for years, and you know what... yes they were hosted on Jcenter and it's only now that they decide to do something about it, we we're warned about the sunset of jcenter 2 years ago !!!!
So what about compose ? What do you want with compose ?! there is no design system in that app obviously, so don't even think about it !
And there... among all of that mess, I'm supposed to do code review... how the fuck do you do a code review when all the code that is around stink ?!
And there is so much more but by now I'm afraid you're thinking i'm just pissing on the old code like everyone... but damn I guarantee, that's the worst code I've ever seen, and i've work on more than 15 app from small to big on different contract with a lot of legacy code, but nothing that bad !

What should I do, I have a central function that is not documentated and no test-cases are written for it. I have no clue what the method should really do, I know that it works in 99.9% of all cases otherwise we had much more bugs. Now there is one Unit-Test that reports an issue. I tracked it down to this method, no one touched the method nor the unit-test.
My logical thinking says that there is one statement missing, but it could also fuck up another part of the code... (This project has a bad testing coverage :'( )

What would you do?

- copy paste the method for this special case (I would hate me so much for breaking DRY)
- inheritance?! (Would make it more complex and then it would be still untested / undocumented)
- YOLO changing oO?! (hope for luck, just joking)

P.s it's an edge case unit test, the client / customer probably wouldn't realised it if it happens