Hi, I am a Javascript apprentice. Can you help me with my project?

- Sure! What do you need?

Oh, it’s very simple, I just want to make a static webpage that shows a clock with the real time.

- Wait, why static? Why not dynamic?

I don’t know, I guess it’ll be easier.

- Well, maybe, but that’s boring, and if that’s boring you are not going to put in time, and if you’re not going to put in time, it’s going to be harder; so it’s better to start with something harder in order to make it easier.

You know that doesn’t make sense right?

- When you learn Javascript you’ll get it.

Okay, so I want to parse this date first to make the clock be universal for all the regions.

- You’re not going to do that by yourself right? You know what they say, don’t repeat yourself!

But it’s just two lines.

- Don’t reinvent the wheel!

Literally, Javascript has a built in library for t...

- One component per file!

I’m lost.

- It happens, and you’ll get lost managing your files as well. You should use Webpack or Browserify for managing your modules.

Doesn’t Javascript include that already?

- Yes, but some people still have previous versions of ECMAScript, so it wouldn’t be compatible.

What’s ECMAScript?

- Javascript

Why is it called ECMAScript then?

- It’s called both ways. Anyways, after you install Webpack to manage your modules, you still need a module and dependency manager, such as bower, or node package manager or yarn.

What does that have to do with my page?

- So you can install AngularJS.

What’s AngularJS?

- A Javascript framework that allows you to do complex stuff easily, such as two way data binding!

Oh, that’s great, so if I modify one sentence on a part of the page, it will automatically refresh the other part of the page which is related to the first one and viceversa?

- Exactly! Except two way data binding is not recommended, since you don’t want child components to edit the parent components of your app.

Then why make two way data binding in the first place?

- It’s backed up by Google. You just don’t get it do you?

I have installed AngularJS now, but it seems I have to redefine something called a... directive?

- AngularJS is old now, you should start using Angular, aka Angular 2.

But it’s the same name... wtf! Only 3 minutes have passed since we started talking, how are they in Angular 2 already?

- You mean 3.

2.

- 3.

4?

- 5.

6?

- Exactly.

Okay, I now know Angular 6.0, and use a component based architecture using only a one way data binding, I have read and started using the Design Patterns already described to solve my problem without reinventing the wheel using libraries such as lodash and D3 for a world map visualization of my clock as well as moment to parse the dates correctly. I also used ECMAScript 6 with Babel to secure backwards compatibility.

- That’s good.

Really?

- Yes, except you didn’t concatenate your html into templates that can be under a super Javascript file which can, then, be concatenated along all your Javascript files and finally be minimized in order to reduce latency. And automate all that process using Gulp while testing every single unit of your code using Jasmine or protractor or just the Angular built in unit tester.

I did.

- But did you use TypeScript?

Oh, man, I just realized I haven't ranted one of my best stories on here!

So, here goes!

A few years back the company I work for was contacted by an older client regarding a new project.

The guy was now pitching to build the website for the Parliament of another country (not gonna name it, NDAs and stuff), and was planning on outsourcing the development, as he had no team and he was only aiming on taking care of the client service/project management side of the project.

Out of principle (and also to preserve our mental integrity), we have purposely avoided working with government bodies of any kind, in any country, but he was a friend of our CEO and pleaded until we singed on board.

Now, the project itself was way bigger than we expected, as the wanted more of an internal CRM, centralized document archive, event management, internal planning, multiple interfaced, role based access restricted monster of an administration interface, complete with regular user website, also packed with all kind of features, dashboards and so on.

Long story short, a lot bigger than what we were expecting based on the initial brief.

The development period was hell. New features were coming in on a weekly basis. Already implemented functionality was constantly being changed or redefined. No requests we ever made about clarifications and/or materials or information were ever answered on time.

They also somehow bullied the guy that brought us the project into also including the data migration from the old website into the new one we were building and we somehow ended up having to extract meaningful, formatted, sanitized content parsing static HTML files and connecting them to download-able files (almost every page in the old website had files available to download) we needed to also include in a sane way.

Now, don't think the files were simple URL paths we can trace to a folder/file path, oh no!!! The links were some form of hash combination that had to be exploded and tested against some king of database relationship tables that only had hashed indexes relating to other tables, that also only had hashed indexes relating to some other tables that kept a database of the website pages HTML file naming. So what we had to do is identify the files based on a combination of hashed indexes and re-hashed HTML file names that in the end would give us a filename for a real file that we had to then search for inside a list of over 20 folders not related to one another.

So we did this. Created a script that processed the hell out of over 10000 HTML files, database entries and files and re-indexed and re-named all this shit into a meaningful database of sane data and well organized files.

So, with this we were nearing the finish line for the project, which by now exceeded the estimated time by over to times.

We test everything, retest it all again for good measure, pack everything up for deployment, simulate on a staging environment, give the final client access to the staging version, get them to accept that all requirements are met, finish writing the documentation for the codebase, write detailed deployment procedure, include some automation and testing tools also for good measure, recommend production setup, hardware specs, software versions, server side optimization like caching, load balancing and all that we could think would ever be useful, all with more documentation and instructions.

As the project was built on PHP/MySQL (as requested), we recommended a Linux environment for production. Oh, I forgot to tell you that over the development period they kept asking us to also include steps for Windows procedures along with our regular documentation. Was a bit strange, but we added it in there just so we can finish and close the damn project.

So, we send them all the above and go get drunk as fuck in celebration of getting rid of them once and for all...

Next day: hung over, I get to the office, open my laptop and see on new email. I only had the one new mail, so I open it to see what it's about.

Lo and behold! The fuckers over in the other country that called themselves "IT guys", and were the ones making all the changes and additions to our requirements, were not capable enough to follow step by step instructions in order to deploy the project on their servers!!!

[Continues in the comments]

Navy story time, and this one is lengthy.
As a Lieutenant Jr. I served for a year on a large (>100m) ship, with the duties of assistant navigation officer, and of course, unofficial computer guy. When I first entered the ship (carrying my trusty laptop), I had to wait for 2 hours at the officer's wardroom... where I noticed an ethernet plug. After 15 minutes of waiting, I got bored. Like, really bored. What on TCP/IP could possibly go wrong?
So, scanning the network it is. Besides the usual security holes I came to expect in ""military secure networks"" (Windows XP SP2 unpatched and Windows 2003 Servers, also unpatched) I came along a variety of interesting computers with interesting things... that I cannot name. The aggressive scan also crashed the SMB service on the server causing no end of cute reactions, until I restarted it remotely.
But me and my big mouth... I actually talked about it with the ship's CO and the electronics officer, and promptly got the unofficial duty of computer guy, aka helldesk, technical support and I-try-to-explain-you-that-it-is-impossible-given-my-resources guy. I seriously think that this was their punishment for me messing around. At one time I received a call, that a certain PC was disconnected. I repeatedly told them to look if the ethernet cable was on. "Yes, of course it's on, I am not an idiot." (yea, right)
So I went to that room, 4 decks down and 3 sections aft. Just to push in the half-popped out ethernet jack. I would swear it was on purpose, but reality showed me I was wrong, oh so dead wrong.
For the full year of my commission, I kept pestering the CO to assign me with an assistant to teach them, and to give approval for some serious upgrades, patching and documenting. No good.
I set up some little things to get them interested, like some NMEA relays and installed navigation software on certain computers, re-enabled the server's webmail and patched the server itself, tried to clean the malware (aka. Sisyphus' rock), and tried to enforce a security policy. I also tried to convince the CO to install a document management system, to his utter horror and refusal (he was the hard copy type, as were most officers in the ship). I gave up on almost all besides the assistant thing, because I knew that once I left, everything would go to the high-entropy status of carrying papers around, but the CO kept telling me that would be unnecessary.
"You'll always be our man, you'll fix it (sic)".
What could go wrong?
I got my transfer with 1 week's notice. Panic struck. The CO was... well, he was less shocked than I expected, but still shocked (I learned later that he knew beforehand, but decided not to tell anybody anything). So came the most rediculous request of all:
To put down, within 1 A4 sheet, and in simple instructions, the things one had to do in order to fulfil the duties of the computer guy.
I. SHIT. YOU. NOT.
My answer:
"What I can do is write: 'Please read the following:', followed by the list of books one must read in order to get some introductory understanding of network and server management, with most accompanying skills."
I was so glad I got out of that hellhole.

I think I've shown in my past rants and comments that I'm pretty experienced. Looking back though, I was really fucking stupid. Since I haven't posted a rant yet on the weekly topics, I figure I would share this humbling little gem.

Way back in the ancient era known as 2009, I was working my first desk job as a "web designer". Apparently the owner of this company didn't know the difference between "designer", which I'm not, and "developer", which I am, nor the responsibilities of each role.

It was a shitty job paying $12/hour. It was such a nightmare to work at. I guess the silver lining is that this company now no longer exists as it was because of my mistake, but it was definitely a learning experience I hold in high regard even today. Okay, enough filler...

I was told to wipe the Dev server in order to start fresh and set up an entirely new distro of Linux. I was to swap out the drives with whatever was available from the non-production machines, set up the RAID 5 array and route it through the router and firewall, as we needed to bring this Dev server online to allow clients to monitor the work. I had no idea what any of this meant, but I was expected to learn it that day because the next day I would be commencing with the task.

Astonishingly, I managed to set up the server and everything worked great! I got a pat on the back and the boss offered me a 4 day weekend with pay to get some R&R. I decided to take the time to go camping. I let him know I would be out of town and possibly unreachable because of cell service, to which he said no problem.

Tuesday afternoon I walked into work and noticed two of the field techs messing with the Dev server I built. One was holding a drive while the other was holding a clipboard. I was immediately called into the boss's office.

He told me the drives on the production server failed during the weekend, resulting in the loss of the data. He then asked me where I got the drives from for the Dev server upgrade. I told him that they came from one of the inactive systems on the shelf. What he told me next through the deafening screams rendered me speechless.

I had gutted the drives from our backup server that was just set up the week prior. Every Friday at midnight, it would turn on through a remote power switch on a schedule, then the system would boot and proceed to copy over the production server's files into an archive for that night and shutdown when it completed. Well, that last Friday night/Saturday morning, the machine kicked on, but guess what didn't happen? The files weren't copied. Not only were they not copied, but the existing files that got backed up previously we're gone. Why? Because I wiped those drives when I put them into the Dev server.

I would up quitting because the conversation was very hostile and I couldn't deal with it. The next week, I was served with a suit for damages to this company. Long story short, the employer was found in the wrong from emails I saved of him giving me the task and not once stating that machine was excluded in the inactive machines I could salvage drives from. The company sued me because they were being sued by a client, whose entire company presence was hosted by us and we lost the data. In total just shy of 1TB of data was lost, all because of my mistake. The company filed for bankruptcy as a result of the lawsuit against them and someone bought the company name and location, putting my boss and its employees out of a job.

If there's one lesson I have learned that I take with the utmost respect to even this day, it's this: Know your infrastructure front to back before you change it, especially when it comes to data.

One comment from @Fast-Nop made me remember something I had promised myself not to. Specifically the USB thing.
So there I was, Lieutenant Jr at a warship (not the one my previous rants refer to), my main duties as navigation officer, and secondary (and unofficial) tech support and all-around "computer guy".
Those of you who don't know what horrors this demonic brand pertains to, I envy you. But I digress. In the ship, we had Ethernet cabling and switches, but no DHCP, no server, not a thing. My proposition was shot down by the CO within 2 minutes. Yet, we had a curious "network". As my fellow... colleagues had invented, we had something akin to token ring, but instead of tokens, we had low-rank personnel running around with USB sticks, and as for "rings", well, anyone could snatch up a USB-carrier and load his data and instructions to the "token". What on earth could go wrong with that system?
What indeed.
We got 1 USB infected with a malware from a nearby ship - I still don't know how. Said malware did the following observable actions(yes, I did some malware analysis - As I said before, I am not paid enough):
- Move the contents on any writeable media to a folder with empty (or space) name on that medium. Windows didn't show that folder, so it became "invisible" - linux/mac showed it just fine
- It created a shortcut on the root folder of said medium, right to the malware. Executing the shortcut executed the malware and opened a new window with the "hidden" folder.
Childishly simple, right? If only you knew. If only you knew the horrors, the loss of faith in humanity (which is really bad when you have access to munitions, explosives and heavy weaponry).
People executed the malware ON PURPOSE. Some actually DISABLED their AV to "access their files". I ran amok for an entire WEEK to try to keep this contained. But... I underestimated the USB-token-ring-whatever protocol's speed and the strength of a user's stupidity. PCs that I cleaned got infected AGAIN within HOURS.
I had to address the CO to order total shutdown, USB and PC turnover to me. I spent the most fun weekend cleaning 20-30 PCs and 9 USBs. What fun!
What fun, morons. Now I'll have nightmares of those days again.

Our website once had it’s config file (“old” .cgi app) open and available if you knew the file name. It was ‘obfuscated’ with the file name “Name of the cgi executable”.txt. So browsing, browsing.cgi, config file was browsing.txt.
After discovering the sql server admin password in plain text and reporting it to the VP, he called a meeting.
VP: “I have a report that you are storing the server admin password in plain text.”
WebMgr: “No, that is not correct.”
Me: “Um, yes it is, or we wouldn’t be here.”
WebMgr: “It’s not a network server administrator, it’s SQL Server’s SA account. Completely secure since that login has no access to the network.”
<VP looks over at me>
VP: “Oh..I was not told *that* detail.”
Me: “Um, that doesn’t matter, we shouldn’t have any login password in plain text, anywhere. Besides, the SA account has full access to the entire database. Someone could drop tables, get customer data, even access credit card data.”
WebMgr: “You are blowing all this out of proportion. There is no way anyone could do that.”
Me: “Uh, two weeks ago I discovered the catalog page was sending raw SQL from javascript. All anyone had to do was inject a semicolon and add whatever they wanted.”
WebMgr: “Who would do that? They would have to know a lot about our systems in order to do any real damage.”
VP: “Yes, it would have to be someone in our department looking to do some damage.”
<both the VP and WebMgr look at me>
Me: “Open your browser and search on SQL Injection.”
<VP searches on SQL Injection..few seconds pass>
VP: “Oh my, this is disturbing. I did not know SQL injection was such a problem. I want all SQL removed from javascript and passwords removed from the text files.”
WebMgr: “Our team is already removing the SQL, but our apps need to read the SQL server login and password from a config file. I don’t know why this is such a big deal. The file is read-only and protected by IIS. You can’t even read it from a browser.”
VP: “Well, if it’s secured, I suppose it is OK.”
Me: “Open your browser and navigate to … browse.txt”
VP: “Oh my, there it is.”
WebMgr: “You can only see it because your laptop had administrative privileges. Anyone outside our network cannot access the file.”
VP: “OK, that makes sense. As long as IIS is securing the file …”
Me: “No..no..no.. I can’t believe this. The screen shot I sent yesterday was from my home laptop showing the file is publicly available.”
WebMgr: “But you are probably an admin on the laptop.”
<couple of awkward seconds of silence…then the light comes on>
VP: “OK, I’m stopping this meeting. I want all admin users and passwords removed from the site by the end of the day.”

Took a little longer than a day, but after reviewing what the web team changed:
- They did remove the SQL Server SA account, but replaced it with another account with full admin privileges.
- Replaced the “App Name”.txt with centrally located config file at C:\Inetpub\wwwroot\config.txt (hard-coded in the app)
When I brought this up again with my manager..
Mgr: “Yea, I know, it sucks. WebMgr showed the VP the config file was not accessible by the web site and it wasn’t using the SA password. He was satisfied by that. Web site is looking to beat projections again by 15%, so WebMgr told the other VPs that another disruption from a developer could jeopardize the quarterly numbers. I’d keep my head down for a while.”

So, some time ago, I was working for a complete puckered anus of a cosmetics company on their ecommerce product. Won't name names, but they're shitty and known for MLM. If you're clever, go you ;)

Anyways, over the course of years they brought in a competent firm to implement their service layer. I'd even worked with them in the past and it was designed to handle a frankly ridiculous-scale load. After they got the 1.0 released, the manager was replaced with some absolutely talentless, chauvinist cuntrag from a phone company that is well known for having 99% indian devs and not being able to heard now. He of course brought in his number two, worked on making life miserable and running everyone on the team off; inside of a year the entire team was ex-said-phone-company.

Watching the decay of this product was a sheer joy. They cratered the database numerous times during peak-load periods, caused $20M in redis-cluster cost overrun, ended up submitting hundreds of erroneous and duplicate orders, and mailed almost $40K worth of product to a random guy in outer mongolia who is , we can only hope, now enjoying his new life as an instagram influencer. They even terminally broke the automatic metadata, and hired THIRTY PEOPLE to sit there and do nothing but edit swagger. And it was still both wrong and unusable.

Over the course of two years, I ended up rewriting large portions of their infra surrounding the centralized service cancer to do things like, "implement security," as well as cut memory usage and runtimes down by quite literally 100x in the worst cases.

It was during this time I discovered a rather critical flaw. This is the story of what, how and how can you fucking even be that stupid. The issue relates to users and their reports and their ability to order.

I first found this issue looking at some erroneous data for a low value order and went, "There's no fucking way, they're fucking stupid, but this is borderline criminal." It was easy to miss, but someone in a top down reporting chain had submitted an order for someone else in a different org. Shouldn't be possible, but here was that order staring me in the face.

So I set to work seeing if we'd pwned ourselves as an org. I spend a few hours poring over logs from the log service and dynatrace trying to recreate what happened. I first tested to see if I could get a user, not something that was usually done because auth identity was pervasive. I discover the users are INCREMENTAL int values they used for ids in the database when requesting from the API, so naturally I have a full list of users and their title and relative position, as well as reports and descendants in about 10 minutes.

I try the happy path of setting values for random, known payment methods and org structures similar to the impossible order, and submitting as a normal user, no dice. Several more tries and I'm confident this isn't the vector.

Exhausting that option, I look at the protocol for a type of order in the system that allowed higher level people to impersonate people below them and use their own payment info for descendant report orders. I see that all of the data for this transaction is stored in a cookie. Few tests later, I discover the UI has no forgery checks, hashing, etc, and just fucking trusts whatever is present in that cookie.

An hour of tweaking later, I'm impersonating a director as a bottom rung employee. Score. So I fill a cart with a bunch of test items and proceed to checkout. There, in all its glory are the director's payment options. I select one and am presented with:

"please reenter card number to validate."

Bupkiss. Dead end.

OR SO YOU WOULD THINK.

One unimportant detail I noticed during my log investigations that the shit slinging GUI monkeys who butchered the system didn't was, on a failed attempt to submit payment in the DB, the logs were filled with messages like:

"Failed to submit order for [userid] with credit card id [id], number [FULL CREDIT CARD NUMBER]"

One submit click later and the user's credit card number drops into lnav like a gatcha prize. I dutifully rerun the checkout and got an email send notification in the logs for successful transfer to fulfillment. Order placed. Some continued experimentation later and the truth is evident:

With an authenticated user or any privilege, you could place any order, as anyone, using anyon's payment methods and have it sent anywhere.

So naturally, I pack the crucifixion-worthy body of evidence up and walk it into the IT director's office. I show him the defect, and he turns sheet fucking white. He knows there's no recovering from it, and there's no way his shitstick service team can handle fixing it. Somewhere in his tiny little grinchly manager's heart he knew they'd caused it, and he was to blame for being a shit captain to the SS Failboat. He replies quietly, "You will never speak of this to anyone, fix this discretely." Straight up hitler's bunker meme rage.

Some days I feel like I work in a different universe.

Last night our alerting system sent out a dept. wide email regarding a high number of errors coming from the web site.

Email shows the number of errors and a summary of the error messages.

Ex. 60 errors
59 Object reference not set to an instance of an object
1 The remote server returned an unexpected response: (413) Request Entity Too Large

Web team responds to the email..

"Order processing team's service is returning a 413 error. I'll fill out a corrective action ticket in the morning to address that error in their service. "

Those tickets are taken pretty seriously by upper mgmt, so I thought someone on the order processing team would point out the 1 error vs. 59 (coming from the web team's code).

Two hours go by, nobody responds, so I decide to jump into something that was none of my business.

"Am I missing something? Can everyone see the 59 null reference exceptions? The 413 exception only occurred once. It was the null reference exceptions that triggered the alert. Looking back at the logs, the site has been bleeding null reference exceptions for hours. Not enough for an alert, but there appears to be a bug that needs to be looked into."

After a dept. managers meeting this morning:

MyBoss: "Whoa..you kicked the hornets nest with your response last night."
Me: "Good. What happened?"
<Dan dept VP, Jake web dept mgr>
MyBoss: "Dan asked Jake if they were going to fix the null reference exceptions and Jake got pissed. Said the null reference errors were caused by the 413 error."
Me: "How does he know that? They don't log any stack traces. I don't think those two systems don't even talk to one another."
<boss laughs>
MyBoss:"That's what Dan asked!..oh..then Jake started in on the alert thresholds were too low, and we need to look into fixing your alerting code."
Me: "What!? Good Lord, tell me you chimed in."
MyBoss: "Didn't have to. Dan starting laughing and said there better be a ticket submitted on their service within the next hour. Then Jake walked out of the meeting. Oh boy, he was pissed."
Me: "I don't understand how they operate over there. It's a different universe.
MyBoss: "Since the alert was for their system, nobody looked at the details. I know I didn't. If you didn't respond pointing out the real problem, they would have passed the buck to the other team and wasted hours chasing a non-existent problem. Now they have to take resources away from their main project and answer to the VP for the delay. I'm sure they are prefixing your name right now with 'that asshole'"
Me: "Not the first, won't be the last."

Man, I think we've all gotten way too many of these.

Normally most interactions that I have are through email. Eventually some would try to contact me via phone. These are some:

"Hey! We are calling you from <whatever company name> solutions! (most of them always seem to end on solutions or some shit like that) concerning the Ruby on Rails senior dev opportunity we were talking about via email"
<niceties, how are you doing, similar shit goes here...eventually>

So tell us! how good/comfortable would you say you are with C++?"

Me: I have never done anything serious with c++ and did just use it at school, but because I am not a professional in it I did not list it in my CV, what does it have to do with Rails?

Them: "Oh the applications of this position must be ready to take in additional duties which sometimes happen to be C or C++"

Me: Well that was not anywhere in the offer you sent, it specifically requested a full stack Rails developer that could work with 3 different frontend stacks already and like 4 different databases plus bla bla bla, I did not see c++ anywhere in it. Matter of fact I find it funny, one of the things that I was curious about was the salary, for what you are asking and specifically in the city in which you are asking it for 75k is way too low, you are seriously expecting a senior level rails dev to do all that AND take additional duties with c++? cpp could mean a billion different things"

Them: "well this is a big opportunity that will increase your level to senior position"

Me: the add ALREADY asks for a senior position, why are you making it sound that I will get build towards that level if you are already off the bat asking for seniors only to begin with?

Them: You are not getting it, it is an opportunity to grow into a senior, applicants right now are junior to mid-level

ME: You are all not making any sense, please don't contact me again.

=======

Them: We are looking for someone with 15 years experience with Swift development for mobile and web

Me: What is up with your people not making these requirements in paper? if I knew from the beginning that you people think that Swift is 15 years old I would have never agreed to this "interview"

Them: If you are not interested in that then might we offer this one for someone with 10 years experience as a full stack TypeScript developer.

Me: No, again, check your dates, this is insulting.

===

* For another Rails position

Them: How good are you with Ruby on Rails in terms of Python?

Me: excuse me? Python has nothing to do with Ruby on Rails.

Her (recruiter was a woman) * with a tone of superiority: I have it here that Python is the primary technology that accompanies Rails development.

Me (thinking this was a joke) : What do you think the RUBY part of Ruby on Rails is for? and what does "accompanies Rails development" even means?

Her: Well if you are not interested in using Rails with Python then maybe you can tell us about your experience in using Javascript as the main scripting platform for Rails.

Me: This is a joke, goodbye.

====

To be fair this was years ago when I still didn't know better and test the recruiters during the email part of being contacted. Now a days I feel sorry for everyone since I just say no without even bothering. This is a meme all on itself which no one has ever bothered to review and correct in years for now. I don't know why recruiters don't google themselves to see what people think of their "profession" in order to become better.

I've even had the Java/Javascript stupidity thrown at me by a local company. For that one it was someone from their very same HR department doing the rectuiter, their shop foreman was a friend of the family, did him the service of calling him to let him know that his HR was never going to land the kind of developer they were looking for with the retarded questions they had and sent him a detailed email concerning the correct information they needed for their JAVAscript job which they kept confusing with Java (for some reason in the context of Spring, they literally wanted nothing with Spring, they wanted some junior to do animations and shit like that on their company's website, which was in php, Java was nowhere in this equation)

I think people in web development get the short end of the stick when it comes to retarded recruiters more than anywhere else.

expect([
row[‘blah’][0][1],
row[‘blah’][1][1],
row[’blah’][2][1],
row[‘blah’][3][1],
row[‘blah’][4][1],
]).to contain_exactly(
a.name(user), # “John doe”
c.name(user), # “John doe”
e.name(user), # “John doe”
b.name(user), # “John doe”
d.name(user), # “John doe”
)

(Note: The comments are mine.)

See the problem? No, not the ugly code (which is actually worse than what i posted here).

It’s using the same ridiculous getter (if you can call it that) that pulls a name out of the passed user object, and then expecting each row to have that name, in order. Not that order matters when they’re all the same.

Upon inspection, all objects created by the spec have the exact same name, so the above test passes (as long as there are 5 rows). It passes, but totally not because it should: those aren’t the objects that are actually in the table. All of the specs — all 22 of them — only check for that shared name on various rows, and no other data. And it’s not like this is the only issue, either.

Fuck me these are bad.

And this guy is a senior dev earning significantly more than me. Jesus what the fuck Christ.

A new linear time O(N) sorting algorithm [Keep it secret 🔒]

* Compare two adjacent elements one by one starting from the first element
* If there are out of order, delete the second element and continue with step 1
* If in order, go to the next two elements
* Once done, act like the numbers you deleted never existed

Works all the time.
Not yet published. Thinking of a good name for it.

Best part about the covid19 manufactured crisis?
Liquor stores deliver. Worst part about liquor stores delivering? Needing to use their shoddy websites.

I've been using a particular store (Total Wines) since they're cheaper than the rest and have better selection; it's quite literally a large warehouse made to look like a store.

Their website tries really hard to look professional, too, but it's just not. It took me two days to order, and not just from lack of time -- though from working 14 hour days, that's a factor.

Signing up was difficult. Your username is an email address, but you can't use comments because the server 500s, making the ajax call produce a wonderfully ambiguous error message. It also fades the page out like it's waiting on something, but that fade is on top of the error modal too. Similar error with the password field, though I don't remember how I triggered it.

Signing up also requires agreeing to subscribe to their newsletter. it's technically an opt-in, but not opting-in doesn't allow you to proceed. Same with opting-in to receiving a text notification when your order is ready for pickup -- you also opt-in to reciving SMS spam.

Another issue: After signing up, you start to navigate through the paginated product list. Every page change scrolls you to the exact middle of the next page. Not deliberatly; the UI loads first, and the browser gets as close as it can to your previous position -- which was below that as the pagination is at the bottom -- and then the products populate after. But regardless of why, there is no worse place to start because now you must scroll in both directions to view the products. If it stayed at the very bottom, it would at least mean you only need to scroll upwards to look at everything on the page. Minor, but increasingly irritating.

Also, they have like 198 pages of spirits alone because each size is unique entry. A 50ml, 350ml, 500ml, 750ml, 1000ml, and 1750ml bottle of e.g. Tito's vodka isn't one product, it's six. and they're sorted seemingly randomly. I think it's by available stock, looking back.

If you fancy a product, you can click on it for a detail page. Said detail page lists the various sizes in a dropdown, but they're not sorted correctly either, and changing sizes triggers a page reload, which leads to another problem:

if you navigate to more than a few pages within a 10 or so second window, the site accuses you of using browser automation. No captcha here, just a "click me for five seconds" button. However, it (usually) also triggers the check on every other tab you have open after its next nagivation.

That product page also randomly doesn't work. I haven't narrowed it down, but it will randomly decide to start failing, and won't stop failing for hours. It renders the page just fine, then immediately replaces it with a blank page. When it's failing, the only way to interact with the page is a perfectly-timed [esc], which can (and usually does) break all other page functionality, too. Absolutely great when you need to re-add everything from a stale copy of your signed-out cart living in another tab. More on that later. And don't forget to slow down to bypass the "browser automation" check, too!

Oh, and if you're using container tabs, make sure to open new tabs in the SAME container, as any request from the same IP without the login cookie will usually trigger that "browser automation" response, too.

The site also randomly signs you out, but allows you to continue amassing your cart. You'd think this is a good thing until you choose to sign in again... which empties your cart. It's like they don't want to make a sale at all.

The site also randomly forgets your name, replacing it with "null." My screen currently says "Hello, null". Hello, cruft!

It took me two days to order.
Mostly from lack of time, as i've been pulling 14 hour shifts lately trying to get everything done. but the sheer number of bugs certainly wasted most of what little time i had left. Now I definitely need a drink.

But maybe putting up with all of this is worthwhile because of their loyalty program? Apparently if you spend $500, you can take $5 off your next purchase! Yay! 1%! And your points expire! There are three levels; maybe it gets better. Level zero is for everyone; $0 requirement. There are also levels at $500 and $2500. That last one is seriously 5x more than the first paid level. and what does it earn you? A 'free' magazine subscription, 'free' classes (they're usually like $20-$50 iirc), and a 'free' grab bag (a $2.99 value!) twice per month. All for spending $2500. What a steal. It reminds me of Candy Crush's 3-star system where the first two stars are trivial, and the third is usually a difficult stretch goal. But here it's just thinly-veiled manipulation with no benefit.

I can tell they're employing some "smarketing" people with big ideas (read: stolen mistakes), but it's just such a fail.

The whole thing is a fail.

So we're hiring for a new junior dev and for the most part it's been going great! We have some promising candidates and I am so glad to finally have a new dev on the team!

However, I would like to take a moment and offer a few suggestions to the people who wish to work for this great and illustrious company:

PLEASE PLEASE PLEASE APPLY FOR THE JOB USING THE METHOD INDICATED IN THE AD. Please use our fancy, top-of-the-line, whiz-bang, cloud-based "talent acquisition" system that we paid way too much money for. I promise you, it's easy! Please don't send in your application by email, mail, telephone, Facebook, Twitter, Instagram, Snapchat, telegram or carrier pigeon. But most importantly...

FOR THE LOVE OF ALL THAT IS BEAUTIFUL IN THIS WORLD DO NOT SHOW UP AT OUR OFFICE UNANNOUNCED RESUME-IN-HAND. Believe it or not I do have an actual job that I spend my day doing! If I'm not in a meeting or at lunch or working from home, the best possible scenario is that you'll get 30 seconds of awkward small talk and be pointed to our whiz-bang, top-of-the-line "talent acquisition" system which you should have used in the first place (you did read the ad, right?). And at this point whatever you do...

DO NOT DEMAND AN ON-THE-SPOT INTERVIEW WHEN YOU SHOW UP UNANNOUNCED TO OUR OFFICE! Like, really? Do you think that you've wowed me so with your 30 seconds of awkward small talk that clearly I cannot wait to see what you will do with an entire hour? Look, I prepare for my interviews. I research you, your previous employers, your school and the hobbies you list on your resume. I check out your GitHub and LinkedIn. I may even Google your name! If that is all in order, I try to hassle some people into sitting in with me, find a time that works for everyone, and hope that there is a meeting room available. I'm not going to interview you at reception at 4pm on a Friday afternoon.

Please submit your application through our whiz-bang, top-of-the-line online "talent acquisition" system. Once I figure out how to log in, I promise I will spend an evening and read through all your cover letters with the utmost care. If you seem OK, you'll get an interview. There aren't that many developers in this town.

You know what really grinds my gears? As a junior webdeveloper (mostly backend) I try my hardest to deliver quality content and other people's ignorance is killing me in my current job.

Let's rant about a recent project I had under my hood, for this project (a webshop) I had to restructure the database and had to include validation on basicly every field (what the heck, no validation I hear you say??), apperently they let an incompetent INTERN make this f***king webshop. The list of mistakes in this project can bring you close to the moon I'd say, seriously.

Database design 101 is basicly auto incremented ID's, and using IDs in general instead of using name (among a list of other stuff obv.). Well, this intern decided it was a good idea to filter a custom address-book module based on a NAME, so it wasn't setup as: /addressbook/{id} (unique ID, never a problem) but as /addressbook/{name}, which results in only showing one address if the first names on the addresses are the same. Lots of bugs that go by this type of incompetence and ignorance. Want to hear another joke? Look no further, this guy also decided it was a great idea to generate the next ID of an order. So the ordernumber wasn't made up by the auto incremented id on the order model, but by a count of all the orders and that was the next order number. This broke so many times, unbelievable.

To close the list of mistakes off, the intern decided it was a great idea to couple the address of a user directly to an order. Because the user is able to ship stuff to addresses within his addressbook, this bug could delete whole orders out of the system by simply deleting the address in your addressbook.

Enough about my intern rant, after working my ass of and going above and beyond the expectations of the customer, the guy from sales who was responsible for it showed what an a**hole he was. Lets call this guy Tom.

Little backstory: our department is a very small part of the company but we are responsible for so much if you think about it. The company thinks we've transitioned to company wide SCRUM, but in reality we are so far from it. I think the story below is a great example of what causes this.

Anyway, we as the web department work within Gitlab. All of our issues and sprints are organized and updated within this place. The rest of the company works with FileMaker, such a pile of shit software but I've managed to work around its buggyness. Anyway, When I was done with the project described above I notified all the stakeholders, this includes Tom. I made a write-up of all the changes I had made to the project, including screenshots and examples, within Gitlab. I asked for feedback and made sure to tag Tom so he was notified of my changes to the project.

After hearing nothing for 2 weeks, guess who came to my desk yesterday? F**king tom asking what had changed during my time on the project. I told him politely to check Gitlab and said on a friendly tone that I had notified him over 2 weeks ago. He, I shit you not, blantly told me that he never looks on there "because of all the notifications" and that I should 'tell him what to do' within FileMaker (which I already had updated referencing Gitlab with the write-up of my changes). That dick move of him made me lose all respect for this guy, what an ignorant piece of shit he is afterall.

The thing that triggers me the most in the last story is that I spent so much free time to perfect the project I was working on (the webshop). I even completed some features which weren't scheduled during the sprint I was working on, and all I was asking for was a little appreciation and feedback. Instead, he showed me how ignorant and what a dick he was.

I absolutely have no reason to keep on working for this company if co-workers keep treating me like this. The code base of the webshop is now in a way better condition, but there are a dozen other projects like this one. And guess what? All writen by the same intern.

/rant :P

I think Clean Code: A Handbook of Agile Software Craftsmanship by Robert Martin should be a must to read.
In school no teacher puts emphasis on code quality.
They should learn how to name variables and functions the right way at an early stage in order to better perfect their craft :)

That awkward moment, when u watch last episode first and believe it to be the first episode..
Thank you "Order by Name".

Aptly named - "Alpha and omega". Gonna be my beginning and end episode 😂

Man, I'm sure there are a million of these posts right now but...

The hiring market and hiring culture nowadays is so damn frustrating. I have a decade of experience in multiple senior/lead/principal roles at both big name companies and high-growth startups, along with a very well-written resume.

Even with this, I can barely get an interview these days. I'll apply to a role that lists qualifications for which I'm an exact fit, and either get a quick auto-denial or just never hear back at all. It doesn't matter if I custom-craft my resume and cover letter to match the job description or just send my standard resume and cover letter. We all love those pandering and patronizing "We know that this isn't the news you wanted to hear, but keep trying! Maybe you'll be good enough for us someday!" auto-denial email.

Sometimes I'll receive a denial, look back at the job posting, that they needed somebody with NLP experience or something, and say to myself "Fair enough, that makes sense." Other times, I'll look at the posting and say "Oh come on, I check every single box." It makes you wonder "What the fuck are you actually truly looking for?"

Sometimes I'll look at the company's current employees and see that almost every single one is ex-FAANG, indicating that the company will almost only hire other ex-FAANG employees (despite there being thousands of other well-qualified candidates out there who are just as talented and skilled as those ex-FAANG candidates.)

Other companies seem to be "brand shopping" for ex-FAANG employees after all the recent FAANG layoffs, hoping to land a bargain on an ex-Google engineer so they can brag that their product was built by the same people who built Google.

Then there's the question of even making it past the ATS and in front of an actual human's eyes. The hiring culture seems to be an ATS SEO game nowadays. God forbid that you didn't include the super secret magic keyword in your resume, else you'll automatically be filtered out and denied.

It's just incredibly frustrating and makes you wonder what kind of candidate you need to be to even get a first round interview nowadays. Do we all need to have a glowing personal recommendation from the ghost of Steve Jobs in order for a 50-person startup to even open our resumes?

So ok here it is, as asked in the comments.

Setting: customer (huge electronics chain) wants a huge migration from custom software to SAP erp, hybris commere for b2b and ... azure cloud
Timeframe: ~10 months….

My colleague and me had the glorious task to make the evaluation result of the B2B approval process (like you can only buy up till € 1000, then someone has to approve) available in the cart view, not just the end of the checkout. Well I though, easy, we have the results, just put them in the cart … hmm :-\
The whole thing is that the the storefront - called accelerator (although it should rather be called decelerator) is a 10-year old (looking) buggy interface, that promises to the customers, that it solves all their problems and just needs some minor customization. Fact is, it’s an abomination, which makes us spend 2 months in every project to „ripp it apart“ and fix/repair/rebuild major functionality (which changes every 6 months because of „updates“.

After a week of reading the scarce (aka non-existing) docs and decompiling and debugging hybris code, we found out (besides dozends of bugs) that this is not going to be easy. The domain model is fucked up - both CartModel and OrderModel extend AbstractOrderModel. Though we only need functionality that is in the AbstractOrderModel, the hybris guys decided (for an unknown reason) to use OrderModel in every single fucking method (about 30 nested calls ….). So what shall we do, we don’t have an order yet, only a cart. Fuck lets fake an order, push it through use the results and dismiss the order … good idea!? BAD IDEA (don’t ask …). So after a week or two we changed our strategy: create duplicate interface for nearly all (spring) services with changed method signatures that override the hybris beans and allow to use CartModels (which is possible, because within the super methods, they actually „cast" it to AbstractOrderModel *facepalm*).
After about 2 months (2 people full time) we have a working „prototype“. It works with the default-sample-accelerator data. Unfortunately the customer wanted to have it’s own dateset in the system (what a shock). Well you guess it … everything collapsed. The way the customer wanted to "have it working“ was just incompatible with the way hybris wants it (yeah yeah SAP, hybris is sooo customizable …). Well we basically had to rewrite everything again.
Just in case your wondering … the requirements were clear in the beginning (stick to the standard! [configuration/functinonality]). Well, then the customer found out that this is shit … and well …

So some months later, next big thing. I was appointed technical sublead (is that a word)/sub pm for the topics‚delivery service‘ (cart, delivery time calculation, u name it) and customerregistration - a reward for my great work with the b2b approval process???

Customer's office: 20+ people, mostly SAP related, a few c# guys, and drumrole .... the main (external) overall superhero ‚im the greates and ur shit‘ architect.
Aberage age 45+, me - the ‚hybris guy’ (he really just called me that all the time), age 32.
He powerpoints his „ tables" and other weird out of this world stuff on the wall, talks and talks. Everyone is in awe (or fear?). Everything he says is just bullshit and I see it in the eyes of the others. Finally the hybris guy interrups him, as he explains the overall architecture (which is just wrong) and points out how it should be (according to my docs which very more up to date. From now on he didn't just "not like" me anymore. (good first day)
I remember the looks of the other guys - they were releaved that someone pointed that out - saved the weeks of useless work ...

Instead of talking the customer's tongue he just spoke gibberish SAP … arg (common in SAP land as I had to learn the hard way).
Outcome of about (useless) 5 meetings later: we are going to blow out data from informatica to sap to azure to datahub to hybris ... hmpf needless to say its fucking super slow.
But who cares, I‘ll get my own rest endpoint that‘ll do all I need.

First try: error 500, 2. try: 20 seconds later, error message in html, content type json, a few days later the c# guy manages to deliver a kinda working still slow service, only the results are wrong, customer blames the hybris team, hmm we r just using their fucking results ...
The sap guys (customer service) just don't seem to be able to activate/configure the OOTB odata service, so I was told)
Several email rounds, meetings later, about 2 months, still no working hybris integration (all my emails with detailed checklists for every participent and deadlines were unanswered/ignored or answered with unrelated stuff). Customer pissed at us (god knows why, I tried, I really did!). So I decide to fly up there to handle it all by myself

I was asked to fix a critical issue which had high visibility among the higher ups and were blocking QA from testing.

My dev lead (who was more like a dev manager) was having one of his insecure moments of “I need to get credit for helping fix this”, probably because he steals the oxygen from those who actually deserve to be alive and he knows he should be fired, slowly...over a BBQ.

For the next few days, I was bombarded with requests for status updates. Idea after idea of what I could do to fix the issue was hurled at me when all I needed was time to make the fix.

Dev Lead: “Dev X says he knows what the problem is and it’s a simple code fix and should be quick.” (Dev X is in the room as well)

Me: “Tell me, have you actually looked into the issue? Then you know that there are several race conditions causing this issue and the error only manifests itself during a Jenkins build and not locally. In order to know if you’ve fixed it, you have to run the Jenkins job each time which is a lengthy process.”

Dev X: “I don’t know how to access Jenkins.”

And so it continued. Just so you know, I’ve worked at controlling my anger over the years, usually triggered by asinine comments and decisions. I trained for many years with Buddhist monks atop remote mountain ranges, meditated for days under waterfalls, contemplated life in solitude as I crossed the desert, and spent many phone calls talking to Microsoft enterprise support while smiling.

But the next day, I lost my shit.

I had been working out quite a bit too so I could have probably flipped around ten large tables before I got tired. And I’m talking long tables you’d need two people to move.

For context, unresolved comments in our pull request process block the ability to merge. My code was ready and I had two other devs review and approve my code already, but my dev lead, who has never seen the code base, gave up trying to learn how to build the app, and hasn’t coded in years, decided to comment on my pull request that upper management has been waiting on and that he himself has been hounding me about.

Two stood out to me. I read them slowly.

“I think you should name this unit test better” (That unit test existed before my PR)

“This function was deleted and moved to this other file, just so people know”

A devil greeted me when I entered hell. He was quite understanding. It turns out he was also a dev.

Saw this sent into a Discord chat today:

"Warning, look out for a Discord user by the name of "shaian" with the tag #2974. He is going around sending friend requests to random Discord users, and those who accept his friend requests will have their accounts DDoSed and their groups exposed with the members inside it becoming a victim as well. Spread the word and send this to as many discord servers as you can. If you see this user, DO NOT accept his friend request and immediately block him. Discord is currently working on it. SEND THIS TO ALL THE SERVERS YOU ARE IN. This is IMPORTANT: Do not accept a friend request from shaian#2974. He is a hacker.

Tell everyone on your friends list because if somebody on your list adds one of them, they'll be on your list too. They will figure out your personal computer's IP and address, so copy & paste this message where ever you can. He is going around sending friend requests to random discord users, and those who accept his requests will have their accounts and their IP Addresses revealed to him. Spread the word and send this to as many discord servers as you can. If you see this user, DO NOT accept his friend request and immediately block him. Saw this somewhere"

I was so angry I typed up an entire feature-length rant about it (just wanted to share my anger):

"1. Unless they have access to Discord data centres or third-party data centres storing Discord user information I doubt they can obtain the IP just by sending friend requests.

2. Judging by the wording, for example, 'copy & paste this message where ever you can' and 'Spread the word and send this to as many discord servers as you can. If you see this user, DO NOT accept his friend request and immediately block him.' this is most likely BS, prob just someone pissed off at that user and is trying to ruin their reputation etc.. Sentences equivalent to 'spread the word' are literally everywhere in this wall of text.

3. So what if you block the user? You don't even have their user ID, they can change their username and discrim if they want. Also, are you assuming they won't create any alts?

4. Accounts DDoSed? Does the creator of this wall of text even understand what that means? Wouldn't it be more likely that 'shaian' will be DDoSing your computer rather than your Discord account? How would the account even be DDoSed? Does that mean DDoSing Discord's servers themselves?

5. If 'shaian' really had access to Discord's information, they wouldn't need to send friend requests in order to 'DDoS accounts'. Why whould they need to friend you? It doesn't make sense. If they already had access to Discord user IP addresses, they won't even have to interact with the users themselves. Although you could argue that they are trolling and want to get to know the victim first or smth, that would just be inefficient and pointless. If they were DDoSing lots of users it would be a waste of time and resources.

6. The phrase 'Saw this somewhere' at the end just makes it worse. There is absolutely no proof/evidence of any kind provided, let along witnesses.

How do you expect me to believe this copypasta BS scam? This is like that 'Discord will be shutting down' scam a while back.

Why do people even believe this? Do you just blindly follow what others are doing and without thinking, copy and paste random walls of text?

Spreading this false information is pointless and harmful. It only provides benefits to whoever started this whole thing, trying to bring down whoever 'shaian' is.

I don't think people who copy & paste this sort of stuff are ready to use the internet yet.

Would you really believe everything people on the internet tell you?

You would probably say 'no'.

Then why copy & paste this? Do you have a reason?

Or is it 'just because of 'spread the word''?

I'm just sick of seeing people reposting this sort of stuff

People who send this are probably like the people who click 'Yes' to allow an app to make changes in the User Account Control window without reading the information about the publisher's certificate, or the people who click 'Agree' without actually reading the terms and conditions."

!Dev

In Malaysia for some reason Chinese and Indians are considered as outsider. Some Malays are considering themselves are native (actually the Orang Asli are the native). Many politicians attempt to even startled a racial fight against the non- Malays. My country is operated by a closed system. Most Dutch , US companies are leaving Malaysia due to the unfairness.

Before this I worked in a Dutch company in Malaysia , where lately the company declare bankruptcy as my respectable boss told me what happened. Later I learnt, in order for a foreigner to start a company in Malaysia , a transaction of transfering have of the company assets and name under an assigned Malay man by the government.

The racism here is real and crazy. It is no surprise most Malaysian migrating to Taiwan, China Singapore , Thailand and some western countries.

I hate racism. Recently I heard news about western countries still have the hatred against Asians which I abort the idea of migrating there. But in my country Asians are hating other kind of Asians before for being different Asian.

May be I should just get my arse back to Mongolia (where my ancestors will be )

Beware: Here lies a cautionary tale about shared hosting, backups, and -goes without saying- WordPress.

1. Got a call from a client saying their site presented an issue with a third-party add-on. The vendor asked us to grant him access to our staging copy.

2. Their staging copy, apparently, never got duplicated correctly because, for security reasons, their in-house dev changed the name of the wp-content folder. That broke their staging algo. So no staging site.

3. In order to recreate the staging site, we had to reset everything back to WP defaults. Including, for some reason, absolute paths inside the database. A huge fucking database. Because WordPress.

4. Made the changes directly in a downloaded sql file. Shared hosting, obviously, had an upload limit smaller to the actual database.

5. Spent half an hour trying to upload table by table to no avail.

6. In-house uploads a new, fixed database with the help of the shared hosting provider.

7. Database has the wrong path. Again.

8. In-house performs massive Find and Replace through phpMyAdmin on the production server.

9. Obviously, MySQL crashes instantly and the site gets blocked for over 3 hours for exceeding shared hosting limits.

10. Hosting provider refuses to accept this was caused by such a stupid act and says site needs to be checked because queries are too slow.

11. We are gouging our eyeballs as we see an in-house vs. hosting fight unfold. So we decide to watch a whole Netflix documentary in between.

12. Finally, the hosting folds and enables access to the site, which is obvi not working because, you know, wrong paths.

13. Documentary finishes. We log in again, click restore from backup. Go to bed. Client phones to bless us. Client’s in-house dev probably looking for a cardboard box to pack his stuff first thing in the morning. \_(ツ)_/¯

A dev found a bug I created where I set a SQL parameter name to @OrderID instead of the expected @Order. The standard is @OrderID, there is one stored proc where it's @Order.
Oops...I didn't catch it because the integration test didn't cover that area of the code. My mistake...I should have checked...I take complete responsibility for the screw up.

He let me know by email..
"When refactoring, from now on check the stored procedure parameters, there are a few that don't follow the standard."

I was like "from now on..."? ...wow....bold comment from someone responsible for code that doesn't check for nulls, doesn't log errors, and relies on exceptions for flow control. You wouldn't even have known about the error if I didn't modify your code to log the error (the try..except returned false)

I really wanted to reply ...

"Fixed. From now on, when you come across those easily found bugs, go head and fix it, write a test, and move on. Don't send a condescending email to me, my boss, your boss, all the DBAs, and the entire fracking order processing team. Thanks."

But..I thanked him for finding and letting me know...we're a team..blah blah blah..

Frack..people suck.

Even when you search for every word in the name of the desired extension in order and sort by relevance, it still shows up 8th on the results.

I would say "obviously powered by Bing", but at least it showed up on the first page at all.

TL;DR; do your best all you like, strive to be the #1 if you want to, but do not expect to be appreciated for walking an extra mile of excellence. You can get burned for that.

They say verbalising it makes it less painful. So I guess I'll try to do just that. Because it still hurts, even though it happened many years ago.

I was about to finish college. As usual, the last year we have to prepare a project and demonstrate it at the end of the year. I worked. I worked hard. Many sleepless nights, many nerves burned. I was making an android app - StudentBuddy. It was supposed to alleviate students' organizational problems: finding the right building (city plans, maps, bus schedules and options/suggestions), the right auditorium (I used pictures of building evac plans with classes indexed on them; drawing the red line as the path to go to find the right room), having the schedule in-app, notifications, push-notifications (e.g. teacher posts "will be 15 minutes late" or "15:30 moved to aud. 326"), homework, etc. Looots of info, loooots of features. Definitely lots of time spent and heaps of new info learned along the way.

The architecture was simple. It was a server-side REST webapp and an Android app as a client. Plenty of entities, as the system had to cover a broad spectrum of features. Consequently, I had to spin up a large number of webmethods, implement them, write clients for them and keep them in-sync. Eventually, I decided to build an annotation processor that generates webmethods and clients automatically - I just had to write a template and define what I want generated. That worked PERFECTLY.

In the end, I spun up and implemented hundreds of webmethods. Most of them were used in the Android app (client) - to access and upsert entities, transition states, etc. Some of them I left as TBD for the future - for when the app gets the ADMIN module created. I still used those webmethods to populate the DB.

The day came when I had to demonstrate my creation. As always, there was a commission: some high-level folks from the college, some guests from businesses.

My turn to speak. Everything went great, as reversed. I present the problem, demonstrate the app, demonstrate the notifications, plans, etc. Then I describe at high level what the implementation is like and future development plans. They ask me questions - I answer them all.

I was sure I was going to get a 10 - the highest score. This was by far the most advanced project of all presented that day!

Other people do their demos. I wait to the end patiently to hear the results. Commission leaves the room. 10 minutes later someone comes in and calls my name. She walks me to the room where the judgement is made. Uh-oh, what could've possibly gone wrong...?

The leader is reading through my project's docs and I don't like the look on his face. He opens the last 7 pages where all the webmethods are listed, points them to me and asks:
LEAD: What is this??? Are all of these implemented? Are they all being used in the app?
ME: Yes, I have implemented all of them. Most of them are used in the app, others are there for future development - for when the ADMIN module is created
LEAD: But why are there so many of them? You can't possibly need them all!
ME: The scope of the application is huge. There are lots of entities, and more than half of the methods are but extended CRUD calls
LEAD: But there are so many of them! And you say you are not using them in your app
ME: Yes, I was using them manually to perform admin tasks, like creating all the entities with all the relations in order to populate the DB (FTR: it was perfectly OK to not have the app completed 100%. We were encouraged to build an MVP and have plans for future development)
LEAD: <shakes his head in disapproval>
LEAD: Okay, That will be all. you can return to the auditorium

In the end, I was not given the highest score, while some other, less advanced projects, were. I was so upset and confused I could not force myself to ask WHY.

I still carry this sore with me and it still hurts to remember. Also, I have learned a painful life lesson: do your best all you like, strive to be the #1 if you want to, but do not expect to be appreciated for walking an extra mile of excellence. You can get burned for that.

The $customer gets a device from us, with th wifi connected as specified in the order. $customer connects it to the mains and monitor, puts in the dongle and the connection is established.
Fast forward 3 weeks, now everything went south. The device does not connect to the network, the service is offline. Our first question: "Has someone modified the WiFi name or password?"
$customer: "No, there were no changes in the WiFi"

So the full arsenal of debugging the connection over LAN starts, interrupted by $customer unplugging the device "because he needs LAN now"

After sometime, we figured out, everything is fine with the device, and ask $customer once again, if the config $ssid and $password is correct.

$customer: "Oh, we changed the name to $ssid2 because it looks nicer, is that a problem?"

Internal: "Are you f*kin kidding me? I asked you exactly that"
Me: "Alright, that explains the issues. Please tell us in advance if you want to change something with the WiFi."

So I work for an IT consulting firm (web development) and was hired by a customer 7 months ago for coaching Git, implementation of VueJS on the front-end and fostering teamwork with devs who'd been in their solo comfort zone for the last 15 years.
I asked for confirmation multiple times on whether they were sure they wanted to go through with a bigger investment in front-end. Confirm they did, multiple times.

After half the team's initial enthusiasm faded (after 1 month), the 'senior' of them who's worked there for 18 years on a single -in the end, failed- project got a burn-out after half a week of showing up (without doing actual work) from the stress, and started whining about it with management that has no technical clue whatsoever. This and other petty office politics lead to the dumbest organizational and technical decisions I've seen in my short 5-year career (splitting a Laravel app that uses the same database in two, replacing docker container deployment with manual ssh'ing and symlinking, duplicating all the models, controllers, splitting a team in two, decreasing productivity, replacing project management dashboards with ad-hoc mail instructions and direct requests).

Out of curiosity I did a git log --author --no-merges with the senior's name on the 2 projects he was supposed to help on, and that turned up... ZERO commits. Now the dept. hired 3 new developers with no prior experience, and it's sad to see the seniors teach them "copy paste" as the developer's main reflex.

Through these 7 months I had to endure increasingly vicious sneers from the IT architect -in name only- who gets offended and hysterical at every person who dares offer suggestions. Her not-so-implicit insinuation is that it's all my fault because I implemented Vue front-end (as they requested), she has been doing this for months, every meeting at least once (and she makes sure other attendees notice). Extra background: She's already had 2 official complaints for verbal abuse in the past, and she just stressed another good developer into smoking again.

Now I present her my timesheet for January, she abuses her power by refusing to sign it unless I remove a day of work.
Earlier this week I asked her politely to please stop her unjust guilt-tripping to which she shouted "You'll just have to cope with that!", and I walked out of the room calmly (in order to avoid losing my nerves). She does this purely as a statement, and I know she does it out of bad faith (she doesn't actually care, as she doesn't manage the budgets). She knows she wields more power over me than the internal devs (I am consultant, so negative reviews for me could delay further salary raises).

I just don't know how to handle this person: I can't get a word in with her, or she starts shouting, and it's impossible to change her (completely inaccurate technological) perception.

Sus!
yesterday I bought a cool domain in namecheap, I was very lucky to find short and good one for my case.

Today (at weekends!!!!) I receive a letter:
>Hello **redacted name**,
>
>We are contacting you from the Namecheap Risk Management Team regarding your '**redacted name account**' account.
>
>Unfortunately, your Namecheap account was flagged by our fraud screening system as requiring verification and was locked.
>
>Please follow the instructions below to get your account verified:
>
>- take a color photo of the credit card used for the payment at **redacted link**
>
>Please make sure all of the edges of the credit card are visible, and that we can clearly see the card holder's name, expiration, and last four digits of the card number. The screenshots or images of the card cannot be accepted for verification. >If the submission does not meet these requirements, we can either request to submit the details again or permanently suspend your account.
>
>- provide a valid phone number and the best time to call you (within normal business hours, US Pacific time).
>
>If we do not hear back from you within 24 hours, we will be forced to cancel your orders.
>
>We apologize for any inconvenience that may result from this process. This extra verification is done for your security and to ensure that orders are legitimate. This industry, unfortunately, has a high rate of fraudulent orders, and this sort of >verification helps us drastically reduce fraud and ensure our customers remain secure. Such documents are used for verification only and are not provided to third parties in any way. Account verification is a one-time procedure, after your account >is verified, you will never face this issue again.
>
>Looking forward to your reply.
>
>---------------
>Dmitriy K.
>Risk Management
> Namecheap, Inc.

what if I did not notice it in 24 hours? It is the weekend for god's sake! People usually rest until monday.
They would what, cancel order and scalpel it to super high price?!
I have some doubts if the request is trully having anti fraudulent origins.

What if I used digital visa card? How was I supposed to photo it?

And the service they provided for photoing accepts only photos from web camera. I was lucky that I bought recently web camera with high enough amount of pixel power and manual focus. What if I did not?

That's all really SUS!
The person can not notice the letter within 24 hours time frame until the morning, when it would be already too late.

Any other language: Hey fuckface, you can't name this variable by a single letter, tf is wrong with you? use some descriptive shit.

Golang: lmao fuck u

I really find it interesting how we use short variable names for items in golang. Kinda makes sense when you think of it. Most of these items come up in short methods for which the mental model lets you know and remember what you are doing, they even make sense when going through the std lib in which that shit is all over the place. YET years of going by other languages has made me squint my eyes a bit in frustration every time I see it.
Say for example that a function is implementing io.Writer. What would you call the method parameter? you could argue that writer would be sensible since it has it in the signature, but what about when the io.Writer in itself is a file or a socket or whatever? writer would be funny or strange? nah fuck it just w, it makes sense, but x wouldn't. I find these points to make sense even if i don't like them.

Would, now, this practice be acceptable in C? you are supposed to write the same modular code with C in which you compose large functionality in separated units of code, yet I am sure this practice of single name variables is something that C engineers dislike greatly.

Are go devs just doing this out of blind love for their preference in languages? and how would this work if mfkers add generics to go(I hope not, Go is simple enough to understand in order to extend functionality through the empty interface, but that is a preference of mine as well)

The more I use Go the more I like it to be honest, I think the code looks ugly syntactically, but that is subjective as all hell and based on my constant preference for a language to look like Ruby, which even though it might not be everyone's cup of tea it remains to my eyes as the most beautiful language in existence, again, an obvious personal preference.

So a while back I had found a hole in a website's security, one that I has used pretty frequently. I was able to change my cookies and become any user I wanted. The only caveat was that I had to log in as a user in order to get things started. But once I was in I could basically be anyone I wanted to be just by changing a few numbers in the user ID of the cookie. They also did all of their user processing on the client side. Even password checks.

A couple weeks back I decided to go back in to see if anything had changed since then. It did! But not in the way I had thought.

So these guys decided that instead of fixing their security hole, they would have users just contact their people directly in order to get a new account.

Wow that's so much fucking overhead for basically being a lazy shit and not fixing the security holes. I mean how bad is your architecture if you can't go in and fix this?

Not only that I found that they actually stripped all of the users of their original subscriptions. So now if you want to get back on your subscription you'll have to fork over another $399. So that means going to their shitty form filling out your name, your number, email, and just hope that someone contacts you via phone call.

I'm glad I dropped this service. They clearly can't get their shit together.

!rant

So I have bought a new laptop and this time instead of straight up booting linux I had an idea of giving micro$oft a try, so I have decided to use only their services for 2 weeks.

To be honest, I really did not expect windows to use do much cpu and hdd during updates and background tasks, but after a day it was ok and windows feels snappier than during my last encounrer (maybe cause the new hw?).

I was even so dedicated that I started to use cortana and I have to tell, that she is dumb as fuck, since she fails to understand even the basic tasks and if u want something advanced, she refers to the next update. But boy, tell her to open Visual Studio and she asks if you want VS Code or Visual Studio, which seems great. But my response was 'Code' then she insisted that I said Coke. Im like OK, Im not native english speaker, lets try Visual Studio Code, where she told me that there is no such thing and Spelling VS - Code ended me in bing search for Unesco :/

I really want to like Cortana, she has nice name, nice history, but she is like that A girl from class, who looks gorgeous, has great voice, but then u reallise that she just eats a book before exam and after that she is that dumb basic hoe.

I also gave a shot to Bing and Edge. Bing is something between Google and DuckDuckGo, since it gives you a liiitle less results from search history, yet if you want to find something in different language its even possible to tell you that what are you trying to find does not exist.

But I have to tell, that I like Edge and I mean it. Like... Its fast and has some good features, like pushing all your open tavs away, so you can open them Later. It also does not have that stupid ass feature that lets you control tab from left to right, not by chronological order, so you wont end up in infinity loop of 2 tabs. And even if people make fun of M$ trying to convince you to use Edge by being too aggresive. God go on edge and try to use some Google Service(You still dont use chrome?!).

I also tried to play with .Net core and I have to tell that against java they are a bit further. I liked some small features, but what I just simply loved was rhe fucking documentation. You basically dont need google, sincw they give you examples and explain in a human way.

What I didnt quite get was the 'big' Visual Studio. Tje dark theme to me feels strange(personal and irrelevant). Why the hell I do need to press 2 shortcuts to duplicate line?! Why is it so hard to find a plugin to give me back my coloured brackets and why the fuck it takes like a second to Cut one line of code on a damn i7?!

Visual studio Code was something different. It shows how dark theme should be done, the plugin market is full of stuff and the damn shortcuts are not made for octopi. So I have to recommend it ^^.

I even gave a shot to word and office as a whole and fuck I never knew that there are so many templates. It really made my life easier, since all you need to do is find the right one in the app, instead of browsing templates online, where half of them are for another version of your text editor.

Android Launcher was fast, had a clever widget of notes and the sync was pretty handy to be honest so I liked that one as well.

What made me furious was using the CLI. Godfucking damn what the fuck is ipconfig?! :/

Last thing what made me superbhappy was using stuff without wine and all of the addional shit. Especially using stuff like Afinity Designer and having good looking apps in general. I mean Open source has great tools l sometimes with better functionality. But I found out, that what is pleasure to look at, is pleasure to work with.

To Summarize a bit.

It wasnt that bad as I expected. I see where they are heading with building yet another ecosystem of It just works and that they are aiming at professionals once again.

So I would rate it 6/10, would be 7 if that shit was Posix compatible.

I know that for Balmer is a special place in hell... But with that new CEO, Microsoft at the end may make it to purgatory..

So I've spent all day chasing around this issue for a coworker who was trying to help a client with a new report they were deploying to their system.

Now I learned a couple of things today because of this. Due to moving buildings, our new network completely broke our report server because the DNS can't resolve it's name. Since we're rewriting this system from the ground up, I haven't been majorly concerned about getting this fixed, but with this coming up, being persistent, I'm glad I figured it out. IT did give us a static IP for this VM, but they never bothered to add a DNS entry for it, so for the past couple of months, this hasn't worked for some reason, and now that's why.

So the root cause of my issue can been seen from 2 directions, the dev of the report, and the dev of the UI that reads it. The dev who wrote this code originally is checking very specifically for 'asc' and 'desc', meanwhile my mans who wrote the report has his order by with 'ASC' where he needs it.
(MAN, THE PREVIOUS DEV WAS GREAT)

I'm glad I was able to help him, but god damn, that took all day, AND TO FIND IT WAS A CAPTIALIZATION ISSUE, AAAAAAAAA FUCK ME

I have been on crunch time for so long, with so many hours I don't even know what day of the week it is. I legitimately had to look it up. I also calculated my hourly rate for the last 3.5 weeks, and I was making the same as a grocery store bagger! Being salaried sucks in times like this. I am paid peanuts.

Last night I woke up every 30 minutes in a panic I was late to work. This job is killing me, and all because the sales team sold the product on an unrealistic deadline, for no money...

In addition, I am gaining weight, haven't seen my family for any significant period of time for ages, and Taco Bell knows me by name and order...

On that note, next Monday I am going to go into my boss' office, and demand like a 50%-75% raise! I am terrified! Haha

Migraines are fun though. THE PAIN PROVES I AM ALIVE!

One of our senior colleagues in my last project at TCS had brought a pen drive with him, not sure why! He worked on a client system, which he believed was not monitored by TCS. So what he did was, he plugged in the pen drive in his computer and tried to copy some files from his pen drive to the computer. However, he wasn’t able to copy the files.

We weren’t aware of this until our project manager, who sits at the farthest end of the ODC shouted at the top of his voice, calling out his name. In front of the entire ODC, he was scolded since the HR team had called the manager informing that the machine assigned under this employee’s name has detected a security breach.

He had to explain the reason; where he said he wanted to copy some codes that he had to office machine in order to reduce his manual effort, which was probably very silly of him! For the next few days I hardly saw him inside the ODC, probably had to visit people to show cause or other things and was harrassed by our manager, insulted every time he passed by him.

He was not suspended although, maybe the manager or someone else saved him, although normally such violations would have seen him terminated.

Came across a book by Clinton L. Jeffery that details in programming language design, a topic that has always fascinated me. So I went ahead and bought the book knowing full well it uses an obscure language called Unicon (cool fucking name) devised in order to mimic the Icon programming language (obscure as well) which are languages that detail goal oriented programming. While I do not mind the language itself, seems pretty good for my taste, does not use curly braces or semicolons and a lot of other scripty things, gets compiled to bytecode and works well, but shit man, trying to find documentation for this outside of its own (I don't like it) book is a pain in the ass. To give some perspetive: you know you are dealing with some obscure shit when there ain't any youtube videos on the language. It has some interesting notions, but I just fucking hate the "documentation standard" book that it has for it, and yes, this is because the language has not taken any actual traction from the masses, there are some things that it does not have such as full utf8 support among other things, it really is a nice tech but I hate the lack of proper documentation/tutorials on it.

rant off

My LinkedIn profile lists quite a lot of languages and platforms, but I made sure to not include Ruby there, just because:
1. I never worked with Ruby
2. I never want to work with Ruby because I got fed up with the smugness of ruby developers back in the day so much that I made a promise to myself never to be one of them. Literally anything just not Ruby. I'll even take up COBOL if I have to, in order to avoid Ruby, unless I can justify it as a backup scripting language for small automation stuff where other languages would simply not work. Aaaanyway...

I get this message from a guy:
"""
Hey <Actual first name>,

You got recommended by a person, and judging by your profile you'd make an excellent fit for this company I'm representing who are the leaders in their field, bla bla bla more info on why company is the greatest in the world.
They need an experienced senior Ruby developer for their new web application bla bla bla.
"""

I wonder, if I committed to learn Ruby well enough to pass an interview, faked some Ruby experience in my CV, and they actually hired me, how long would it be until they hang that recruiter for not even reading the profiles of the people he's bothering with messages.

I am thinking of how I can make data upload reliable. I am sure that I am making it more complex as it could be and I need some pointer.

My goal is to have a pause/resume feature in file uploading.

Here is how it would work.

In order to start uploading , you give the server

1) File Name
2) Folder path you want to upload it to
3) Checksum of the file

Here the server will check whether you can upload it to a folder, whether the file have been previously uploaded (by file name and checksum)

If you could actually upload to the folder , server will return "unique file token" , "folder path" , "unique byte token". Let call it init_upload().

The client will use "unique file token" (to identify the file) , folder path (to know where to upload it to) , "unique byte token" and byte[] (data which to actually upload). Let call this operation data_upload().

If the operation is actually complete , server will return new "unique byte token"

Internally it will actually work like this.Let say we want to upload "file.mp3", when the client call init_upload() it will create

file.mp3 and unique_byte_token.file.mp3.

When the client upload data first time , it will append data to unique_byte_token.file.mp3.

When the client upload data second time , it will check whether the "byte token" that client put is the same as previous "unique_byte_token". If it is same ,
1) we move the data from unique_byte_token.file.mp3 to file.mp3
2) Delete unique_byte_token.file.mp3
3) Create new unique_byte_token.file.mp3
4) Append data to unique_byte_token.file.mp3

The reason I am using "byte token" is because I want to check whether previous upload is actually success.

Let say we need to call 50 part of data_upload() will put 49 part to file.mp3 and 1 part to byte_token.file.mp3.

Finally the client need to call data_upload_complete() which will

1) Put reminding 1 part to file.mp3
2) Remove byte_token.file.mp3 as cleanup

What is the correct way of pulling the latest changes via docker?

Please write step by step commands.

This is how i do it:

1. docker build -t dashboard:latest -t dashboard:v2 dashboard/.

2. docker rm -f dashboard-latest

3. docker run --name dashboard-latest -d -p 8081:80 dashboard

So...

1. Build latest changes
2. Remove the old container
3. Pull those latest changes

---

Is there a better way? Less commands? Is this the right way to do it?

Sometimes the changes dont get updated so i waste hours of time trying to figure out if i fucked up the commands, or order of commands, or if its some caching problem etc.

Teach me the right way once and for all.