Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
-
Hey everyone,
First off, a Merry Christmas to everyone who celebrates, happy holidays to everyone, and happy almost-new-year!
Tim and I are very happy with the year devRant has had, and thinking back, there are a lot of 2017 highlights to recap. Here are just a few of the ones that come to mind (this list is not exhaustive and I'm definitley forgetting stuff!):
- We introduced the devRant supporter program (devRant++)! (https://devrant.com/rants/638594/...). Thank you so much to everyone who has embraced devRant++! This program has helped us significantly and it's made it possible for us to mantain our current infrustructure and not have to cut down on servers/sacrifice app performance and stability.
- We added avatar pets (https://devrant.com/rants/455860/...)
- We finally got the domain devrant.com thanks to @wiardvanrij (https://devrant.com/rants/938509/...)
- The first international devRant meetup (Dutch) with organized by @linuxxx and was a huge success (https://devrant.com/rants/937319/... + https://devrant.com/rants/935713/...)
- We reached 50,000 downloads on Android (https://devrant.com/rants/728421/...)
- We introduced notif tabs (https://devrant.com/rants/1037456/...), which make it easy to filter your in-app notifications by type
- @AlexDeLarge became the first devRant user to hit 50,000++ (https://devrant.com/rants/885432/...), and @linuxxx became the first to hit 75,000++
- We made an April Fools joke that got a lot of people mad at us and hopefully got some laughs too (https://devrant.com/rants/506740/...)
- We launched devDucks!! (https://devducks.com)
- We got rid of the drawer menu in our mobile apps and switched to a tab layout
- We added the ability to subscribe to any user's rants (https://devrant.com/rants/538170/...)
- Introduced the post type selector (https://devrant.com/rants/850978/...) (which will be used for filtering - more details below)
- Started a bug/feature tracker GitHub repo (https://github.com/devRant/devRant)
- We did our first ever live stream (https://youtube.com/watch/...)
- Added an awesome all-black theme (devRant++) (https://devrant.com/rants/850978/...)
- We created an "active discussions" screen within the app so you can easily find rants with booming discussions!
- Thanks to the suggestion of many community members, we added "scroll to bottom" functionality to rants with long comment threads to make those rants more usable
- We improved our app stability and set our personal record for uptime, and we also cut request times in half with some database cluster upgrades
- Awesome new community projects: https://devrant.com/projects (more will be added to the list soon, sorry for the delay!)
- A new landing page for web (https://devrant.com), that was the first phase of our web overhaul coming soon (see below)
Even after all of this stuff, Tim and I both know there is a ton of work to do going forward and we want to continue to make devRant as good as it can be. We rely on your feedback to make that happen and we encourage everyone to keep submitting and discussing ideas in the bug/feature tracker (https://github.com/devRant/devRant).
We only have a little bit of the roadmap right now, but here's some things 2018 will bring:
- A brand new devRant web app: we've heard the feedback loud and clear. This is our top priority right now, and we're happy to say the completely redesigned/overhauled devRant web experience is almost done and will be released in early 2018. We think everyone will really like it.
- Functionality to filter rants by type: this feature was always planned since we introduced notif types, and it will soon be implemented. The notif type filter will allow you to select the types of rants you want to see for any of the sorting methods.
- App stability and usability: we want to dedicate a little time to making sure we don't forget to fix some long-standing bugs with our iOS/Android apps. This includes UI issues, push notification problems on Android, any many other small but annoying problems. We know the stability and usability of devRant is very important to the community, so it's important for us to give it the attention it deserves.
- Improved profiles/avatars: we can't reveal a ton here yet, but we've got some pretty cool ideas that we think everyone will enjoy.
- Private messaging: we think a PM system can add a lot to the app and make it much more intuitive to reach out to people privately. However, Tim and I believe in only launching carefully developed features, so rest assured that a lot of thought will be going into the system to maximize privacy, provide settings that make it easy to turn off, and provide security features that make it very difficult for abuse to take place. We're also open to any ideas here, so just let us know what you might be thinking.
There will be many more additions, but those are just a few we have in mind right now.
We've had a great year, and we really can't thank every member of the devRant community enough. We've always gotten amazingly positive feedback from the community, and we really do appreciate it. One of the most awesome things is when some compliments the kindness of the devRant community itself, which we hear a lot. It really is such a welcoming community and we love seeing devs of all kind and geographic locations welcomed with open arms.
2018 will be an important year for devRant as we continue to grow and we will need to continue the momentum. We think the ideas we have right now and the ones that will come from community feedback going forward will allow us to make this a big year and continue to improve the devRant community.
Thanks everyone, and thanks for your amazing contributions to the devRant community!
Looking forward to 2018,
- David and Tim
48 -
Just received my very first pull request on GitHub. Pull request: "Remove jquery as dependency".
* Makes repo private *9 -
Group Project
1.Make a slack Channel.
2.Make a private repo
3.Give everyone access to do anything.
4. Wait for people to talk and commit code.
5...............R.I.P5 -
we had this guy once, who we gave access to our private repo. everything's all good until we noticed that our amazon bill was USD 8,000+!!! we found out that lots of servers got created and that's bec. this guy forked our private repo and his fork was a public one. our keys were still not in .env files and were part of the commit so some bot got hold of it and accessed our amazon account. we suspected that the servers were used for bitcoin mining. anyway guy was fired on the spot and we also learned our lesson to keep keys out of repos.14
-
!security
(Less a rant; more just annoyance)
The codebase at work has a public-facing admin login page. It isn't linked anywhere, so you must know the url to log in. It doesn't rate-limit you, or prevent attempts after `n` failures.
The passwords aren't stored in cleartext, thankfully. But reality isn't too much better: they're salted with an arbitrary string and MD5'd. The salt is pretty easy to guess. It's literally the company name + "Admin" 🙄
Admin passwords are also stored (hashed) in the seeds.rb file; fortunately on a private repo. (Depressingly, the database creds are stored in plain text in their own config file, but that's another project for another day.)
I'm going to rip out all of the authentication cruft and replace it with a proper bcrypt approach, temporary lockouts, rate limiting, and maybe with some clientside hashing, too, for added transport security.
But it's friday, so I must unfortunately wait. :<13 -
I was working as a contractor for a client who just got enough funding to hire a full-time dev. I lovingly referred to him as "Mr. Koolaid" because he was obsessed with whatever the newest hotness was and cried constantly about how the 3-year-old code-base didn't use The Next Big Thing(tm). This was my first interaction with him:
Mr. Koolaid: I'd like access to the github repository. My username is xxxx.
Me: We currently aren't hosting the code on github. If you send me your public ssh key, I'll get you access to the private server.
Mr. Koolaid: I'd like to access the github repository.
Me: It's not on github; send me your public key and I'll get you access.
Mr. Koolaid: Can we skype real quick? You don't need my public key to grant me access to the github repo.
*Mr. Koolaid proceeds to forward me github's documentation on adding users to an organization and the documentation for adding users to a private repo. The email is written in a very passive-aggressive tone.*
ಠ_ಠ9 -
It's enough. I have to quit my job.
December last year I've started working for a company doing finance. Since it was a serious-sounding field, I tought I'd be better off than with my previous employer. Which was kinda the family-agency where you can do pretty much anything you want without any real concequences, nor structures. I liked it, but the professionalism was missing.
Turns out, they do operate more professionally, but the intern mood and commitment is awful. They all pretty much bash on eachother. And the root cause of this and why it will stay like this is simply the Project Lead.
The plan was that I was positioned as glue between Design/UX and Backend to then make the best Frontend for the situation. Since that is somewhat new and has the most potential to get better. Beside, this is what the customer sees everyday.
After just two months, an retrospective and a hell lot of communication with co-workers, I've decided that there is no other way other than to leave.
I had a weekly productivity of 60h+ (work and private, sometimes up to 80h). I had no problems with that, I was happy to work, but since working in this company, my weekly productivity dropped to 25~30h. Not only can I not work for a whole proper work-week, this time still includes private projects. So in hindsight, I efficiently work less than 20h for my actual job.
The Product lead just wants feature on top of feature, our customers don't want to pay concepts, but also won't give us exact specifications on what they want.
Refactoring is forbidden since we get to many issues/bugs on a daily basis so we won't get time.
An re-design is forbidden because that would mean that all Screens have to be re-designed.
The product should be responsive, but none of the components feel finished on Desktop - don't talk about mobile, it doesn't exist.
The Designer next to me has to make 200+ Screens for Desktop and Mobile JUST so we can change the primary colors for an potential new customer, nothing more. Remember that we don't have responsiveness? Guess what, that should be purposely included on the Designs (and it looks awful).
I may hate PHP, but I can still work with it. But not here, this is worse then any ecommerce. I have to fix legacy backend code that has no test coverage. But I haven't touched php for 4 years, letalone wrote sql (I hate it). There should be no reason whatsoever to let me do this kind of work, as FRONTEND ARCHITECT.
After an (short) analysis of the Frontend, I conclude that it is required to be rewritten to 90%. There have been no performance checks for the Client/UI, therefor not only the components behave badly, but the whole system is slow as FUCK! Back in my days I wrote jQuery, but even that shit was faster than the architecuture of this React Multi-instance app. Nothing is shared, most of the AppState correlate to other instances.
The Backend. Oh boy. Not only do we use an shitty outated open-source project with tons of XSS possibillities as base, no we clone that shit and COPY OUR SOURCES ON TOP. But since these people also don't want to write SQL, they tought using Symfony as base on top of the base would be an good idea.
Generally speaking (and done right), this is true. but not then there will be no time and not properly checked. As I said I'm working on Legacy code. And the more I look into it, the more Bugs I find. Nothing too bad, but it's still a bad sign why the webservices are buggy in general. And therefor, the buggyness has to travel into the frontend.
And now the last goodies:
- Composer itself is commited to the repo (the fucking .phar!)
- Deployments never work and every release is done manually
- We commit an "_TRASH" folder
- There is an secret ongoing refactoring in the root of the Project called "_REFACTORING" (right, no branches)
- I cannot test locally, nor have just the Frontend locally connected to the Staging webservices
- I am required to upload my sources I write to an in-house server that get's shared with the other coworkers
- This is the only Linux server here and all of the permissions are fucked up
- We don't have versions, nor builds, we use the current Date as build number, but nothing simple to read, nonono. It's has to be an german Date, with only numbers and has always to end with "00"
- They take security "super serious" but disable the abillity to unlock your device with your fingerprint sensor ON PURPOSE
My brain hurts, maybe I'll post more on this shit fucking cuntfuck company. Sorry to be rude, but this triggers me sooo much!2 -
--- Github unveils another round of pricing changes ---
In a move that slipped under the radar with some surprising ease, Microsoft-owned repo wrangler Github unveiled yesterday (7th January) a new set of changes to their pricing model. Unlike the last round of changes that saw unlimited private repos gracing anybody with $7 in their pocket each month - The new round sees everyone on the platform receiving unlimited private repos in a move that's been met with some serious scepticism from the community.
The company's surprisingly brief PR emission (via their official blog) states that they've made 2 major changes, "Github Free now includes unlimited private repositories" - the catch being that you're limited to adding 3 collaborators, which appears to be a move aimed squarely at businesses attempting to operate without forking over the cash for an organisation.
In addition to this there's many vague statements about the kinds of scenarios that "are now possible" via "Github free", the kind of vague nonsense that makes trousers considerably tighter in the PR department.
It would appear that anyone who was previously paying the $7 a month is now a "Pro" user, The PR emission states that "Github Pro (formerly Github Developer) and Github team are also available for developers and teams who need professional coding and collaboration features".
It doesn't seem like you're being offered a whole lot for your $7 a month anymore - a move that would be considered by almost any other company in tech as a good thing, but given that it's Microsoft has been met with warranted suspicion and concern.
Or we could just be being a set of Donny Downers about it, who knows shrug9 -
Coworker was told to shift code from private repo into company repo. She literally copy pasted all the files into the other repo. 😁👍6
-
"WTH! Get the fuck out of here, bitch!!".
I started a new job today (remote) and my first task was to improve product sign-up process, basically the UX is shit and the backend is even worse, never felt so bad looking at terrible software design my entire life and career. My first assignment was to introduce some sanity. (Mr. Supervisor's exact words)
Anyway, I report directly to upper management but need to get onboarded by current technology expert who's highly skilled at writing shitty code and is also stupid, literally.
It took the whole day to get him to grant access to the private repo in order to start working but that's not the story.
So, I'm seated, demoralised about the structure of software I have to work on and here I was refreshing localhost:7878 consistently and was consistently getting the message:
"WTH! Get the fuck out of here, bitch!!".
So, this same codebase I have is suppose to be the exact same one that's powering the app in production. I was furious and confused. Is stupid calling me a bitch already??? He wants to fuck??? What the hell!!!
I called him and turns out, I was suppose to switch branches. The branch I had was suppose to show that message intentionally (??!???!???) (His words exactly), I couldn't even muster the words "Why" completely before he hung up.
So basically, I got onboarded today. Quite successfully, I must add, because I know exactly the battlesuit I have to wear to my new remote job going forward!11 -
A day in the life of BoyBiscuit.
PM: Please zip up any local changes and push them to a temp folder on the repo and I will manually check to see what you have changed.
Me: *glaring at the download as zip button*
PM: Who broke the repo?
Me: *checks commit history*
Commit History: *last commit PM*
Me: Could you add the files to your commit before pushing because you've only pushed changes on tracked files.
PM: No not possible, I did 'commit -a'.
Me: ....
PM: Could you all delete your forks so that It isn't anywhere on the web
US: but it's private with only us as collaborators
PM: No because I can see it
Me: srysly?
PM: Could everyone try to write more effective code?
Me: Looks at his code
Code: Boolean b = getbooleanVal ? True : False;
Tl;Dr: PM doesn't know anything about git or working as a team.
See you tomorrow!1 -
!rant
Just managed to set up a laravel development server in my raspberry, with a fully functioning private git repo!
(Not having a CS degree nor working in IT... I am very happy with this!)5 -
You wake up in the middle of the night with an awesome idea for a new app.
You spend weeks thinking about it, open a private repo, start to design the UI and logo, and in all your excitement explain your idea to the family and best friends, but no one really finds it cool.
Slowly you start to lose the excitement, day after day you consider it more and more stupid, until you start to hate both the idea and yourself because you really liked it.
6 months later, when you totally forgot about it, you find an app on the App Store very similar to it (but with less features)... as App of the Day, sold for €6.99, 4.8 rating, thousands of positive comments and loved by everyone.
The moral of this story?
If you really like your idea, just make it happen without looking at anyone.4 -
I’m back for a fucking rant.
My previous post I was happy, I’ve had an interview today and I felt the interviewer acted with integrity and made the role seem worthwhile. Fuck it, here’s the link:
https://www.devrant.io/rants/889363
So, since then; the recruiter got in touch: “smashed it son, sending the tech demo your way, if you can get it done this evening that would be amazing”
Obviously I said based on the exact brief I think that’s possible, I’ll take a look and let them know if it isn’t.
Having done loads of these, I know I can usually knock them out and impress in an evening with no trouble.
Here’s where shit gets fucked up; i opened the brief.
I was met with a brief for an MVP using best practice patterns and flexing every muscle with the tech available...
Then I see the requirements, these fucking dicks are after 10 functional requirements averaging an hour a piece.
+TDD so * 1.25,
+DI and dependency inversion principle * 1.1
+CI setup (1h on this platform)
+One ill requirement to use a stored proc in SQL server to return a view (1h)
+UX/UI design consideration using an old tech (1-2h)
+unobtrusive jquery form post validation (2h)
+AES-256 encryption in the db... add 2h for proper testing.
These cunts want me to knock 15-20h of Work into their interview tech demo.
I’ve done a lot of these recently, all of them topped out at 3h max.
The job is middling: average package, old tech, not the most exciting or decent work.
The interviewer alluded to his lead being a bit of a dick; one of those “the code comes first” devs.
Here’s where shit gets realer:
They’ve included mock ups in the tech demo brief’s zip... I looked at them to confirm I wasn’t over estimating the job... I wasn’t.
Then I looked at the other files in the fucking zip.
I found 3 of the images they wanted to use were copyright withheld... there’s no way these guys have the right to distribute these.
Then I look in the font folder, it’s a single ttf, downloaded from fucking DA Font... it was published less than 2mo ago, the license file had been removed: free for Personal, anything else; contact me.
There’s no way these guys have any rights to this font, and I’ve never seen a font redistributed legally without it’s accompanying licence files.
This fucking company is constantly talking about its ethical behaviours.
Given that I know what I’m doing; I know it would have taken less time to find free-for-commercial images and use a google font... this sloppy bullshit is beyond me.
Anyway, I said I’d get back to the recruiter, he wasn’t to know and he’s a good guy. I let him know I’d complete the tech demo over the weekend, he’s looked after me and I don’t want him having trouble with his client...
I’ll substitute the copyright fuckery with images I have a license for because there’s no way I’m pushing copyright stolen material to a public github repo.
I’ll also be substituting the topic and leaving a few js bombs in there to ensure they don’t just steal my shit.
Here’s my hypotheses, anyone with any more would be greatly welcomed...
1: the lead dev is just a stuck up arsehole, with no real care for his work and a relaxed view on stealing other people’s.
2: they are looking for 15-20h free work on an MVP they can modify and take to market
3: they are looking for people to turn down this job so they can support someone’s fucking visa.
In any case, it’s a shit show and I’ll just be seeing this as box checking and interview practice...
Arguments for 1: the head told me about his lead’s problems within 20mn of the interview.
2: he said his biggest problem was getting products out quickly enough.
3: the recruiter told me they’d been “picky”, and they’re making themselves people who can’t be worked for.
I’m going to knock out the demo, keep it private and protect my work well. It’s going to smash their tits off because I’m a fucking great developer... I’ll make sure I get the offer to keep the recruiter looked after.
Then fuck those guys, I’m fucking livid.
After a wonderful interview experience and a nice introduction to the company I’ve been completely put off...
So here’s the update: if you’re interviewing for a shitty middle level dev position, amongst difficult people, on an out of date stack... you need people to want you, don’t fuck them off.
If they want my time to rush out MVPs, they can pay my day rate.
Fuuuuuuuuck... I typed this out whilst listening to the podcast, I’m glad I’m not the only one dealing with shit.
Oh also; I had a lovely discriminatory as fuck application, personality test and disability request email sent to me from a company that seems like it’s still in the 90s. Fuck those guys too, I reported them to the relevant authorities and hope they’re made to look at how morally reprehensible their recruitment process is. The law is you don’t ask if the job can be done by anyone.6 -
Obviously this year. I went from KDE Neon (bloat ree) to Arch, learnt Git, Golang, vim, some JS, did my first major public project (asl), learnt how to package python stuff, did my first collab (private repo with a friend), did my first public collab (animator), made 225 contributions on GitHub (so far), won the "Most Technical" award in my Science Fair, went on climate protests, and sh*t-tons more.
And I joined devRant!
I'm excited for 2020!1 -
I found an old project on which I hadn't version controlled, so I decided to manually commit progress on a past date. Only problem GitHub calendar wouldn't show it.
I emailed them and because it was private repo I added them as contributor. Then I got this reply.
15 -
!rant but story
https://devin.xyz (v.0.0.1)
My quick and semi-ugly solution to save amazing rants and comments forever and more organized.
What it is and it will be:
- archive of rants and comments from devrant that I found very good
- the original ranters will be informed when their rants are archived
- the original ranters and/or the management team of devRant has the right to request the archive content's total deletion
- every single thing on there will be accessible by anyone anytime anywhere (as log as server is healthy)
- open-source
What it may become:
- anyone can register and save their archive
- dev content archive from other sources
- dev articles blog
What it will never have/be:
- any form of payment
- ads
- tracking (I don't even wanna know how many users are viewing)
- non dev related content
- devRant
I'm willing to create user accounts for anyone interested in very near future. So please buzz me here if you want one.
So far it's a website of Laravel + Voyager + bulma with very minimal custom codes (I had to write below 100 lines of code in total). It is on Vultr server.
I'm gonna maintain and update as much as I can on my spare time. Hence I don't consider this as a collab. However, the code is on gitlab private repo. I'll make the repo public soon as well. Any contribution is gladly welcome. 😄11 -
I took this contract and made the suggestion that we backup to the cloud and create a private repo on GIT. Client said no, local should be fine, they don't want someone stealing their code. I said okay fine.
AC just went out in the server room and they apparently had a leak from the AC to the power supply which they happened to put on top of the rack servers and switches. I'm surprised that place didn't catch fire, might be to early to call it.
All this on a Friday and we were 2 weeks away from launch party.
Not my fault, I clearly said we backup to cloud and use GIT on private repo.3 -
Finally finished setting up my private Git Repo.
First tried to install Gitlab, tried 2 hours to fix it. Holy shit the configs were a shit piece. Ended up at the end with a 502 error.
Fucking hate Gitlab, go die you piece of shit for dedicated servers.
Removed it and installed Gogs. Had 25 Minutes to set it up completly and I'm happy with it. ✌️
Dont won't to spent 7$ on private Repos for Github, when I have my own high power dedicated Server 😜
20 -
Bro every time this guy wants to create a PR, rather than branching off another branch and raising a PR to get it merged back in, this dude creates a fork and then makes a PR to merge the fork back in.
Holy. Fuck. Please don’t do this. It makes checking out your “branch” a massive pain in the ass. Plus, it’s totally unnecessary, and I can’t even check it out to begin with because your forked repo is fucking private you stooge. If we were in completely different orgs or doing open source I’d understand a fork. Not if you’re sitting right fucking next to me!!!!!11113 -
Free Pivate Repos on Github everyone!
Microsoft, what's your evil plan???
https://blog.github.com/2019-01-07-...5 -
A follow up for this rant : https://devrant.com/rants/1429631/...
its morning and i have been awoke all night, but i am so happy and feel like crying seeing you people's response. :''''') Thank-You for helping a young birdie like me from getting exploit.
In Summery, I am successfully out of this trickery, but with cowardice, a little exploited and being continuously nagged by my friend as a 'fool'.
Although i would be honest, i did took a time to take my decision and got carried away by his words.
After a few hours of creating a group, he scheduled a conference call , and asked me to submit the flow by which my junior devs will work.
At that time i was still unclear about weather to work or not and had just took a break from studies. So thought of checking the progress and after a few minutes, came up with a work-flow, dropped in the group and muted it.
At night i thought of checking my personal messages , and that guy had PMed me that team is not working, check on their progress. This got me pissed and i diverted the topic by asking when he would be mailing my letter of joining.
His fucking reply to this was :"After the project gets completed!"
(One more Example of his attempts to be manipulative coming up, but along with my cowardice ) :/
WTF? with a team like this and their leader being 'me'( who still calls him noob after 2 internships and 10 months android exp), this project would have taken at least one month and i was not even counting myself in the coding part(The Exams).
So just to clarify what would be the precise date by which he is expecting the task, to which he said "27th"(i.e, tomorrow!)
I didn't responded. And rather checked about the details of the guy( knew that the company was start-up, but start-ups does sound hopeful, if they are doing it right) .A quick social media search gave me the results that he is a fuckin 25 year old guy who just did a masters and started this company. there was no mention of investors anywhere but his company's linkedin profile showed up and with "11-50" members.
After half an hour i told him that am not in this anymore, left the group and went back to study.(He wanted to ask for reasons, but i denied by saying a change of mind ,personal problems, etc)
Well the reality is over but here comes the cowardice part:
1)Our team was working on a private repo hosted on my account and i voluntarily asked him to take back the ownership, just to come out of this safely w/o pissing him off.
2)The "test" he took of me was the wireframe given by their client and which was the actual project we 5 were working on. So, as a "test", i created 15 activities of their client's app and have willingly transferred it to them.
3) in my defence, i only did it because (i) i feared this small start-up could harm my reputation on open platforms like linkedin and (ii)the things i developed were so easy that i don't mind giving them. they were just ui, designed a lot quickly but except that, they were nothing(even a button needs a code in the backend to perform something and i had not done it) . moreover, the guys working under me had changed a lot of things, so i felt bad for them and dropped the idea of damaging it.
Right now am just out of sleep, null of thoughts and just wondering weather am a good person, a safe player or just a stupid, easily manipulated fool
But Once again My deepest regard from my heart for @RustyCookie , @geaz ,@tarstrong ,and @YouAreAPIRate for a positive advice.
My love for devrant is growing everyday <3 <3 <3 <35 -
New PM thinks it's a great idea to start micromanaging my team's (private) repo names. Can't wait to hear his opinions on our class and variable names! 😭3
-
I freelanced for a company where I had to make an iOS app. The person who I was in contact with was a software engineer of that company. When i was asked to send them the final project code after publishing the app, the person was like email the project even after giving them the option of uploading to a private repo and sending link. It’s seemed like the software engineer didn’t know what GitHub was like how is that possible.2
-
(first post/rant on here)
So I recently started at a new company. I was kinda aware that the project I'm working on would be rather old school (to put it in a nice way :-)).
Part of my job is to 'industrialize' and update/clean up the existing code so there is less time spent on fixing bugs due to bad design.
One of the first things I had to do was to write a new interface to integrate with external software.
I already noticed some rather nasty habits, like prefixing every variable with m (don't know why), private fields for every property (all simple properties) and a whole lot of other stuff that either is obsolete or just bad practice.
Started writing clean code (simple classes with properties only, no m prefixing, making sure everything is single responsibility, unit tests, ...).
So I check in the code, don't hear much from it again besides the original dev/architect that started the project using my code to further work on that integration.
Now recently I started converting everything from TFVC to Git (which is the company standard but wasn't used by our team yet). And I quickly skimmed through my code to check if everything was there before pushing it to the remote repo.
To my surprise, all the code I had written was replaced by m prefixed private variables used in simple properties. BL classes were thrown in together, creating giant monstrosities that did everything. And last but not least, all unit tests were commented out.
Not sure what I got myself into ... but the facepalming has commenced.14 -
18 commits later, the unofficial documentation has been ported over to GitBook.
The documentation now lives in a private repo on GitHub which is hooked up to a CI tool to build the book when a commit is pushed.
This will make maintaining the documentation much easier and also allow for collaboration which was previously not possible.
Because this documentation contains some endpoints some of you might not even know about, access is provided on a invite-only basis which is controlled by @dfox.
For new requests, contact @dfox with your name and what you are planning to build.
If you have already created something with the API email me at support@nblackburn.uk with your name and a link and I will send you a invite.
-
Now that github is also offering unlimited private repos to free users, I'm thinking of using it as a backup of my gitlab private repos.
Like pushing to a gitlab private repo auto push to a github private repo kind of workflow.
I will search how to do it online.
However it would be awesome if anyone with similar previous experience can share their wisdom here 😁7 -
Oh I have quite a few.
#1 a BASH script automating ~70% of all our team's work back in my sysadmin days. It was like a Swiss army knife. You could even do `ScriptName INC_number fix` to fix a handful of types of issues automagically! Or `ScriptName server_name healthcheck` to run HW and SW healthchecks. Or things like `ScriptName server_name hw fix` to run HW diags, discover faulty parts, schedule a maintenance timeframe, raise a change request to the appropriate DC and inform service owners by automatically chasing them for CHNG approvals. Not to mention you could `ScriptName -l "serv1 serv2 serv3 ..." doSomething` and similar shit. I am VERY proud of this util. Employee liked it as well and got me awarded. Bought a nice set of Swarowski earrings for my wife with that award :)
#2 a JAVA sort-of-lib - a ModelMapper - able to map two data structures with a single util method call. Defining datamodels like https://github.com/netikras/... (note the @ModelTransform anno) and mapping them to my DTOs like https://github.com/netikras/... .
#3 a @RestTemplate annptation processor / code generator. Basically this dummy class https://github.com/netikras/... will be a template for a REST endpoint. My anno processor will read that class at compile-time and build: a producer (a Controller with all the mappings, correct data types, etc.) and a consumer (a class with the same methods as the template, except when called these methods will actually make the required data transformations and make a REST call to the producer and return the API response object to the caller) as a .jar library. Sort of a custom swagger, just a lil different :)
I had #2 and #3 opensourced but accidentally pushed my nexus password to gitlab. Ever since my utils are a private repo :/3 -
Fuck you windows 10. Fuck you private keys. Fuck you tortoise git. Fuck you git bash. Fuck you cygwin. Want 3x hours of my life back. Had an auth problem... Had to reinstall all the above on windows to connect to my private repo. Took me 5 minutes to connect after reinstalling all the tools. Grrrrrrr. And I'll never know why it wouldn't connect apart from fatal protocol error: bad line length character..I tried ever stack overflow answer... I nearly bricked my gitlab CE...and it was windows being a motherslut8
-
I was still a 2nd year college student back then. Someone approached me about a personal branding site, with quite a generous fee for a poor student like me.
I took the job. Surprisingly she paid me in advance. About a week later, when I wanted to clear up some requirements with her, she disappeared. Didn't read any of my messages. Didn't respond to my calls, let alone emails.
Some time later, I got busy with exams and college stuffs. Welp, I let go of the project, even erasing the github repo to make some room for new private repos on the way.
A year later (yes you read it right), she came back.
Messaged me on WhatsApp.
"Hey dude, how you doin? Sorry about last time, I needed some time to take care of stuffs.
So how's the website going?".
By that time, even the domain name I bought for her site had expired.
I didn't know what to say, so I just shut up.
"Remember that I paid you in advance. Either finish the site or give me my money back."2 -
In today's episode of kidding on SystemD, we have a surprise guest star appearance - Apache Foundation HTTPD server, or as we in the Debian ecosystem call it, the Apache webserver!
So, imagine a situation like this - Its friday afternoon, you have just migrated a bunch of web domains under a new, up to date, system. Everything works just fine, until... You try to generate SSL certificates from Lets Encrypt.
Such a mundane task, done more than a thousand times already... Yet... No matter what you do, nothing works. Apache just returns a HTTP status code 403 - Forbidden.
Of course, what many folk would think of first when it came to a 403 error is - Ooooh, a permission issue somewhere in the directory structure!
So you check it... And re-check it to make sure... And even switch over to the user the webserver runs under, yet... You can access the challenge just fine, what the hell!
So you go deeper... And enable the most verbose level of logging apache is capable of - Trace8. That tells you... Not a whole lot more... Apparently, the webserver was unable to find file specified? But... Its right there, you can see it!
So you go another step deeper and start tracing the process' system calls to see exactly where it calls stat/lstat on the file, and you see that it... Calls lstat and... It... Returns -1? What the hell#2!
So, you compile a custom binary that calls lstat on the first argument given and prints out everything it returns... And... It works fine!
Until now, I chose to omit one important detail that might have given away the issue to the more knowledgeable right away. Our webservers have the URL /.well-known/acme-challenge/, used for ACME challenges, aliased somewhere else on the filesystem - To /tmp/challenges.
See the issue already?
Some *bleep* over at the Debian Package Maintainer group decided that Apache could save very sensitive data into /tmp, so, it would be for the best if they changed something that worked for decades, and enabled a SystemD service unit option "PrivateTmp" for the webserver, by default.
What it does is that, anytime a process started with this option enabled writes to /tmp/*, the call gets hijacked or something, and actually makes the write to a private /tmp/something/tmp/ directory, where something... Appeared as a completely random name, with the "apache2.service" glued at the end.
That was also the only reason why I managed fix this issue - On the umpteenth time of checking the directory structure, I noticed a "systemd-private-foobarbas-apache2.service-cookie42" directory there... That contained nothing but a "tmp" directory with 777 as its permission, owned by the process' user and group.
Overriding that unit file option finally fixed the issue completely.
I have just one question - Why? Why change something that worked for decades? I understand that, in case you save something into /tmp, it may be read by 3rd parties or programs, but I am of the opinion that, if you did that, its only and only your fault if you wrote sensitive data into the temporary directory.
And as far as I am aware, by default, Apache does not actually write anything even remotely sensitive into /tmp, so...
Why. WHY!
I wasted 4 hours of my life debugging this! Only to find out its just another SystemD-enabled "feature" now!
And as much as I love kidding on SystemD, this time, I see it more as a fault of the package maintainers, because... I found no default apache2/httpd service file in the apache repo mirror... So...8 -
I wouldn't be here on GitHub everyday if it wasn't for these green tiles that attracts not only employers, but yourself. Wish the monthly was still a little bit cheaper for us outside the US.6
-
Not really a rant and not very random. More like a very short story.
So I didn't write any rant regarding the whole Microsoft GitHub topic. I don't like to judge stuff quickly. I participated in few threads though.
Another thing is I also don't use GitHub very much apart from giving 🌟 to repos as a bookmark. Have one hobby project there. That's all. So I don't worry that much. I'm that selfish and self concerned. :3
I was first introduced to version control system by learning how to use tortoisesvn around 2008. We had a group project and one of the guys was an experienced and amazing programmer unlike the rest of us. He was doing commercial projects while we were at our 1st and 2nd year. Uni had svn repo server. He taught us about tortoisesvn. He also had Basecamp and taught us how to use it as well. So that's how I learned the benefits of using versioning tools and project management tools. On side note, our uni didn't teach any of those in detail :3
After that project, I was hooked to use versioning tools. So until school kicked me out, I was able to use their svn server. When I was on my own, I had to ask Google for help. I found a new world. There are still free svn services that I can use with certain limited functions. That's not the new world; I found people saying how git is better than svn in various ways. It was around 2010,2011.
At first I was a bit reluctant to touch git because of all the commands in terminal approach. But then I found that there is tortoisegit. I still thank tortoisesvn creator for that. I'm a sucker for GUI tools. So then I also have to pick which git servers to use. Hell yeah, self hosted gitlab is the way to go man. Well that's what the internet said. So I listened. I got it up and running after numerous trial and error. I used it briefly. Then I came back to my country on 2012-2013; the land of kilobytes per minute (yes not second, minute).
My country's internet was improved only after 2016. So from 2013 to 2016, I did my best not to rely on internet. I wasn't able to afford a server at my less than 10 people, 12ft*50ft office. So I had to find alternative to gitlab which preferably run on windows. Found bonobo and it was alright. It worked. Well had crazy moments here and there when the PC running Bonobo got virus and stuff. But we managed. We survived. Then finally multi national Telecom corporates came to our country.
We got cheaper and faster mobile data, broadband and fiber plans. Finally I can visit pornhub ... sorry github. Github is good. I like it. But that doesn't mean I should share my ugly mutated projects to the rest of the world. I could keep using Bonobo but it has risks. So I had to think for an alternative. I remembered that gitlab didn't have cloud hosting service when I checked them out in the past. So I just looked into Bitbucket and happy with their free plans of 5 users and unlimited private repos. I am very very cheap and broke.
That's why I said I don't really care that much about the whole M$GitHub topic at the beginning. However due to that topic, I have visited GitLab website again and found out they have cloud hosting now and their free plan is unlimited users and unlimited repos. So hell yeah. Sorry BB. I am gonna move to cheaper and wider land.
TL;DR : I am gonna move to GitLab because of their free plan.4 -
Interviewed for a Mid/Senior developer role and finally got feedback. The company feels I'm not experience enough for the senior role but think I'm a good fit for the company. Bad thing is they don't have any entry level positions available. I honestly feel like I am ready for a mid level role and maybe even a senior role. They say to keep considering them while they try to get approval for entry level position, but this is a massive company and who knows how long that will take. Recruiter said it's not a no, just not a right now. /:
Oh and going off my last rant, I found out that the senior dev was wrong about set interception being '|' in python, I found out that it's actually a method called interception(set). So even the senior dev didn't know off the top of his head. /:
Have some projects in GitHub but my biggest one is a private repo I'm doing the entire backend and even frontend. Can't share that repo or share details because it's a project a friend (his idea) and I are planning on releasing. (:
Overall feeling pretty bummed because I was looking forward to steady work that'll improve my skills even further... I'm self taught so it's a bit tougher to land interviews because of the automated process most companies have with resume filtering. ):
Going to keep doing small contracted projects until I land another interview. In the meantime trying to keep my spirit up. (:1 -
Broke: logging into GitHub to pull changes from a private repo
Woke: changing the repo from private to public, pulling unauthenticated, and then changing back to private. -
How to manage updates on production as web agency
1: Update the GitHub private repo with your changes
2: Write an email to the customer sysadmin and ask to sync in staging and later production
3: Wait 2 weeks and do another ping about it
4: The sysadmin later will do that
5: In the meantime there is a security update of your CMS and a lot of plugins to update
6: Try to update from the CMS panel and there are no write permission
7: Cry a lot and write another email to go back to point 2 -
Sooooooo…. The other day I committed a change with this message:
“Committing the ultimate sin in committing secret keys again however this repo is and will always be private and my pis will be hidden on my network so it shouuuuuuld be fine... right...”7 -
private static final int TEN = 10;
private static final double THOUSAND = 1000.0D;
[a copy-paste from our repo]13 -
Okay, had a freelance JavaScript gig (with Three.js 3d lib). Usually I put the code on github so I have easier time switching between Desktop and laptop during work, unless I have to sign an NDA or something. Today at 5 AM I got mail from freelancing site support that client reported me for having code on public repo (but it's not like it is a proprietary software, it's based on threejs editor). I made repo private and went to sleep. Later I'm reading through messages, guy was cursing me, threatend to sue me etc. Ended up dropping the client. Did I do something really unprofessional? Unless I'm told not to, I want to show my code and I don't believe in not showing it by default. What do you guys think?13
-
I learned today I can "npm install" directly from a GitHub repo. This allowed me to create a React component (viewer of gLTF files) for a 3D game and share it with my team. I know I could've published it to npm registry, but I didn't want that since it's a very specific component for our project, and private npm packages are very pricy.
Hope this random !rant will be useful for someone wanting something similar. -
I just put my side project working with friends to Gitlab.com. Start to wondering why I was choosing between github and bitbucket while gitlab provides free private repo, free CI runners, and all other useful collaboration tools.9
-
Every person project cycle.
1.thinking 2.making bitbucket private repo 3.Making slack channel for contributors.4 Explaining the idea 5.the end.
I seriously need to work after step 5 -
Me: We need to have a developer on our core product
*We fork our core product from a private repo for new projects
Management: No.
Me: But imma die 5years early from stress and anger overdose of fixing the same problems over and over again in every new project we do and still hit deadlines which didn't account for them when we could fix them once and maintain our core product
Management: everything is fine. Lalalalalala
Me: *wonder why every senior dev has left in last few years*1 -
How is there no open, accepted, widely used standard to store & tag things like old family photo albums, diaries, books, etc.? Surely I can't be the only one who wants to digitise all this stuff to preserve it many years from now in case the drunk Uncle pisses on it, or Grandma's dodgy electrics burn the house down and it's all lost permanently. Or perhaps I am; it does seem that most other people doing genealogy work have the technical competence of a lemon.
Like, I get it, there's *some* online solutions for this stuff (not many and they tend to cost a fortune), but if I want to store it locally or in a private git repo or whatever... well, no-one seems to do it. I want to be able to interlink individual photos with their contextual pages in albums, store metadata about them, store audio recordings of older relatives with transcripts linked, etc. - and it just doesn't seem to be a done thing.
Ah well. Perhaps I'll do it all anyway as some kind of side project, then all being well my great great grandchildren will be immensely thankful if family history stuff ever becomes popular again.18 -
*breath in*
FUUUUUUUUUUCCCCCKKKKK.
OK.
There are many things one can complain about when it comes to windows. But I swear, the worst thing ever invented is this motherfucking "Windows Credential Manager". Basically I have a private and a buissness git account. I worked on a buissness project and pushed my changes. And when I looked in the repo it did commit under my private account. Ex fucking cuse me? Wtf? When pushing I logged in with my buissness account, why on earth did it push with my private account??
*3h of investigation*
Turns out this cunt fuck credential manager stored my private credentials and used them even tho I explicitly pushed with my buissness account. What goatfucker of a developer decided its a good idea to store user credentials without the users permission/without asking, and then uses the stored credentials instead of the one explicitly given??
I swear to god, if this piece of software would be a person, I would have thrown it him of my window(s).2 -
!rant
Let's say that I might want to change job. I'm into finance, but I'd like to approach the game developing side (yeah I know, don't even start, it is how it is!)
Question is: I've got a bunch of projects to showcase my ability to code in different languages. Would setting a public git repo be helpful? Currently all of my repos a private, and not really thought for being read by others, but I can always polishing things up. Would that be an asset or doesn't it worth the while?
I mean, in my experience nobody ever asked me access to my git repo!3 -
Today I played with GitHub Actions. Since I couldn't test anything without making a commit and pushing it to GitHub to trigger the workflow, my commit history now chronicles my slow descent into madness. Thank God it's a private repo. I'm gonna squash it if I ever make it public.
This gem is from hour two of my four-hour struggle:
6 -
So, I’ve been thinking, and I’d appreciate your opinions:
When I work through long tutorials/books where you work towards a large scale app, I.e. through a book you build I fully functioning twitter clone with private messages, secure login etc etc I always create a GitHub repo, but then I break the chapters/modules of the book into milestones, and then create issues for each task within the chapter and assign them to myself.
I also write full on “proper” commit messages.
A part of me feels like I’m a bit weird for treating these sorts of thing like a “real” project, but at the same time, it feels like a good idea to always do things properly so good practices, like quality commit messages, become second nature -
I have set up my automation through a private GitHub repo.
I know there is puppet, and salt, and Ansible. -
What is your experience; Is GitHub worth (feature-wise) the 7$/month in the basic plan?
I am currently running my own GitLab on an Odroid because I need unlimited private repos for freelance work. This basically works great, but updating GitLab and fixing "server" issues emerged to be quite a lot of work. Also, I prefer the GitHub UI over the new GitLab one and GitLab is (may be due to my low-spec Odroid) terribly slow for me.
On the other hand, it gives me ultimate freedom on groups, repo-permissions, client-accounts for bug-tracking, ...
How much freedom does the GitHub "Developer"-option offer? Is someone using it for freelance projects and has some experience to share? Thanks in advance!4 -
I decided to use Docker Compose on a tiny project that essentially consists of an API and a Caddy server that serves static files and proxies to the API, all of this running on an EC2 t1-nano. I made this admittedly odd choice because I wanted to learn Compose and simultaneously forego figuring out why the node-gyp bindings for sqlite3 refuse to build on EC2 even though it builds just fine on my machine.
I am storing secrets in .env which is committed into the private GH repo. Just now I came across a rant that described the same security practice and it sounded pretty bad from an outside perspective so I decided to research alternatives.
Apparently professional methods for storing secrets generally have higher system requirements than a t1-nano. I'm not looking for a complex service orchestration system, I'm not trying to run an enterprise on this poor little cloud-based raspberry pi. I just want to move my secrets out of the Git repo,
Any tips?9 -
hi guys,
one quick question that how do you take notes of tech issue or reading book or ideas?
record on private git-repo or post on writing community? (like Dev.tio or medium)
thanks~5 -
If github had an option to make private- public branches or a public "launch" page for private repo, it would have replaced playstore and other software markets long time ago8
-
How do you deal with multiple git identities?
Im working fulltime + freelancing + working on my own projects and all of them are on different gitlab emails. It was very annoying to keep remembering to set my git email to a proper one each time I switch to work on another project.
Right now I came up with something easier:
I started using just 1 gitlab profile (personal one) and added my both company e-mails as secondary emails to my personal gitlab profile.
This way I can keep my git identity the same (personal e-mail address) and if I push to company1 repo or company2 repo the commit author e-mail addres is shown email@company1.com and email@company2.com as these emails are given access to private repos and they are added to my personal gitlab account.
Just wondering if these companies will see my commits to other repos by viewing my personal gitlab profile or no? Or if there is an easier way to handle multiple git identities without having to switch between them each time I open another project and want to push some commits.7
Top Tags
Weekly Rant
View