Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API

From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Search - "query"
-
Hey, Root? How do you test your slow query ticket, again? I didn't bother reading the giant green "Testing notes:" box on the ticket. Yeah, could you explain it while I don't bother to listen and talk over you? Thanks.
And later:
Hey Root. I'm the DBA. Could you explain exactly what you're doing in this ticket, because i can't understand it. What are these new columns? Where is the new query? What are you doing? And why? Oh, the ticket? Yeah, I didn't bother to read it. There was too much text filled with things like implementation details, query optimization findings, overall benchmarking results, the purpose of the new columns, and i just couldn't care enough to read any of that. Yeah, I also don't know how to find the query it's running now. Yep, have complete access to the console and DB and query log. Still can't figure it out.
And later:
Hey Root. We pulled your urgent fix ticket from the release. You know, the one that SysOps and Data and even execs have been demanding? The one you finished three months ago? Yep, the problem is still taking down production every week or so, but we just can't verify that your fix is good enough. Even though the changes are pretty minimal, you've said it's 8x faster, and provided benchmark findings, we just ... don't know how to get the query it's running out of the code. or how check the query logs to find it. So. we just don't know if it's good enough.
Also, we goofed up when deploying and the testing database is gone, so now we can't test it since there are no records. Nevermind that you provided snippets to remedy exactly scenario in the ticket description you wrote three months ago.
And later:
Hey Root: Why did you take so long on this ticket? It has sat for so long now that someone else filed a ticket for it, with investigation findings. You know it's bringing down production, and it's kind of urgent. Maybe you should have prioritized it more, or written up better notes. You really need to communicate better. This is why we can't trust you to get things out.
*twitchy smile*rant useless people you suck because we are incompetent what's a query log? it's all your fault this is super urgent let's defer it ticket notes too long; didn't read21 -
Fuck the memes.
Fuck the framework battles.
Fuck the language battles.
Fuck the titles.
Anybody who has been in this field long enough knows that it doesn't matter if your linus fucking torvalds, there is no human who has lived or ever will live that simultaneously understands, knows, and remembers how to implement, in multiple languages, the following:
- jest mocks for complex React components (partial mocks, full mocks, no mocks at all!)
- token cancellation for asynchronous Tasks in C#
- fullstack CRUD, REST, and websocket communication (throw in gRPC for bonus points)
- database query optimization, seeding, and design
- nginx routing, https redirection
- build automation with full test coverage and environment consideration
- docker container versioning, restoration, and cleanup
- internationalization on both the front AND backends
- secret storage, security audits
- package management, maintenence, and deprecation reviews
- integrating with dozens of APIs
- fucking how to center a div
and that's a _comically_ incomplete list; barely scratches the surface of the full range of what a dev can encounter in a given day of writing software
have many of us probably done one or even all of these at different times? surely.
but does that mean we are supposed to draw that up at a moment's notice some cookie-cutter solution like a fucking robot and spit out an answer on a fax sheet?
recruiters, if you read this site (perhaps only the good ones do anyway so its wasted oxygen), just know that whoever you hire its literally the luck of the draw of how well they perform during the interview. sure, perhaps some perform better, but you can never know how good someone is until they literally start working at your org, so... have fun with that.
Oh and I almost forgot, again for you recruiters, on top of that list which you probably won't ever understand for the entirety of your lives, you can also add writing documentation, backup scripts, and orchestrating / administrating fucking JIRA or actually any somewhat technical dashboard like a CMS or website, because once again, the devs are the only truly competent ones - and i don't even mean in a technical sense, i mean in a HUMAN sense of GETTING SHIT DONE IN GENERAL.
There's literally 2 types of people in the world: those who sit around drawing flow charts and talking on the phone all day, and those WHO LITERALLY FUCKING BUILD THE WORLD
why don't i just run the whole fucking company at this point? you guys are "celebrating" that you made literally $5 dollars from a single customer and i'm just sitting here coding 12 hours a day like all is fine and well
i'm so ANGRY its always the same no matter where i go, non-technical people have just no clue, even when you implore them how long things take, they just nod and smile and say "we'll do it the MVP way". sure, fine, you can do that like 2 or 3 times, but not for 6 fucking months until you have a stack of "MVPs" that come toppling down like the garbage they are.
How do expect to keep the "momentum" of your customers and sales (I hope you can hear the hatred of each of these market words as I type them) if the entire system is glued together with ducktape because YOU wanted to expedite the feature by doing it the EASY way instead of the RIGHT way. god, just forget it, nobody is going to listen anyway, its like the 5th time a row in my life
we NEED tests!
we NEED to know our code coverage!
we NEED to design our system to handle large amounts of traffic!
we NEED detailed logging!
we NEED to start building an exception database!
BILBO BAGGINS! I'm not trying to hurt you! I'm trying to help you!
Don't really know what this rant was, I'm just raging and all over the place at the universe. I'm going to bed.20 -
"Hey, Root, someone screwed up and now all of our prod servers are running this useless query constantly. I know I already changed your priorities six times in the past three weeks, but: Go fix it! This is higher priority! We already took some guesses at how and supplied the necessary code changes in the ticket, so this shouldn't take you long. Remember, HIGH PRIORITY!"
1. I have no idea how to reproduce it.
2. They have no idea how to reproduce it.
3. The server log doesn't include queries.
4. The application log doesn't include queries.
5. The tooling intercepts and strips out some log entries the legendary devs considered useless. (Tangent: It also now requires a tool to read the logs because log entries are now long json blobs instead of plain text.)
6. The codebase uses different loggers like everywhere, uses a custom logger by default, and often overwrites that custom logger with the default logger some levels in. gg
7. The fixes shown in the ticket are pretty lame. (I've fixed these already, and added one they missed.)
8. I'm sick and tired and burned out and just can't bring myself to care. I'm only doing this so i don't get fired.
9. Why not have the person who screwed this up fix it? Did they quit? I mean, I wouldn't blame them.
Why must everything this company does be so infuriatingly complicated?11 -
I’m surrounded by idiots.
I’m continually reminded of that fact, but today I found something that really drives that point home.
Gather ‘round, everybody, it’s story time!
While working on a slow query ticket, I perused the code, finding several causes, and decided to run git blame on the files to see what dummy authored the mental diarrhea currently befouling my screen. As it turns out, the entire feature was written by mister legendary Apple golden boy “Finder’s Keeper” dev himself.
To give you the full scope of this mess, let me start at the frontend and work my way backward.
He wrote a javascript method that tracks whatever row was/is under the mouse in a table and dynamically removes/adds a “.row_selected” class on it. At least the js uses events (jQuery…) instead of a `setTimeout()` so it could be worse. But still, has he never heard of :hover? The function literally does nothing else, and the `selectedRow` var he stores the element reference in isn’t used elsewhere.
This function allows the user to better see the rows in the API Calls table, for which there is a also search feature — the very thing I’m tasked with fixing.
It’s worth noting that above the search feature are two inputs for a date range, with some helpful links like “last week” and “last month” … and “All”. It’s also worth noting that this table is for displaying search results of all the API requests and their responses for a given merchant… this table is enormous.
This search field for this table queries the backend on every character the user types. There’s no debouncing, no submit event, etc., so it triggers on every keystroke. The actual request runs through a layer of abstraction to parse out and log the user-entered date range, figure out where the request came from, and to map out some column names or add additional ones. It also does some hard to follow (and amazingly not injectable) orm condition building. It’s a mess of functional ugly.
The important columns in the table this query ultimately searches are not indexed, despite it only looking for “create_order” records — the largest of twenty-some types in the table. It also uses partial text matching (again: on. every. single. keystroke.) across two varchar(255)s that only ever hold <16 chars — and of which users only ever care about one at a time. After all of this, it filters the results based on some uncommented regexes, and worst of all: instead of fetching only one page’s worth of results like you’d expect, it fetches all of them at once and then discards what isn’t included by the paginator. So not only is this a guaranteed full table scan with partial text matching for every query (over millions to hundreds of millions of records), it’s that same full table scan for every single keystroke while the user types, and all but 25 records (user-selectable) get discarded — and then requeried when the user looks at the next page of results.
What the bloody fucking hell? I’d swear this idiot is an intern, but his code does (amazingly) actually work.
No wonder this search field nearly crashed one of the servers when someone actually tried using it.
Asdfajsdfk.rant fucking moron even when taking down the server hey bob pass me all the paperclips mysql murder terrible code slow query idiot can do no wrong but he’s the golden boy idiots repeatedly murdered mysql in the face21 -
I told these people that this issue would happen. Did they listen? Nooo
It'll be fine, they say. We likely won't be having that much data returned to the front end, they say.
Day of the install. Web Application attempts to query 68,000 rows of data straight into the web page.
*Surprised Pikachu face* when they are consistently getting crashed browser tabs.
And now everything gets pushed back and we're behind by an entire month because they didn't heed my warnings.
Oh, and now I have to pick up after them, and do some stupid work arounds that will likely be defunct in a month or two. 🙄5 -
Optimized a query today. Before it timed out after 10 minutes, now it takes 4.3 seconds. Very proud.13
-
I'm fixing a security exploit, and it's a goddamn mountain of fuckups.
First, some idiot (read: the legendary dev himself) decided to use a gem to do some basic fucking searching instead of writing a simple fucking query.
Second, security ... didn't just drop the ball, they shit on it and flushed it down the toilet. The gem in question allows users to search by FUCKING EVERYTHING on EVERY FUCKING TABLE IN THE DB using really nice tools, actually, that let you do fancy things like traverse all the internal associations to find the users table, then list all users whose password reset hashes begin with "a" then "ab" then "abc" ... Want to steal an account? Hell, want to automate stealing all accounts? Only takes a few hundred requests apiece! Oooh, there's CC data, too, and its encryption keys!
Third, the gem does actually allow whitelisting associations, methods, etc. but ... well, the documentation actually recommends against it for whatever fucking reason, and that whitelisting is about as fine-grained as a club. You wanna restrict it to accessing the "name" column, but it needs to access both the "site" and "user" tables? Cool, users can now access site.name AND user.name... which is PII and totally leads to hefty fines. Thanks!
Fourth. If the gem can't access something thanks to the whitelist, it doesn't catch the exception and give you a useful error message or anything, no way. It just throws NoMethodErrors because fuck you. Good luck figuring out what they mean, especially if you have no idea you're even using the fucking thing.
Fifth. Thanks to the follower mentality prevalent in this hellhole, this shit is now used in a lot of places (and all indirectly!) so there's no searching for uses. Once I banhammer everything... well, loads of shit is going to break, and I won't have a fucking clue where because very few of these brainless sheep write decent test coverage (or even fucking write view tests), so I'll be doing tons of manual fucking testing. Oh, and I only have a week to finish everything, because fucking of course.
So, in summary. The stupid and lazy (and legendary!) dev fucked up. The stupid gem's author fucked up, and kept fucking up. The stupid devs followed the first fuckup's lead and repeated his fuck up, and fucked up on their own some more. It's fuckups all the fucking way down.rant security exploit root swears a lot actually root swears oh my stupid fucking people what the fuck fucking stupid fucking people19 -
STUPID RAILS!
WHY CAN'T YOU JUST BUILD THE BLOODY QUERY WITHOUT DOING FANCY UNNECESSARY SUBQUERY SHIT?!
OR PUT THE LIMIT WHERE IT MAKES SENSE AND DOESN'T CAUSE MYSQL TO TELL YOU TO FUCK OFF?
WHY WHY WHY WHY WHY
THIS ISN'T HARD18 -
While writing up this quarter's performance review, I re-read last quarter's goals, and found one my boss edited and added a minimum to: "Release more features that customers want and enjoy using, prioritized by product; minimum 4 product feature/bug tickets this quarter."
... they then proceeded to give me, not four+ product tickets, but: three security tickets (two of which are big projects), a frontend ticket that should have been assigned to the designer, and a slow query performance ticket -- on top of my existing security tickets from Q3.
How the fuck was I supposed to meet this requirement if I wasn't given any product tickets? What, finish the monster tickets in a week instead of a month or more each and beg for new product tickets from the product manager who refuses to even talk to me?
Fuck these people, seriously.8 -
Why does it take a client, who needs the bug fixed immediately, over 24 hours to respond to my query about what the problem is?11
-
Ah the day before launch of a new app. And right on schedule the businesses is attempting to completely alter their requirements including a COMPLETE OVERHAUL OF THE DATABASE MODEL TO ADDRESS AN ISSUE THAT HAS ALREADY BEEN FIXED. I wish they would share the drugs they are clearly on so I could also live in this dreamland delusion where you can turn something completely on its head right on the finish line and expect everything to go well.
Manager: Hey I think I have a solution to that performance we talked about last week
Dev: I already fixed it, it only takes 1 second instead of 30 now.
Manager: Ok but I’ve also figured out a solution. If we completely change the entire database model that one query could potentially be even faster according to my understanding of how databases operate.
Dev: I fixed it without the need for that, actually it was just a matter of better conc—
Manager: I think we should go with MY solution. Drop everything and restructure the database immediately! Be quick, as you know we launch this application tomorrow! Have an extra coffee today and just crush it out, don’t overthink this either just do it.
Dev: …11 -
Boss: Our app is to memory consuming and heavy weighted. We to do something because we will have hunsdrets of thousands of users.
Dev: Yes, there are a lot of legacy parts which leave plenty of space for optimization. Every query have to be carefully analyzed. Some can be avoided at all.
Boss: We pay externals to do some clustering with our app.5 -
Dear Microsoft Kusto Query Language (KQL)
Screw you. You suck like more than a sudden depressurization event in an airplane. Creating your own freaking query language is bad, the people who invented SQL based it on a the principles of mathematical relational algebra, which although confusing, and not suited for all use cases is at least consistent.
You were invented by a bunch of oxygen deprived halfwits based on the principles of sadism and incompetence.
The only situation in which I would voluntarily use KQL as my tool of choice is if my purpose was to extract a Dantesque style revenge on someone who had committed grievous harm to myself and my family members. In that case forcing them to work with you day in and day out would still border on cruel and unusual punishment.
Sincerely, A developer who has spent the past 2 hours dealing with your Lovecraftian madness.
P.S. I hope you choke on a raw chicken bone and no one gives you CPR.4 -
That log4j RCE is some fucking nasty business!!! Its exploits have already been observed multiple times in our company scope.
Time for some unplanned Saturday evening hot-patches :/
P.S. Why the fuck leave such a feature enabled as default??? I mean really, whose brilliant idea was "let's leave the message parser enabled as well as the LDAP query hooks... BY FUCKING DEFAULT!!!"
I mean really, is anyone using that? ANYONE?
And then they laugh at me when I say "stay away from frameworks", "use as little libraries as possible", "avoid foreign code in your codebase",...
you know what.... JOKE'S ON YOU!10 -
BI dev: Hey, can you help me with my SQL query?
Me: Sure, let me see it.
BI dev: sends screenshot - not even the whole query, literally a screenshot with a segment of text in it. No errors showing either.
Me: ...7 -
Hired a new BI developer. She tested reasonably ok in SQL, and certainly showed good strengths in visualising data, plus had a good attitude in the interview. We hired her. She broke her laptop the first day. We got her another then she complained the camera didn't work but didn't realise the lever in front of the camera was to move the privacy shutter off and on.
Assigned her some work of taking queries that are used in a BI tool that targets the transactional database directly, and re-jigging them for Snowflake which we're using as a data warehouse now, aggregating all our data into one place. Yet, she's struggling to understand why the SQL query she's pasted in doesn't work as-is.
I go over it again; the source schemas and tables are this, but in Snowflake we've named them this. She then bemoans how much work that is to change them all - I say use find and replace. She then struggles with Snowflake syntax errors and asks for a guide on T-SQL to Snowflake. I show her Google and say "this is what I did when I hit these problems - search for 'Snowflake equivalent to T-SQL getdate()' or 'how to get current date in Snowflake' but she still doesn't understand. I ask if she's every had to work between T-SQL and MySQL or MySQL and PostgreSQL or Oracle and so on and she says yes. I say the syntax isn't the same, is it? And she goes oh, now I understand.
She scored reasonably in her SQL test but I'm now concerned there's something fundamental missing in her grasp of SQL. I gave her a detailed demo of the tools, I explained in the interview and on her start about our move to a data warehouse for all our apps, and put her through some training plus gave her time to work through our Confluence pages - not expecting she'll remember everything, but more to ensure she recalls they exist and what the general contents are.
Anyhow, that's my rant.7 -
[CMS Of Doom™]
Imagine bringing every HTTP Query Param and every god damn fucking POST var into to current code context.
"extract()" is one of the reasons why I have terminal PHPTSD.10 -
I've been working on a proof of concept for my thesis for a few days and the async query calls drove me nuts for quite a while. I finally managed to deliver all query results asynchronously while still very much relying on a strong architectural design pattern. I am filled with caffeine, joy and a sense of pride and accomplishment.rant late night coding caffeine async await query proof of concept javascript boilerplate database typescript1
-
EoS1: This is the continuation of my previous rant, "The Ballad of The Six Witchers and The Undocumented Java Tool". Catch the first part here: https://devrant.com/rants/5009817/...
The Undocumented Java Tool, created by Those Who Came Before to fight the great battles of the past, is a swift beast. It reaches systems unknown and impacts many processes, unbeknownst even to said processes' masters. All from within it's lair, a foggy Windows Server swamp of moldy data streams and boggy flows.
One of The Six Witchers, the Wild One, scouted ahead to map the input and output data streams of the Unmapped Data Swamp. Accompanied only by his animal familiars, NetCat and WireShark.
Two others, bold and adventurous, raised their decompiling blades against the Undocumented Java Tool beast itself, to uncover it's data processing secrets.
Another of the witchers, of dark complexion and smooth speak, followed the data upstream to find where the fuck the limited excel sheets that feeds The Beast comes from, since it's handlers only know that "every other day a new one appears on this shared active directory location". WTF do people often have NPC-levels of unawareness about their own fucking jobs?!?!
The other witchers left to tend to the Burn-Rate Bonfire, for The Sprint is dark and full of terrors, and some bigwigs always manage to shoehorn their whims/unrelated stories into a otherwise lean sprint.
At the dawn of the new year, the witchers reconvened. "The Beast breathes a currency conversion API" - said The Wild One - "And it's claws and fangs strike mostly at two independent JIRA clusters, sometimes upserting issues. It uses a company-deprecated API to send emails. We're in deep shit."
"I've found The Source of Fucking Excel Sheets" - said the smooth witcher - "It is The Temple of Cash-Flow, where the priests weave the Tapestry of Transactions. Our Fucking Excel Sheets are but a snapshot of the latest updates on the balance of some billing accounts. I spoke with one of the priestesses, and she told me that The Oracle (DB) would be able to provide us with The Data directly, if we were to learn the way of the ODBC and the Query"
"We stroke at the beast" - said the bold and adventurous witchers, now deserving of the bragging rights to be called The Butchers of Jarfile - "It is actually fewer than twenty classes and modules. Most are API-drivers. And less than 40% of the code is ever even fucking used! We found fucking JIRA API tokens and URIs hard-coded. And it is all synchronous and monolithic - no wonder it takes almost 20 hours to run a single fucking excel sheet".
Together, the witchers figured out that each new billing account were morphed by The Beast into a new JIRA issue, if none was open yet for it. Transactions were used to update the outstanding balance on the issues regarding the billing accounts. The currency conversion API was used too often, and it's purpose was only to give a rough estimate of the total balance in each Jira issue in USD, since each issue could have transactions in several currencies. The Beast would consume the Excel sheet, do some cryptic transformations on it, and for each resulting line access the currency API and upsert a JIRA issue. The secrets of those transformations were still hidden from the witchers. When and why would The Beast send emails, was still a mistery.
As the Witchers Council approached an end and all were armed with knowledge and information, they decided on the next steps.
The Wild Witcher, known in every tavern in the land and by the sea, would create a connector to The Red Port of Redis, where every currency conversion is already updated by other processes and can be quickly retrieved inside the VPC. The Greenhorn Witcher is to follow him and build an offline process to update balances in JIRA issues.
The Butchers of Jarfile were to build The Juggler, an automation that should be able to receive a parquet file with an insertion plan and asynchronously update the JIRA API with scores of concurrent requests.
The Smooth Witcher, proud of his new lead, was to build The Oracle Watch, an order that would guard the Oracle (DB) at the Temple of Cash-Flow and report every qualifying transaction to parquet files in AWS S3. The Data would then be pushed to cross The Event Bridge into The Cluster of Sparks and Storms.
This Witcher Who Writes is to ride the Elephant of Hadoop into The Cluster of Sparks an Storms, to weave the signs of Map and Reduce and with speed and precision transform The Data into The Insertion Plan.
However, how exactly is The Data to be transformed is not yet known.
Will the Witchers be able to build The Data's New Path? Will they figure out the mysterious transformation? Will they discover the Undocumented Java Tool's secrets on notifying customers and aggregating data?
This story is still afoot. Only the future will tell, and I will keep you posted.6 -
I don't know if I'm being pranked or not, but I work with my boss and he has the strangest way of doing things.
- Only use PHP
- Keep error_reporting off (for development), Site cannot function if they are on.
- 20,000 lines of functions in a single file, 50% of which was unused, mostly repeated code that could have been reduced massively.
- Zero Code Comments
- Inconsistent variable names, function names, file names -- I was literally project searching for months to find things.
- There is nothing close to a normalized SQL Database, column ID names can't even stay consistent.
- Every query is done with a mysqli wrapper to use legacy mysql functions.
- Most used function is to escape stirngs
- Type-hinting is too strict for the code.
- Most files packed with Inline CSS, JavaScript and PHP - we don't want to use an external file otherwise we'd have to open two of them.
- Do not use a package manger composer because he doesn't have it installed.. Though I told him it's easy on any platform and I'll explain it.
- He downloads a few composer packages he likes and drag/drop them into random folder.
- Uses $_GET to set values and pass them around like a message contianer.
- One file is 6000 lines which is a giant if statement with somewhere close to 7 levels deep of recursion.
- Never removes his old code that bloats things.
- Has functions from a decade ago he would like to save to use some day. Just regular, plain old, PHP functions.
- Always wants to build things from scratch, and re-using a lot of his code that is honestly a weird way of doing almost everything.
- Using CodeIntel, Mess Detectors, Error Detectors is not good or useful.
- Would not deploy to production through any tool I setup, though I was told to. Instead he wrote bash scripts that still make me nervous.
- Often tells me to make something modern/great (reinventing a wheel) and then ends up saying, "I think I'd do it this way... Referes to his code 5 years ago".
- Using isset() breaks things.
- Tens of thousands of undefined variables exist because arrays are creates like $this[][][] = 5;
- Understanding the naming of functions required me to write several documents.
- I had to use #region tags to find places in the code quicker since a router was about 2000 lines of if else statements.
- I used Todo Bookmark extensions in VSCode to mark and flag everything that's a bug.
- Gets upset if I add anything to .gitignore; I tried to tell him it ignores files we don't want, he is though it deleted them for a while.
- He would rather explain every line of code in a mammoth project that follows no human known patterns, includes files that overwrite global scope variables and wants has me do the documentation.
- Open to ideas but when I bring them up such as - This is what most standards suggest, here's a literal example of exactly what you want but easier - He will passively decide against it and end up working on tedious things not very necessary for project release dates.
- On another project I try to write code but he wants to go over every single nook and cranny and stay on the phone the entire day as I watch his screen and Im trying to code.
I would like us all to do well but I do not consider him a programmer but a script-whippersnapper. I find myself trying to to debate the most basic of things (you shouldnt 777 every file), and I need all kinds of evidence before he will do something about it. We need "security" and all kinds of buzz words but I'm scared to death of this code. After several months its a nice place to work but I am convinced I'm being pranked or my boss has very little idea what he's doing. I've worked in a lot of disasters but nothing like this.
We are building an API, I could use something open source to help with anything from validations, routing, ACL but he ends up reinventing the wheel. I have never worked so slow, hindered and baffled at how I am supposed to build anything - nothing is stable, tested, and rarely logical. I suggested many things but he would rather have small talk and reason his way into using things he made.
I could fhave this project 50% done i a Node API i two weeks, pretty fast in a PHP or Python one, but we for reasons I have no idea would rather go slow and literally "build a framework". Two knuckleheads are going to build a PHP REST framework and compete with tested, tried and true open source tools by tens of millions?
I just wanted to rant because this drives me crazy. I have so much stress my neck and shoulder seems like a nerve is pinched. I don't understand what any of this means. I've never met someone who was wrong about so many things but believed they were right. I just don't know what to say so often on call I just say, 'uhh..'. It's like nothing anyone or any authority says matters, I don't know why he asks anything he's going to do things one way, a hard way, only that he can decipher. He's an owner, he's not worried about job security.13 -
Hello fellow devRanters, look what I found in our API constants on this fine day!
LIST_USERS: '/api/GetUsers',
USERS_WITH_QUERY:'/api/GetUsers?Query=',
MORE_USERS: '/api/GetUsers?Token=',
You get what you pay for, you get what you pay for, you get what you- AAAAAAAAAAAAAAAAAAAARRRGGGGG!!!!!!!!!7 -
DNS is everywhere.
I hate DNS.
I hate DNS migrations.
I hate having a hundred plus DNS names inside my brain.
I hate resolving issues.
I hate DNSSEC.
I hate CNAMES.
I hate services which cannot be persuaded to stop trying AAAA resolves first.
I hate the fucking stupid braindead idea to use TXT as a configuration store inside DNS... And thus the necessity to blow up DNS query size aka EDNS.
I really really really really really want to burn this whole mfucking shit down...7 -
Holy crap, I can't take it anymore.
I know that user acceptance testing is supposed to be done by the end user but it's as if they entirely skipped UNIT TESTING and QUALITY ENGINEERING.
Does their API work? Yes. It does.
Are their endpoints working? Sort of... why are query parameters required again?
Is it good overall? No, there are CORNER CASES ALL OVER THE PLACE (are they even still corner cases at this point?). It feels like it was made by amateurs!
Why am I doing quality testing on their services??? holy crap, they should pay ME for doing this1 -
It’s been so long since I posted but this time it’s juicy again.
I got a coworker, no prio experience but already a year and few months into the job. He’s bad.
Magnitudes of bad!
We’re trying to teach him but to no avail. Everything about him sucks, major ballsack to be exact.
His attitude is to avoid every task, finishes nothing and then starts something new.
„Did you do X like we told you to?“
„No I started on Y, because I thought it [looks better, seems more interesting, thought that X is useless…]“
When you ask him much is done he is always „almost“ finished and needs your help on the „last 5-10%“. Yeah fuck that!
But that guy has a talent, his talent is to always give you technically correct answers which actually are complete bullshit.
„What are you doing at your job?“
„Staring at a screen and typing things.“ dude what?
That guy used the excuse „I can’t do maths“ on everything.
For an exam he had to calculate how long it would take to reach a certain amount if you would get some interest in that every year.
He asked the teacher for the formula. During the exam! And when the teacher didn’t want to give it to him he wrote plainly „can’t do maths“ on the paper and left
His code is of a quality as if he would write his first line in a week and then has the audacity to blame me and the colleagues for not explaining it right.
Ok you might think now we’re teaching him bad, or are too impatient. But honestly if you have to explain how to do a for loop for over about 15 months and get that attitude I think you get the right to be angry. I don’t mind explaining on how things work, even for the hundredth time, but then don’t tell me you understood, go behind my back, complain at a colleague how bad I explained, get explained by him and then do it again until you whored yourself through the whole staff!
It’s like he got the mind swiper from Men in black at home. Every day he hits the reset button.
He had a week of just changing indentation on a html file. Why? Because he wanted to find his style.
Yeah his style
if(a==b){
console.log(a);
}
else {
console.log(b)
}
And to produce code like that it takes him atleast 4 hours of trial and error.
And at the same time he goes arround and boasts what a super good programmer he his and that he can do some project work for them.
How we found out? Because he started working in those projects during work time at the office and asked us how to do things.
And he does so like a complete bastard!
Broken sql query? “No that query is perfect as it is, it’s supposed to show no results! But, just in theory, if I wanted to show some results, what would I need to change?”
I’m so mad about it and pissed on a personal level because he goes around blames everyone and the world for his short comings8 -
Getting real tired of having to reteach the basics of relational databases to the same 2 people. You were brought in as the expert in databases and SQL Server, I shouldn’t have to teach you about effing primary keys, secondary keys, many-to-many relationships, and how to join the damn tables in a basic query. Your 5 years of experience are obviously a waste if all you did was select * from bullshit. This is the 2nd week and 22nd you’ve asked the same damn questions. Get your crap together and study your ass off if you don’t know. Google the error messages if you don’t remember how to solve it before coming to me with the same question a 23rd and 24th time. I’m not going to get any work done if all you do is ninja up behind me with your laptop in tow and just spout off the question that could be done over IM or a quick duckduckgo/google search. Headphones in = do not disturb ya rude mother duckers 🦆.4
-
I'm a fullstack engineer, this period there is literally nothing to do, we are a 1000+ employees company.
I got so bored I toke over the database of our production server two times in a week, exploiting dumb vulnerabilities I discovered out of boredom, of course I reported everything.
The funny thing is that they just don't care, no one took action or is willing to fix it and they actually insulted me because I set a query in sleep for 8 minutes exploiting one of the vulnerabilities.
I work for a great company that hosts (in this very server) most italian citizens informations C: free to take for everyone c:7 -
I f&#king hate it here. I am just eyeing to exit as soon as 1 year of my contractual obligation is over. My employer is a good employer. Provides good benefits but I just can't take the bureaucrazy in here. Just yesterday, had to ask another team to deploy objects on our behalf as they are the schema owner. They did it and asked us to review it today. But how? We don't even have manual access to the schema, because we are not the content owner and security! But that's fine, I can always query the catalog views and check the metadata and should be able to conclude the deployment. Right? NOOOO. Because security! Of what? Column names?
Prev rant: https://devrant.com/rants/5145722/...2 -
This was originally a reply to a rant about the excessive complexity of webdev.
The complexity in webdev is mostly necessary to deal with Javascript and the browser APIs, coupled with the general difficulty of the task at hand, namely to let the user interact with amounts of data far beyond network capacity. The solution isn't to reject progress but to pick your libraries wisely and manage your complexity with tools like type safe languages, unit tests and good architecture.
When webdev was simple, it was normal to have the user redownload the whole page everytime you wanted to change something. It was also normal to have the server query the database everytime a new user requested the same page even though nothing could have changed. It was an inefficient sloppy mess that only passed because we had nothing better and because most webpages were built by amateurs.
Today webpages are built like actual programs, with executables downloaded from a static file server and variable data obtained through an API that's preferably stateless by design and has a clever stateful cache. Client side caches are programmable and invalidations can be delivered through any of three widely supported server-client message protocols. It's not to look smart, it's engineering. Although 5G gets a lot of media coverage, most mobile traffic still flows through slow and expensive connections to devices with tiny batteries, and the only reason our ever increasing traffic doesn't break everything is the insanely sophisticated infrastructure we designed to make things as efficient as humanly possible.11 -
Software runs fine on several in-house instances. First time customers hosting it themselves. Runs fine. Users start using. Server need absurdly high processing power and fucks up. I can not access customers Server to debug. Only hope, get copy of their images to reproduce their setup. And have *** one single fucking hour *** to go into it before having to tell in emergency meeting if we can fix it or they would blew the project.
I didn't expect, but found the cause, a single very badly written query. Written by myself years ago I have to admit.
They also gave me one hour to produce a patch. I did but but lost so many hair.4 -
I have to add an endpoint to integrate an API and I want to vomit when I think about this major security issue they introduce.
What type of prehistoric dumbass thought GET requests with username and password in the query parameters is a good idea to burden your partner with.4 -
[vent]
I am java dev with 5 yoe at a place which has really good engineering talent.
Was assigned a feature request.
Feature request requires me and one more older dev(in age, not in exp at company) to write the code. My piece is really super complex because of the nature of the problem and involves caching, lazy loading and tonne of other optimization. Naturally it makes up 90% of the tasks in the feature request. On the other hand, the older dev simply has to write a select query (infact he only needs to call it since a function is already written).
Older dev takes up all the credit, gives the demo, knows nothing but wrongly answers in meetings with higher ups and was recently awarded employee of qtr.
It looks as if I do the easy work whereas he is the one pulling in all the hard work.
Need advice to justify my work and make others realise it's significance, nuances of area and complexity of it.
Do not expect monetary benefits, just expect credit and recognition for the worth of work I am doing.12 -
Trying to make use of Google Maps. Search results are always sorted by "most relevant" by default, instead of by distance. Always I switch to distance, next search goes "most relevant" instead, which should be labelled "most irrelevant" instead, as it seems to be an excuse to show a list with promoted businesses not only far away, but often unrelated to my actual query. Wasn't Google supposed to be some sort of search engine experts? or at least the lesser evil of search engines? Oh wait, no, they're actually an advertising company, and it shows. Fuck you, Google. Where am I going to throw my Pixel phone and why did I open your shitty apps in the first place? I should switch MY own defaults back to Open Street Map etc.6
-
GraphQL fans, please read the whole rant until you jump in the comments.
I get it, when you have multiple data sources (that aren't always proper databases), your stuff is relevant.
But most of the people use GraphQL when they have a single database. In that case, native joins are always faster than GraphQL dataloader N + 1 BS you have. It takes less time and less code to go to the backend and write an endpoint for the frontend with a DB query than write several GraphQL ones on the frontend and then combine the data with imperative JS. It will work faster too.
So why the fuck should I use GraphQL at all?29 -
Fucking mongo, fucking nested documents in nested documents that need to be filtered. I'm either really fucking dumb, the query is hard or both.8
-
Me: You decided some records in system A should be obsolete, but the records are tied to active user accounts on the website. Now, I have users emailing and asking why their profile’s last name field says “shell record - do not use.”
Stakeholder: Oh…can’t you stop those profiles from loading? Or redirect the users to the right record in system A? In system A, we set up a relationship between the shell record and the active one.
Me: 😵 Um, no and no. If I stop a user’s profile from on the website, that’s just going to cause more confusion. And the only way to identify those shell record is to look at the last name field, a text field, for that shell record wording. Also, the website uses an API to query data from system A by user id. Whatever record relationship you established isn’t reflected in the vendor’s API. The website can’t get the right record from system A if it doesn’t have the right user id.7 -
Tip: if you are doing a semi complex or complex query in Django and you have doubts print the SQL statement and analyze it. i.e print(queryset.query)
Just reduced a query to 1 join instead of two by just passing a list of int's instead of a list of objects. -
when you work for Jira and get assigned in Jira’s Jira to write code in Jira Query Language to query Jira’s Jira so other Jira users can query their Jira better2
-
I can now appreciate some design decisions behind react-redux after witnessing some angular OOP clusterfuck.
I am sure there is some clean/correct way to code in angular, but everyone is treating angular as java.
Some angular application (the one I have to work with) is littered with network calls. It's difficult to spot duplicates. People usually resolve promises everywhere. In services, in a top-level component, or in for loops. In react, people use apollo/redux-query or redux-saga to handle network calls. Since these libraries prevent duplicate network calls internally and reassigning apollo network call function or redux action function is always useless, it's easy to spot all network calls in a component tree.
In angular, it's difficult to trace data mutations when data can be updated everywhere. In react, you can easily find UI state updates by tracing state hooks/dispatch/apollo usages.
In angular, it's difficult to trace data pipeline. Since everything is imperative by default, people need to add update functions in data subscriptions. With all the littered mutations. Soon you will lose track of what the fuck is going on.
I hope angular get the agonizing death it deserves and fuck everyone who codes JS OOP clusterfuck UI.11 -
When I first started down the path to becoming a developer, I was a "business analyst" where I managed our departments reports and ended up migrating all the reports from daily query run in MS Access with Task manager and emailed out to all the managers including the VP of the entire business unit, I created
Views in the database and sent out the same spreadsheet with the view in excel daily since management didn't want "change". Granted this was at a large health care company in the US and didn't want to invest in a real dashboard for their reports. The only thing that was changed in the email and file was the file name with the current date. I left the company a while ago and recently applied for a similar position for the shits and gigs. Interviewed with the It manager and they're still using the same excel macro I wrote 3 years later.2 -
I hate cloud corps like GCP for pushing down our throats half-baked solutions as Datastore. Why can't i do a simple "NOT IN [list]" query ffs?! Why do you have multiple syntax for doing the same things? Where is your fkin user guide for everything your app can/cannot do? fk u goog2
-
Fuck sequelize, the bloody query generated by the "ORM" give diferent result on the same DB if you trie it on dBeaver (works fine) vs node (shit results).
order DESC have 0 effect on sequelize, but it appears on the logger as part of the query.
I just want to go to sleep ffs.7 -
So I inherited this buggy application my company developed to process state rosters for health care. The daily process fails often and I haven’t been able to figure out why. Then I notice one little thing... it’s essentially using SQL injection as a method of updating records from a file that we receive from outside... there’s no checking for validity of the statements or making sure they’re safe to execute. Just a for in loop and calling a sp to execute the query text under elevated permissions.
-
So there's azure data studio, shiny! nice!
Oh hey, wow, an Oracle extension! Great!! Now I can use one tool for all my database queries!
But wait...
Below is the list of current limitations:
- Server management and dashboard are not supported
- Packaged objects are not supported
- Table data preview/editing is not supported
- Query execution is not supported
So you're telling me that you can connect and... that's it?
What's the point? Why??
That's like saying: Here's a toaster. But here's the thing's you *can't* do:
- Toast bread
But at least you can look at it. Seriously, what the ****.6 -
Interesting...
On Friday, I was playing with the ChatGPT integration in DBeaver. I was using the DBeaver sample SQLite database. This database has a couple of tables, among them Album and Artist, where Album has a foreign key into Artist.
So, I asked it:
"give me a query that lists all albums from artists who's name starts with s"
The query I got back was:
SELECT * FROM Album
Uhh, okay.
But then, I noticed that I wrote "who's" instead of 'whose', which would be proper grammatically. So, I changed that, and then I got this query:
SELECT * FROM Album WHERE ArtistId IN (SELECT ArtistId FROM Artist WHERE Name LIKE 'S%');
Hooray, that works! I'm not sure it's the best way to write the query... I might have written:
SELECT * FROM album a, artist r WHERE a.artistid=r.artistid AND r.name LIKE 'S%'
...I'd have to check to see if one performs better than the other, and consider which syntax I find clearer, but that's a separate issue, it's just nice to see a working, reasonable query generated because that's the point, after all.
But I found it interesting that such a minor error would cause it to not work, that's my main point.
Interestingly, it seems to have learned: I just tried the same thing, and I got the right query either way. So that's pretty cool.
It's a pretty neat feature and I can see some legitimate value in it. I'm pretty good writing SQL myself... I've managed to write some truly hideously complex queries over the years... but there are definitely instances I can recall where the query didn't seem obvious at the start, and having an AI that can MAYBE produce something that is AT LEAST a starting point is definitely something I can get onboard with.8 -
GraphQL question here!
So i recently noticed (few years after everyone?) That graphql seems popular... I decided to try it out, but after playing with it a bit, the conclusion I came to is, that it's a great idea from FE point of view, but for the backend not so much.. a simple sql to return data to ui turns into a bunch of parts, all independant and with even the simplest relationship to some other entity the whole thing becomes very not optimized and when googling about it, all i found were some very awkward libs for work arounds to force everything into 1 optimized query again... But wait, i already have 1 optimized query in my rest api 😆
I don't understand if I'm missing the brilliance of graphql that everyone saw, or is everyone fell for the hype and use a stupid tool and pretend it's cool? 🫣4 -
Apologies if this has been asked here before, but I wanted an open feedback on a query: Is there such a thing as overdocumenting?
I take pride in being a very articulate developer, being as descriptive as possible in my emails, internal communications, PR review comments, JIRA etc.
A product guy from the company today mentioned: "Though I understand your good intent behind being as descriptive as possible, it is possible that some of the junior engineers might get overwhelmed/ intimidated looking at those comments/ emails and it might stop them reaching out to you with your doubts."
I was not able to wrap my head around this, because I don't understand how a descriptive explanation might overwhelm anyone. It's a skill I picked up going through my career and I personally have always respected peers who documented things properly.
Open to feedback. Thank you in advance.6 -
I am happy today cause I manage to write a query in which two table have inner join and with third left .. haha...
I mean I was thinking of handling that situation with foreach.. But managed to do it in query by myself :)
Just hoping that query won;t break for different scenarios. But let just be me happy while it last .. I mean my client make some test -
Online stores never have an “Exclude X” feature in the filter menus. E.g. I can filter to include all blue clothes but can’t exclude them.
From a query point of view this is not difficult. Would it be a UI nightmare? I don’t think so.3 -
Q: What do you get when you create a homebrew query language that uses both the stream oriented principles of Unix data pipes and the relational ideas underlying an RDBMS and use incomplete documentation to support it?
A: A frustrated borderline homicidal engineer.3 -
Working with new guy who is "senior" is such a pain. We had a factory file that is used to populate tables in endpoint tests. The new guy decided to add a static util method called createTestRecord() to a query builder model. Fucking query builder calls in a static method in a query builder class. I send him messages expressing concerns regarding his approach but never got anything back. The guy just ignored me and asked me to review his pr.
I am leaving in 4 months. Release me from my misery. Fuck my life5 -
*Frustrated user noises* Whyyyy, Grafana, why don't you implement any actual query forgery checks?!
So long as a user has access to the Grafana frontend, they can happily forge the requests going off to the backend, and modify them to return *whatever* data they want from the datasource.
No matter that they're a read-only user. That only stops them from modifying the dashboard definitions on the frontend, but doesn't enforce any sort of immutability on the BE...
If anyone had any tips on how to further secure it, I'm curious...5 -
So i have been thinking..
SQL is a lang that runs on a specific software on the server, and helps creating data stores(databases and tables) that can be queried & manipulated.
is there a way to run sql like queries on the client side with no interaction from backend at all?
Say i have 5 inter related data models. in a backend world, they will form nice little tables of a db with all their joins and composite keys. from the server, i shall be querying them like "SELECT name from x where y=z & ..."
but what if i could store them like tables in browser memory and run the same query filters via a query language... is this possible?
i know this poses a certain security risk, but we already use cookies, local storage and a lot of json based shitty client side storages. surely it might be possible to have a lesser optimised sql tables on the frontend with extremely good querying capabilities?
or am i talking something far fetched here?8 -
https://milkyeggs.com/?p=303
"I claim that the trend which AI/ML continues for lawyers is one that it starts for programmers. Just like how a partner at Cravath likely sketches an outline of how they want to approach a particular case and swarms of largely replaceable lawyers fill in the details, we are perhaps converging to a future where a FAANG L7 can just sketch out architectural details and the programmer equivalent of paralegals will simply query the latest LLM and clean up the output. Note that querying LLMs and making the outputted code conform to specifications is probably a lot easier than writing the code yourself ー and other LLMs can also help you fix up the code and integrate the different modules together!"1 -
Fucking Quarkus. Fucking Panache. Fucking ORM.
I wanted to do a fucking simple projection. First this piece of fuck, the Panache, won't let me do a Projection because of a fucking bug, that haven't implemented it properly until 2.12 (fuck and you call this v2?). Ok, upgraded, to the latest 2.16, cuz why the fuck, i'm upgrading already. But now the whole fucking quarkus app won't start! Noice! Ok, fuck it, let's go down exactly to 2.12. Quarkus started, perfect. But now, this pice of fuck Hibernate says 'collection was evicted' whenever i tried to read a collection in the setter (Access.PROPERTY), which worked just fucking fine before. But okay, fuck you. I'll write a @PostLoad method, fine, just fuck off.
But that's not the end! Now it says I cannot write `select parent.someColl is not null and parent.collection is empty as canProcess` because "is empty" only supported in where clauses. What fucking wonderful system! Well, fuck you. I'll write a union query. But guess what! JPA standard does not support union queries, nor HQL (Eclipse Link does, btw). Ok, fuck this shit, let's write a native query. But hey, fucking Panache does not support that. There is no fucking place in their fucking docs stating anything about how to use native queries.
So, fuck you quarkus, fuck you panache, fuck you hibernate, fuck you overcomplicated limiting bullshit called full-fledged ORMs. I'm moving to a fucking mybatis and fuck it. It's simple as fuck, does not fucking restrict me in writing whatever shit query I want to write and let's me map the shit just fine.1 -
Started playing around with react this week. Seams nice and i really love the hooks. But next.js on the other hand seams a lot less developed compared to nuxt.js. For example you cant get just the path or just the query parameters from a url without parsing and splitting the url yourself. Is there any other ssr framework for react i could try (excluding gatsby)?2
-
Having a senior DBA can save hours if not days of struggle and save your back, if you do not know well enough how to do a more complicated query yet, without fucking up something.
Good guidance and experience is worth so much.
... and no I do not have the rights to drop databases.1 -
Finally im starting to get hang of how nextjs works. Still no idea how query params work, routing api calls, the proper structure, useEffect vs useState, SSR vs static props, etc but i wrote the messiest spaghetti code youve ever seen, and it works! I built a frankenstein. And its alive. Cleaning this shit up is the least difficult part4
-
Ok, I have to share this with you all. It makes me snort laugh. And that’s a hard achievement! Check out how many guys have been LEGALLY named Dude and Shorty!
https://evanmarie.com/plot-name-pop...
Query with joy!1 -
Since Google is failing me...
Given a user input (string query) and a list of larger strings (like email bodies or something), what's the best way to search and rank the list of strings against the user input.
So far I have implemented levenshtein distance but it doesn't really seem to do extremely well. (Short strings rank very well against each other, whereas long strings **containing** exact matches will go lower in the list)
Should I be splitting the input and the list by word and then averaging the distances?
The only thing I have tried is removing complete non-matches from the list by not including them if the distance is equal to the length of the largest string17 -
Hola community!! Everyone going over this, please read this once and honestly answer my query.
I am on a probation at a startup. When i will be full-time, then the startup has promised me to provide CTC of 7,50,000(inr) i.e 10,000$ (usd).
Now I want to switch this startup company. Here are my reasons -
1. Less people, more work. - Well, that's what we call a startup. The tech team consists of 3-4 members only and we ourselves have to do the whole thing from end to end. This consists of designing the architecture, PR reviews, qa testing and coding ofcourse.
2. I see myself that I am capable enough to earn 1.5 times more than the above CTC. Also, all my friends are earning 2x the above ctc.
3. Also, there is no senior in the team except founder himself. This really seems awful as can't learn from anybody.
4. Also, i have plans of higher studying due to which i have to entrance exams. So i need to prepare them too. Switching to an established company can mean more money and less work.
Now, can anyone suggest me whether my reasons to switch are legit or vague??1
Top Tags