Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
-
Casual workday be like:
Project manager: It is important we deliver these features.
Me & Coworker: Sounds reasonable, here is how long we need, roughly.
Mgr: Well, the deadline is already set and the contract is signed and written.
M&C: Ummm...
Mgr: Also, while we are hosting the application, we are not paid for operational cost, so make sure to optimise the crap out of it immediatly. Preferably while developing the features.
(A wild architect appears): Also everything has to be built on cans and kubernuts, with rectangular ui and bootstyling and with these internally developed backend frameworks NOBODY tests. Coroporate policy you know.
(A wilder division CEO appears on meeting): Also we are rolling out code KPI's across the organisation. Everyone is expected to Focus on documentation, test coverage and there is now mandatory SonarQube scanning of repos. ZERO DEFECTS PEOPLE
M&C: ...
(Wildest Salesteam appears): By the way we sold the application to these other customers, they love feature XYZ and must have it.
M&C: It does not have feature XYZ
Mgr: It will have feature XYZ
M&C: Allright so with all the extra funding from the sales, we need to hire atleast one Machine learning guy, an extra frontend specialist a developer and maybe funnel some of the funding into slacking the operational budget in the start.
Animated Suit *Railing a line of coke from his gold plated ihpone 15*: What funding? Get to work. Also your havent been super sharp with your time registration.
2 -
Okay so I have been a consumer of devRant for a while now but never posted anything. This is my first.
So yesterday I modified an existing method(some very minor changes!!). Today after coming to the office I see that I have comments from Sonarqube stating
"Reduce cognitive complexity from ** to 15.
I get that it is a good measure to maintain readability but this refactoring is not part of my change at all and any mishap can break the whole code base!!!.
My code even won't build because of this company restriction that there should not be any issues from Sonarqube.
I really want to bash my head against the wall right now.11 -
Installed SonarQube and Snyk on the CI/CD of a 2.5 year old project that only had a linter enabled previously.
Practically zero problems found. One minor problem (same code in different branches), a few false positives, and a few possible problems in dependencies that I have no control over.
Now wondering:
Am I really that good or are those tools just shit?
10 -
SonarQube: You forgot to remove this one 'import' statement
Also SonarQube: This will take you at least 5 years to fix -
Recently installed SonarQube and its been amazing to see the level of code quality (or lack thereof)
Some projects have 30 to 60 days of technical debt and I found a few files with a cyclomatic complexity over 100. I’m still learning what the “good” numbers should be.
Yesterday, couple of devs were very proud they were going to start reducing the numbers, they started with one of my solutions that had 5 minutes of technical debt. Yes, 5 minutes.
DevA: “OMG…look at this…it has a cyclomatic complexity of 11…that’s terrible. I thought we were supposed to be professional developers.”
DevB: “And take a look at this, he used the double-slash instead of a triple slash for comments. How does any of code even compile?!”
Me: “Maybe we should tweak some of those SonarQube rules so they make more sense to our code base. We’re never going to use unicode, so all those string culture warnings should go away and code comment formatting? Who cares? Be happy we have comments. I think we should also focus on the bigger fish in that pond. The CRM project is one of the biggest and has a lot of improvement opportunities.”
DevB: “There you go again, don’t bring me problems, bring me solutions..ha ha”
DevA: “Yea, no kidding …hey…did you see the logger? OMG…the whole class is over 25 lines…we gotta split that up into smaller projects so it’s more manageable.”
It’s a good thing our revenue stream isn’t dependent on people getting work done.3 -
Got a call about production was going to fail. They thought it's the application server.
I'm the end it was bogus file mods which were scrambled by the backup tool.
Why we didn't find out earlier? Because the java application was coded like this:
-------
String content;
Try {
File bla = new File
content = ... Read operation
} catch (IoException | SecurityEx | RuntimeEx ex)
// nothing we can do here
}
doWork(content);
---------
Why the fuck do we have code reviews? Why not just log or throw a Runtime Exception? Argh... I thought it would be better in enterprise applications. Perhaps I should tell them to not just use pmd, also spotbugs and sonarqube. But the department for the build tools does not have enough employees. Dang.
Anyway. Earned some money for that.
Now it's 2018 and I still get money for the same kind of bugs as 2008.3 -
I am fairly new to "enterprise" programming, but have some experience with self-study and open source. I'm getting more frustrated by the day because the code quality of our software is appallingly bad: functionality that should be centralised isn't, assumptions about internal structures and functionality of objects are made throughout the code, concerns are not separated, and so on. In my current team, we explicitly disabled SonarQube because "someone would have to fix it and our software wouldn't pass even after a month of work".
While I understand the concerns that companies would rather see new features than "quality improvements", so what? Every time we want to add something, we either have to restructure half the source code or add it in a really horrible way (and get pressured to do it that way).
Is it normal that code quality in companies is so bad?10 -
SonarQube is obnoxious in it's moronic ideas that demonstrate lack of understanding of the languages it's analyzing.
In C# there exists a special kind of switch-case statement where the switch is on an object instance and the cases are types the instance could polymorphically be, along with a name to refer to that cast instance throughout the case. Pattern matching, basically.
SonarQube will bitch about short switch-case statements done in this way, saying if-else statements should be used instead. Which would absolutely be right if this was the basic switch-case statement.
This is a language with excellent OOP features. Why are your tests not aware of this?
I can't realistically ignore the pattern because that would also ignore actually cases where it's right. And ignoring the issue doesn't sit right with me. How does it look when a project ignores tons of issues instead of fixing them? -
SonarQube just showed my package name as duplicated code because I have a second class in the same package with the same package name -.-
Top Tags
Weekly Rant
View