Manager asked for access to server with admin rights for a third party contractor and I questioned him... His answer?

- Your are gonna give access to anyone that needs access.

I gave. Went for a 15 days vacation.

Our server got blocked by our cloud provider because of ssh brute force attempt coming from it and the company website went offline during a big ass meeting because of that.

Made me giggle :)

I'm so fucking pissed at my PM right now.

He insisted that we use a third party library that his friend wrote for simple functionality. We all disagree, because it's overcomplicated for what we need to do. PM insists that we use it anyways.

Fast forward to now. The third party code is breaking, and it's way overcomplicated, so we have no idea how to fix it. Deadlines are long gone.

We're all pissed because we don't want to deal with this bullshit code, and because basically nothing is working properly.

Had a conversation with the PM today, where he complained about our "attitude issues" and said that "clearly [the library we're using] is above your skill level".

Maybe we would have better morale if you didn't force us to use this shit code.

string excuses[]={
"it's not a bug it's a feature",
"it worked on my machine",
"i tested it and it worked",
"its production ready",
"your browser must be caching the old content",
"that error means it was successful",
"the client fucked it up",
"the systems crashed and the code got lost" ,
"this code wont go into the final version",
"It's a compiler issue",
"it's only a minor issue",
"this will take two weeks max",
"my code is flawless must be someone else's mistake",
"it worked a minute ago",
"that was not in the original specification",
"i will fix this",
"I was told to stop working on that when something important came up",
"You must have the wrong version",
"that's way beyond my pay grade",
"that's just an unlucky coincidence",
"i saw the new guy screw around with the systems",
"our servers must've been hacked",
"i wasn't given enough time",
"its the designers fault",
"it probably won't happen again",
"your expectations were unrealistic",
"everything's great on my end",
"that's not my code",
"it's a hardware problem",
"it's a firewall issue",
"it's a character encoding issue",
"a third party API isn't responding",
"that was only supposed to be a placeholder",
"The third party documentation is wrong",
"that was just a temporary fix.",
"We outsourced that months ago.","
"that value is only wrong half of the time.",
"the person responsible for that does not work here anymore",
"That was literally a one in a million error",
"our servers couldn't handle the traffic the app was receiving",
"your machines processors must be too slow",
"your pc is too outdated",
"that is a known issue with the programming language",
"it would take too much time and resources to rebuild from scratch",
"this is historically grown",
"users will hardly notice that",
"i will fix it" };

Ever wanted cheat codes to devRant? Well, that's weird. But here you go, I guess.

Since the avatars do not use any external assets (Such as images), all avatars are generated. To be friendly to people who want to make third-party devRant clients (such as devRantron), avatars are generated server-side, so that the assets don't need to be distributed, and third-party programmers don't need to work out rendering avatars.

But this allows you to cheat a little.

The devRant avatars API works like this: you request a really long URL from the API, specifying the IDs of each cosmetic item the user has active, and it returns a PNG file. But you don't need an auth token to generate an avatar (which makes sense), so the avatar API is essentially a sandbox you can play around with if you have the time and patience.

You can write a really good avatar previewer with this knowledge, and see your avatar with a white tiger, even if you don't have the ++s

TL;DR
Deadline means shit for management and they can't fucking understand wtf a prototype is for.

Hahahahaha so we are gonna present this prototype tomorrow ( 2018-03-08 ) at a meeting with investors and our management practically demanded a landing page to be at this presentation.

The landing page is gonna be made by a 3rd party, they asked for directions on the content about the landing page with a deadline set for Friday ( 2018-03-02 ) .

Management sent an email yesterday with the following content:
- Changes on the prototype ( A LOT OF CHANGES )
- The landing page content: a fucked up confusing as fuck word document with crossed over text, red text. A lot of noise that meas nothing and only makes the reader confused as fuck

Why am I laughing you may ask?
Our front ender took the prototyping role out of my hands and the landing page is a third party responsibility.

None of this is my work, I'm here watching the world burn for the first time and boy its funny and warm.

:)

People will always ask us to fix their computer :/

Had a meeting with IT-director of our client.

Me: Yes, with our solution you will be sure that the details of all your 17.500 employees will be stored and accessible for all required third party systems. We will have a 6 month preliminary schedule and it will cost..

Random: Excuse me!

Random employee interrupts and has actually stepped into the meeting room.

Random: Can you take a look at my computer? Something is wrong.

IT-director: Is there noone else who can look at this?

Random: But it was working a minute ago. It probably will be a quick fix?

IT-director looks at me like "what even is this?"

IT-director: Go down to the 12th and talk to IT there, we're having a meeting here.

Random: I thought you guys who are so good with computers could fix this in a jiffy!

Me: Burning inside

IT-director: Just leave us, please.

Random leaves.
IT-director looks at me and I look knowingly back. We are both sad for a moment. Then we continue.

Our project is a legacy of all legacy projects. The developers imported the third-party libraries by copy-pasting the whole source codes into the project. Ohhhh yeahhh!!!

User Ip Address is too long (maximum is 30 characters).

Okay, dear third-party API, I guess users with IPv6 don't deserve the service... And wtf is 30-char limit for an IP address, when IPv4 can be only 15 characters long, and IPv6 can be up to 39 characters? Did you calculate a weighted average of IP length to get that number?

What the flying fuck is happening on the EU with the fucking GDPR corsairs!!

I made two - TWO - entirely static websites, hand-made, 100% cookie-free!! I didn't even need to store a goddam boolean cookie! No third-party content is EVER invoked, called or summoned! I hosted a small video to avoid Youtube! Facebook and twitter share buttons are links!! I DID ALL OF THIS ON PURPOSE AND INFORMED THE FUCKING CLIENT.

And THEN (and, of course, unsolicited), the fucking lawyers of an asshole GDPR corsair office came and scared the shit out of my clients and convinced BOTH of them to put the goddam GDPR cookie consent popup on the fucking websites!! And they took their bribe, of course...

In order to avoid billionaire fines because of the NON EXISTENT cookies of the SMALLEST, SIMPLEST, 2KB MINIFIED HTML page on the Internet.

Anybody else is suffering from this kind of behavior??

Client: We want a contact form on our site that accepts files.
Me: OK. Here are the backend options (custom built, WordPress, third-party service, etc).
C: Mmm... why is it so complicated? A simple form doesn't need a backend.
Me: FFUUUUU Y DONT YOU DO IT THEN! DIDN'T KNOW BROWSERS SEND EMAIL?!
Me: *backspace*, *backspace*, *backspace*
Me: Browsers cannot send emails; you need a backend to process the form.

> Manager: Why does service X behaves Y way? It should do Z instead.
> Me: *explains why*
> Manager: I don't understand this...
> Me: *explains it in more simple terms and shorter sentences*
> Manager: I'm still not sure I get it.
> Me: It is like this because of a third party provider and we can't change anything for the same reason. Also it is working like this for half a decade now.
> Manager: Ok, I get it. So please fix the service, it should do Z instead of Y.
> Me: *facepalm* Sorry, I can't. Ask (frontend guy), maybe he can help you.
> Frontend guy a bit later: ┌П┐(ಠ_ಠ)

Code works.

Rename a variable for clarity.
Third-party lib behaves differently, breaks things.

Change the var names back.
Still broken.

Stash changes and checkout previous commit.
Everything works.

Diff with stash.
No notable changes. (some comments, ...)

Checkout branch again, pop stash.
Broken again.

... What?

Start a development job.
Boss: "let's start you off with something very easy. There's this third party we need data from. They have an api, just get the data and place it on our messaging bus."
Me: "sure, sounds easy enough"

Third party api turns out to have the most retarded conversation protocol. With us needing a service to receive data on while also having a client to register for the service. With a lot of timed actions like, 'send this message every five minutes' and 'check whether our last message was sent more than 11 minutes ago'.
Due to us needing a service, we also need special permissions through the company firewall. So I have to go around the company to get these permissions, FOR EVERY DATA STREAM WE NEED!

But the worst of it all is... This whole api is SOAP based!!

Also, Hey DevRant!

Do you really expect that I can debug in a few minutes, a part of the software that I didn't build and have never seen before and have no knowledge of the external, third-party web service that code is reaching out to?

Dude, flippin' chill, take a walk, grab a drink, pop some popcorn and give me some time to figure out what the hell this code is doing so I can properly debug it!

You know what it turned out to be? Wrong test data used for the 3rd party service. So in essence... Nothing was wrong! Frickity frack!

When you think php is pure garbage but this third party tool that you really need is fully written on it and you have to use it.

Adventures in security land.

The “legendary” lead dev authored a ticket that logs raw credentials for a third-party tool we’re using, and logs partially-obscured consumer passwords. His reasoning: “for debugging. And customer service!” And then argued with me over why that’s bad! Seriously?

Then in the release channel, he and the release manager are talking like I’m pestering them with my findings. Things like “I have some Root-induced changes coming” and “Fixed those, but she’ll probably have more...” etc.

Like come on.
I’m even being nice here, but you seriously need to stop screwing this up.

They also didn’t bother merging the fixes into the release branch, so I needed to re-review the entire (large) ticket on its own branch. Doubles the effort since I can’t easily see what changed.

The lead dev also only updated a few of the specs (despite me sending him a list), so there’s a bunch of failing ones now. Makes me unsure if he actually fixed everything.

Maybe I’m just being touchy, but ugh. Freaking annoying people.

At least he owned up to being the author this time instead of saying someone else (who wasn’t in the history...) wrote it. -.-

“Fullstack dev continues to be consistent”

We’d an enhancement request where we needed to support Ionic apps. Our manager didn’t know anything about Ionic so she asks us what it was instead of asking Google.

Manager: so what’s this Ionic thingy?

Me: Ionic issss.... (gets interrupted by Fullstack dev)

Fullstack dev: so the thing is ... it’s like... (consistent with his opening lines as always) it’s a third party plugin which converts react app and html pages to native code.

Me: (thinking of sacrificing him at the altar of Lucifer)

Manager: Nice!

More to come.

We want to improve the portal by making apps for it what can you do or recommend?

Well holy shit this is new you're actually asking the dev team for advice on a future project.

Normally you immediately go to a third party waste a shit ton of money and then tell us we have a week to add whatever it is into our system.

Then when we can't do it or have to delay other projects you're dragging our manager into a meeting with the CEO complaining that IT are refusing to cooperate or are holding up the project etc.

The change of heart is much appreciated but where the fuck did this come from? New year resolution?

Most irritating thing I have to deal with when working on a project with a third-party:

{
status: 200,
message: "error"
}

Dev: This content might be too large to fit into this area on mobile.
We might need to add scrolling or design it differently.

Designer: It fits perfectly in the design.

Dev: But the user might have a smaller screen size than in the design.

Designer: We don‘t optimize for small screens.

Dev: But we still need to handle it somehow.
Also, the text might be longer for other languages.

Designer: No problem, we will provide short text for all translations.

Dev: We have 30 languages and the translations are made by a third party. We can not control it.

Designer: We‘ll manage somehow.

Dev: Also, the user might be using an accessibility setting on the device which makes the font size larger.

Designer: Unlikely

Dev: Also, the available screen size might be reduced by the on-screen keyboard.

Designer: … Ok then.

-

It‘s always a conversation like this. It repeats indefinitely.

In our morning stand up, dev was bragging about how much code he was refactoring (like over-the-top bragging) and how much the changes will improve readability (WTF does that mean?), performance, blah blah blah. Boss was very impressed, I wasn't. This morning I looked at the change history and yes, he spent nearly two solid days changing code. What code? A service that is over 10 years old, hasn't been used in over 5, mostly auto-generated code (various data contracts from third party systems). He "re-wrote" the auto-generated code, "fixed" various IDisposable implementations and other complete wastes of time. How –bleep-ing needy are people for praise and how –bleep-ing stupid are people for believing such bull-bleep? I think I should get a t-shirt made with a picture of a BS-Meter and when he starts talking, “Wait a sec, I gotta change my shirt. OK…you were saying?”

Darn it, I was having such a good day. Just sitting over here in sysadmin land watching the Java devs tear their hair out over the Log4j vulnerability, when someone just had to ask me about the Jenkins servers my team maintains.

Jenkins doesn't use Log4j! What a relief!

Jenkins does, however, have third-party plugins, some of which use Log4j. And thus my relief was short-lived and now I'm also tearing out my hair trying to patch this shit.

"I just hacked your website"

Me: Oh really? What did you do?

"Ran DDos attack using this third party website haha"

Me: 😃

So customers can place orders at our website, but some of the products are actually handled by a third party. We use a web service to communicate about these orders. Obviously, we need a way to uniquely identify each order, and decided with this other company that we would use a simple incrementing integer.

Last week, something strange happened: we could no longer cancel orders by their ID, because according to the web service, the orders were placed too long ago and were no longer eligible for cancellation. But I knew that could not be true: the orders were from last week. So I checked out database, turns out the ID's are not so unique: some refer to two or three orders. Somewhat worried, I contact the guy responsible at the other company and ask him how that could ever happen?

He: "Yeah, when we restart our server, the counter goes back to 1, you see. I didn't think that would be a problem...".

REALLY?! YOU DIDN'T THINK?

I've been an IT Director for a medium sized company for 11 years...
2 years ago we decided to custom develop an app for online ordering through a third party... This company quoted $36k, I told the team that I think it will be $100k and here is a solution that will do 90% of the needs for $50 a month per location... boss says he doesn't care if it's 200k he wants 100% of what we want and the ability to change it to perfectly fit our needs.... FFW to present... $36k app built by committee of 8 people.. = $400k... and counting for maintenance and adjustments. We now use that $50 a month solution as well to cover another need that would be too costly to code into the original app SMH... and now myself and my team are learning to code to support it internally because.... why would you just hire a qualified person... anyhow, I'm a few months into a self paced online bootcamp and loving it. So ... bright side found! Rant over

Admin comes to my desk and says:
"Hey the CEO wants to know why is the third party application having issues with our system? He wants you to keep me posted on the matter and let us know when will you fix it."
Me:
"Well I'm working on it, we're having a discussion on Slack about it and I'm quite busy right now"
Admin: "Yeah OK but when will you fix it? The CEO wants to know why didn't you reply yesterday"
Me: "Because I was on leave? You would have known if you saw my calendar"
Admin: "oh well, can you keep me updated with how things go?"
Me: "You can join the Slack channel if you want..."

What the f*CK is wrong with people? Do they even know what vacation time means? Why would the CEO ask the admin to talk to me when I'm sitting two rows from him?

PSA: Proposal for the posting of third party content.
I know we all love ourselves some Dilbert or commitstrips or xckd BUT could everybody just give credit where credit credit is goddamn due!
Leaving a link isn't that hard!
Just put it as the first comment if you don't want to have it at the end of your rant.
Also for xkcd specifically put the alt text in the first comment as well. It makes the comics even funnier and shows that you are more than a half witted copy pasting monkey.

There's a developer hired solely to write an application to replace millions of dollar third-party subscription somewhere in the universe.

When your company hires a third party to develop 2.0 version of your product after doing a proof of concept... Fml

Manager: "<third-party vr app> isn't working. Think you could fix it by tomorrow?"

Me: "I can't fix it without the source code."

Manager: "Didn't you install it?"

Me: "I did, but I'd need <third-party>'s source code if you want me to make changes and that problem would probably take at least a day to fix."

Manager: "Can't believe you don't have the source code. Aren't you supposed to have your code available?"

(Just....)

Meet 'SBI Online' app from Play Store, in their own words:

What they were supposed to do?
"Experience the new Retail Internet Banking of SBI"

What they do?
"SBI online app will redirect to SBI Retail Internet Banking (online SBI) site"

Why do they have app?
"No need to remember URL",
"Less memory space required on device"

App storage space?
F**king 2.6 MB, just to redirect users to their website, in third-party browser.

Third party ajax cart for magento.
"Grand parent"

Got a request on a freelance site, was about modding a game.
I've answered thinking "easy money", then he reveals it's for a console, that it's not "hacked" so I couldn't run any third-party script.
I've tried to kindly explain the situation and he seemed having understood.

Few minutes ago I checked my inboxes and I got a bad review on that freelance platform, of course from him. 👌

Step 1: try a third party defragmentation tool as windows' one is shit
Step 2: go to sleep while shit is getting done
Step 3: ???
Step 4: prof- Wait what ? Fuuuuu

“sEniOr tEcHniCiaN”: “I don’t know what Blazor is. I write my projects in ASP.NET. You should just use ASP.NET”

Me: …”Blazor *is* ASP. This project is running on ASP.NET 6.”

“seNioR tEchNiCiaN”: “As previously stated, I don’t use Blazor. I don’t care what version it is.”

Yes, this is a real exchange from my ongoing problems with this idiot.
His attitude is what ticks me off the most.
He doesn’t know what CORS is.
He doesn’t understand that “ASP.NET” covers Blazor, Razor Pages, the old MVC stuff, web APIs, and more.
He doesn’t understand the difference between a web request being initiated from the browser via Fetch and a web request being initiated from the server. (“My ASP site is shown in the browser, so requests to the third party API aren’t originating from the server.”)

And yet has the arrogance to repeatedly talk down to me while I try to explain basic concepts to him in the least condescending way possible.

After going around and around in circles with him, he finally admitted to me that “he doesn’t actually know what the CORS configuration looks like or how to modify it, to be honest.”

I just wanna go home.

I swear...in enterprise...doing things right is almost pointless. First off they punish you for it by insisting you use shitty outdated libraries and resources, making every request painful and a week long, and telling you "don't use any design patterns or good practices because the over seas third party people we hired won't understand it".

And ultimately those third party people are going to get a hold of your code and turn it to shit. So really...other than having pride and standards...just pile more shit on top of the other shit because it will all be shit soon enough.

Them: "What can we do to fix this?"

Me: Contact the vendor

Them: Ok, but from our side?

Me: Wait for the vendor to reply

Them: And what can we do to prevent this from happening again?

Me: get better vendors, include I.T on the process when the org decides to purchase shitty third party software.

Them: Ok but besides that?

Me: Drink?

Seriously tho, tf you expect me to do?

Fuck you you fucking fuck, why would you change an api without any notification?

Background: built an app for a customer, it needs to fetch data frlman external api, and save it to a db.
Customer called: it's broken what did you do?!?
Me: I'll look into it.

Turned out the third party just changed their api... Guess I should implenent some kind of notification, if no messages come in for some time...

While working on my one of the first project in java i ended up using deprecated Calendar API for the date. Since deadline was near i thought it would be a good idea to use the JCalendar API for as date picker (which is a third party API).BAD IDEA. It was the night before the submission round about 11pm when i realized that there is no way to convert JCal object into Calendar and it turned out it is not working as expected you have to subtract a particular number from the year to get date right.

To convert JCal into Calendar i used the toString function to get the date in string sliced it using substring into year,month,day then had to assign date to Calendar object via constructor.
Had to write 70 lines of code just to convert JCal into Calendar...

And then there were other complications related to this problem. Had tu pull an all nighter just to solve date related problems
LESSONS LEARNED :
NEVER USE A DEPRECATED API
NEVER USE THIRD PARTY APIs WITHOUT RESEARCH

Whe you build a backend service that handled 50k concurrent users. But you are forced to integrate this third party service which can handle 500 concurrent users.

Stakeholder: Our customers aren’t getting their order confirmation emails. It’s going to their spam. Is there a way to resend the emails?

Me: Wait. The email getting sent to their spam is not the same as not getting the email. Is it both or just one of those things?

SH: Here are some emails getting sent to spam.

Me: These are sent by third party vendors that you contract with. I have no control over what they do. You need to talk to your vendors.

SH: 😮

Me: 😑

I am fuming!!! I have never before in my entire life been more pissed.

When you are working you are a** off on a weekend to finish a project in half the time and have a sh**ty, unstable third party API you have to integrate with return responses like this. I present to you the world's most horrific API.

Feel like punching through the monitor screen. What the f**k is this! 200 and ERROR?

As I write this rant I have Grammarly correcting my grammar. Thanks, Grammarly!!!! I am having an amazing weekend. -_- Cheers my fellow devs!

I made a simple HTML site for watching Google I/O live without all the ads that third party websites try to stuff up your face. It also has the official countdown from the event website 👌 (The countdown will disappear as soon as it runs out)

Check it out at adless-io.firebaseapp.com

Java's shitshow, or why I'll never like java, the language:

The fact that you cannot read the length of an iterable at any point in time without iterating through it. Did I just read this from DB? Yes, I did. Do I know how many items I read? No. Why? Because fuck the designers of this shit language and all its shitty third-party libraries. 😠😠😠

"It is risky to release an app that depends on APIs that you don't control."

Yeah, dude, we also live in the real world.

Better to say: "Your app should handle cases where the third party API is partially or even totally down."

God, some people, they build a wall of rules around themselves and wonder why their skills don't improve.

A couple of months back we were discussing sh with a third party vendor for a very large ass fuck system that another department uses. I had been called into the meeting because the entire I.T department counts on me to at least act as an assessor to the many issues that other departments might have.

the department for which i was working with manages the databases that our institution uses, and in this particular question the DBA (my best friend mind you) was part of the meeting.

Mind you, issues that the third party vendor were having were all fixed by our DBA, and he had documented and mentioned these items to me as I provided assistance to him through the 3 weeks prior to this meetings. Once such case was that we needed a transitioning as well as intermediary system for some processes to happen from one DB to the other and a lot of other technical babble. Well, the DBA used to be an excellent (fuck you) VB developer who recently re-learned the language into .net. He had shown me many of his old programs and even by the limitations of the language they were elegant and fascinating. They really are and ya'll devrant fam know that I ain't one to hate on tech at all.

When the DBA explained how he went around some of the issues by generating programs that could assist him, he mentioned the tech stack, I had coached him into knowing that being descriptive about the tools he used would be beneficial to everyone else. While he mentioned VB.NET the vendor snickered and my boy got quiet.

Then I broke the silence, fuck you. "what was that?" and the dude said "nothing, sorry"
So I said "no no, I want to know, I am not going past this point until you, the dude getting paid over $100 an hour for something YOU couldn't fix explain to me the little hehe moment you had"

The mfker went silent. then explained how he was aware that people were moving past vb.net and shit like that, me "imagine that, someone used a tech stack that your ignorance thought obsolete to fix something you could not solve, even though we are paying you for it, were it me or in my hands, and mind you i have direct access to the VP so this foolishness might change, I would have cut you and your little sect loose months ago, I have no patience, or appreciation from leeches like you or the rest of the "professionals" that work for your company or other similar entities, much less, as you can see, my patience runs even less when you people snicker at the solutions that our staff has to take when you all slack"

The entire meeting was uncomfortable as high heaven.

Fuck you, if someone I know manages to run shit on fucking liberty basic then so fucking be it. I will slap you 10 fucking times over, and then fuck your girl, if you try to put someone else down for the tech stacks you use.

I hate neck beards, BUT I hate fake ass neckbeards ever more

*Colin Farrell in true detective mode: FUCK....YOU

Glassdoor.com is in hot water after federal investigators in the US sent a subpoena to unmask anonymous users who might be "third party witnesses" to certain business practices by a company under investigation for fraud.

Can DevRant (@dfox, @trogus) be forced to unmask its users (IPs, emails) in a any way, by the US government (@fbi, @cia, @nsa) or any other government (@svr_rf, @mss, @mi6, @bnd), should a similar situation arise?

Don't you hate it when your co-worker does dumb things, but thinks it's the "clean code" way?
The following is a conversation between me and a co-worker, who thinks he's superior to everyone because he thinks he's the only one who read the Clean Code series. Let's call him Bill.

Me: I think the feature we need is quite simple, our application needs to call this third party API, parse the response and pass it to the next step. Why do you need to bury everything under an abstraction of 4 layers?
Bill: bEcAuSe It'S dEcOuPlInG, aNd MaKe ThE cOdE tEsTaBlE
Me: I don't know man, you only need to abstract the third party api client, and then mock it if you want. Some interfaces you define makes no sense at all. For example, this interface only has 1 concrete implementation, and I don't think it will ever have another. Besides, the concrete implementation only gets the input from the upper layer and passes it down the lower layer. Why the extra step? I feel like you're using interface just for the sake of interface.
Bill: PrOgRaMmInG tO iNtErFaCe, NoT cOnCrEtE iPlEmEnTaTiOn!!!
Me: You keep saying those words, I don't think they mean what you think they mean. But they certainly do not mean that every method argument must be an interface
Bill: BuT uNcLe BoB blah blah blah...
Me: *gives up all hope*

Manager: You want a promotion? To senior? Ha. Well, build this web app from scratch, quickly, while still doing all your other duties, and maybe someone will notice and maybe they’ll think about giving you a promotion! It’ll give you great visibility within the company.

Your first project is adding SSO using this third party. It should take you a week.

Third party implementation details: extremely verbose, and assumes that you know how it works already and have most of it set up. 👌🏻

Alternative: missing half the details, and vastly different implementation from the above

Alternative: missing 80%; a patch for an unknown version of some other implementation, also vastly different.

FFS.
Okay, I roll my own auth, but need creds and a remote account added with the redirects and such, and ask security. “I’m building a new rails app and need to set up an SSO integration to allow employees to log in. I need <details> from <service>.” etc. easy request; what could go wrong?

Security: what’s a SSO integration do you need to log in maybe you don’t remember your email I can help you with that but what’s an integration what’s a client do you mean a merchant why do merchants need this

Security: oh are you talking about an integration I got confused because you said not SSO earlier let me do that for you I’ve never done it before hang on is this a web app

Security: okay I made the SSO app here you go let me share it hang on <sends …SSL certificate authority?>

Boss: so what’s taking so long? You should be about done now that you’ve had a day and a half to work on this.

Abajdgakshdg.

Fucking room temperature IQ “enterprise security admin.”
Fucking overworked.
Fucking overstressed.

I threw my work laptop across the room and stepped on it on my way out the door.
Fuck this shit.

While trying to integrate a third-party service:

Their Android SDK accepts almost anything as a UID, even floats and doubles. Which is odd, who uses those as UIDs? I pass an Integer instead. No errors. Seems like it's working. User shows up on their dashboard.

Next let's move onto using their data import API. Plug in everything just like I did on mobile. Whoa, got an error. "UIDs must be a string". What. Uh, but the SDK accepts everything with no error. Ok fine. Change both the SDK and API to return the UID as a string. No errors returned after changing the UIDs.

Check dashboard for user via UID. Uh, properties haven't been updating. Check search properties. Find out that UIDs can only be looked up as Integers. What? Why do you ask me to send it as a string via the API then? Contact support. Find out it created two distinct records with the UID, one as a string and the other as an Integer.

GFG.

Embedding private encryption key in production javascript file and fetching third party session token client side.

I shit you not. This this a job qualifications qualifications entry level on LinkedIn.

7+ years working as part of a development team and with the following technologies:
Node.js Typescript and Java-based, microservice-driven applications using Spring Boot or similar framework
RESTful API design / microservice architectures
MongoDB or any other NoSQL DB
Message queues e.g. RabbitMQ, Kafka etc.
Modern MV*(MVC, MVVM, etc..) frameworks e.g. React, Angular, Vue etc.
JavaScript and design patterns, CSS and HTML
Modern CSS and view libraries e.g. RxJS, Angular Material, Typescript, JS ES6 etc.
Unit and UI testing using third party tools e.g. Jest, Cucumber, Groovy & Spock, etc.
Bachelor's degree in computer science or related field

Isn't it just nice to throw away hours of work because you were given wrong requirements?

I worked late last night to finish a project with an incoming deadline, and for what? That's right, for fucking nothing. Hours wasted. Just because I was told the form was to be submitted to an endpoint that I would receive later on.

Turns out that what I actually need to do is embed some form from a third-party service. So the form that I already implemented (with styles and logic) isn't needed. What's worst, I have to redo all the styles to match this embed form.

Thank you so much for that. 🖕Never again will I work late. I should have known better by now...

1. high severity production incident was asked to look into at the end of the day.
2. needed fix in ui.
3. fixed and deployed in 1 hour.
4. issue remained. debugging began.
5. gave up at 1 AM and went to sleep.
6. woke up at 6 and after debugging for 2 hours, identified to be a back end issue.
7. worked with back end team for the fix, and 6 hours and 3 deployments later, it worked.
8. third party vendor reported they are still not receiving one parameter from us.
9. back end team realised they forgot to ask ui to send another parameter.
10. added the parameter in ui, redeployed ui.
11. build and deployment tool broke down. got it fixed. delay of 1.5 hours.
12. finally things are in place. total time 26 hours.

13. found half bottle of vodka, leftover from last weekend. *Priceless*

Create an web application(a product of our company). Manager insisted on using X third party API instead of Y third party API.

Now the app is complete.
*Very slow, Shitty User Experience *

I feel shameful for creating such a disaster and also wasted 3 sprints on it. But couldn't do anything because I don't have an authority to take decision which API or technology stack I should use.

Business head and manager had a meeting. Now they want to use Y third party API.

So they called me for discussion, lets me know we will now use Y third party API and it should be completed within a week because we just need to change the API calls in code that's all, despite of knowing all the core logic is built around those API.

Don't know how to react to this :( Want to hit my head on a wall

Why has "privacy minded" people fallen for the illusion that Signal is good?

- It is centralized, which means you can't have control
- It uses google play services
- Using third party servers to send gifs
- The apk has flaws
- There is a reason F-Droid dont want it in its repo

I really can't wrap my head around why "privacy minded" people would embrace it.

My Unreal project right now:
FVector
std::vector
Eigen::Vector
KDL::Vector
....
*sigh*
And people ask me why I like Lisp. A Vector is a Vector goddamit! Half my project is now just parsing the same variable to the different functions. sigh....I hate this.

Just spent about a day and a half debugging my code a million different ways, only to discover that the third party call that kept failing needed the id in UPPERCASE.

Fellow devs,

If your boss asks you for an estimation don't follow your gut coz your gut sucks. Ask for time to analyse before giving any estimation. And yeah don't forget external factors such as :
- third party tool down (github I'm looking at you)
- updates (windows, IDE, etc.)
- 90% of the time it doesn't work
- if it involves front dev just go ahead and double your estimation
- YOUR BOSS THINKS YOU OVERESTIMATED

Sincerly.

Stole this from my friend's status

Browser Toolbar is greater than life. Third party apps are dangerous.

When your company buys a third party solution and you spend all your time emailing them about bugs in their system.

Seriously, I even sent you the exact line of the bug in your JavaScript with a suggested solution, and deployed a new stack with your latest (broken) fix so you can test out that solution. Then you email back saying it is fixed but it is clearly still broken. If I email you a fixed version of your file will you deploy it? OMG!

It has been a rough day dealing with third party vendors, who only have a few IQ points to share among the company. Nothing better to cheer me up than listening to my favourite Christmas song

Spent hours trying to figure out why API calls to a third party service weren't working.

Hit up their support and find out the following:

"Hi there, we can only take true and false as strings."

"Uhmm... Does it take anything apart from true or false?"

"No, but they must be sent in as strings"

"Any reason why you don't take booleans if it's just true or false?"

*crickets chirping*

GFG

Did I tell you that X third party system needed to be updated due to that pos using flash? Yes

Did you bitch about budget constraints and finding workarounds and stuff like that? Also Yes

Did I mention that X system was crucial for people and that we were not going to be able to do anything about it if we did not allocate the time to modify that before it happened? Also Yes

Did I mentioned this on multiple occasions? Yes

Was my team also pulled out from working on the alternative before this happened? Yes

Did I send multiple emails about this, talks, meetings and documentation of me saying all of the above? You betcha

Oh well 🤡

Oh come on... Does even ecosia need to craft their truth. First party trackers aren't that better than third-party...
At least there is only one url to block. Easy.

While working on generic enterprise code: querying databases, calling third-party APIs and just passing data around, I'm thinking: "PLEASE LET ME DO SOME THINKING, LET ME WORK ON SOME HARD ALGORITHM OR SOMETHING!"

When finally working on 'some hard algorithm or something', I'm thinking: "ARGH! MY HEAD ACHES! GIVE ME RELEASE! LET ME WORK ON SOME MINDLESS ENTERPRISE CODE!"

Past two days one of the senior devs has been complaining to anyone who will listen about a UI assembly containing 'hard-coded' references to a third party component causing several builds to break. The developer who added the telerik component probably had no idea the reference is pointing to his personal directory instead of a relative path. Easy fix? Uh...yea...but he just ranted to our boss for about 10 minutes about he has no idea how to fix the problem and the TFS build failure holding up his other projects.
WTF!? You fracking know what the relative path is!...just fracking change it and move the frack on.

The drama this drama-queen keeps spewing out is driving me out of my mind.

I'm working on a project that integrates your Android phone with your PC. Stuff like file transfer, sending SMS and notification sync. I just had an idea for an awesome feature. Started researching and found that the Android API exposes exactly what I need. Full of motivation I started coding until I realized that the permission I need cannot be granted to third-party apps. Happened the second time. Fml

Got an [IMPORTANT] email today from <some third party company> saying they discovered a problem with their software and were working on it with high prority. Problem description made my day: "<some third party company> would like to inform you that offline users using iPad may not be able to synch due to technical reasons". - wait what?!

New mobile challenge I created:

... treat this as production code and show us your best practises and thought processes ... please list and explain any third party libraries used.

First submission:

I've used library X, although it has a major UI defect when rotating the device, it should be good for a simple test.

... wrong

*Achievement unlocked*

The award of:
Asking “Can you please fucking enable some way for me to mock the networking requests?” A record number of times to unique third party libraries in a week

Awarded to:
practiseSafeHex

My manager just shared a screenshot of our internal communication with a third party vendor on an official email 🤦🤦🤦

So at the old job, i needed support for an issue relating to Amazon S3. We used a third party Python plugin for sending files to our buckets, but had some pretty severe performance issues when trying a 2-way sync.
Naturally, I sought help on StackOverflow, and was asked to share my config. Without much thought, I pasted the config file.
Next comment made me aware that our API id and key was listed in this config (pretty rediculous to keep such private info in the same file as configuration, but oh well).
I edited my question and removed the keys, and did not think about the fact that revisions are stored.

Two weeks later, my boss asks me if I know why the Amazon bill is for 25.000$ when it used to be <100$ 😳

I've never been so scared in my life. Luckily, Amazon was nice enough to waive the entire fee, and I leaned a little about protecting vital information

Why is it what so many developers think that they are the sole genius surrounded by idiots and completely lack in interpersonal skills or the ability to see other people's arguments as valid? Honestly, with some people it's like working with an emotionally stunted teenager. I literally spoke to someone yesterday who thinks it's impossible to come to a compromise or agreement about anything unless there is a third party to arbitrate and mindlessly insists on his own way in literally every disagreement, even after admitting his logic is faulty. It's like watching a spotty 17 year old argue about politics online I swear it.

Anyone else seen this before. A friend of mine showed me this as a return from a third party companies API his office was using

This is the last part of the series
(3 of 3) Credentials everywhere; like literally.

I worked for a company that made an authentication system. In a way it was ahead of it's time as it was an attempt at single sign on before we had industry standards but it was not something that had not been done before.

This security system targeted 3rd party websites. Here is where it went wrong. There was a "save" implementation where users where redirected to the authentication system and back.

However for fear of being to hard to implement they made a second method that simply required the third party site to put up a login form on their site and push the input on to the endpoint of the authentication system. This method was provided with sample code and the only solution that was ever pushed.

So users where trained to leave their credentials wherever they saw the products logo; awesome candidates for phishing. Most of the sites didn't have TLS/SSL. And the system stored the password as pain text right next to the email and birth date making the incompetence complete.

The reason for plain text password was so people could recover there password. Like just call the company convincingly frustrated and you can get them to send you the password.

Our company is cheap, cheap as fuck. We have to use some third-party platforms and every year they choose something that is slightly cheaper than the other. (like a few $ per annual), they do not know that we have to refactor our code at the backend because the changes of the platform.

It doesn't end there, they even look for devs from third world countries to work for them remotely instead of hiring permanent staff (I understand it is cheaper because of currency difference and etc), but what about the training period or to let them become comfortable with the existing system, even when he/she is a genius... it takes time to be productive at work.

The worst part is they dont give a shit, they think devs can be replaced easily just like some construction workers carrying stuffs on site (no offence to them), management treating people like shit and doesn't care when they leave.

So at school, we were supposed to do an exam through a third-party software that is supposed to block the user from searching the answers in a web browser.

We install the fucking software, lord and behold nothing works and the software keeps crashing...

The teacher insists that we are going to use this piece of shit software. One hour goes by and now the software made everyone's PC go black.

Someone suggests just doing the exam either through an ordinary browser or just by hand.

The teacher that just wasted one hour of fucking exam time lets out this big sigh and finally caves in...

And in a couple of weeks, we are going to use this shitty spaghetti-coded fuckfest called software for something called the "National tests"...

May Sky-daddy bless my classmates' souls and my own

Last year I changed jobs from a large multi-national to a small local agency (which happens to be run by friends of mine).

One of the reasons for doing this was that my work involved more office politics than *actual* software development, and had just plain stopped being fun.

Now, I am having fun again! An example?

For one of our clients we have to connect to (a lot) of third-party APIs. Often even SOAP APIs!

Now I hear you protest "But that is no fun at all! SOAP APIS SUCK!" Which is true, more often than not. 😔

BUT! My friend started an internal API-SNAFU Trello board. Every time you get bitten in the ass by some ill conceived fuck-up of an API, you get to add your complaint to the board.

Beside giving as something to reciprocally rant about, the board also serves a serious function: depending on the amount of fuck-ups an API has been known to make, the price for working with that API will go up.

Who said it doesn't pay to complain? 😀

Today, I was so certain that all the functionalities were implemented to handle some webhook calls from a third-party service. It's a script I wrote that has been running for 2+ years uninterrupted or without any issues.

We got some "complaints/notices" today that some "special" actions weren't registered, so I thought that the third-party service just didn't send those actions via their webhook. After some research I found a part where they explained that those actions trigger the webhook like any other action etc. So..

First thought: "okay, maybe they implemented that at a later stage" (was not the case)
Second thought: "maybe this is not what the client meant" (it was)
Third thought: "Then it should have been implemented" (it wasn't)

Okay, time to look at the code to see where this could get handled but apparently isn't. All the actions look good, nice, clean handeling etc, nicely documented code (gave the 'past-me' mentally a high-five)..

I scroll further down to that specific action and it was quiet obvious why it didn't work.. I just see an empty function with the comment:

"//TODO: maybe handle this action one day. don't know what this does atm, probably unused.. Will take a look at it next week.."

.. :D

I took my 'high-five' back..I just needed to copy-paste some other code and change 1-2 parameters..

I don't need you to reiterate what the problem is. I am aware. I was the one who told you what the problem is. Via email and Slack. Why do you keep restating it to me like you are the one who figured out? I know the table isn't syncing with the third party object. I'm trying to figure out WHY. No amount of "I'm pretty sure the sync process is broken" will trigger a solution. Stop coming into my office every 5 minutes with a new "revelation" that wasn't even your own. This isn't my code, and since the owner of said code is not here to fix it, I have to spend some time figuring out how this damn thing works. SO PLEASE, FOR THE LOVE OF GOD, LET ME WORK SO I CAN FIX THIS

Fucking kill me. I've just agreed to make a shitty fucking app that would be better as a Webpage, using shitty fucking technologies I don't understand, to do a thing that would be better handled by a third party.
You know why? The guy who asked me to do it is a good friend, and I'm the "best (only) code monkey" he knows. FUCK MY LIFE.

At least I'm getting payed

Found this in a third party library once. Only thing I can think is that this programmer was paid by the line. Because, seriously, this could have been one line.

My sister bought an Acer A315-44P laptop in which the keyboard and the top cover are one unit and everything else is built onto that part, meaning that replacing the keyboard involves disassembling the entire laptop, the keyboard is among the most expensive replacement parts, and it's unique to the model. This is already infuriating and it's hard to attribute it to gross incompetence rather than deliberate malice motivated by unchecked greed, but what makes it completely indefensible is that their European parts distributors don't stock this part for most models so third party repair shops can't easily obtain one.

But to seal the whole ridiculous charade, THE FIRST-PARTY REPAIR SHOP DOESN'T PICK UP THE FUCKING PHONE. I've already capitulated, just accept my fucking money! What, do they really expect that if I have to go out and buy another laptop because they made it hard to fix, they won't fix it, and won't let me fix it, that I'll ever buy Acer again? What is the strategy here? Do they think they're Apple, so people take this bullshit? But even Apple has a repair service! I don't understand this business model at all.

I've lost 3 hours trying to implement third-party extension just to realize I've never imported it into the project.

Why me?

People keep using Firebase and saying how cool it is, I'll laught when Google does the same that facebook did with Parse or hike prices like they did with Google Maps Recently.... People stop putting your core logic in a third party black box.. it's not going to end well...

Never lose your sense of wonder when it comes to working with clients. Client berated us saying her data were outdated. Ok. Check the file the third party that generated the data is sending us.

Outline all stated discrepancies in the data back to the client, showing that everything lines up with what we are receiving.

Client is frustrated. Contact the third party in their behalf.

Third party support: “oh yea, client had us start sending data to your competitor like a month ago”

Bruh. Bruh. Bruh.

Fortunately the client wants to stay with us and is getting their data pointed back but how in the hell do you forget that. The reason the client when looking at competition (at least guessing looking at previous call records) is to get faster processing of the data coming from the third party. How are you gonna forget you turned off the sending when you are so worried about speed?! Most of our clients are running 7-8 figure businesses by the way.

Hiring a third party to help us with something...
Third party: yeah okay, we know what we need. Can we get access to your git repo
Me: sure, I'll make sure you'll get it
(To the admins): hey can you get them access to our git server?
Admins: did they sign the personal data processing contract?
Me: oh they won't work with any personal data. It's a dev server and they only need access to the source code. And the usual contracts and NDAs are already done
Admins: well we still need the other one.

... Sure. Why not. Just delays the start of the process for... Like a week and a half until that useless bit of paper has passed through all the necessary departments. Not like time's an issue. Right?

I wrote an auth today.

Without frameworks. Without dependencies. Without under-the-hood magic. Without abstract pluggable adaptor modules for the third-party auth library with 63 vulnerabilities and 1252 GitHub issues. Without security vulnerabilities showing up in NPM log. Without dependency of a dependency of a dependency using md5 and Math.random() under the hood for historical reasons, and now we're fucked, because this is the only lib for our framework, and we have no time to write our own replacement. Without all that shit.

Rock-solid, on top of scrypt. Stateless and efficient.

It felt amazing.

Before you fire me and delete me as admin from managing your website, also be sure to check on and have me transfer to you the third-party stuff, like Cloudflare or Mailchimp. Remember how I had to set these up on my own on your behalf (because you don't know what you're doing and those alerts would disappear into your unmanaged inbox)? Think first to make sure you have full control over your WHOLE site. You see, what happens when I delete those accounts is no longer my problem once I walk out the door.

Our company decided to buy a new platform from a third party company..but they did not pay at all at once, it was like a loan, and every month we received a new feature to integrate in our code system, after a couple of months the company stopped paying, then they decided to cut the relation and suddenly I was working 18 hours per day to build the platform that they were supposed to buy.. we were told that we had one month to finish, of course we didn’t make it, I got fired the same year :D

GDPR is about to happen.
Has anyone read the provisions?
It's like they put some flat earther anti-vaxers in a room and made them scribble up a law.

For those who don't know - it's a new, EU-wide "data privacy" law that's about to take effect on May 25th.

The gist of it is that if you fuck up even a little bit, you get to personally pay a fine of up to 10 Million Euros (for companies there's a separate clause, this is for employees only), or/and 2-3 years in jail if that fuck-up has caused material damages.
That little fuck-up can be as simple as losing a tiny amount of data between back-ups, or entrusting a third party with full access to some data (which is not prohibited) without controlling 100% what he can do with that data (which IS prohibited).

I shit you not, these are the explicit articles of that law.

If it is enforced in this way, it is the swift death of European economy. Just because some retards didn't read the privacy policy before agreeing to it, and then made a shit storm, everyone has to suffer.

Alright, guys. You have complete autonomy over this project, from ideation to execution. You can do exploratory interviews to find out what potencial customers would think, you can come up with prototypes, you can choose whatever tech stack you deem fit for the job. The only requirement is that it must be a beauty product. Oh, and that it must have a way to publish this ton of pictures of models our client has. Oh, and it must handle payments and inventory. And it may integrate with third party software. And users need to save the pictures they like. And a booking system. Is that hard to understand?

Hope you all are fine. ♥️

Next week I will hold a presentation for global sales manager(s?) and third party CEO. That will be fine. 😬

Fuck third-party's third-party dependencies which break your third-party dependencies

MacBook/OSX

Have used all kinds of OSes and computers. Nothing sucked the productivity out of me as much a company provided MacBook. Some issues were related to the company setup (vpn issues after sleep, jamf botched app installs). But most of the day to day work was just due to crappy key handling. Lots of shortcuts that work everywhere don't (think all the alt combos in terminal). Common things require combos and using the actual keys (like home and end) on an external keyboard have undefined behaviour. Out of the box it does not even have decent window management, this means that a third party tool has to provide the shortcuts and they clash with a few programs.

Thank god I can use Linux now to develop for Linux.

After drilling yourself with links and resources, documentation and cant execute what you want. You leave it.

Some time later you go back and you are like why the hell didnt I understand this it's so simple :/ and it literally says what to do.

This is when I became a calm developer. Don't rush yourself. If you want to quickly do something. READ dont just look 🙃

Also, don't persist with understand the official docs. The third party explanations will show you flames 80% of the times if you are learning something new.

Forget most useless feature, an entire, year long product. Me (at the time very junior) and a principle engineer, wasted a year bundling our product as a plugin in a third party app. 3 years later, we'd sold 2 licences. It was a buggy pile of hell.

dude fuck fucking salesforce i fucking hate the day someone came up with the brilliant ass idea of inventing this garbage crm software that i must deal with even though it is not my area. i fucking hate the developer experience to do third-party implementations, not letting you upload changes to another environment for the sake of """"good practices"""", the fucking interface is slow as shit i could've already had intense hto sex, taken a shit, cook lunch and sleep 2 hours before it can load a single retarded lightning page.
why? WHY? WHYYY? WHY MUST THIS ASSWARE EXIST? WHY?

AS A FACT I'VE WRITTEN THIS RANT BEFORE THE DAMN PAGE EVEN LOADED A CONFIGURATION SECTION. GOD HELP US.

Recently, one of my customers filed a ticket because some iFrame he got from another company wouldn't display after putting it into the content editor.
I told her it won't work because the (third-party) editor prohibits JavaScript inside iFrame tags and their attributes for security reasons.
She said ok. She said she'd understood the problem. And then, she reopened the ticket four (4!!!) times for the exact same reason, once because she tried to use a fixed iFrame tag the other company sent to her... still containing JavaScript, of course.

But, yeah... She understood what the problem was. Is clear.

You know, I am astonished at the number of people here that use(d) Facebook. It's even more amazing that these same people are actually surprised that all this shit happened with their data.

I don't have a Facebook account, or Instagram, or Twitter, etc. When this stuff first started coming out, people kept telling me to sign up for accounts.

I refused, telling them that I didn't want to give my private information to a third party that I didn't even know. And not only that, but they can use the private information about you in any way they wish and also sell it to third parties.

I was of course told to take off my tinfoil hat... and it's only now that people are realizing that they are giving away potentially private information to people they don't know?

If I came to your door and asked you everyday to send everything you did that day to me so that I could file it away and use it as I please, you would probably tell me to get the hell off your property.

It just blows me away that if you put that same offer in the format of a website, suddenly people are begging to give you their data.

It's fucking lunacy... 😞

Mozilla will update the browser to DNS-over-HTTPS security feature to all Firefox users in the U.S. by default in the coming weeks.

According to the report of TechCrunch : Whenever you visit a website ; even if it's HTTPS enabled, the DNS query that converts the web address into an IP address that computers can read is usually unencrypted. DNS-over-HTTPS or DoH encrypts the request so that it can not be intercepted or hijacked in order to send a user to a malicious site. These unencrypted DNS queries can also be used to snoop on which websites a user visits. The feature relies on sending DNS queries to third-party providers such as Cloudflare and NextDNS which will have their DoH offering into Firefox and will process DoH queries. Mozilla also said it plans to expand to other DoH providers and regions.

That moment when you are using a third-party​ library and when you update the library it has breaking changes...

So I just noticed something.

When I am using my client when I am connected to LTE and not a good WiFi signal, the app hangs every time you want to vote on a post/comment because I didn’t make it non-blocking. This will be fixed in the next few days!

It’s amazing how experience degradation can be absolutely invisible depending on your connection.

Gotta love it when everything works flawlessly with the test API endpoint and credentials, but when I try to go live, there's suddenly a ton of additional configuration to get the third-party APIs working.

Why the fuck do you even provide a testing environment, if it's completely different from the live one?

can there just ONCE be a FUCKING react native library that works as it is FUCKING documented?

but NOOOO, gotta always sift through the absolute shit pile that is GitHub issues threads digging out arcane horseshit to make the stupid shit work just like the little managers want

on and on into the circus enternity

The agency I own built a WordPress plugin for a client using a freelancer developer. The client, out of ambivalence, withheld information that would have drastically changed the design of the plugin, but by the time we found out it was much to late to start over. The developer moved overseas in the middle of it all and from then on was not very responsive to communications about the project which delayed things by months. I tried to find a replacement developer but nobody else had experience with the third-party API. The live version of the API ended up not being able to support what we were trying to get it to do with the plugin even though the test version of the API was fine and the vendor was unhelpful. And because we spent so much time and money on the plugin, we weren’t able to even begin on another part of the project. The client complained of over $30,000 in lost revenue due to these issues. Complete fail all around. I’m never doing another custom software project again. It’s all just website design from here.

Third party vendor whose shitty API we have to use as part of our application blocks our account IN PRODUCTION without even telling us every time they have a slowdown because of course it must be us. Yeah, I didn't want to go home anyway🖕

Why has programming become dependency management and third party paid libraries implementation?

I hate it.

I want to code some real hard stuff but everything is already made!

The pain of using third-party library with unclear documentation.

"Oh just read the code"

well it would've helped IF THE CODECLIMATE RATING ISN'T 0.4. D:

Every FUCKING time iOS releases a version update, I have to update my Xcode, my code to the latest swift, my third party libraries..
Do you feel my pain , Apple?

Working on a project with third party web developers who don't know multiple language support, difference between UTF-8 and Unicode.
Other than that, life's good

So I'm working on an SDK, I often wonder if developers will curse me as much as I curse every developer of every third-party SDK I ever implemented.

Reducing API access to third party apps seems like a fucking short sighted move, Twitter.

Presumably given up on innovating on the platform and decided to milk what you have.

Doesn't excite me about your future.

Risk engine for payment processing, with support for custom rules and third party integrations like IDology. Deadline was one week.

You may know I love to hate tests. Well not the tests actually, what I hate is the TDD culture.

DBMS schema in my app dictates a key can either have a value, or be omitted - it can't be null, and all queries are written with that in mind (also they're checked compile-time against schema). But tester failed to mock schema validation, inserted a bunch of null keys with mock data, actually wrote assertions to check those keys are null (even though they never should be), and wanted me to add "or null" to my "exists" queries.

No, we don't need more tests, and you're not smart with your "edge cases" argument. DBMS and compiler ensure those null values can never exists in our DB, and they're already well tested by their developers. We need you to stop relying on TDD so much you forget about the practical purpose of the code, and to occasionally break from the whole theoretical independent tests to make sure your testing actually aligns with third-party services some code uses.

And no, we don't need more tests to test your mocks, and tests to test those test, and yo dawg, I heard ...

I have the habit of adding //todo comments to my code whenever I need to implement something later. Very useful to just search your code for "todo" and see what is left to do.

That is all very well, but I just searched my project for "todo" and there are SO MANY //todo comments in the third party dependencies...

@dfox I sent you an email regarding a better, safer implementation of the third-party notification server! Can you take a look?

Decided to write myself a CUDA wrapper using no third party library (e.g. managedCUDA).. I'm starting to regret it o.O

Am I the only one who hates when I enter a simple question like "PHP memory limit" and the first link *isn't* the official PHP documentation? Who gives a flip about some fancy third-party webpage where they write a whole flippin' article about a simple directive?

Ugh... The priority Google...

Job BS that made me consider quitting?

Huh. so timely.

With my previous employer, it was the whole "we're doing Agile and sprints and all the things" with "finish the project in six weeks plus here are some more requirements" garbage. Plus my tech lead always let the business roll over her and add unplanned requirements during a sprint without adjusting the deadlines set by the project managers. In summary: a fuck-all combination of Waterfall deadlines, Kanban tickets and Scrum timeboxes.

At my current employer, it's our business partners who're a bunch of douchebags that don't plan for anything except making sure their bonuses stay intact. Recently they terminated support for a third-party product that literally drives 99% of their web application then says to us "Hey, we need to build our own replacement for the vendor product using an entirely new stack. You have 3 months or our clients will get pissed." Oh, and these business partners keep raising new issues without any documentary basis except "this doesn't feel right" when they test our in-progress work. So helpful <sarcasm />

On the bright side, I'm getting paid whether or not this project fails, so... meh.

The most crazy issue I've fixed was caused by a TCP behavior which I didn't know, called the "half-closed connection".
There was a third-party application installed on a production server which called a LDAP server for retrieving users information. During the day we had several users using the application and all worked fine. During the night, when the application was not accessed, something happened and the first call to the application in the morning was stuck for about 5 minutes before returning a response. I tried to reproduce the issue in a testing environment without success. Then I discovered that the application and the LDAP server were located on two different networks, with a firewall between them. And firewalls sometimes drop old connections. For this reason network applications usually implement a keep-alive mechanism. Well, the default LDAP Java libraries don't set the keep-alive on their connections. So, I found a library called "libdontdie", which force the keep-alive on the connections. I installed the library on the server, loaded it at the startup and the weird stuck behavior in the morning disappeared.

It took literally days to get our software installed onto the client VMs and get the services started correctly.

On our own test VMs the same task takes all of about an hour or so. Mind you these VMs are supposed to be created and match the client's environment almost too the T. Same configurations, same third party software, same environment variables and the whole 9 yards.

This was not the case at all.

Environment variables were not set, third party software was not installed, and I honestly don't remember the list of things wrong with how they setup the VM. Sparing the details, the errors were also not helpful.

They also gave us critical information we needed for development days before we were going on site to test. The amount of hackery we had to do could be a completely separate rant on its own.

While desperately trying to to stay sane long enough to get our services started, the only thing I could think was how great it would be if there was a fire or something. Anything, just to have an excuse to go back to the hotel and actually sleep. The second day there we finally had everything installed and running.

I shit you not, just as we began our first test, the fire alarms went off.

At this point in time the team was extremely (pissed tf off) annoyed to put it mildly. Assuming it was just a drill, we left our stuff and went to eat dinner. After we came back we found out it in fact was not a drill...

Moral of the story:
Don't wish bad fortune on a customer even if out of impulsive spite.

Other moral of the story:
Don't leave your belongings behind only because you think the fire alarms are just a fire drill. It may not be.

P.S. Karma's a bitch.

Salesforce lightning web components have such bullshit limitations that they claim is because of security but it's just because it's overengineered garbage.

Want to use web components? Nope.

Want to pass in a value to a function in a click listener expression? Nope.

Want to use scss? Nope, compile it to css yourself.

Want to use the fucking document object? Guess what it's overridden except for very specific third party frameworks.

Who in the fuck thought it was a good idea to override the document object? Your app isn't more secure, literally the entire internet uses the document object and it still becomes available in runtime anyway so what the fuck??

LWC is the biggest garbage I've ever seen, you know a framework's a big red flag when there are developers solely for the framework.

There is a new security release coming out that apparently removes some of these nuances (understatement) so there might be some light at the end of the tunnel.

I always had this mentality that I shouldn’t rely on a certain library or framework for my entire project because what if one day they stop supporting it. (Yeah I’m talking to u vuetify) That’s why I came up with this code structure that for everything that I wanna do I have a ‘driver’ library all coded by myself that interacts with that third party framework or library so if they stop supporting it I could just change a couple of lines of code in my driver file and my codebase should be working again. But I feel like this ‘driver’ approach is not the most efficient way of going in terms of memory usage. Do you guys think I should keep it simple and directly use those libraries or this is actually not a bad approach.

Making an app for Android and iOS, for a football club in league.
Android, naturally is no problem.
iOS.....
"Your app or its metadata appears to contain misleading content.
Specifically, your app includes content that resembles one or multiple third-party sports teams and/or leagues."
....yes....because it's an app for a football club in a league.
What else can I do about that? Can I have more specifics?

Every year, the worst dev experience comes right at the holidays, when website owners with big egos want to launch right on (U.S.) Thanksgiving Day, Christmas Eve, or New Year’s Eve/Day because they think they’re that popular and important. It never occurs to them that this is the WORST time because any third party support you need for hosting, APIs, plugins, etc. is either backlogged or out of office. And because NOBODY is eagerly awaiting the redesign of ANY website on those particular dates since they are stuffing their faces and getting s&&&faced at bars and parties. Nobody will even notice that your website has changed until January 15th at the earliest.

I need to encrypt some large files at rest and then decrypt them immediately prior to processing.

App and files are on a Linux system (CentOS). App is in C. Machine is controlled by a third party.

What encryption libraries would you recommend? And, is there any clever way of managing the decryption key beyond compiling it in the code and doing some basic obfuscation?

Are they fancy obfuscation libraries out there, for example?

And, the reason I'm not going to SO (well, one reason) is that I don't want to have 50 answers that tell me that's it's impossible to 100% protect data on a machine you don't control. This I understand---just looking for "best effort" solution.

I remember when doing some privacy cleanup, looking at the third-party li