This is one reason to be lazy

Every step of this project has added another six hurdles. I thought it would be easy, and estimated it at two days to give myself a day off. But instead it's ridiculous. I'm also feeling burned out, depressed (work stress, etc.), and exhausted since I'm taking care of a 3 week old. It has not been fun. :<

I've been trying to get the Google Sheets API working (in Ruby). It's for a shared sales/tracking spreadsheet between two companies.

The documentation for it is almost entirely for Python and Java. The Ruby "quickstart" sample code works, but it's only for 3-legged auth (meaning user auth), but I need it for 2-legged auth (server auth with non-expiring credentials). Took awhile to figure out that variant even existed.

After a bit of digging, I discovered I needed to create a service account. This isn't the most straightforward thing, and setting it up honestly reminds me of setting up AWS, just with less risk of suddenly and surprisingly becoming a broke hobo by selecting confusing option #27 instead of #88.

I set up a new google project, tied it to my company's account (I think?), and then set up a service account for it, with probably the right permissions.

After downloading its creds, figuring out how to actually use them took another few hours. Did I mention there's no Ruby documentation for this? There's plenty of Python and Java example code, but since they use very different implementations, it's almost pointless to read them. At best they give me a vague idea of what my next step might be.

I ended up reading through the code of google's auth gem instead because I couldn't find anything useful online. Maybe it's actually there and the past several days have been one of those weeks where nothing ever works? idk :/

But anyway. I read through their code, and while it's actually not awful, it has some odd organization and a few very peculiar param names. Figuring out what data to pass, and how said data gets used requires some file-hopping. e.g. `json_data_io` wants a file handle, not the data itself. This is going to cause me headaches later since the data will be in the database, not the filesystem. I guess I can write a monkeypatch? or fork their gem? :/

But I digress. I finally manged to set everything up, fix the bugs with my code, and I'm ready to see what `service.create_spreadsheet()` returns. (now that it has positively valid and correctly-implemented authentication! Finally! Woo!)

I open the console... set up the auth... and give it a try.

... six seconds pass ...

... another two seconds pass ...

... annnd I get a lovely "unauthorized" response.

asjdlkagjdsk.

> Pic related.

Today I got lectured by one of our Seniors that my automated test isn't useful because it always fails. Reminded him that it only fails because of a bug that's assigned to his team for four months now. He answered that I should remove the test case. Sometimes I honestly question why they even have a QA if they ignore at least 80% of reported bugs...

Watch out for these fucking bug bounty idiots.

Some time back I got an email from one shortly after making a website live. Didn't find anything major and just ran a simple tool that can suggest security improvements simply loading the landing page for the site.

Might be useful for some people but not so much for me.

It's the same kind of security tool you can search for, run it and it mostly just checks things like HTTP headers. A harmless surface test. Was nice, polite and didn't demand anything but linked to their profile where you can give them some rep on a system that gamifies security bug hunting.

It's rendering services without being asked like when someone washes your windscreen while stopped at traffic but no demands and no real harm done. Spammed.

I had another one recently though that was a total disgrace.

"I'm a web security Analyst. My Job is to do penetration testing in websites to make them secure."
"While testing your site I found some critical vulnerabilities (bugs) in your site which need to be mitigated."
"If you have a bug bounty program, kindly let me know where I should report those issues."
"Waiting for response."

It immediately stands out that this person is asking for pay before disclosing vulnerabilities but this ends up being stupid on so many other levels.

The second thing that stands out is that he says he's doing a penetration test. This is illegal in most major countries. Even attempting to penetrate a system without consent is illegal.

In many cases if it's trivial or safe no harm no foul but in this case I take a look at what he's sending and he's really trying to hack the site. Sending all kinds of junk data and sending things to try to inject that if they did get through could cause damage or provide sensitive data such as trying SQL injects to get user data.

It doesn't matter the intent it's breaking criminal law and when there's the potential for damages that's serious.

It cannot be understated how unprofessional this is. Irrespective of intent, being a self proclaimed "whitehat" or "ethical hacker" if they test this on a site and some of the commands they sent my way had worked then that would have been a data breach.

These weren't commands to see if something was possible, they were commands to extract data. If some random person from Pakistan extracts sensitive data then that's a breach that has to be reported and disclosed to users with the potential for fines and other consequences.

The sad thing is looking at the logs he's doing it all manually. Copying and pasting extremely specific snippets into all the input boxes of hacked with nothing to do with the stack in use. He can't get that many hits that way.

"Never trust a user or client, when dealing with 'bugs', always try to reproduce."

very useful advice from an old colleague

Stack overflow is overrated

With that I mean that a lot of people think that stack overflow is the best thing that every programmer has and can't live without it. That if stack overflow is down, nobody is able to write a single line without bugs. That 47.24% of a programmers time is spent searching on stack overflow. Sure, it is helpful for finding answers, and some are very good at explaining stuff, but it's not essential. I made an account when I started coding, because it "sure is the most important thing, right?", but the only thing I have done with it is changing the profile picture, because I simply don't use stack overflow that much. When I search my problems on Google, I mostly find the answer on some specific forum for that library I'm using, or more often, in the official documentation for it, no need for stack overflow. I'm not trying to say that it is not useful at all or that it should be taken down because nobody uses it, but that it is not essential in every programmers life.

Worst collaboration experience story?

I was not directly involved, it was a Delphi -> C# conversion of our customer returns application.

The dev manager was out to prove waterfall was the only development methodology that could make convert the monolith app to a lean, multi-tier, enterprise-worthy application.

Starting out with a team of 7 (3 devs, 2 dbas, team mgr, and the dev department mgr), they spent around 3 months designing, meetings, and more meetings. Armed with 50+ page specification Word document (not counting the countless Visio workflow diagrams and Microsoft Project timeline/ghantt charts), the team was ready to start coding.
The database design, workflow, and UI design (using Visio), was well done/thought out, but problems started on day one.
- Team mgr and Dev mgr split up the 3 devs, 1 dev wrote the database access library tier, 1 wrote the service tier, the other dev wrote the UI (I'll add this was the dev's first experience with WPF).
- Per the specification, all the layers wouldn't be integrated until all of them met the standards (unit tested, free from errors from VS's code analyzer, etc)
- By the time the devs where ready to code, the DBAs were already tasked with other projects, so the Returns app was prioritized to "when we get around to it"

Fast forward 6 months later, all the devs were 'done' coding, having very little/no communication with one another, then the integration. The service and database layers assumed different design patterns and different database relationships and the UI layer required functionality neither layers anticipated (ex. multi-users and the service maintaining some sort of state between them).

Those issues took about a month to work out, then the app began beta testing with real end users. App didn't make it 10 minutes before users gave up. Numerous UI logic errors, runtime errors, and overall app stability. Because the UI was so bad, the dev mgr brought in one of the web developers (she was pretty good at UI design). You might guess how useful someone is being dropped in on complex project , months after-the-fact and being told "Fix it!".

Couple of months of UI re-design and many other changes, the app was ready for beta testing.

In the mean time, the company hired a new customer service manager. When he saw the application, he rejected the app because he re-designed the entire returns process to be more efficient. The application UI was written to the exact step-by-step old returns process with little/no deviation.

With a tremendous amount of push-back (TL;DR), the dev mgr promised to change the app, but only after it was deployed into production (using "we can fix it later" excuse).

Still plagued with numerous bugs, the app was finally deployed. In attempts to save face, there was a company-wide party to celebrate the 'death' of the "old Delphi returns app" and the birth of the new. Cake, drinks, certificates of achievements for the devs, etc.

By the end of the project, the devs hated each other. Finger pointing, petty squabbles, out-right "FU!"s across the cube walls, etc. All the team members were re-assigned to other teams to separate them, leaving a single new hire to fix all the issues.

Got a few Jira tickets reassigned to me because the dev who was supposed to work on them got stuck on another project. It's fine, that happens.

I open the tickets. No descriptions for all of them. No screenshots for those reported as bugs, nor any replication steps. No attached test cases or, well, ANY useful information.

I talk to our BA, he says that all information I need are in OTHER tickets on ANOTHER BOARD that business manages but I DON'T HAVE ACCESS TO. Honestly, these shitfucks could've just done simple copy/paste. But nooooo...

So I reassign all the tickets back to their original reporters (business testers) with comments requesting more information.

It's been a week. Now I have no idea what to put in my time sheet.

Xcode storyboards

I can't do it justice by explaining how many times having the entire UI flow in one file has helped me.

Even for unexpected stuff, like an Android dev joining the team and needing to know the workflow of login / registration -> print screen the storyboard.

Manager asking for all the different possible paths through the app -> print screen the storyboard(s).

And then live rendering of custom components to be able to see them while playing with alignments.

While it has its bugs, and could have a few more features, it's too useful to ignore.

I know many iOS devs don't like it, and that's fine because I don't like them either and I don't hire them ;-)

I would say my biggest insecurity is not getting (enough) useful straightforward feedback from my boss about how I work.
I have a tendency to take a bit longer than others, but deliver code that rarely has to be fixed.
Some of it may appear overengineered but it really isn't... I just like it clean and not hacky.
There are times my boss seems like telling me subconciously that I take too long for my stuff, but then again, he is really happy when we deliver a big thing to a customer and it just works, without any bugs or negative feedback.
It sometimes drives me nuts. 😅

Rolled out a new application I built almost entirely by myself 2 days ago... But my dev group is understaffed and has a project manager who is literally the most clueless person I have ever met, so as a result, we don't have a functional/useful dev/test/prod framework and no standards for how to deploy apps. So my past 2 days were comprised of fixing bugs in the live system that could probably have been caught if I had the time and resources to get everything thoroughly tested. It's stable now, but damn our management for being generally idiots. Our motto appears to be "Fuck it, we'll do it live"

So there are a few bugs with IDEA and qwertz keyboards, namely there are combos on @ { < keys (you know, not that i would use those in java). After setting it to qwerty, manually deleting every shortcut and restarting the whole damn universe, still nothing. Very useful, 10/10, would use again.

Except not.

v0.0005a (alpha)
- class support added to lua thanks to yonaba.
- rkUIs class created
- new panel class
- added drawing code for panel
- fixed bug where some sides of the UI's border were failing to drawing (line rendering quark)

v0.0014a (alpha) 11.30.2023 (~2 hours)
- successfully retrieving basic data from save folder, load text into lua from files
- added 'props' property to Entity class
- added a props table to control what gets serialized and what doesn't
- added a save() base method for instances (has to be overridden to be useful beyond the basics)
- moved the lume.serialize() call into the :save() method on the base entity class itself
- serialized and successfully saved an entities property table.
- fixed deserializion bugs involving wrong indexes (savedata[1] not savedata[2])
- moved deserialization from temp code, into line loading loop itself (assuming each item is on one line)
- deser'd test data, and init()'d new player Entity using the freshly-loaded data, and displayed the entity sprite

All in all not a bad session. Understanding filing handling and how to interact with the directory system was the biggest hurdle I was worried about for building my tools.

Next steps will be defining some basic UI elements (with overridable draw code), and then loading and initializing the UI from lua or json.

New projects can be set as subfolders folders in appdata, using 'Setidentity("appname/projectname") to keep things clean.

I'm not even dreading writing basic syntax highlighting!

Idea is to dogfood the whole process. UI is in-engine rendered just like you might see with godot, unity, or gamemaker, that way I have maximum flexibility to style it the way I want. I'm familiar enough with constructing from polygons, on top of stenciling, on top of nine-slicing, on top of existing tweening and special effects, that I can achieve exactly what I want.

Idea is to build a really well managed asset pipeline. Stencyl, as 'crappy' as it appeared, and 'for education' was a master class in how to do things the correct way, it was just horribly bloated while doing it.

Logical tilesets that you import, can rearrange through drag-n-drop, assign custom tile shapes to, physics materials, collisions groups, name, add tag data to, all in one editor? Yes please.
Every other 2D editor is basic-bitch, has you importing images, and at most generates different scales and does the slicing for you.

Code editor? Everything behavior was in a component, with custom fields. All your code goes into a list of events, which you can toggle on and off with a proper toggle button, so you can explicitly experiment, instead of commenting shit out (yes git is better, but we're talking solo amateurs here, they're not gonna be using git out the gate unless they already know what they're doing).

Components all have an image assignable to identify them, along with a description field, and they're arranged in a 2d grid for easy browsing, copying, modifying.

The physics shape editor, the animation editor, the map editor, all of it was so bare bones and yet had things others didn't.

I want that, except without the historic ties to flash, without the overhead of java, and with sexier fucking in-engine rendering of the UI and support for modding and in-engine custom tools.

Not really doing it for anyone except myself, and doubt I'll get very far, but since I dropped looking for easy solutions, I've just been powering through all the areas I don't understand and doing the work.

I rediscovered my love of programming after 3-4 years of learning to hate it, and things are looking up.

so am switching jobs as an Android dev from a company which made android libs (using almost 0 external dependencies and mostly java) to a company which makes android apps( and is probably using either rx/guava/ribs/hilt etc or the more fancy hilt/compose/coroutines/clean-arc etc. its either one of them depending upon the maturity of product)

B2C folks use tons of libraries in favor of delivering fast but learning about those libraries while taking new tasks and fixing bugs CAUSED by those libraries ( or their inappropriate usage) is a big PAIN IN THE FUCKING ASS.

I remember i had once became such a weird dev coz of my prev company ( before the current libraries one, which was also a B2C) .

on weekends i would come up with a nice app idea, start a new android studio project, and before writing a single line of useful code, i would add a bunch of libraries, gradle scripts and extensions .

that ocd will only settle once all the steps are done and i can see a working app after which i would write the code for actual code for feature implementation.

granted that these libs are good for creating robust scalable code, but most of the times those infinite kayers of seperation, inheritance and abstraction are not really needed for a simple , working product.

:/

i have also started reading about rxjava , and although i am repulsive to this library due to its complicated black box like structure, i find its vast number of operators nd built in solutions very cool.

at the end of the day, all i want is to write code that is good enough for monkeys, get it shipped without any objections and go back home.

and when you work on a codebase that has these complicated libs, you bet your ass that there will be thos leetcode bros and library lover senëõr devs waiting to delay the "go back home" part 😪