Le monday morning after a commit on sunday evening...

PM: BLAAAH!!!! Your commit broke the site, nothing is working!!!!!!
Me: What? All of tests passed (coverage 95%), no issues were found.
PM: NOO!!!! Site is broken, we can't use it no more!!!
Me: Ok, what's the problem?
PM: I've tried to enter -10021 into this field on that page and it gived me an error.
Me: Ok? So, that single page is broken?
PM: No, whole site!!!! This is important
Me: Sure... Let me take a look

* PM tried to enter a negative value into an unsigned field that I've mutated yesterday after checking LIVE database if there was no records with negative value. Reason: we've hit an int limit and there was no chance that the value would be negative. Validation? Well, yes.... Except that page was added by him this morning without even checking everything else *

Me: Here, this is the issue, *gives explanation*
PM: Well.... You shouldn't do this. This is unacceptable. You must never leave int fields without negative values. Didn't they teach you in school that integers can be negative?!
Me: What? *consufed as hell*
PM: *More morale... blah blah blah....* Revert it back!
Me: Ok but if anything else breaks, copy of this slack conversation will be kept.
PM: Don't care! Fix it!
Me: * Reverts the fix, saves chat copy * - Done.
PM: Great.

* 5 wild minutes later *
PM: BLAAAH!!!! Site is down, service is not working, what have you done?
Me: Reverted the change needed for it to work. Todays schedule is full with other important tasks. * pastes a screenshot as a proof that he asked me to do this *
PM: FIX IT NOW! Apply your fix.
Me: You're the PM. - Done.
PM: Great, now I'll fix my code. You should be more careful next time.
Me: * YOU DENSE MATHA...KER * Sure.

How's your morning going? :)

The GET /users endpoint will return a page of the first 13 users by default.

To request other pages, add |-separated querystring with the limit and offset, as roman numerals enclosed in double quotation marks. Response status is always equal to 200, plus the total count of the resource, or zero when there's an error.

You can include an array of friends of the user in the result by setting the request header "friends" to the base64-encoded value of the single white pixel png.

Other metadata is not included by default in responses, but can be requested by appending ?meta.json to any endpoint, which will return an xml response.

If you want to update the user's profile picture, you can request an OAuth token per fax machine, followed by a pigeon POST capsule containing a filename and a rolled up Polaroid picture. The status code attached to the return postal dove will be the decimal ASCII code for a happy smiley on success, and a sad smiley if any field fails form validation.

-- Every single external REST API I've ever worked with.

I'm trying to sign up for insurance benefits at work.

Step 1: Trying to find the website link -- it's non-existent. I don't know where I found it, but I saved it in keepassxc so I wouldn't have to search again. Time wasted: 30 minutes.

Step 2: Trying to log in. Ostensibly, this uses my work account. It does not. Time wasted: 10 minutes.

Step 3: Creating an account. Username and Password requirements are stupid, and the page doesn't show all of them. The username must be /[A-Za-z0-9]{8,60}/. The maximum password length is VARCHAR(20), and must include upper/lower case, number, special symbol, etc. and cannot include "password", repeated charcters, your username, etc. There is also a (required!) hint with /[A-Za-z0-9 ]{8,60}/ validation. Want to type a sentence? better not use any punctuation!

I find it hilarious that both my username and password hint can be three times longer than my actual password -- and can contain the password. Such brilliant security.

My typical username is less than 8 characters. All of my typical password formats are >25 characters. Trying to figure out memorable credentials and figuring out the hidden complexity/validation requirements for all of these and the hint... Time wasted: 30 minutes.

Step 4: Post-login. The website, post-login, does not work in firefox. I assumed it was one of my many ad/tracker/header/etc. blockers, and systematically disabled every one of them. After enabling ad and tracker networks, more and more of the site loaded, but it always failed. After disabling bloody everything, the site still refused to work. Why? It was fetching deeply-nested markup, plus styling and javascript, encoded in xml, via api. And that xml wasn't valid xml (missing root element). The failure wasn't due to blocking a vitally-important ad or tracker (as apparently they're all vital and the site chain-loads them off one another before loading content), it's due to shoddy development and lack of testing. Matches the rest of the site perfectly. Anyway, I eventually managed to get the site to load in Safari, of all browsers, on a different computer. Time wasted: 40 minutes.

Step 5: Contact info. After getting the site to work, I clicked the [Enroll] button. "Please allow about 10 minutes to enroll," it says. I'm up to an hour and 50 minutes by now. The first thing it asks for is contact info, such as email, phone, address, etc. It gives me a warning next to phone, saying I'm not set up for notifications yet. I think that's great. I select "change" next to the email, and try to give it my work email. There are two "preferred" radio buttons, one next to "Work email," one next to "Personal email" -- but there is only one textbox. Fine, I select the "Work" preferred button, sign up for a faux-personal tutanota email for work, and type it in. The site complains that I selected "Work" but only entered a personal email. Seriously serious. Out of curiosity, I select the "change" next to the phone number, and see that it gives me four options (home, work, cell, personal?), but only one set of inputs -- next to personal. Yep. That's amazing. Time spent: 10 minutes.

Step 6: Ranting. I started going through the benefits, realized it would take an hour+ to add dependents, research the various options, pick which benefits I want, etc. I'm already up to two hours by now, so instead I decided to stop and rant about how ridiculous this entire thing is. While typing this up, the site (unsurprisingly) automatically logged me out. Fine, I'll just log in again... and get an error saying my credentials are invalid. Okay... I very carefully type them in again. error: invalid credentials. sajfkasdjf.

Step 7 is going to be: Try to figure out how to log in again. Ugh.

"Please allow about 10 minutes" it said. Where's that facepalm emoji?

But like, seriously. How does someone even build a website THIS bad?

I was taking an introductory programming course. One assignment was to do a little payroll program, including some data validation. The program was supposed to accept terminal input and send output back to either the console or a printer.

Suddenly the printer began spewing out paper like crazy. One of the students (a particularly mouthy woman) had programmed a less-than-helpful error message ("YOU ARE WRONG") and then not provided any exit from the error-checking logic -- the program just re-read the last (failing) input and re-tested it. All in all, it was a very nice infinite loop.

After spitting through about fifty pages of "YOU ARE WRONG," somebody cut power to the printer, and the instructor had to flush the print queue manually. He went back to the student and asked if she had tested the program by sending the output to the console before trying to print it, and she said, yes, she had tested it on the console and ended up with a screen full of "YOU ARE WRONG" messages. Why, then, had she sent her output to the printer? "I thought I would be daring!"

The nightmare continues.

Currently dealing with a code review from a “principal” dev (one step above senior), who is unironically called a “legendary dev” by some coworkers. It’s painfully obvious he didn’t read the code, and just started complaining and nitpicking.

It’s full of requests to do things that make absolutely no sense, and would make the code an unmaintainable mess.
• Ex: moving the logic and data collection from the module’s many callers into the module instead of just passing in the data.
• Ex: hiding api endpoint declarations by placing them in the module itself, and using magic instance variables to pass data to it. Basically: using global functions and variables instead of explicit declarations and calls.
• Ex: moving the logic to determine which api endpoint to use, for all callers, into the view.

More comments about methods being “too complex” (barely holds water) right next to comments saying “why are these separate? merge them together!”

Incredulously asking how many times I’m checking permissions and how ridiculous it all is. (The answer? Twice.)

Conflating my “permissions” param and method names with a supposedly forthcoming permissions system overhaul, and saying I shouldn’t use permissions because my code will all have to get rewritten. Even if that were true, and it’s likely not, the ticket still needs to use the current permissions. I can’t just ignore them because they might be rewritten someday.

Requests to revert some code cleanup because the reviewer thought the previous heavily-nested and uncommented versions (with code duplication) were easier to read. Unsurprisingly, he wrote them.

On the same ticket, my boss wants me to remove all styling and clientside validation, debouncing, and error messages from a form. Says “success” and “connection failed” messages are good enough. The form in question sends SMS and email using arbitrary user input for addresses. He also says it shouldn’t be denounced on the server, and doesn’t want me to bother checking permissions. Hello, spam!

Related: the legendary dev reviewer says he can’t think of a reason why we would want to disable the feature for consumers, so I should remove the consumer feature flag.

You can’t make this stuff up.

Me: ya hi, we integrated with your API and I'm receiving error x
Provider: ok we'll disable validation, plz check
Me: ya it works, what's the problem? I used a GUID for id and I'm sure it's unique, here is URL and request body
Provider: you have something wrong in your implementation. Fix it and it will work
Me: aaand what's the wrong part of my implementation?
Provider: id is not unique, fix it. *Hangs up*

I sometimes sit and wonder, how and why does this kind of people get hired, FOR FUCK SAKE YOU ARE THE PROVIDER AND YOU DONT KNOW WHAT THE FUCK IS WRONG!
fucking useless ...

!!oracle

I'm trying to install a minecraft modpack to play with a friend, and I'm super psyced about it. According to the modpack instructions, the first step is to download the java8 jre. Not sure if I actually need it or not, but it can download while I'm doing everything else, so I dutifully go to the download page and find the appropriate version. The download link does point to the file, but redirects to a login page instead. Apparently I need an oracle account to download anything on their site. stupid.

So I make an account. It requires my life story, or at least full name and address and phone number. stupid. So my name is now "fuck off" and I live in Hell, Michigan. My email is also "gofuckyourself" because I'm feeling spiteful. Also, for some reason every character takes about 3/4ths of a second to type, so it's very slow going. Passwords also cannot contain spaces, which makes me think they're doing some stupid "security" shenanigans like custom reversible encryption with some 5th grade math. or they're just stupid. Whatever, I make the stupid account.

Afterwards, I try to log in, but apparently my browser-saved credentials are wrong? I try a few more times, try enabling all of the javascripts, etc. No beans. Okay, maybe I can't use it until I verify the email? That actually makes some sense. Fine, I go check the throwaway inbox. No verification email. It's been like five minutes, but it's oracle so they probably just failed at it like everything else, so I try to have them resend the email. I find the resend link, and try it. Every time I enter my email address, though, it either gives me a validation error or a server error. I try a few mores times, and give up. I try to log in again; no dice. Giving up, I go do something else for awhile.

On a whim later, I check for the verification email again. Apparently it just takes bloody forever, but it did show up. Except instead of the first name "Fuck" I entered, I'm now "Andrew", apparently. okay.... whatever. I click the verify button anyway, and to my surprise it actually works, and says that I'm now allowed to use my account. Yay!

So, I go back to the login page (from the download link) and enter my credentials. A new error appears! I cannot use redirects, apparently, and "must type in the page address I want to visit manually." huh? okay, i go to the page directly, and see the same bloody error because of course i do because oracle fucking sucks. So I close the page, go back to the download list, click the link, wait for the login page redirect (which is so totally not allowed, apparently, except it works and manual navigation does not. yay backwards!), and try to log in.

Instead of being presented with an error because of the redirect, it lets me (try to) log in. But despite using prefilled creds (and also copy/pasting), it tells me they're invalid. I open a new tab container, clear the cache (just to be thorough), and repeat the above steps. This time it redirects me to a single signon server page (their concept of oauth), and presents me with a system error telling me to contact "the Administrator." -.- Any second attempts, refreshes, etc. just display the same error.

Further attempts to log in from the download page fail with the same invalid credentials error as before.

Fucking oracle and their reverse Midas touch.

You know what really grinds my gears?

When a manager writes up some bullshit "this doesn't work".

Then you waste your time following up, and they say, "oh yeah, this so and so pop up came up with validation error X".

YEAH? AND I'M SUPPOSED TO KNOW THAT WHEN YOU WRITE ABSOLUTELY NO STEPS TO REPRODUCE, JUST COMING TO ME WITH "HEY, X IS BROKEN" GOD JUST GET FUCKING 1% TECHNICALLY LITERATE THATS ALL I ASK FOR I'M SO SICK OF YOUR SHIT

I made a functional parsing layer for an API that cleans http body json. The functions return insights about the received object and the result of the parse attempt. Then I wrote validation in the controller to determine if we will reject or accept. If we reject, parse and validation information is included on the error response so that the API consumer knows exactly why it was rejected. The code was super simple to read and maintain.

I demoed to the team and there was one hold out that couldn’t understand my decision to separate parse and validate. He decided to rewrite the two layers plus both the controller and service into one spaghetti layer. The team lead avoided conflict at all cost and told me that even though it was far worse code to “give him this”. We still struggle with the spaghetti code he wrote to this day.

When sugar-coating someone’s engineering inadequacies is more important than good engineering I think about quitting. He was literally the only one on the team that didn’t get it.

I had to make an account for my kid's school.

Last night I start. I put in a username, then it has a quality meter for the password. I put one in and it goes to like 90%. Ok, fine. I submit and...

Validation error on the username field. Message? [object Object].

Try all different kinds of username: no numbers, all caps, etc. But no luck so I give up.

Today I try again and get stuck again. Then I think... "Maybe the devs suck worse than I think..."

I change the password so that it's rated 100% and submit... Success.

Fucking devs.

What's a bigger sin.

Returning a status code of 200 and then the message body saying "An Error Occurred"

or

Only performing data validation on the frontend.

Putty remote executuon vulnerability(no patch yet)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to unspecified input validation error when processing data, received from SSH server. A remote attacker can trick the victim to connect to a specially crafted SSH server and execute arbitrary code on the target system with privileges of the current user.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

I coded the app so good
I optimized the UX SO GOOD
I made the UI look GOOD
I made the error handling and input validation ROCK HARD SOLID BULLETPROOF

NO FUCKING WAY COULD YOU FUCK THIS UP

NO WAY COULD YOU BE DUMB ENOUGH NOT TO KNOW HOW TO USE IT AND NOT FUCK IT UP

I GAVE IT TO MY DAD AS A NORMAL USER TO TEST THE APP AND HE FUCKED IT UP ON THE FIRST TRY

HE DIDNT UNDERSTAND THE UX.

.

So, according to my customer, the internal app I just released is "far too aggressive and not overly polite to users".

After querying this the client was referring to validation error messages.

Where I've wrote "Set a payment method before creating the order", the client would prefer it to be ""Please set a payment ...".

I guess it's a fair enough observation, but the client's phrasing made me chuckle :)

Dont become a dev if you:

- Cant sit in the office for 8-10 hours a day

- Dont know how to google information/ errors, instead you interrupt your teammates with stupid questions every 5 minutes

- Are a perfectionist and don't like constant change.

- Are neurotic and give up easily. If you get triggered about broken or messy things to the point where it ruins your day to you and everyone else around you. You need to separate your work from your life.

- Don't have good communication skills. Worst I saw was a guy who speaks with a stutter(nobody understands him) and also writes very poorly (nobody understands his emails). Also he gets very angry when you ask additional questions to clarify what he said. How can you work with someone like that?

- Are very sensitive to critique. I prefer someone telling me that my code is shit and telling me why, instead of feeding me delusions and false validation.

- Dont know how to balance working in team and working solo. Nobody likes lone wolfs who are arrogant and not in sync with the team. But also nobody likes to drag teammates who cant think for themselves and even after years of spent in the field are required constant spoonfeeding because they are unable to google and teach themselves with trial and error.

We had 1 Android app to be developed for charity org for data collection for ground water level increase competition among villages.

Initial scope was very small & feasible. Around 10 forms with 3-4 fields in each to be developed in 2 months (1 for dev, 1 for testing). There was a prod version which had similar forms with no validations etc.

We had received prod source, which was total junk. No KT was given.

In existing source, spelling mistakes were there in the era of spell/grammar checking tools.

There were rural names of classes, variables in regional language in English letters & that regional language is somewhat known to some developers but even they don't know those rural names' meanings. This costed us at great length in visualizing data flow between entities. Even Google translate wasn't reliable for this language due to low Internet penetration in that language region.

OOP wasn't followed, so at 10 places exact same code exists. If error or bug needed to be fixed it had to be fixed at all those 10 places.

No foreign key relationships was there in database while actually there were logical relations among different entites.

No created, updated timestamps in records at app side to have audit trail.

Small part of that existing source was quite good with Fragments, MVP etc. while other part was ancient Activities with business logic.

We have to support Android 4.0 to 9.0 of many screen sizes & resolutions without any target devices issued to us by the client.

Then Corona lockdown happened & during that suddenly client side professionals became over efficient.

Client started adding requirements like very complex validation which has inter-entity dependencies. Then they started filing bugs from prod version on us.

Let's come to the developers' expertise,
2 developers with 8+ years of experience & they're not knowing how to resolve conflicts in git merge which were created by them only due to not following git best practice for coding like only appending new implementation in existing classes for easy auto merge etc.

They are thinking like handling click events is called development.

They don't want to think about OOP, well structured code. They don't want to re-use code mostly & when they copy paste, they think it's called re-use.

They wanted to follow old school Java development in memory scarce Android app life cycle in end user phone. They don't understand memory leaks, even though it's pin pointed by memory leak detection tools (Leak canary etc.).

Now 3.5 months are over, that competition was called off for this year due to Corona & development is still ongoing.

We are nowhere close to completion even for initial internal QA round.

On top of this, nothing is billable so it's like financial suicide.

Remember whatever said here is only 10% of what is faced.

- An Engineering lead in a half billion dollar company.

"Can you look at this bug when inputting negative numbers?"
I check the app and think, "negative numbers don't make sense here".
Sure enough there is validation in place to prevent negative numbers being typed.
Yet they still managed...
By pasting in negative numbers, after being unable to type them, thinking "fuck it I'll paste it instead", then complaining to us because they abused our app.
Seriously.
Fuck.
Off.

how i declare Coding session of the day to be over : when i see an error about an error that is not an error... :D

(hint: fatal: validation failed but when asked if it passed, returns true... )

Must be great to be a giant fucking dumbass company raking in more than enough money, that you can't add 40-50 more characters on why your API doesn't like our call.

"Here's an API call with 3 different ways to make a call, we will show you an example for only the easiest method, AND if you get the more complex ways wrong, we'll just respond with an error code 422 with the error message "validation failed".

fuck.

you!!!!!!!!

I don't give a fuck about calling them out:

Its Bexio.

Today I implemented a system for storing all errors in a global store in Vue. That means field validation errors, API errors and potential generic errors. It works really well, and displaying an error is as simple as referencing it's source, if any. Flexibility at its finest.

Am I the only one here that needs more time to create user friendly and Idiot-save error Messages than writing the whole validation of stuff?

Developer just emailed our team a complaint that our logging assembly was resulting in their poor test coverage and they sent a change request to give them the ability to mock the underlying log provider (ex. from the event log to ‘something else’).

Looked at their tests, and they are testing whether or not the .Log was executed (on an exception, if the .Log method was not executed, the test failed), which seemed a bit worthless because we’ve already got coverage in our unit tests.
We had a meeting to discuss the issue.
Me: “I’m OK with changing the logging code if it’s necessary, but I want to understand why.”
DevA: “Logging errors is crucial to the database transaction. If someone removes the logging, the tests should fail.”
Me: “If someone removes the error logging on purpose, then they likely have an agenda and will remove the test validation too. It wouldn’t be an accident.”
DevA: “That’s not my problem. They will have to deal with HR.”
Me: “We purposely prevented someone from intercepting the logging just for that purpose. Your test code already covers the business rule, testing the logging seems out of place. That would like writing a test to make sure the System.IO.File.ReadAllText actually reads all the text from a file. You kinda assume a few smart Microsoft engineers already wrote tests for that.”
DevA: “Yea, I guess that would be silly.”

Got cc’ed an email a little bit ago from DevA to his boss..
“We’re not going to be able to change logging assembly. This may have some impact on our overall test coverage as those lines of code will not get testing coverage. You will have to let the DevMgr know we will not meet our test coverage goals.”

WTF!

*laughing maniacally*

Okidoky you lil fucker where you've been hiding...

*streaming tcpdump via SSH to other box, feeding tshark with input filters*

Finally finding a request with an ominous dissector warning about headers...

Not finding anything with silversearcher / ag in the project...

*getting even more pissed causr I've been looking for lil fucker since 2 days*

*generating possible splits of the header name, piping to silversearcher*

*I/O looks like clusterfuck*

Common, it are just dozen gigabytes of text, don't choke just because you have to suck on all the sucking projects this company owns... Don't drown now, lil bukkake princess.

*half an hour later*

Oh... Interesting. Bukkake princess survived and even spilled the tea.

Someone was trying to be overly "eager" to avoid magic numbers...

They concatenated a header name out of several const vars which stem from a static class with like... 300? 400? vars of which I can make no fucking sense at all.

Class literally looks like the most braindamaged thing one could imagine.

And yes... Coming back to the network error I'm debugging since 2 days as it is occuring at erratic intervals and noone knew of course why...

One of the devs changed the const value of one of the variables to have UTF 8 characters. For "cleaner meaning".

Sometimes I just want to electrocute people ...

The reason this didn't pop up all the time was because the test system triggered one call with the header - whenever said dev pushed changes...

And yeah. Test failures can be ignored.
Why bother? Just continue meddling in shit.

I'm glad for the dev that I'm in home office... :@

TLDR: Dev changed const value without thinking, ignoring test failures and I had the fun of debunking for 2 days a mysterious HAProxy failure due to HTTP header validation...

I am done with .NET and it's bullshit error messages.

"Validation error happened! Please see Entity.Validation.Properties to see what the error is, then consult an oracle, who'll summon a demon who'll answer only three questions . . ."

FUCK OFF and just give me the error. I swear to god exceptions in NET always lead to some stupid fucking scavenger hunt rather than just letting me know what the fuck went wrong. This isn't the first time I've encountered this either, where it tells me there's an error and there's a mountain with a shaman at the top who'll provide me with the details if I can just hire a sherpa who'll help me climb it.

Researching a new communication platform (Twilio, Vonage, etc), I started with Plivo. Created an account, they offer from free credits to try out the platform, so I set up a phone number and attempt to use their API, didn't quite work. I contact their support through their online portal (being very detailed about what I'm trying to do and the issue I'm having)
A day later they reply asking "Could you tell us how you are using Plivo and the issue you are having?"
That would be OK, but my question from the online portal was in the body of the email message. My first reply started with "You not reading the <bleep>ing message is my issue right now.", but I copied and pasted the same message. I even included a screenshot of the API I was having a problem with (so they could see what I see).
Next day I'm trying out a different area of their API and there is a banner "Incoming and Outgoing phone calls are disabled on this account. Contact Support blah blah blah"
I thought, OK, its a trial account, they probably want some additional validation before allowing anyone to make phone calls. I jump thru the hoops, next day I receive an email "Thanks for sharing the details with us. I have reached out to the Product Team to assist us with this and I'll share more details with you as soon as they revert."
Revert what? The block? Waited until next day, banner still there, so I replied again. Not another reply until the next day.
"Our internal team analyzed the account details and unfortunately, we would not be able to remove the restrictions from your account."
WTF!? Plivo, we are going to give you *money* and you can't answer my question! I'm not asking for free stuff, not asking for help finding the 'any key', your API is supposed to support XYZ feature and it's not working...OK. We're done.
I try to close the account (has too much of my personal info I don't want these clowns to have) and I get an error 'Unable to close the account'. WTF!

Nothing wrong here.

this.hasErrors = !this.email.valid ? true : false;

MSAL, Microsoft's absolute dumpster fire of an authentication library. Who in their right mind designed this overcomplicated mess? The documentation reads like it was written by a committee of drunk orangutans throwing darts at a keyboard.
Want to do a simple login? HAHAHA GOOD LUCK! Here's 47 different configuration options you need to set up, three different flow types that are basically the same thing with slightly different names, and error messages that might as well be written in hieroglyphics. "AADSTS700054" yeah that's SUPER helpful, thanks Microsoft!
And don't even get me started on token caching. Oh, you thought your tokens would just... work? NOPE! Hope you enjoy debugging why your perfectly valid token is being treated like a expired coupon at a grocery store. The refresh token flow is about as reliable as a chocolate teapot.

I worked on a great project that was later axed and part of that was because of Msal issues. We literally only dealt with Msal issues. The app was otherwise stable. There were always issues with SSO, login, token validation...
It just couldn't work, like, at all.
I could see the clients getting fed up of the constant issues, yet, they couldn't move away from Microsoft since they'd already invested into their entreprise ecosystem. AzureAD, Office 365, you name it.

Shit like this is why I laugh whenever someone suggests that AGI will take over the world. Like, bro, we still haven't figured out how to make an auth library that actually works, and you think we're close to making a machine capable of thinking like a human?
Yeah right!

I wanted some ideas on how to word an error message better, so I googled "error message best practices".
80% of the results were about form validation and not actual code breaking errors >:(

On the up-side, I now know that I must not say "No, Bad User!"

Let me rant! I don’t usually do this but this is just frustrating and draining. Please tell me if im wrong. We have authentication that needs to be refactored. I was assigned on this issue. Im a junior btw. I also attached an image of my proposals. The issue of the old way of our signup process is that when validation fails they will keep on accepting the TaC (terms and conditions) and on our create method we have the validation and creating the user. Basically if User.create(user_params) create else throw invalid end. (Imma take a photo later and show it you)which needs to be refactored. So I created a proposal 1. On my first proposal I could create a middleware to check if the body is correct or valid if its valid show the TaCs and if they accept thats the moment the user is created. There is also additional delete user because DoE told me that we dont need middlewares we have before and after hooks! (I wanted to puke here clearly he doesn’t understand the request and response cycle and separation of concerns) anyway, so if middleware is not accepted then i have to delete the user if they dont accept the TaCs. Proposal 2. If they dont want me to touch the create method i could just show the TaCs and if they dont accept then redirect if they do then show form and do the sign process.

This whats weird (weird because he has a lot of experience and has master or phd) he proposes to create a method called validate (this method is in the same controller as the create, i think hes thinking about hooks) call it first and if it fails then response with error and dont save user, heres the a weird part again he wants me to manually check on each entity. Like User.find_by_email(bs@g.com) something like that and on my mind wtf. Isnt it the same as User.create(user_params) because this will return false if paras are invalid?? (I might be wrong here)

This is not the first time though He proposes solutions that are complex, inefficient, unmaintainable. And i think he doesnt understand ruby on rails or webdev in particular. This the first time i complained or I never complained because im thinking im just a junior and he hs more experience and has a higher degree. This is mot the case here though. I guess not all person who has a higher degree are right. To all self thought and bachelors im telling you not all people who went to prestige university and has a higher degree are correct and right all the time. Anyway ill continue later and do what he says. Let me know if im wrong please. Thanks

Just submitted a project I've been busting my ass on.. I have literally no feelings about it.

I finally got the lstm to a training and validation loss of < 0.05 for predicting the digits of a semiprime's factors.

I used selu activation with lecun normal initialization on a dense decoder, and compiled the model with Adam as the optimizer using mean squared error.

Selu is self-normalizing, meaning it tends to mean 0 and preserves a standard deviation of one, so it eliminates the exploding/vanishing gradient problem. And I can get away with this specifically because selu *only* works on dense layers.

I chose Adam, even though this isn't a spare problem, because Adam excels on noisy problems and non-stationary objectives (definitely this), and because adam typically doesn't require a lot of hyperparameter tuning its ideal here, especially considering because I don't know what the hyperparameters should be to begin with.

I did work out some general guidelines on training quantity vs validation, etc.
The initial set wasn't huge or anything, roughly 110k pairs for training.

It converged pretty quick all things considered, and to the low loss like I mentioned, but even then the system always outputs the same result, regardless of the input, so obviously I'm doing something incorrectly.

The effectiveness of this approach for training and validation makes me question if I haven't got something wildly wrong. Still exploring though and figuring out how to get my answers back out. I'm hoping I just fucked up the output, and not the input as well.

Just received code review from interview technical task. 50 percent of it was because of encapsulation (that 5-8 variables could have been private instead of public). 20 percent was about shit that was expected but missing (error validation, dependency injection). It was missing because it was not specified in app requirements and also noone said that I have to build a production level application for a simple interview here. 10 percent was nitpicking about formatting(I used default intellij formatter) and one ide error that appeared because of project importing. And only 20 percent of feedback was actually constructive and useful. Cool. Also developer said that he was shocked that I made loading animation but didnt call it in my app. However I made it, but if you have fast internet connection it doesnt show up. I mean if you run my app on a phone with gprs connection u will see that damn animation. What Im supposed to do slow down the app so u could see it? But we are building production level app here no? Shit. It feels like he applied double standards to me or something. Half of review nitpicking about useless details and another half about shit that is expected to be in the app but was not even communicated. Also I did not get developers contact so I could ask him what the fck he wanted from me.

"Validation failed for one or more entities. See 'EntityValidationErrors' property for more details."
That really helps in my error log Entity Framework ❤