Details
-
AboutMagical processor fairy; part-time misanthropic bane of idiots. 🧚♀️🏹
-
SkillsRuby ❤, js/es6, css, react, sql. VB and PHP can die in a fire.
-
LocationSlaving away for retards
Joined devRant on 2/25/2017
Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
-
!dev
There’s this person at $work who never uses punctuation of any kind. She has mental issues and insists on neutral pronouns (and strongly advertises these) so I’ll use the indefinite to pretend to be respectful. It has multiple thoughts while typing a message and just keeps typing through all of them without stopping. It pauses not to collect its thoughts, to edit for clarity or to fix mistakes, to separate anything (including disjoint topics), to summarize, etc. (Though calling these “thoughts” is a huge stretch, given its lack of propensity for that particular subject.) It’s as if it has zero distinction between writing and speaking, and simply lets the mental diarrhea flow while their fingers do their best to keep pace. Reading these trainwrecks of thought — and gleaning any useful information from them — is always difficult and a little bit painful.
It is also in charge of IT security, which is more than a bit worrying. (But I hate the company with a passion, so it doesn’t bother me nearly as much as it otherwise would.)52 -
Oh, $work.
Ticket: Support <shiny new feature> in <seriously dated code> to allow better “searching” (actually: generating reports, not searching)
UI: “Filter on” inputs above a dynamic JS table don’t update said table; they trigger generating a new report.
Seriously dated code: 12 years old. Rails v3-isms. Blocks access without appropriate role; role name buried in secrets configuration files. Code passes data round-trip between server/client/server/model that isn’t ever used. Has two identical reports with slightly different names, used interchangeably. Uh, I guess I’ll update both?
Reports: Heavily, heavily abstracted; zero visibility.
Shiny new feature: Some new magical abstraction layer with no documentation nor comments. Nobody in my team knows how it works. The author… won’t explain, but sent me her .ppt presentation on it (the .ppt, not a recording).
Useless specs for seriously dated code: Tests exclusively factory-generated data; not the controller, filters/lookups, UI, table data, etc.
Seriously dated code and useless spec author: the CISO.
The worst part: I’m not even surprised at any of this.2 -
I’m on this ticket, right? It’s adding some functionality to some payment file parser. The code is atrocious, but it’s getting replaced with a microservice definitely-not-soon-enough, so i don’t need to rewrite it or anything, but looking at this monstrosity of mental diarrhea … fucking UGH. The code stink is noxious.
The damn thing reads each line of a csv file, keeping track of some metadata (blah blah) and the line number (which somehow has TWO off-by-one errors, so it starts on fucking 2 — and yes, the goddamn column headers on line #0 is recorded as line #2), does the same setup shit on every goddamned iteration, then calls a *second* parser on that line. That second parser in turn stores its line state, the line number, the batch number (…which is actually a huge object…), and a whole host of other large objects on itself, and uses exception throwing to communicate, catches and re-raises those exceptions as needed (instead of using, you know, if blocks to skip like 5 lines), and then writes the results of parsing that one single line to the database, and returns. The original calling parser then reads the data BACK OUT OF THE DATABASE, branches on that, and does more shit before reading the next line out of the file and calling that line-parser again.
JESUS CHRIST WHAT THE FUCK
And that’s not including the lesser crimes like duplicated code, misleading var names, and shit like defining class instance constants but … first checking to see if they’re defined yet? They obviously aren’t because they aren’t anywhere else in the fucking file!
Whoever wrote this pile of fetid muck must have been retroactively aborted for their previous crimes against intelligence, somehow survived the attempt, and is now worse off and re-offending.
Just.
Asdkfljasdklfhgasdfdah24 -
Hey, @dfox
Is there anything we can do to help?
We miss you, and we want to keep devRant alive too.22 -
Before I left for vacation two weeks ago, I busted my butt to build out another portion of my frontend testing framework and get it in place (and spec’d) to unblock a coworker on a semi-high-priority ticket. I sent him detailed notes on which areas of the product it covers, how to use it, and copied one of his (blocked) tests over and updated it to use the new methods, pattern, namespacing, etc.
I came back today and discovered … he hasn’t even touched it. Everything is exactly as I left it.
Wheeeeeee.12 -
After a week’s vacation, I felt the briefest feeling of being a person again. I was able to do something small and enjoy it, and even planned to do another small thing.5
-
I got a crap raise — lowest I’ve ever gotten anywhere, and well below inflation — despite busting my butt, having somewhat better health and therefore productivity, etc.
I complained to my boss about it, and said it was insulting. He said that direct managers have zero say in raises, and instead it’s entirely up to execs and HR. Makes sense, since nothing makes sense at this company.
Anyway, he apparently talked to his boss, who talked with his boss, who talked with the execs and HR, and they decided to give me a raise on my raise, a whole $1k/year more, all the way back up to the usual insultingly-low 3%. Yay.
Their reasoning?
“Money is tight.”
The last all-hands?
“Record profits! Record sales! Record numbers across the board! And most of all: record profits! Give yourselves a round of applause for making this all possible!”
Money is tight, eh?
I hope they get smushed by a meteor, given a snuggle-struggle by a roving Somali gang, or kept warm for the rest of their lives by another Hawaiian/Californian wildfire.14 -
I’m getting really tired of all these junior-turn-senior devs who can’t write simple code asking ChatGPT to solve everything for them.
I’m having to untangle everything from bizarre organization/flow to obvious gotchas / missed edge cases to ridiculously long math chains (that could be 1/10th the length), or — and I feel so dirty for this — resorting to asking ChatGPT wtf it was thinking when it obviously wrote some of these monstrosities. Which it gets wrong much of the time.
“ALL HAIL CHATGPT!” Proclaims the head of Engineering. “IT’S OUR PRODUCTIVITY SAVIOR! LEVERAGING AI WILL LET US OUTPERFORM THE ENTIRE INDUSTRY!”
Jesus fucking christ.31 -
Here’s to a hopefully better 2024!
Let’s all tell our bitchface thundercunt micromanagers to fuck off, find better employ elsewhere, and finally make progress on that side project that was our world several months ago.
And if the world continues going absolutely mental, may all of you find a peaceful meadow away from everyone and build yourselves wonderful little cottages.4 -
Fuck Cypress. It’s a fucking goddamn pile of diseased garbage. Its design decisions actively fight against you, its methods don’t work, it’s unreliable as fuck, and it intentionally keeps stale state so your tests fuck with one another — and that even fucks up its own interface so nothing fucking works.
It’s like stepping into the shower and expecting clean water, but instead it’s just some obese guy with diarrhea shitting in your hair, and then getting all indignant that you’re upset about it.
If you consider using Cypress for something, find another project.17 -
DEI QA: “For step 2 should the checkbox be checked? Or uncheck ?”
… Step 2 of my testing steps reads: “Check it [the checkbox], save it, reload it. The box should still be checked. Repeat to uncheck it, just to be pedantic, then leave it off so we can test the existing behavior.”
🤦🏻♀️
DEI QA: “The payment_method_identifier will be in api callback logs if `Return payment method identifier in auth/confirmation callbacks` is checked?”
🤦🏻♀️
Me: it does what it says on the tin.
DEI QA: “BTW its a `tin`.”
DEI QA: “In Canada its `Taxpayer Identification Number`”
🤦🏻♀️ -
Boss: Hey! I know you just got everything working on that new project. But good news: I have a repo you can clone and we can work together. So just clone that and look at my changes, find something that’s broken, and work away. Oh, I also modified everything to use HTTPS locally. HTTP won’t work anymore. Alright, I’m off on vacation! Ciao!
… and that’s the story of how I spent a day and a half fighting with NPM, Brew, setting up a new CA and self-signed cert, and getting passenger to work with it. The good news is that I can connect locally via 443. The bad news is all assets use http and are thus blocked for being mixed-content. And idk how to fix it. Joy!
Not mentioned: npx removing a required package every time I run it, version mismatches, and the usual NPM problems.11 -
Thoughts on Session as a secure messenger? It looks fine at a glance, especially not using PII like a phone number, but I haven’t delved into it — and honestly don’t have the mental energy to.
What’s everyone’s thoughts on it?7 -
Risk engine for payment processing, with support for custom rules and third party integrations like IDology. Deadline was one week.2
-
Ticket: This API param doesn’t work.
Ticket Size: 1 story point / extra small baby fries
Found the issue almost immediately: some fucked up date math. Or at least backwards as hell. I don’t know. I don’t care.
There’s no spec for it, and writing it is a bitch. None of the API test helpers are designed for end-to-end tests. Why? I don’t care. They’re stupid. They all just break. And the API does weird shit like fucking redirects to an HTML page. Which is… i don’t know. They mix up API and embedded sessions a bunch, so who knows if this is right or broken as fuck.
I can’t deal with this shit anymore.
It’s just mountains of fucking garbage. Every time I dig into anything, anywhere in this codebase, or, let’s be honest: the entire goddamn company, it’s just more fucking garbage. The code is garbage. The specs are garbage. The people are garbage. The woke crap they love so much is garbage. The industry is garbage. The macs we’re required to use are garbage. The strongly-encouraged editor is garbage. The new hires are garbage. The legendary devs are garbage. The VPN is garbage — still haven’t gotten it to fucking work outside of fucking Safari, which is also garbage. The meetings are garbage. The “culture” is garbage. The “raises” are garbage. The thirty-step dance ceremony for each ticket is garbage. The literal fucking garbage at the office is the best part of the entire goddamn landfill.
And yeah, over half of the code that’s been giving me problems on this ticket was written by the same dev: The legendary golden garbage boy himself.
Just.
Fucking hell.
I’m going back to looking for work again. I can’t do this anymore.10 -
Let me explain a tiny corner of some awful code I read earlier today, in layman’s terms.
It’s a method to see if the user is in a secure session — not to set up the session, just to see if it exists. The method ends with a question mark, so it’s basically a question. It should look up the info (without changing anything) and should always give a clear yes/no answer. Makes sense, right?
Let’s say the question is “am I in school right now?”
The code… well.
If there isn’t a student, the answer it gives is null, not yes or no. Null is a fancy word for no, pretty much, so that’s kinda fine, but it really should be a simple no.
It then checks to see if the school is open today. If it is open, it then checks to see if I made my lunch, if I took my backpack, and if I rode the bus — and makes these things happen if they didn’t. Forgot my backpack? Just ask “am I in school today?” And poof! There’s my backpack! … but only if the school is open.
It then, finally, checks to see if I’m actually in the school, and gives that answer.
It could just see if I’m in the school — I mean, I could be in school without a backpack, or walked there on the weekend, right? Ha! You and your silly logic have no place here.
So, by asking if the user is in a secure session, we change the answer: they weren’t before, but the act of asking makes it so. This isn’t profound or anything: I don’t work with Schrödinger. My coworkers are just idiots.
And no, the rest of the code isn’t any better…7 -
Moving away from technology and becoming self-sufficient. A cottage with a stream on the edge of a forest, a large garden, some chickens and other animals, and no smart devices, managers, tickets, KPAs, performance reviews, legendary devs shitting out an endless stream of bugs, etc.
Peace and quiet.
And freedom at last.
That’s success.
That’s the ultimate success: escape.13 -
My home feels like $work owns a corner of it, and I can’t walk near there without feeling this this intense psychological dread.
Lack of time boundaries is pretty awful, too.6 -
I have a project at work that involves learning a bunch of AWS stuff and rewriting a couple credential-generating scripts. I don't even know what the ask is, apart from some high-level "make this SSO" so ... idfk.
I am so incredibly bored of it (and burned out in general) that I can't even look at it.
I would rather see how many times it takes to beat my head against the wall to make a hole than think about this ticket again.
"Oh, I thought you would find that fun" No. No I do not. I can't even bring myself to look at it anymore. "Well, try to push through it and get it outta here!" Ughhhhh
I hope Russia nukes the bloody company.10 -
Highlights from my week:
Prod access: Needed it for my last four tickets; just got it approved this week. No longer need it (urgently, anyway). During setup, sysops didn’t sync accounts, and didn’t know how. Left me to figure out the urls on my own. MFA not working.
Work phone: Discovered its MFA is tied to another coworker’s prod credentials. Security just made it work for both instead of fixing it.
My merchant communication ticket: I discovered sysops typo’d my cronjob so my feature hasn’t run since its release, and therefore never alerted merchants. They didn’t want to fix it outside of a standard release. Some yelling convinced them to do it anyway.
AWS ticket: wow I seriously don’t give a crap. Most boring ticket I have ever worked on. Also, the AWS guy said the project might not even be possible, so. Weee, great use of my time.
“Tiny, easy-peasy ticket”: Sounds easy (change a link based on record type). Impossible to test locally, or even view; requires environments I can’t access or deploy to. Specs don’t cover the record type, nor support creating them. Found and patched it anyway.
Completed work: Four of my tickets (two high-priority) have been sitting in code review for over a month now.
Prod release: Release team #2 didn’t release and didn’t bother telling anyone; Release team #1 tried releasing tickets that relied upon it. Good times were had.
QA: Begs for service status page; VP of engineering scoffs at it and says its practically impossible to build. I volunteered. QA cheered; VP ignored me.
Retro: Oops! Scrum master didn’t show up.
Coworker demo: dogshit code that works 1 out of 15 times; didn’t consider UX or user preferences. Today is code-freeze too, so it’s getting released like this. (Feature is using an AI service to rearrange menu options by usage and time of day…)
Micromanager response: “The UX doesn’t matter; our consumers want AI-driven models, and we can say we have delivered on that. It works, and that’s what matters. Good job on delivering!”
Yep.
So, how’s your week going?2 -
When managers look at my code, it’s shit, it’s over complicated, it’s overly difficult to read, it took too long, it’s too much for a simple ticket, i handled too many edge cases, we’ll never need most of it, why did I bother making it extensible when it’ll never need to change, how dare I use “unless”, why did I bother writing all these comments, why did I update the documentation that nobody reads because it’s outdated, etc. They say I should be more like the legendary devs and push janky code quickly, and complain that I don’t have any flops (problems in prod) like those are a good thing.
When my coworkers look at my code, they say it’s clean, amazingly easy to read, a monster feature that’s somehow still a joy to review and work on, it makes their lives easier, that it does exactly what it should in all cases, that they learned something from reading it, and thank me for the comments and documentation. And marvel that I finished it so well in so little time.
Am I bragging? Not intentionally; I’ve heard these things repeatedly since I started here, and the contrast between the above is so stark.
In reality, the managers are just idiots who were promoted far above their competence, and make everything worse. (Gee, who woulda thought?) It’s just so frustrating.19 -
I closed my work laptop yesterday around noon and dumped water on it. I was just so fed up.
Some spilled off onto my desk, though, so i gently moved (read: threw) the offending piece of plastic frustration onto the floor and carefully dried my desk.
On my way to the trash can, i stepped on the laptop. I stepped on it again on the way back, and later, on my way out the door.
I came in to get something half an hour later, and stepped on it again. It remained a stepping stone for the rest of the day, and accrued considerable foot traffic.
I spent the day drinking peach whiskey and playing with my children instead of working on reports. It was a good day.
Don't worry: my laptop still worked this morning, though I declined to.25 -
Hey Root, we have a high priority ticket for you! It's adding some columns to a report. Should be simple. Details are in the ticket.
First: reports are some of the most boring, drool-inducing drudgery i have ever worked on.
Second: Specs for these reports are a nightmare since everything is ... very indirectly tested, and the specs are everywhere but where you'd expect them to be, so it's a lot of spelunking and trial/error. It's also slow as beans.
Anyway. The ticket's details are in ... not the worst engrish i've ever seen, but it's bad enough that i have no idea what they're asking despite (thus far) five attempts at deciphering it. There's also a numbered list of "fields" to add, so you'd think it would be straightforward. It is not. Half the list is crossed out, and half of the remaining items are feature requests (in yet more engrish), not columns to add. Also, one of the actual fields is impossible as the data it's asking for is not recorded anywhere.
yeah...
I cringe every time I see this person's name as the reporter because it's always the same. and honestly, there are more of these engrish people every month, and believe me: it isn't just a language barrier...3 -
Fuck long covid / ME/CFS.
This is day two of being bedridden.
I want to have energy again. And be able to move and do even simple things without collapsing for hours or days at a time.
._.14 -
Boss: <Commits odd and breaking changes to my specs>
Boss: How did these specs of yours ever pass!?
Boss: That's not how this gem works!
Boss: <Doesn't mention that the gem was updated well after I finished the ticket>
Boss: Go fix your specs!
...2 -
I'm fixing a security exploit, and it's a goddamn mountain of fuckups.
First, some idiot (read: the legendary dev himself) decided to use a gem to do some basic fucking searching instead of writing a simple fucking query.
Second, security ... didn't just drop the ball, they shit on it and flushed it down the toilet. The gem in question allows users to search by FUCKING EVERYTHING on EVERY FUCKING TABLE IN THE DB using really nice tools, actually, that let you do fancy things like traverse all the internal associations to find the users table, then list all users whose password reset hashes begin with "a" then "ab" then "abc" ... Want to steal an account? Hell, want to automate stealing all accounts? Only takes a few hundred requests apiece! Oooh, there's CC data, too, and its encryption keys!
Third, the gem does actually allow whitelisting associations, methods, etc. but ... well, the documentation actually recommends against it for whatever fucking reason, and that whitelisting is about as fine-grained as a club. You wanna restrict it to accessing the "name" column, but it needs to access both the "site" and "user" tables? Cool, users can now access site.name AND user.name... which is PII and totally leads to hefty fines. Thanks!
Fourth. If the gem can't access something thanks to the whitelist, it doesn't catch the exception and give you a useful error message or anything, no way. It just throws NoMethodErrors because fuck you. Good luck figuring out what they mean, especially if you have no idea you're even using the fucking thing.
Fifth. Thanks to the follower mentality prevalent in this hellhole, this shit is now used in a lot of places (and all indirectly!) so there's no searching for uses. Once I banhammer everything... well, loads of shit is going to break, and I won't have a fucking clue where because very few of these brainless sheep write decent test coverage (or even fucking write view tests), so I'll be doing tons of manual fucking testing. Oh, and I only have a week to finish everything, because fucking of course.
So, in summary. The stupid and lazy (and legendary!) dev fucked up. The stupid gem's author fucked up, and kept fucking up. The stupid devs followed the first fuckup's lead and repeated his fuck up, and fucked up on their own some more. It's fuckups all the fucking way down.rant security exploit root swears a lot actually root swears oh my stupid fucking people what the fuck fucking stupid fucking people20