At $work, I just learned that a daemon on prod makes an SFTP connection to the same domain every 0.5 to 10 seconds, all day long, every single day. That’s a minimum of 8,640 connections per day!

The senior developer responsible for it had the dev skills of a junior and the management skills of a puppet, but she’s a “disadvantaged minority” and is great at stealing credit and throwing people under the bus. Naturally, she has been given multiple promotions and a team to lead… which she fills exclusively with other Indians, all of them at her skill level or below. (I used to do their code reviews and security reviews.)

When I asked one of the fintech managers (a former dev) about the crazy number of SFTP connections, he said “[Her team] did that intentionally, as it didn’t used to be that way. They must have had a reason” and cut me off.

Okay then.
Not my garden, not my fertilizer.
Just another day weeding the fields in hell.

Why yes we have these nine types of transactions mocked. See? The factories make CSV data just like we get in those gigantic CSV files every day that are like ultra-important or whatever.

Wait, you want to actually use the data? to create records? Like build a record like we do in the code? Nonononono that won’t work! Why? Why!? You want us to actually MOCK the data, like make it look real AND MAKE IT PASS VALIDATION? Are you CRAZY!? THERES LIKE THIRTY COLUMNS THERE! No way. No no no way. If you want to do that, you’re on your own. But make sure you don’t break anything with your “improvements” or it’s on you.

Also, all of this is going away soon, so make sure you don’t do anything unnecessary, like mocking all that data. (It’s been “going away” for well over a year now…)

agdkdagafskdsifaskfgdlfff

Every ticket I work on involves some nebulous, undocumented BS nobody can satisfactorily explain. And worse, even if it’s something I’ve already worked with before, it’s almost invariably different from the last time I saw it, so it’s still nebulous BS. It’s like I’m walking through Steven King’s Mist, except the bugs are more metaphorical.

Everything is spec’d out, except for the views, and half of the logic. But the rest is still technically covered because tests indirectly call the code, so that means it won’t crash right? 😅 Also, the tests that are there are also fucking nebulous, such as calling helper methods that are heavily abstracted, or that are written to test completely different things but kinda sorta work for this too if you set things up just right.

I’m going insane.

Looks like image uploading is dead again. :(

Here’s to a better 2025!

New baby girl 🥰

Worryingly, at 4:04pm.

Smiling legendary golden boy #3 says:

HEY LETS PUT OUR INTERNAL GEMS IN THIS PROTECTED GEM SERVICE IT’LL BE GREAT :)

HEY EVERYONE SIGN UP FOR THIS NEW SERVICE! YOU GOTTA OR YOU WONT BE ABLE TO DEV! :)

HEY SO I COPIED THE INTERNAL GEM I WROTE INTO THE MONOLITH REPO INSTEAD OF USING THE SERVICE BECAUSE IM A FUCKING GENIUS :)

YOU WANNA USE IT IN YOUR PROJECT? HAHA GET FUCKED :)

jfc

Me: Hey, guys, this stuff is seriously flammable. Like, I’m surprised it hasn’t caught fire yet. I really want to clean it up. Here’s how I’d make it better.

Management: No. It’s fine, it works. Don’t touch it. It’s getting replaced anyway. Just add the things on top like we asked you to, and call it a day.

Me: Are you sure? This is seriously going to be a problem.

Management: We just said it’s getting replaced. Don’t. touch. anything. OK?

Me: alright.

… Eight weeks later …

Management: so this thing caught fire over the weekend, and the fire spread to other areas. We’re doing some emergency cleanup. The new guy looked at it and figured out why, and has some great ideas on fixing it, so give him some well-deserved praise!

Me: Hey! I told you about this months ago!

Management: Yes. I tuned out during today’s firefighting meetings. But it’s important to strike a balance in everyone’s style. Do you have any other concerns?

Manager: You want a promotion? To senior? Ha. Well, build this web app from scratch, quickly, while still doing all your other duties, and maybe someone will notice and maybe they’ll think about giving you a promotion! It’ll give you great visibility within the company.

Your first project is adding SSO using this third party. It should take you a week.

Third party implementation details: extremely verbose, and assumes that you know how it works already and have most of it set up. 👌🏻

Alternative: missing half the details, and vastly different implementation from the above

Alternative: missing 80%; a patch for an unknown version of some other implementation, also vastly different.

FFS.
Okay, I roll my own auth, but need creds and a remote account added with the redirects and such, and ask security. “I’m building a new rails app and need to set up an SSO integration to allow employees to log in. I need <details> from <service>.” etc. easy request; what could go wrong?

Security: what’s a SSO integration do you need to log in maybe you don’t remember your email I can help you with that but what’s an integration what’s a client do you mean a merchant why do merchants need this

Security: oh are you talking about an integration I got confused because you said not SSO earlier let me do that for you I’ve never done it before hang on is this a web app

Security: okay I made the SSO app here you go let me share it hang on <sends …SSL certificate authority?>

Boss: so what’s taking so long? You should be about done now that you’ve had a day and a half to work on this.

Abajdgakshdg.

Fucking room temperature IQ “enterprise security admin.”
Fucking overworked.
Fucking overstressed.

I threw my work laptop across the room and stepped on it on my way out the door.
Fuck this shit.

!dev

There’s this person at $work who never uses punctuation of any kind. She has mental issues and insists on neutral pronouns (and strongly advertises these) so I’ll use the indefinite to pretend to be respectful. It has multiple thoughts while typing a message and just keeps typing through all of them without stopping. It pauses not to collect its thoughts, to edit for clarity or to fix mistakes, to separate anything (including disjoint topics), to summarize, etc. (Though calling these “thoughts” is a huge stretch, given its lack of propensity for that particular subject.) It’s as if it has zero distinction between writing and speaking, and simply lets the mental diarrhea flow while their fingers do their best to keep pace. Reading these trainwrecks of thought — and gleaning any useful information from them — is always difficult and a little bit painful.

It is also in charge of IT security, which is more than a bit worrying. (But I hate the company with a passion, so it doesn’t bother me nearly as much as it otherwise would.)

Oh, $work.

Ticket: Support <shiny new feature> in <seriously dated code> to allow better “searching” (actually: generating reports, not searching)

UI: “Filter on” inputs above a dynamic JS table don’t update said table; they trigger generating a new report.

Seriously dated code: 12 years old. Rails v3-isms. Blocks access without appropriate role; role name buried in secrets configuration files. Code passes data round-trip between server/client/server/model that isn’t ever used. Has two identical reports with slightly different names, used interchangeably. Uh, I guess I’ll update both?

Reports: Heavily, heavily abstracted; zero visibility.

Shiny new feature: Some new magical abstraction layer with no documentation nor comments. Nobody in my team knows how it works. The author… won’t explain, but sent me her .ppt presentation on it (the .ppt, not a recording).

Useless specs for seriously dated code: Tests exclusively factory-generated data; not the controller, filters/lookups, UI, table data, etc.

Seriously dated code and useless spec author: the CISO.

The worst part: I’m not even surprised at any of this.

I’m on this ticket, right? It’s adding some functionality to some payment file parser. The code is atrocious, but it’s getting replaced with a microservice definitely-not-soon-enough, so i don’t need to rewrite it or anything, but looking at this monstrosity of mental diarrhea … fucking UGH. The code stink is noxious.

The damn thing reads each line of a csv file, keeping track of some metadata (blah blah) and the line number (which somehow has TWO off-by-one errors, so it starts on fucking 2 — and yes, the goddamn column headers on line #0 is recorded as line #2), does the same setup shit on every goddamned iteration, then calls a *second* parser on that line. That second parser in turn stores its line state, the line number, the batch number (…which is actually a huge object…), and a whole host of other large objects on itself, and uses exception throwing to communicate, catches and re-raises those exceptions as needed (instead of using, you know, if blocks to skip like 5 lines), and then writes the results of parsing that one single line to the database, and returns. The original calling parser then reads the data BACK OUT OF THE DATABASE, branches on that, and does more shit before reading the next line out of the file and calling that line-parser again.

JESUS CHRIST WHAT THE FUCK

And that’s not including the lesser crimes like duplicated code, misleading var names, and shit like defining class instance constants but … first checking to see if they’re defined yet? They obviously aren’t because they aren’t anywhere else in the fucking file!

Whoever wrote this pile of fetid muck must have been retroactively aborted for their previous crimes against intelligence, somehow survived the attempt, and is now worse off and re-offending.

Just.
Asdkfljasdklfhgasdfdah

Hey, @dfox

Is there anything we can do to help?
We miss you, and we want to keep devRant alive too.

I really miss the dark theme.

I applied for four jobs today, including GitHub. I feel kinda proud of myself.

Before I left for vacation two weeks ago, I busted my butt to build out another portion of my frontend testing framework and get it in place (and spec’d) to unblock a coworker on a semi-high-priority ticket. I sent him detailed notes on which areas of the product it covers, how to use it, and copied one of his (blocked) tests over and updated it to use the new methods, pattern, namespacing, etc.

I came back today and discovered … he hasn’t even touched it. Everything is exactly as I left it.

Wheeeeeee.

After a week’s vacation, I felt the briefest feeling of being a person again. I was able to do something small and enjoy it, and even planned to do another small thing.

I got a crap raise — lowest I’ve ever gotten anywhere, and well below inflation — despite busting my butt, having somewhat better health and therefore productivity, etc.

I complained to my boss about it, and said it was insulting. He said that direct managers have zero say in raises, and instead it’s entirely up to execs and HR. Makes sense, since nothing makes sense at this company.

Anyway, he apparently talked to his boss, who talked with his boss, who talked with the execs and HR, and they decided to give me a raise on my raise, a whole $1k/year more, all the way back up to the usual insultingly-low 3%. Yay.

Their reasoning?
“Money is tight.”

The last all-hands?
“Record profits! Record sales! Record numbers across the board! And most of all: record profits! Give yourselves a round of applause for making this all possible!”

Money is tight, eh?
I hope they get smushed by a meteor, given a snuggle-struggle by a roving Somali gang, or kept warm for the rest of their lives by another Hawaiian/Californian wildfire.

I’m getting really tired of all these junior-turn-senior devs who can’t write simple code asking ChatGPT to solve everything for them.

I’m having to untangle everything from bizarre organization/flow to obvious gotchas / missed edge cases to ridiculously long math chains (that could be 1/10th the length), or — and I feel so dirty for this — resorting to asking ChatGPT wtf it was thinking when it obviously wrote some of these monstrosities. Which it gets wrong much of the time.

“ALL HAIL CHATGPT!” Proclaims the head of Engineering. “IT’S OUR PRODUCTIVITY SAVIOR! LEVERAGING AI WILL LET US OUTPERFORM THE ENTIRE INDUSTRY!”

Jesus fucking christ.

Here’s to a hopefully better 2024!

Let’s all tell our bitchface thundercunt micromanagers to fuck off, find better employ elsewhere, and finally make progress on that side project that was our world several months ago.

And if the world continues going absolutely mental, may all of you find a peaceful meadow away from everyone and build yourselves wonderful little cottages.

Fuck Cypress. It’s a fucking goddamn pile of diseased garbage. Its design decisions actively fight against you, its methods don’t work, it’s unreliable as fuck, and it intentionally keeps stale state so your tests fuck with one another — and that even fucks up its own interface so nothing fucking works.

It’s like stepping into the shower and expecting clean water, but instead it’s just some obese guy with diarrhea shitting in your hair, and then getting all indignant that you’re upset about it.

If you consider using Cypress for something, find another project.

DEI QA: “For step 2 should the checkbox be checked? Or uncheck ?”

… Step 2 of my testing steps reads: “Check it [the checkbox], save it, reload it. The box should still be checked. Repeat to uncheck it, just to be pedantic, then leave it off so we can test the existing behavior.”

🤦🏻‍♀️

DEI QA: “The payment_method_identifier will be in api callback logs if `Return payment method identifier in auth/confirmation callbacks` is checked?”

🤦🏻‍♀️

Me: it does what it says on the tin.

DEI QA: “BTW its a `tin`.”
DEI QA: “In Canada its `Taxpayer Identification Number`”

🤦🏻‍♀️

Boss: Hey! I know you just got everything working on that new project. But good news: I have a repo you can clone and we can work together. So just clone that and look at my changes, find something that’s broken, and work away. Oh, I also modified everything to use HTTPS locally. HTTP won’t work anymore. Alright, I’m off on vacation! Ciao!

… and that’s the story of how I spent a day and a half fighting with NPM, Brew, setting up a new CA and self-signed cert, and getting passenger to work with it. The good news is that I can connect locally via 443. The bad news is all assets use http and are thus blocked for being mixed-content. And idk how to fix it. Joy!

Not mentioned: npx removing a required package every time I run it, version mismatches, and the usual NPM problems.

Thoughts on Session as a secure messenger? It looks fine at a glance, especially not using PII like a phone number, but I haven’t delved into it — and honestly don’t have the mental energy to.

What’s everyone’s thoughts on it?

Risk engine for payment processing, with support for custom rules and third party integrations like IDology. Deadline was one week.

Ticket: This API param doesn’t work.
Ticket Size: 1 story point / extra small baby fries

Found the issue almost immediately: some fucked up date math. Or at least backwards as hell. I don’t know. I don’t care.

There’s no spec for it, and writing it is a bitch. None of the API test helpers are designed for end-to-end tests. Why? I don’t care. They’re stupid. They all just break. And the API does weird shit like fucking redirects to an HTML page. Which is… i don’t know. They mix up API and embedded sessions a bunch, so who knows if this is right or broken as fuck.

I can’t deal with this shit anymore.
It’s just mountains of fucking garbage. Every time I dig into anything, anywhere in this codebase, or, let’s be honest: the entire goddamn company, it’s just more fucking garbage. The code is garbage. The specs are garbage. The people are garbage. The woke crap they love so much is garbage. The industry is garbage. The macs we’re required to use are garbage. The strongly-encouraged editor is garbage. The new hires are garbage. The legendary devs are garbage. The VPN is garbage — still haven’t gotten it to fucking work outside of fucking Safari, which is also garbage. The meetings are garbage. The “culture” is garbage. The “raises” are garbage. The thirty-step dance ceremony for each ticket is garbage. The literal fucking garbage at the office is the best part of the entire goddamn landfill.

And yeah, over half of the code that’s been giving me problems on this ticket was written by the same dev: The legendary golden garbage boy himself.

Just.
Fucking hell.

I’m going back to looking for work again. I can’t do this anymore.

Let me explain a tiny corner of some awful code I read earlier today, in layman’s terms.

It’s a method to see if the user is in a secure session — not to set up the session, just to see if it exists. The method ends with a question mark, so it’s basically a question. It should look up the info (without changing anything) and should always give a clear yes/no answer. Makes sense, right?

Let’s say the question is “am I in school right now?”

The code… well.

If there isn’t a student, the answer it gives is null, not yes or no. Null is a fancy word for no, pretty much, so that’s kinda fine, but it really should be a simple no.

It then checks to see if the school is open today. If it is open, it then checks to see if I made my lunch, if I took my backpack, and if I rode the bus — and makes these things happen if they didn’t. Forgot my backpack? Just ask “am I in school today?” And poof! There’s my backpack! … but only if the school is open.

It then, finally, checks to see if I’m actually in the school, and gives that answer.

It could just see if I’m in the school — I mean, I could be in school without a backpack, or walked there on the weekend, right? Ha! You and your silly logic have no place here.

So, by asking if the user is in a secure session, we change the answer: they weren’t before, but the act of asking makes it so. This isn’t profound or anything: I don’t work with Schrödinger. My coworkers are just idiots.

And no, the rest of the code isn’t any better…

Moving away from technology and becoming self-sufficient. A cottage with a stream on the edge of a forest, a large garden, some chickens and other animals, and no smart devices, managers, tickets, KPAs, performance reviews, legendary devs shitting out an endless stream of bugs, etc.

Peace and quiet.
And freedom at last.
That’s success.

That’s the ultimate success: escape.

My home feels like $work owns a corner of it, and I can’t walk near there without feeling this this intense psychological dread.

Lack of time boundaries is pretty awful, too.

I have a project at work that involves learning a bunch of AWS stuff and rewriting a couple credential-generating scripts. I don't even know what the ask is, apart from some high-level "make this SSO" so ... idfk.

I am so incredibly bored of it (and burned out in general) that I can't even look at it.

I would rather see how many times it takes to beat my head against the wall to make a hole than think about this ticket again.

"Oh, I thought you would find that fun" No. No I do not. I can't even bring myself to look at it anymore. "Well, try to push through it and get it outta here!" Ughhhhh

I hope Russia nukes the bloody company.