I spent the past two days running headlong into obstacle after obstacle after obstacle. I found solutions and workarounds for all of them, including for some obscure odd behaviors in Rails, and got everything working — at least as much as is possible.

At the end of it all, the proposed architecture is fundamentally flawed. It amounts to “we want to have our cake and eat it, too.” So I’ll need to argue with management and try to convince them to let me redesign this broken sewage system. I doubt it’ll go well.

I’m tired, boss.

The morons at work state the obvious like it’s a goddamn epiphany, and get cheered or publicly rebuked based entirely on their standing within company politics.

“While writing code, think of performance. Performance is everyone’s job, and it doesn’t take much effort to write much more performant code.”
> Premature optimization! BOOO! You should be ashamed! Move fast and break things OR ELSE.

“Security isn’t profit driven, but allows us to retain customers and therefore profit. Everyone should be security conscious and work with the security team *before* releases”
> BOOOO! Do your job! Don’t tell devs how to do theirs!

“Being reactive is good, but we should focus more on recovering from outages faster!”
> YAAAY! GENIUS!

ffs.

It’s been two months, and my last two “high-priority, drop everything and work on this!” tickets are *still* in code review.

I finished another ticket, “semi-high-priority” this time… whatever that means. It’s been sitting in data security review for a week and a half. I just convinced someone to do a code review on it.

In our virtual standup today, we all have our updates, and the boss replied to all of us with this fancy animated “ty” reaction. I got a 👍🏻 instead. So minor, but feels very off.

My “company AI hackathon” idea got co-opted by someone else (on the security team), changed into a security-related project instead, and I got put on his hackathon team instead of the other way around.

Kinda feeling unwanted lately.

I’m really going to miss this place ._.
It feels like a piece of me is dying.

I give up.

I have to make a bunch of disparate things work together, in an otherwise easy-sounding ask, and they’re all broken. Every one of them is broken. Even links between them are broken. Devs hardcoding incorrect values; devs pushing broken code, broken dependencies, broken configs. The orchestration is broken. The containers are broken. The NATS/gRPC flow is broken. Nothing works out of the box; many of the pieces require config and env hacking to run, and when they do run, the data formats don’t match between services (nor do e.g. account IDs). I can’t do it anymore. I was so burned out before this ticket that I couldn’t look at anything work related without feeling physical pain. And now this.

I’ve spent weeks just getting things to run and talk, and being ignored when I ask for help. There have been walls every step of the way, and I’m still not done. I can’t do this anymore.

At $work, I just learned that a daemon on prod makes an SFTP connection to the same domain every 0.5 to 10 seconds, all day long, every single day. That’s a minimum of 8,640 connections per day!

The senior developer responsible for it had the dev skills of a junior and the management skills of a puppet, but she’s a “disadvantaged minority” and is great at stealing credit and throwing people under the bus. Naturally, she has been given multiple promotions and a team to lead… which she fills exclusively with other Indians, all of them at her skill level or below. (I used to do their code reviews and security reviews.)

When I asked one of the fintech managers (a former dev) about the crazy number of SFTP connections, he said “[Her team] did that intentionally, as it didn’t used to be that way. They must have had a reason” and cut me off.

Okay then.
Not my garden, not my fertilizer.
Just another day weeding the fields in hell.

Why yes we have these nine types of transactions mocked. See? The factories make CSV data just like we get in those gigantic CSV files every day that are like ultra-important or whatever.

Wait, you want to actually use the data? to create records? Like build a record like we do in the code? Nonononono that won’t work! Why? Why!? You want us to actually MOCK the data, like make it look real AND MAKE IT PASS VALIDATION? Are you CRAZY!? THERES LIKE THIRTY COLUMNS THERE! No way. No no no way. If you want to do that, you’re on your own. But make sure you don’t break anything with your “improvements” or it’s on you.

Also, all of this is going away soon, so make sure you don’t do anything unnecessary, like mocking all that data. (It’s been “going away” for well over a year now…)

agdkdagafskdsifaskfgdlfff

Every ticket I work on involves some nebulous, undocumented BS nobody can satisfactorily explain. And worse, even if it’s something I’ve already worked with before, it’s almost invariably different from the last time I saw it, so it’s still nebulous BS. It’s like I’m walking through Steven King’s Mist, except the bugs are more metaphorical.

Everything is spec’d out, except for the views, and half of the logic. But the rest is still technically covered because tests indirectly call the code, so that means it won’t crash right? 😅 Also, the tests that are there are also fucking nebulous, such as calling helper methods that are heavily abstracted, or that are written to test completely different things but kinda sorta work for this too if you set things up just right.

I’m going insane.

Looks like image uploading is dead again. :(

Here’s to a better 2025!

New baby girl 🥰

Worryingly, at 4:04pm.

Smiling legendary golden boy #3 says:

HEY LETS PUT OUR INTERNAL GEMS IN THIS PROTECTED GEM SERVICE IT’LL BE GREAT :)

HEY EVERYONE SIGN UP FOR THIS NEW SERVICE! YOU GOTTA OR YOU WONT BE ABLE TO DEV! :)

HEY SO I COPIED THE INTERNAL GEM I WROTE INTO THE MONOLITH REPO INSTEAD OF USING THE SERVICE BECAUSE IM A FUCKING GENIUS :)

YOU WANNA USE IT IN YOUR PROJECT? HAHA GET FUCKED :)

jfc

Me: Hey, guys, this stuff is seriously flammable. Like, I’m surprised it hasn’t caught fire yet. I really want to clean it up. Here’s how I’d make it better.

Management: No. It’s fine, it works. Don’t touch it. It’s getting replaced anyway. Just add the things on top like we asked you to, and call it a day.

Me: Are you sure? This is seriously going to be a problem.

Management: We just said it’s getting replaced. Don’t. touch. anything. OK?

Me: alright.

… Eight weeks later …

Management: so this thing caught fire over the weekend, and the fire spread to other areas. We’re doing some emergency cleanup. The new guy looked at it and figured out why, and has some great ideas on fixing it, so give him some well-deserved praise!

Me: Hey! I told you about this months ago!

Management: Yes. I tuned out during today’s firefighting meetings. But it’s important to strike a balance in everyone’s style. Do you have any other concerns?

Manager: You want a promotion? To senior? Ha. Well, build this web app from scratch, quickly, while still doing all your other duties, and maybe someone will notice and maybe they’ll think about giving you a promotion! It’ll give you great visibility within the company.

Your first project is adding SSO using this third party. It should take you a week.

Third party implementation details: extremely verbose, and assumes that you know how it works already and have most of it set up. 👌🏻

Alternative: missing half the details, and vastly different implementation from the above

Alternative: missing 80%; a patch for an unknown version of some other implementation, also vastly different.

FFS.
Okay, I roll my own auth, but need creds and a remote account added with the redirects and such, and ask security. “I’m building a new rails app and need to set up an SSO integration to allow employees to log in. I need <details> from <service>.” etc. easy request; what could go wrong?

Security: what’s a SSO integration do you need to log in maybe you don’t remember your email I can help you with that but what’s an integration what’s a client do you mean a merchant why do merchants need this

Security: oh are you talking about an integration I got confused because you said not SSO earlier let me do that for you I’ve never done it before hang on is this a web app

Security: okay I made the SSO app here you go let me share it hang on <sends …SSL certificate authority?>

Boss: so what’s taking so long? You should be about done now that you’ve had a day and a half to work on this.

Abajdgakshdg.

Fucking room temperature IQ “enterprise security admin.”
Fucking overworked.
Fucking overstressed.

I threw my work laptop across the room and stepped on it on my way out the door.
Fuck this shit.

!dev

There’s this person at $work who never uses punctuation of any kind. She has mental issues and insists on neutral pronouns (and strongly advertises these) so I’ll use the indefinite to pretend to be respectful. It has multiple thoughts while typing a message and just keeps typing through all of them without stopping. It pauses not to collect its thoughts, to edit for clarity or to fix mistakes, to separate anything (including disjoint topics), to summarize, etc. (Though calling these “thoughts” is a huge stretch, given its lack of propensity for that particular subject.) It’s as if it has zero distinction between writing and speaking, and simply lets the mental diarrhea flow while their fingers do their best to keep pace. Reading these trainwrecks of thought — and gleaning any useful information from them — is always difficult and a little bit painful.

It is also in charge of IT security, which is more than a bit worrying. (But I hate the company with a passion, so it doesn’t bother me nearly as much as it otherwise would.)

Oh, $work.

Ticket: Support <shiny new feature> in <seriously dated code> to allow better “searching” (actually: generating reports, not searching)

UI: “Filter on” inputs above a dynamic JS table don’t update said table; they trigger generating a new report.

Seriously dated code: 12 years old. Rails v3-isms. Blocks access without appropriate role; role name buried in secrets configuration files. Code passes data round-trip between server/client/server/model that isn’t ever used. Has two identical reports with slightly different names, used interchangeably. Uh, I guess I’ll update both?

Reports: Heavily, heavily abstracted; zero visibility.

Shiny new feature: Some new magical abstraction layer with no documentation nor comments. Nobody in my team knows how it works. The author… won’t explain, but sent me her .ppt presentation on it (the .ppt, not a recording).

Useless specs for seriously dated code: Tests exclusively factory-generated data; not the controller, filters/lookups, UI, table data, etc.

Seriously dated code and useless spec author: the CISO.

The worst part: I’m not even surprised at any of this.

I’m on this ticket, right? It’s adding some functionality to some payment file parser. The code is atrocious, but it’s getting replaced with a microservice definitely-not-soon-enough, so i don’t need to rewrite it or anything, but looking at this monstrosity of mental diarrhea … fucking UGH. The code stink is noxious.

The damn thing reads each line of a csv file, keeping track of some metadata (blah blah) and the line number (which somehow has TWO off-by-one errors, so it starts on fucking 2 — and yes, the goddamn column headers on line #0 is recorded as line #2), does the same setup shit on every goddamned iteration, then calls a *second* parser on that line. That second parser in turn stores its line state, the line number, the batch number (…which is actually a huge object…), and a whole host of other large objects on itself, and uses exception throwing to communicate, catches and re-raises those exceptions as needed (instead of using, you know, if blocks to skip like 5 lines), and then writes the results of parsing that one single line to the database, and returns. The original calling parser then reads the data BACK OUT OF THE DATABASE, branches on that, and does more shit before reading the next line out of the file and calling that line-parser again.

JESUS CHRIST WHAT THE FUCK

And that’s not including the lesser crimes like duplicated code, misleading var names, and shit like defining class instance constants but … first checking to see if they’re defined yet? They obviously aren’t because they aren’t anywhere else in the fucking file!

Whoever wrote this pile of fetid muck must have been retroactively aborted for their previous crimes against intelligence, somehow survived the attempt, and is now worse off and re-offending.

Just.
Asdkfljasdklfhgasdfdah

Hey, @dfox

Is there anything we can do to help?
We miss you, and we want to keep devRant alive too.

I really miss the dark theme.

I applied for four jobs today, including GitHub. I feel kinda proud of myself.

Before I left for vacation two weeks ago, I busted my butt to build out another portion of my frontend testing framework and get it in place (and spec’d) to unblock a coworker on a semi-high-priority ticket. I sent him detailed notes on which areas of the product it covers, how to use it, and copied one of his (blocked) tests over and updated it to use the new methods, pattern, namespacing, etc.

I came back today and discovered … he hasn’t even touched it. Everything is exactly as I left it.

Wheeeeeee.

After a week’s vacation, I felt the briefest feeling of being a person again. I was able to do something small and enjoy it, and even planned to do another small thing.

I got a crap raise — lowest I’ve ever gotten anywhere, and well below inflation — despite busting my butt, having somewhat better health and therefore productivity, etc.

I complained to my boss about it, and said it was insulting. He said that direct managers have zero say in raises, and instead it’s entirely up to execs and HR. Makes sense, since nothing makes sense at this company.

Anyway, he apparently talked to his boss, who talked with his boss, who talked with the execs and HR, and they decided to give me a raise on my raise, a whole $1k/year more, all the way back up to the usual insultingly-low 3%. Yay.

Their reasoning?
“Money is tight.”

The last all-hands?
“Record profits! Record sales! Record numbers across the board! And most of all: record profits! Give yourselves a round of applause for making this all possible!”

Money is tight, eh?
I hope they get smushed by a meteor, given a snuggle-struggle by a roving Somali gang, or kept warm for the rest of their lives by another Hawaiian/Californian wildfire.

I’m getting really tired of all these junior-turn-senior devs who can’t write simple code asking ChatGPT to solve everything for them.

I’m having to untangle everything from bizarre organization/flow to obvious gotchas / missed edge cases to ridiculously long math chains (that could be 1/10th the length), or — and I feel so dirty for this — resorting to asking ChatGPT wtf it was thinking when it obviously wrote some of these monstrosities. Which it gets wrong much of the time.

“ALL HAIL CHATGPT!” Proclaims the head of Engineering. “IT’S OUR PRODUCTIVITY SAVIOR! LEVERAGING AI WILL LET US OUTPERFORM THE ENTIRE INDUSTRY!”

Jesus fucking christ.

Here’s to a hopefully better 2024!

Let’s all tell our bitchface thundercunt micromanagers to fuck off, find better employ elsewhere, and finally make progress on that side project that was our world several months ago.

And if the world continues going absolutely mental, may all of you find a peaceful meadow away from everyone and build yourselves wonderful little cottages.

Fuck Cypress. It’s a fucking goddamn pile of diseased garbage. Its design decisions actively fight against you, its methods don’t work, it’s unreliable as fuck, and it intentionally keeps stale state so your tests fuck with one another — and that even fucks up its own interface so nothing fucking works.

It’s like stepping into the shower and expecting clean water, but instead it’s just some obese guy with diarrhea shitting in your hair, and then getting all indignant that you’re upset about it.

If you consider using Cypress for something, find another project.

DEI QA: “For step 2 should the checkbox be checked? Or uncheck ?”

… Step 2 of my testing steps reads: “Check it [the checkbox], save it, reload it. The box should still be checked. Repeat to uncheck it, just to be pedantic, then leave it off so we can test the existing behavior.”

🤦🏻‍♀️

DEI QA: “The payment_method_identifier will be in api callback logs if `Return payment method identifier in auth/confirmation callbacks` is checked?”

🤦🏻‍♀️

Me: it does what it says on the tin.

DEI QA: “BTW its a `tin`.”
DEI QA: “In Canada its `Taxpayer Identification Number`”

🤦🏻‍♀️

Boss: Hey! I know you just got everything working on that new project. But good news: I have a repo you can clone and we can work together. So just clone that and look at my changes, find something that’s broken, and work away. Oh, I also modified everything to use HTTPS locally. HTTP won’t work anymore. Alright, I’m off on vacation! Ciao!

… and that’s the story of how I spent a day and a half fighting with NPM, Brew, setting up a new CA and self-signed cert, and getting passenger to work with it. The good news is that I can connect locally via 443. The bad news is all assets use http and are thus blocked for being mixed-content. And idk how to fix it. Joy!

Not mentioned: npx removing a required package every time I run it, version mismatches, and the usual NPM problems.

Thoughts on Session as a secure messenger? It looks fine at a glance, especially not using PII like a phone number, but I haven’t delved into it — and honestly don’t have the mental energy to.

What’s everyone’s thoughts on it?

Risk engine for payment processing, with support for custom rules and third party integrations like IDology. Deadline was one week.