Details
-
AboutMagical processor fairy; part-time misanthropic bane of idiots. 🧚♀️🏹
-
SkillsRuby ❤, js/es6, css, react, sql. VB and PHP can die in a fire.
-
LocationSlaving away for retards
Joined devRant on 2/25/2017
Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API

From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
-
I closed my work laptop yesterday around noon and dumped water on it. I was just so fed up.
Some spilled off onto my desk, though, so i gently moved (read: threw) the offending piece of plastic frustration onto the floor and carefully dried my desk.
On my way to the trash can, i stepped on the laptop. I stepped on it again on the way back, and later, on my way out the door.
I came in to get something half an hour later, and stepped on it again. It remained a stepping stone for the rest of the day, and accrued considerable foot traffic.
I spent the day drinking peach whiskey and playing with my children instead of working on reports. It was a good day.
Don't worry: my laptop still worked this morning, though I declined to.23 -
Hey Root, we have a high priority ticket for you! It's adding some columns to a report. Should be simple. Details are in the ticket.
First: reports are some of the most boring, drool-inducing drudgery i have ever worked on.
Second: Specs for these reports are a nightmare since everything is ... very indirectly tested, and the specs are everywhere but where you'd expect them to be, so it's a lot of spelunking and trial/error. It's also slow as beans.
Anyway. The ticket's details are in ... not the worst engrish i've ever seen, but it's bad enough that i have no idea what they're asking despite (thus far) five attempts at deciphering it. There's also a numbered list of "fields" to add, so you'd think it would be straightforward. It is not. Half the list is crossed out, and half of the remaining items are feature requests (in yet more engrish), not columns to add. Also, one of the actual fields is impossible as the data it's asking for is not recorded anywhere.
yeah...
I cringe every time I see this person's name as the reporter because it's always the same. and honestly, there are more of these engrish people every month, and believe me: it isn't just a language barrier...3 -
Fuck long covid / ME/CFS.
This is day two of being bedridden.
I want to have energy again. And be able to move and do even simple things without collapsing for hours or days at a time.
._.14 -
Boss: <Commits odd and breaking changes to my specs>
Boss: How did these specs of yours ever pass!?
Boss: That's not how this gem works!
Boss: <Doesn't mention that the gem was updated well after I finished the ticket>
Boss: Go fix your specs!
...2 -
I'm fixing a security exploit, and it's a goddamn mountain of fuckups.
First, some idiot (read: the legendary dev himself) decided to use a gem to do some basic fucking searching instead of writing a simple fucking query.
Second, security ... didn't just drop the ball, they shit on it and flushed it down the toilet. The gem in question allows users to search by FUCKING EVERYTHING on EVERY FUCKING TABLE IN THE DB using really nice tools, actually, that let you do fancy things like traverse all the internal associations to find the users table, then list all users whose password reset hashes begin with "a" then "ab" then "abc" ... Want to steal an account? Hell, want to automate stealing all accounts? Only takes a few hundred requests apiece! Oooh, there's CC data, too, and its encryption keys!
Third, the gem does actually allow whitelisting associations, methods, etc. but ... well, the documentation actually recommends against it for whatever fucking reason, and that whitelisting is about as fine-grained as a club. You wanna restrict it to accessing the "name" column, but it needs to access both the "site" and "user" tables? Cool, users can now access site.name AND user.name... which is PII and totally leads to hefty fines. Thanks!
Fourth. If the gem can't access something thanks to the whitelist, it doesn't catch the exception and give you a useful error message or anything, no way. It just throws NoMethodErrors because fuck you. Good luck figuring out what they mean, especially if you have no idea you're even using the fucking thing.
Fifth. Thanks to the follower mentality prevalent in this hellhole, this shit is now used in a lot of places (and all indirectly!) so there's no searching for uses. Once I banhammer everything... well, loads of shit is going to break, and I won't have a fucking clue where because very few of these brainless sheep write decent test coverage (or even fucking write view tests), so I'll be doing tons of manual fucking testing. Oh, and I only have a week to finish everything, because fucking of course.
So, in summary. The stupid and lazy (and legendary!) dev fucked up. The stupid gem's author fucked up, and kept fucking up. The stupid devs followed the first fuckup's lead and repeated his fuck up, and fucked up on their own some more. It's fuckups all the fucking way down.rant security exploit root swears a lot actually root swears oh my stupid fucking people what the fuck fucking stupid fucking people19 -
The park, under a tree. Preferably beside a lake or stream.
There can be people present, so long as they’re not too loud and don’t ask what I’m doing, hit on me, or try to chitchat.10 -
No matter what I try, I cannot get sharp text on my work macbook. When I use my external display for my editor, all of the text is slightly blurry and a pain to read, especially the tiny text in the status bar, which is just a fuzzy mess.
Like, I know why mac fonts are "fuzzy" -- it uses subpixel rendering to attempt to stay true to the font's curves, whereas e.g. windows tries to snap those curves to the pixel grid. So, on macs, fonts look amazing when they're normal to large, but small font sizes are just yuck. Windows is the opposite: small fonts look crisp and clear, and normal-sized fonts look.. okay.
but why can't OSX just switch between subpixel and snapping based on font size? i'm tired of reading blurs! it makes my eyes blur!12 -
CR: "Add x here (to y) so it fits our code standards"
> No other Y has an X. None.
CR: "Don't ever use .html_safe"
> ... Can't render html without it. Also, it's already been sanitized, literally by sanitize(), written by the security team.
CR: "Haven't seen the code yet; does X change when resetting the password?"
> The feature doesn't have or reference passwords. It doesn't touch anything even tangentially related to passwords.
> Also: GO READ THE CODE! THAT'S YOUR BLOODY JOB!
CR: "Add an 'expired?' method that returns '!active'?"
> Inactive doesn't mean expired. Yellow doesn't mean sour. There's already an 'is_expired?' method.
CR: "For logging, always use json so we can parse it. Doesn't matter if we can't read it; tools can."
CR: "For logging, never link log entries to user-readable code references; it's a security concern."
CR: "Make sure logging is human-readable and text-searchable and points back to the code."
> Confused asian guy, his hands raised.
CR: "Move this data formatting from the view into the model."
> No. Views are for formatting.
CR: "Use .html() here since you're working with html"
> .html() does not support html. It converts arrays into html.
NONE OF THIS IS USEFUL! WHY ARE YOU WASTING MY TIME IF YOU HAVEN'T EVEN READ MY CODE!?
dfjasklfagjklewrjakfljasdf5 -
Most tedious part of my day...
While meetings are boring and awful and all, it's probably spinup times for me. Each and every change requires a minimum of 35 seconds of spinup to test. If i'm testing something with mailers or other daemons, that increases to easily 90+ seconds (plus the worker thread pickup times).
It's not enough time to do anything useful, and more than enough time to lose my focus. It turns every task into boring, tedious struggle. It's awful.
Apart from my coworkers, this is the single worst part about my job. (Okay, the awful code quality totally pushes this to third place.)4 -
So at work, there is this class/model thing that's for storing translated strings. It also supports n-level nested macros, cascading lookup (e->d->c->b->a->blank), and I've added transforms too. The code is a bloody mess and very inefficient (legendary dev's code), but it's useful.
You call methods with a symbol representing one of the strings, and it does... whatever you ask, like return text, booleans, expand macros and submacros, pass in data to interpolate, etc.
But I just learned something today.
Its `.html` method... doesn't support html. In fact, calling it strips out all html, takes whatever is left, and attempts to convert that back into html. Because that makes so much sense. So, if you have an html string? Don't call html on it.
Also, macros use the same <angle brackets> as html tags, and macro expansion eats unknown macros, so... you can't mix html and macros, meaning you cannot inject values into your markup. That's a freaking joy to work around. (You end up writing a parser every time.)
So no, if you have an html string, you need to get the raw data out and handle it yourself. Don't reach for that shiny .html method; it'll just ruin your day.
It's the little things that make my day so terribly long.rant it really isn't so bad principle of most surprise poor design but it could be ever so much better8 -
$work: Ey @Root, make this super simple thing.
$work: No, not like that.
$work: It also needs to do A, B, and C.
$work: No, not there. You should build it somewhere else, but I won't tell you where.
$work: You need to build out F and G, too.
$work: What do you mean you don't have the data? Just ask support drone #3. (who directs me to #2, and that one to #8 who doesn't know, and that one to #12 who won't answer)
$work: Why can't I do K, Y, or S? You should be able to infer these from the mind of whoever wrote the ticket by its wording, despite no mention of them whatsoever.
$work: Are you done yet? It's a super simple ask!7 -
@Root has a code review.
CR comment: “Why would you do it this way? It’s awful. Clean it up!”
Totally fair. I had copied the legendary dev’s code, and it was ick. Cleaning it was easy and enjoyable. I cleaned the source, too.
CR comment: “Why would you touch this? It’s outside the scope of the ticket. You could get it working without changing all this.”
Revert…
CR comment: “The interfaces don’t match. Now it’s confusing, and that makes it harder to maintain.”
🤦🏻♀️16 -
(Forgot to post this a few days ago. Was just too tired.)
Finally finished the code review from hell.
The patch on top of the PR is +1448 -1114, and nearly all of it is rearchitecting, not moving.
I think I spent six days on it, 4-5 productive hours a day? Seems like a lot. This codebase is a bitch to work in.
I’m spent.1 -
The nightmare continues.
Currently dealing with a code review from a “principal” dev (one step above senior), who is unironically called a “legendary dev” by some coworkers. It’s painfully obvious he didn’t read the code, and just started complaining and nitpicking.
It’s full of requests to do things that make absolutely no sense, and would make the code an unmaintainable mess.
• Ex: moving the logic and data collection from the module’s many callers into the module instead of just passing in the data.
• Ex: hiding api endpoint declarations by placing them in the module itself, and using magic instance variables to pass data to it. Basically: using global functions and variables instead of explicit declarations and calls.
• Ex: moving the logic to determine which api endpoint to use, for all callers, into the view.
More comments about methods being “too complex” (barely holds water) right next to comments saying “why are these separate? merge them together!”
Incredulously asking how many times I’m checking permissions and how ridiculous it all is. (The answer? Twice.)
Conflating my “permissions” param and method names with a supposedly forthcoming permissions system overhaul, and saying I shouldn’t use permissions because my code will all have to get rewritten. Even if that were true, and it’s likely not, the ticket still needs to use the current permissions. I can’t just ignore them because they might be rewritten someday.
Requests to revert some code cleanup because the reviewer thought the previous heavily-nested and uncommented versions (with code duplication) were easier to read. Unsurprisingly, he wrote them.
On the same ticket, my boss wants me to remove all styling and clientside validation, debouncing, and error messages from a form. Says “success” and “connection failed” messages are good enough. The form in question sends SMS and email using arbitrary user input for addresses. He also says it shouldn’t be denounced on the server, and doesn’t want me to bother checking permissions. Hello, spam!
Related: the legendary dev reviewer says he can’t think of a reason why we would want to disable the feature for consumers, so I should remove the consumer feature flag.
You can’t make this stuff up.9 -
Week 278: Most rage-inducing work experience — I’ve got a list saved! At least from the current circle of hell. I might post a few more under this tag later…
TicketA: Do this in locations a-e.
TicketB: Do this in locations e-h.
TicketC: Do this in locations i-k.
Root: There’s actually a-x, but okay. They’re all done.
Product: You didn’t address location e in ticket B! We can’t trust you to do your tickets right. Did you even test this?
Root: Did you check TicketA? It’s in TicketA.
Product guy: It was called out in TicketB! How did you miss it?!
Product guy: (Refuses to respond or speak to me, quite literally ever again.)
Product guy to everyone in private: Don’t trust Root. Don’t give her any tickets.
Product manager to boss: Root doesn’t complete her tickets! We can’t trust her. Don’t give her our tickets.
Product manager to TC: We can’t trust Root. Don’t give her our tickets.
TC: Nobody can trust you! Not even the execs! You need to rebuild your reputation.
Root: Asks coworker a simple question.
Root: Asks again.
Root: nudges them.
Root: Asks again.
Coworker: I’ll respond before tomorrow. (And doesn’t.)
Root: Asks again.
Root: Fine. I’ll figure it out in my own.
TC: Stop making it sound like you don’t have any support from the team!
Root: Asks four people about <feature> they all built.
Everyone: idk
Root: Okay, I’ll figure it out on my own.
TC: Stop making it sound like you don’t have any support from the team!
Root: Mentions multiple meetings to discuss ticket with <Person>.
TC: You called <Person> stupid and useless in front of the whole team! Go apologize!
Root: Tells TC something. Asks a simple question.
Root: Tells TC the same thing. Asks again.
TC: (No response for days.)
TC: Tells me the exact same thing publicly like it’s a revelation and I’m stupid for not knowing.
TC: You don’t communicate well!
Root: Asks who the end user of my ticket is.
Root: Asks Boss.
Root: Asks TC.
Root: Fine, I’ll build it for both.
Root: Asks again in PR.
TC: Derides; doesn’t answer.
Root: Asks again, clearly, with explanation.
TC: Copypastes the derision, still doesn’t answer.
Root: Asks boss.
Boss: Doesn’t answer.
Boss: You need to work on your communication skills.
Root: Mentions asking question about blocker to <Person> and not hearing back. Mentions following up later.
<Person>: Gets offended. Refuses to respond for weeks thereafter.
Root: Hey boss, there’s a ticket for a minor prod issue. Is that higher priority than my current ticket?
Root: Hey, should I switch tickets?
Root: Hey?
Root: … Okay, I’ll just keep on my current one.
Boss: You need to work on your priorities.
Everyone: (Endless circlejerking and drama and tattling)7 -
001 REM Code review
010 PRINT "Nitpick nitpick nitpick nitpick nitpick"
011 GOSUB REFACTOR
020 PRINT "This function is too complicated, break it up"
021 GOSUB REFACTOR
030 PRINT "Why do you have three methods for this? Put all the logic in one method."
031 GOSUB REFACTOR
040 GOTO 020
041 REM ARGH
998 PRINT "Looks good."
999 STOP9 -
Trash, trash, trash.
Who the fuck writes this shit?
Who the fuck lets these trash should-be-junior devs roll their own crypto? and then approves it?
The garbage heap of a feature (signing for all apis) doesn't follow Ruby standards, doesn't follow codebase conventions, has `// this is bridge` style comments (and no documentation), and it requires consumer devs to do unnecessary work to integrate it, and on top of all this: it leaks end-user data. on all apis. in plaintext.
Fucking hell.8 -
Had QA call my "simple, quick" ticket a "monster ticket" in front of everyone. Hear it and weep, micromanager!
Also had them tell me i thought of everything, it was beautiful, and that i have a knack for frontend :)8 -
Spent an hour and a half renaming a method everywhere in a project from `feature_name` to `feature_name!`. There are a lot of constants, symbols, and other methods that use "feature_name" as a prefix (plus comments and spec descriptions), so was a little more difficult than normal.
Should have taken like 5 minutes with a proper IDE refactor tool. but noo, it was too difficult for RubyMine. wah wah wah. Stupid thing. Not even the search tool was useful -- it's limited to 100 results, and there were around 250 for that substring.
I ended up having to run specs repeatedly to find all the remaining instances, which took freaking forever. blahhh20 -
Hey. This code look broken. What should I do?
It isn't broken. It's doing what it's supposed to.
Well, it's hard to follow, but it certainly doesn't look right. And it isn't doing what I expect. Also, why is it calling method(a_class1_or_class2) with a class3?
It isn't hard to follow, and it works just fine. Let me show you. ... huh. looks like it isn't right. and there's a comment here saying the calls aren't clear. but it works just fine. Just copy it over and do it the same way.
I already did that. and it isn't working.
What are you talking about? Of course it works fine. Did you check your code?
------
Really, dude? It doesn't work fine. but, guess what? It works fine* when I change it to call that method with a class2 like it asks for. (Surprise!) But I can't tell him that. Nope. Bossmang get offended. Still won't admit I was right about anything, either.
Ahh... the continual joy of working with (and for) trash.
* well, more fine; the rest of the feature is still wrong. but nope, i'm not allowed to fix it. because why would they want anything to work properly? Already-accepted wrong behavior is good enough. Can't clean up the code, either, because that "muddies the waters." Bitch, I couldn't see the bottom of this sewer if it was half an inch deep! Which is more important: the last contributor entry beside the code, or that code being readable and maintainable? or it, you know, working?
doot doot.
need to scoot.8 -
Ticket: Add <feature> to <thing>. It works in <other things> so just copy it over. Easy.
Thing: tangled, over-complicated mess.
Feature: tangled and broken, and winds much too deep to refactor. Gets an almost-right answer by doing lots of things that shouldn't work but somehow manage to.
I write a quick patch that avoids the decent into madness and duplicates the broken behavior in a simple way for consistency and ease of fixing later. I inform my boss of my findings and push the code.
He gets angry and mildly chews me out for it. During the code review, he calls my patch naive, and says the original feature is obviously not broken or convoluted. During the course of proving me wrong, he has trouble following it, and eventually finds out that it really is broken -- and refuses to admit i was right about any of it. I'm still in trouble for taking too long, doing it naively, and not doing it correctly.
He schedules a meeting with product to see if we should do it correctly. He tells product to say no. Product says no. He then tells me to duplicate the broken behavior. ... which I already did.
At this point I'm in trouble for:
1) Taking too long copying a simple feature over.
2) Showing said feature is not simple, but convoluted and broken.
3) Reimplementing the broken feature in a simpler way.
4) Not making my new implementation correct despite it not working anywhere else, and despite how that would be inconsistent.
Did everything right, still in the wrong.
Also, they decided I'm not allowed to fix the original, that it should stay broken, and that I should make sure it's broken here, too.
You just have to admire the sound reasoning and mutual respect on display. Best in class.19 -
ARGH. I wrote a long rant containing a bunch of gems from the codebase at @work, and lost it.
I'll summarize the few I remember.
First, the cliche:
if (x == true) { return true; } else { return false; };
Seriously written (more than once) by the "legendary" devs themselves.
Then, lots of typos in constants (and methods, and comments, and ...) like:
SMD_AGENT_SHCEDULE_XYZ = '5-year-old-typo'
and gems like:
def hot_garbage
magic = [nil, '']
magic = [0, nil] if something_something
success = other_method_that_returns_nothing(magic)
if success == true
return true # signal success
end
end
^ That one is from our glorious self-proclaimed leader / "engineering director" / the junior dev thundercunt on a power trip. Good stuff.
Next up are a few of my personal favorites:
Report.run_every 4.hours # Every 6 hours
Daemon.run_at_hour 6 # Daily at 8am
LANG_ENGLISH = :en
LANG_SPANISH = :sp # because fuck standards, right?
And for design decisions...
The code was supposed to support multiple currencies, but just disregards them and sets a hardcoded 'usd' instead -- and the system stores that string on literally hundreds of millions of records, often multiple times too (e.g. for payment, display fees, etc). and! AND! IT'S ALWAYS A FUCKING VARCHAR(255)! So a single payment record uses 768 bytes to store 'usd' 'usd' 'usd'
I'd mention the design decisions that led to the 35 second minimum pay API response time (often 55 sec), but i don't remember the details well enough.
Also:
The senior devs can get pretty much anything through code review. So can the dev accountants. and ... well, pretty much everyone else. Seriously, i have absolutely no idea how all of this shit managed to get published.
But speaking of code reviews: Some security holes are allowed through because (and i quote) "they already exist elsewhere in the codebase." You can't make this up.
Oh, and another!
In a feature that merges two user objects and all their data, there's a method to generate a unique ID. It concatenates 12 random numbers (one at a time, ofc) then checks the database to see if that id already exists. It tries this 20 times, and uses the first unique one... or falls through and uses its last attempt. This ofc leads to collisions, and those collisions are messy and require a db rollback to fix. gg. This was written by the "legendary" dev himself, replete with his signature single-letter variable names. I brought it up and he laughed it off, saying the collisions have been rare enough it doesn't really matter so he won't fix it.
Yep, it's garbage all the way down.16 -
!!fml
"Root, go fix this bug. It'll take you two days."
The "bug" is a feature that was never implemented for one particular payment type.
The code in question is two years old, full of typos, smells, junior-isms, and is convoluted AF. The feature's commit touched 190 files and implemented many other features as well. Thus far, I have been unable to narrow down where this particular feature's code lives for the other payment types, nor which code or payment paths lead to it. Burned out, I can barely focus on the screen, let alone follow its many twisting and dynamically-inferred paths. I hint as to the ticket's scavenger hunt nature during standup.
"But I wrote comments on the ticket telling you exactly where to look to fix it," Thundercunt admonishes in front of the team.
"Sure, you did," Root replies. "You reworded what the original dev had said in the comments 20 minutes prior, and agreed with him. His comments were helpful, but it doesn't tell me how any of it works," she continues.
TC scoffs and closes the meeting.
Root stares blankly, seeing neither code nor screen, questions her life decisions, and recalls the previous tickets she has worked on: nearly every one of them busywork, fixing other people's bugs. Bugs she never could have gotten away with if she tried.
"Why do I put up with this?" She asks. "They don't care, and it's killing me."
But the bills remain, and so must she.
"Fuck my life" she finally decides.20 -
$work is migrating to a new HR performance review service (15five). Instead of a private (ish) review once a quarter, it'll be public (and uneditable) reviews due every friday. Better make sure that review is perfect.
also, praising a coworker is required.
<sarcastic thumbs-up>13 -
So, I was going to complain about JS being finicky and not making a damned bit of sense, but it turns out that it wasn't JS's fault. Not entirely, anyway. It was the halfassed JS minifier middleware (written by the legendary dev himself) that was breaking the JS while writing it to the page.
The original problem:
My code worked. I removed some comments. Big ol' block of //'s. And suddenly $() isn't a function. But if I call $(); at the top, it all works!
It turns out the "minifier" caused JS to think my code was chaining off the previous JS line in the rendering pipeline instead of being a separate statement. so all it really needed was a `;` at the start. What threw me, though, was the last line of the previous blob of (non-minified) JS was a comment, so it should be a separate statement, right?
But as it turns out...
```
console
// JS really is finicky.
.log('Sigh.');
```16