Adventures in security land.

The “legendary” lead dev authored a ticket that logs raw credentials for a third-party tool we’re using, and logs partially-obscured consumer passwords. His reasoning: “for debugging. And customer service!” And then argued with me over why that’s bad! Seriously?

Then in the release channel, he and the release manager are talking like I’m pestering them with my findings. Things like “I have some Root-induced changes coming” and “Fixed those, but she’ll probably have more...” etc.

Like come on.
I’m even being nice here, but you seriously need to stop screwing this up.

They also didn’t bother merging the fixes into the release branch, so I needed to re-review the entire (large) ticket on its own branch. Doubles the effort since I can’t easily see what changed.

The lead dev also only updated a few of the specs (despite me sending him a list), so there’s a bunch of failing ones now. Makes me unsure if he actually fixed everything.

Maybe I’m just being touchy, but ugh. Freaking annoying people.

At least he owned up to being the author this time instead of saying someone else (who wasn’t in the history...) wrote it. -.-

  • 13
    “Legendary” devs are definitely not ones who are full of themselves and ones that DEFINITELY, DEFINITELY don’t fucking log tokens and credentials into the console.
  • 7
    Legendary lead: GASP!! A lowly slave...A FEMALE slave is outsmarting me!! And ordering me to do work! Blasphemy! Hmm what time is it...whoops time to publish a LinkedIn article about sexism in tech. I make 300k a year and would be poor if not for this place keeping me around. Good day!
  • 8
    Me: you know maybe we should set a standard of max 50 lines as to how long a function should be. To avoid having my all these thousand line functions that no one can debug.
    Lead dev and CEO: I'd just write everything in a single line lol
  • 0
    @ars1 wtf!!! This can’t be real, you’re joking right? This is a comedy sketch you’re writing?
  • 4
    @TeachMeCode The only joke was old me trying to somehow save that codebase. And this is a company making plenty of money from their SaaS because there was basically no competition and the software is quite hard to build. The guy is quite smart in general, but gave zero fucks about maintainability and actively preferred shit code (custom clusterfuck jQuery frontend over an organized and documented framework). I'm glad I left.
  • 1
    Probably Jerks have problems with a woman owning them? :D
  • 0
    @ars1 we need languages to just fail to compile/run if they encounter such atrocities
  • 0
    @root: there is a lot of "leads" whose life project should be stopped and assessed as failed... And not owning his shit is the worst, he will suck for eternity...

    We all make errors, yeah already logged users' credentials by error. And yes, QA and other seniors dev fucked me up... As they should... And fixed my screw-up without whining...

    It's crazy how much self-worth some stupid assholes put on their "tech skills". Pretty fragile, misplaced ego... Hang in there until you change work...
  • 3
    Yikes. This is pure Deja vu for me. Lack of self-awareness, big egos and unaddressed biases are abundant in tech teams nowadays.
Add Comment