Do all the things like ++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatarSign Up
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple APILearn More
Search - "api"
I’m surrounded by idiots.
I’m continually reminded of that fact, but today I found something that really drives that point home.
Gather ‘round, everybody, it’s story time!
While working on a slow query ticket, I perused the code, finding several causes, and decided to run git blame on the files to see what dummy authored the mental diarrhea currently befouling my screen. As it turns out, the entire feature was written by mister legendary Apple golden boy “Finder’s Keeper” dev himself.
To give you the full scope of this mess, let me start at the frontend and work my way backward.
This function allows the user to better see the rows in the API Calls table, for which there is a also search feature — the very thing I’m tasked with fixing.
It’s worth noting that above the search feature are two inputs for a date range, with some helpful links like “last week” and “last month” … and “All”. It’s also worth noting that this table is for displaying search results of all the API requests and their responses for a given merchant… this table is enormous.
This search field for this table queries the backend on every character the user types. There’s no debouncing, no submit event, etc., so it triggers on every keystroke. The actual request runs through a layer of abstraction to parse out and log the user-entered date range, figure out where the request came from, and to map out some column names or add additional ones. It also does some hard to follow (and amazingly not injectable) orm condition building. It’s a mess of functional ugly.
The important columns in the table this query ultimately searches are not indexed, despite it only looking for “create_order” records — the largest of twenty-some types in the table. It also uses partial text matching (again: on. every. single. keystroke.) across two varchar(255)s that only ever hold <16 chars — and of which users only ever care about one at a time. After all of this, it filters the results based on some uncommented regexes, and worst of all: instead of fetching only one page’s worth of results like you’d expect, it fetches all of them at once and then discards what isn’t included by the paginator. So not only is this a guaranteed full table scan with partial text matching for every query (over millions to hundreds of millions of records), it’s that same full table scan for every single keystroke while the user types, and all but 25 records (user-selectable) get discarded — and then requeried when the user looks at the next page of results.
What the bloody fucking hell? I’d swear this idiot is an intern, but his code does (amazingly) actually work.
No wonder this search field nearly crashed one of the servers when someone actually tried using it.
An intern I was supposed to lead (as an intern) and work with. Which sounded kinda crazy to me, but also fun so I rolled with it. But when I met her I quickly found out she didn't even have a coding editor installed and when I advised one she was "scared of virusses". She had Microsoft Edge in her toolbar, and some picture of a cat as a background. We were given some project by our boss, and a freelance programmer helped us set it up on Trello. Great, lets start! Oke maybe first some R&D, she had to reaeach how to use the Twilio API. After catching her on WhatsApp a few times I realised this wasnt gonna go anywere. After a few weeks of coding and posting a initial project to git I asked her if she could show me the code of the API she made so far..
She told me she was using the quickstart guide (the last 3 FUCKING weeks) which contained some test project with specific use cases.
The one that I did 3 weeks ago that same fucking morning.
AND SHE WAS STILL NOT DONE...
A few days later I asked her about the progress (strangly, I wasn't allowed ti give her another task bcs the freelanc already did) and guess what... She got fking pissed at me
Her: "I will come to you when im done, ok?"
Me: "I just want to see how it is going so far and if you are running into any problems!"
Her: "I dont want to show you right now"
She then goes to my fucking boss to tell him I am bothering her.
And omg... Please dear god please kill me now...
Instead of him saying the she probably didn't do shit. He says to me that the girl thinks im looking down on her and she needs a stress free environment to work in. She will show me when its done. ITS A FUCKING QUICKSTART GUIDE YOU DUMB BITCH.
He then procceeded to whine to me about the email template (another project I do at the same time) which didn't look perfect in all of his clients.
Dont they understand that I am not a frontend developer? Can you stop please? I know nothing about email templates, I told you this!!!
Really... the whole fucking internship the only thing the girl did was ask people if they want more tea. Then she starts cleaning the windows, talk to people for an hour, or clean everyone's dask.
all this while I already made 50% of the fucking product and she just finished the quickstart tutorial 😭. Truly 2 months wasted, and the worse thing is I didn't get any apprication. They constantly blamed me and whined at me. Sometimes for being 3 minutes late, the other for smoking too much, or because I drink to much coffee, or that I dont eat healthy. They even forced me to play Ping Pong. While im just trying to do my job. One of the worst things they got mad at me for if when my laptop got hacked bcs it was infected with some virus. He had remote access and bought 5 iPhones 6's with my paypal while I was on break. I had to go home and quickly reset all my passwords and make sure the iPhones wouldnt get delivered. strange this was, this laptop I only used at the company. So it must have been software I had to download there. Probably phpstorm (torrent). Bcs nobody would give me a license. And the freelancer said I * have to *.
the monday after I still had to reinstall windows so I called them and said I would be late. when I came they were so disrepectfull and didn't understand anything. It went a little like this:
Boss: why u late?
Me: had to reinstall my laptop, sorry.
Boss: why didnt you do this in your own time?
Me: well, I didn't have any time.
Boss: cant you do this in the weekend or something? Because now we have to pay you several hours bcs you downloaded something at home.
Me: I am only using this laptop for work so thats not possible.
Boss: how can that even be possible? You are not doing anything at home with your laptop? Is that why you never do anything at home?
Me: uhm, I have desktop computer you know. Its much faster. And I also need to rest sometimes. Areeb (freelancer) told me to torrent the software. He gave me the link. 2 days later this happends
Boss: Ahh okeee I see.. Well dont let it happen again.
After that nobody at the compamy trusted me with anything computer related. Yes it was my own fault I downloaded a virus but it can happen to anyone. After that I never used Windows again btw, also no more auto login apps.8
Manager: Hey fullstackchris, the maps widget on our app stopped working recently...
Dev: (Skeptical, little did he know) Sigh... probably didn't raise quota or something stupid... Logs on to google cloud console to check it out...
Google Dashboard: Your bill.... $5,197 (!!!!!!) Payment method declined (you think?!)
Dev: 😱 WTF!?!?!! (Calls managers) Uh, we have HUGE problem, charges for $5000+ in our google account, did you guys remove the quota limits or not see any limit reached warnings!?
Managers: Uh, we didn't even know that an API could cost money, besides, we never check that email account!
Dev: 🤦♂️ yeah obviously you get charged, especially when there have literally been millions of requests. Anyway, the bigger question is where or how our key got leaked. Somewhat started hammering one of the google APIs with one of our keys (Proceeds to hunt for usages of said API key in the codebase)
Dev: (sweating 😰) did I expose an API key somewhere? Man, I hope it's not my fault...
Terminal: grep results in, CMS codebase!
Dev: ah, what do we have here, app.config, seems fine.... wait, why did they expose it to a PUBLIC endpoint?!
Long story short:
The previous consulting goons put our Angular CMS JSON config on a publicly accessible endpoint.
WITH A GOOGLE MAPS API KEY.
JUST CHILLING IN PLAINTEXT.
Though I'm relieved it wasn't my fault, my faith in humanity is still somewhat diminished. 🤷♂️
Oh, and it's only Monday. 😎
Manager: "We can't have new releases breaking older versions of the mobile app!!!!! We'll lose all our customers!!!!"
fullStackChris: "That's fine, we can do API versioning, but it will take some time to implement, I'll have to be quite careful and write some tests to implement it. Probably 2-3 weeks..."
Manager: "NO WAY, THAT TIME ESTIMATE IS WAY TOO LONG, WE DON'T HAVE TIME FOR THAT!!!"
fullStackChris: "So how do you wanna support multiple versions of the app without doing any sort of versioning?"
Manager: "...we'll think of something!"
And with 99% certainty, I expect to hear this in a week or two:
Manager: "fullStackChris, we'd like to introduce you to the highly technical concept, API versioning. It's a way to version the API so we can support multiple versions of the application our customers use! It's amazing! Please implement this immediately so we can support multiple versions of the application!"
Sigh... each day managers learn a bit more how physical reality works... you can't have your cake and eat it too.8
It's always the same shit with some developers. Someone notices that an app is calling an API way too much, causing it to throttle. This is caused by a UI that does ~100-400 HTTP requests when you open a page. Someone comes and offers multiple solutions to cut down those requests by changing the UI behavior, dropping the request amount to less than 10% or maybe even zero.
Then comes one developer "WhY cAn'T We bAtCh thE ReQueSts?" Well, you fucking blockhead, what's the point in rendering 300 items on a page anyway when at any given time a user can maybe see five of them on his screen? These numbskulls have zero idea of how to solve technical issues with simple UX tweaks. Learn some UI/UX design if you're a front-end developer ffs.9
Manager: I want the front ends to be more dumb, too much logic is happening on the frontend.
Me: both of the sites are just multi step forms, I’m confused about the complexity part.
Manager: yea but don’t we have a bunch of third party api calls?
Me: we have 4 and they are public facing apis.
Manager: yea, make a new api and move this api calls to the backend and I want both frontend teams to send the same shape payload.
Manager: oh and I don’t like how the business team does the a/b testing and splitting traffic, let’s move that to the backend as well.
Me: but… that a/b testing platform they use in ran by another team and they have a full set of features for business analytics…
Manager: yea let’s just replicate those features and move them to the backend.
Me: but it’s a product!
Manager: look! You are the best backend engineer we got! I know you can do this!
Me: I lead the frontend teams…
Manger: good news we are giving you a promotion with raise you are now a senior engineer.
Me: I confused but happy… I think..9
Remember the super duper company I applied for? (Last rant)
Well, I did their coding challenge. And after many years I had to do a metric crapton of C++. It's not a fun language. It's frustrating how human-unfriendly it is, and maybe one reason why I low-key like it.
Anyways, here's hoping that I didn't fuck up too much.
On a side note, I realized tensorflow actually has a cpp api. I think I'm gonna work with that in my next mental breakdown. 🧐6
My worst interview ever was my first interview fresh out of college. After the initial phone screen, they asked me to drive 2 hours to their office to give me a "code challenge."
The challenge was to spend 4 hours writing a simple rest API for a blog type thing, but the catch was to not use any existing libraries for data access and instead write an entirely database agnostic DAL. Then after I finished they sat me in a conference room with 3 of their engineers and the CEO to just tear apart my code.
For a JUNIOR position to someone fresh out of college.
I guess I defended it well, because they asked to continue the process l, but after that I found a different position.4
PO: we want this new functionality, a new api call is needed in checkout process
Devs: okay, and what should happen in case of error?
PO: dont worry, it wont fail. Never.
How tf do I explain my manager that I simply can't change the damn response coming from a 3rd party API without hurting his fragile ego but while also using crayons.4
Frontend dev: Hey, could you break HTTP conventions and change the API so I don't have to manage the context of the request?8
I’m fucking done….
I don’t even know what to tell.
I’m a CTO in a startu. We have pretty good traction, my salary is about average senior dev salary (plus 10%).
I’m good financially.
But I have no more pleasure in work. Like at all.
“This API call performance is bad”
Yeah I know, maybe you shpuldn’t try to call it for 1000 objects at the time ?
“We need to reduce Azure cost”
Yeah I know, but are you ready to live with performances downgrade it will generate ?
“I don’t understand on what thing you worked past week, where is a devops card ?
Fuck you, I’m in extenuating fire mode, I don’t have time for a fucking devops card
Thank you for your imput, Blazor WAS created to avoid JabaScript
“The client has only 1.000.000 records and API doesn’t return them all”
Use fucking paging moron. And BTW, I’m adding “number of authorized requests” shortly.
I can go on and on and on for hours. But the idea is : I completely lost the will or motivation to do anything. I’m considering just to quit and go back to be Junior dev for a random company.9
OK heavy rant on 'modern' software development coming! --> don't take it to seriously though :-)
Electron... why does that shit exist? It is like stacking all the worst technologies available to mankind into an enormous pile of crap and polishing that turd to look like something wonderful. It is big, slow and overall AWFUL!
An example? ... Microsoft Teams :-( it burns your PC like fire and makes it squeal for mercy.
When a library/framework becomes the ultimate evolution of abstraction layer upon abstraction layer and it simply should stop to exist and a reset button needs to be pressed.
I would love to see some research on the real world environmental impact that all those shitty slow and bloated web technologies have.
Software energy label!
C, C++ and Rust e.t.c. and all accompanying efficient UI libraries should be the only languages/implementations allowed to get a A, B and C label.
One of the guys in my uni group project accused me of bullying, shutting him out of the group, ignoring him and taking over his work. He complained to head of year, I had to have a "discussion" with head of year, welfare tutor and my personal tutor.
For supporting evidence, I brought the message he'd posted in our team Facebook group where he told me to do the thing I was doing. The discussion didn't last long, but it seemed he was unhappy with me asking questions, mean things like "I need a draft api to do my work, why don't we sit down and design it instead of the UI you're working on?"
Conclusion? He "worked on a separate project". Got to the end of the year, the whole class went for pub drinks, someone else came up to me, had been through the exact same thing, exact same person, different group project.
Group projects teach you to hate people.5
"It is risky to release an app that depends on APIs that you don't control."
Yeah, dude, we also live in the real world.
Better to say: "Your app should handle cases where the third party API is partially or even totally down."
God, some people, they build a wall of rules around themselves and wonder why their skills don't improve.13
Ok, so our team is responsible for writing an app that consumes an API written by the client's team (I refuse to call it a "REST" API, despite their claims). On one of the clarification meetings we are discussing an endpoint that accepts a (logically) unique field multiple times, even though an entity is already registered in the system with that unique identifier. Our proposal would be that this API of theirs should not happily accept duplicates as many times as there are bits on a 4TB hard drive, rather it should signal an error.
The response we got is this: Due to the Separation of Concerns principle they thought that it should be our app's responsibility to not send a request if an entity with said field is already in the system. Thus there's no need for the backend to validate this.
I didn't hear the next part, because I had to collect my headphones from the other side of the room where they were flung in rage.11
I'm having an existential crisis with this client.
We are spending millions of $s every year to make sure the product's performance is perfect. We are testing various scenarios, fine-tuning PLABs: the environment, application, middleware, infra,... And then we provide our recommendations to the client: "To handle load of XX parallel users focusing on YY, yy and Zy APIs, use <THIS> configuration".
And what the client does?
- take our recommendations and measure the wind speed outside
- if speed is <20m/s and milk hasn't gone bad yet, add 2x more instances of API X
- otherwise add 3xX, 1xY and give more CPUs to Z
- split the setup in half and deploy in 2 completely separate load-balanced prod environments.
- <do other "tweaking">
- bomb our team with questions "why do we have slow RTs?", "why did the env crash?", "why do we have all those errors?", "why has this been overlooked in PLABs?!?"
If you're improvising despite our recommendations, wtf are we doing here???
One day I will crack. Hopefully, not sometime soon.3
I've got a file on my desktop called key.txt, and it's just a single line in it that is clearly some sort of API key.
Absolutely no memory of what it is for.
Our boss did always the same thing. When there was a BIG potential customer who indicates a small interest in our software, then he lied constantly about features. After the customer bought our software we got a deadline and should develop the missing features. I could remember two features: The first one was a quote tool for a car transport company. The tool should estimate a price for a transportation from an email with no structure and the other one was an API which should be possible to write dynamicly to MySQL, MariaDB, Postgres, MSSQL, DB2, Mongo or better said any possible dbms. The API should guess the structure of the dbs and offer CRUD actions. The funny thing is must write the api with go. Yeah dynamic and GO.
At some time, we told him we wont make any overtime and if the deadline is not possible we told that immediatly the customers, so that they call him. Thank god I don't work anymore in this company.1
I just wanted to make with the Spotify API an online player. I sat 2 hours and still can't figure out how to center a fucking unordered list which is horizontal aligned
EoS1: This is the continuation of my previous rant, "The Ballad of The Six Witchers and The Undocumented Java Tool". Catch the first part here: https://devrant.com/rants/5009817/...
The Undocumented Java Tool, created by Those Who Came Before to fight the great battles of the past, is a swift beast. It reaches systems unknown and impacts many processes, unbeknownst even to said processes' masters. All from within it's lair, a foggy Windows Server swamp of moldy data streams and boggy flows.
One of The Six Witchers, the Wild One, scouted ahead to map the input and output data streams of the Unmapped Data Swamp. Accompanied only by his animal familiars, NetCat and WireShark.
Two others, bold and adventurous, raised their decompiling blades against the Undocumented Java Tool beast itself, to uncover it's data processing secrets.
Another of the witchers, of dark complexion and smooth speak, followed the data upstream to find where the fuck the limited excel sheets that feeds The Beast comes from, since it's handlers only know that "every other day a new one appears on this shared active directory location". WTF do people often have NPC-levels of unawareness about their own fucking jobs?!?!
The other witchers left to tend to the Burn-Rate Bonfire, for The Sprint is dark and full of terrors, and some bigwigs always manage to shoehorn their whims/unrelated stories into a otherwise lean sprint.
At the dawn of the new year, the witchers reconvened. "The Beast breathes a currency conversion API" - said The Wild One - "And it's claws and fangs strike mostly at two independent JIRA clusters, sometimes upserting issues. It uses a company-deprecated API to send emails. We're in deep shit."
"I've found The Source of Fucking Excel Sheets" - said the smooth witcher - "It is The Temple of Cash-Flow, where the priests weave the Tapestry of Transactions. Our Fucking Excel Sheets are but a snapshot of the latest updates on the balance of some billing accounts. I spoke with one of the priestesses, and she told me that The Oracle (DB) would be able to provide us with The Data directly, if we were to learn the way of the ODBC and the Query"
"We stroke at the beast" - said the bold and adventurous witchers, now deserving of the bragging rights to be called The Butchers of Jarfile - "It is actually fewer than twenty classes and modules. Most are API-drivers. And less than 40% of the code is ever even fucking used! We found fucking JIRA API tokens and URIs hard-coded. And it is all synchronous and monolithic - no wonder it takes almost 20 hours to run a single fucking excel sheet".
Together, the witchers figured out that each new billing account were morphed by The Beast into a new JIRA issue, if none was open yet for it. Transactions were used to update the outstanding balance on the issues regarding the billing accounts. The currency conversion API was used too often, and it's purpose was only to give a rough estimate of the total balance in each Jira issue in USD, since each issue could have transactions in several currencies. The Beast would consume the Excel sheet, do some cryptic transformations on it, and for each resulting line access the currency API and upsert a JIRA issue. The secrets of those transformations were still hidden from the witchers. When and why would The Beast send emails, was still a mistery.
As the Witchers Council approached an end and all were armed with knowledge and information, they decided on the next steps.
The Wild Witcher, known in every tavern in the land and by the sea, would create a connector to The Red Port of Redis, where every currency conversion is already updated by other processes and can be quickly retrieved inside the VPC. The Greenhorn Witcher is to follow him and build an offline process to update balances in JIRA issues.
The Butchers of Jarfile were to build The Juggler, an automation that should be able to receive a parquet file with an insertion plan and asynchronously update the JIRA API with scores of concurrent requests.
The Smooth Witcher, proud of his new lead, was to build The Oracle Watch, an order that would guard the Oracle (DB) at the Temple of Cash-Flow and report every qualifying transaction to parquet files in AWS S3. The Data would then be pushed to cross The Event Bridge into The Cluster of Sparks and Storms.
This Witcher Who Writes is to ride the Elephant of Hadoop into The Cluster of Sparks an Storms, to weave the signs of Map and Reduce and with speed and precision transform The Data into The Insertion Plan.
However, how exactly is The Data to be transformed is not yet known.
Will the Witchers be able to build The Data's New Path? Will they figure out the mysterious transformation? Will they discover the Undocumented Java Tool's secrets on notifying customers and aggregating data?
This story is still afoot. Only the future will tell, and I will keep you posted.6
How fucking hard is it to remain consistent with naming, holy shit! Is it register, sign up, create user and is it user, client, customer, account.. then you have the API to contend with, with it's own terminology! This is such crap.6
"Hey! We have an issue. Your API is returning the JSON with the decimal value as 1.07E instead of 10000000."
".... that's the correct representation of that value" - Me
"Oh. Well, we're a midpoint passing the value to someone else. We see that notation when we print it out, but when we pass it to them they're not getting the field at all, but we're passing it exactly the same to them so we don't understand why they're not able to process it..."
*Don't be a jerk.... don't be a jerk.... don't be a jerk*2
My coworker became super restless and incompetent during the initial 2020 Covid lockdown. Like playing hours of video games during work hours restless.
For one project, my coworker was working on the backend and I was working frontend. Coworker also wanted to be overlord of the epic branch.
My coworker merges the epic to our test branch and our code is broken. Coworker didn’t pull my FE changes before merging. Dude, I shouldn’t have needed to tell you to pull. You changed the api response that your BE code delivers so of course I had to update my FE code so it could work with this change.
I had to resolve the conflicts because coworker left work early to “rescue/pickup” their girlfriend from work.
You bet I leave this person on read when they try to text me on Signal1
Facebook is a giant piece of shit. Not only is their platform a massive contributor to mental illness, even their API's are fucking garbage. I'm trying to use their ads API and what it does is it hijacks the entire fucking request so you can't even extract data from the request after calling it. Fuck Facebook and everything they've ever "contributed" to society.5
Holy crap, I can't take it anymore.
I know that user acceptance testing is supposed to be done by the end user but it's as if they entirely skipped UNIT TESTING and QUALITY ENGINEERING.
Does their API work? Yes. It does.
Are their endpoints working? Sort of... why are query parameters required again?
Is it good overall? No, there are CORNER CASES ALL OVER THE PLACE (are they even still corner cases at this point?). It feels like it was made by amateurs!
Why am I doing quality testing on their services??? holy crap, they should pay ME for doing this1
!rant, but kinda
My new director wants to buy a solution for a portal environment that my institution currently has. I have no qualms over it. My only issue was the company that sells it to be known to provide close to 0 fucking support when shit arises.
During a presentation we were told that they were using state of the art JAVA technology to render items on the page and that their ApI was easy for devs to grasp. This caught my attention since I know of very few and obscure Java frameworks that work with frontend tech (as in, your frontend logic is legit in Java)
I do not like to be questioned. I shoot the shit here and don't really involve myself with more technical aspects under this platform unless it involves concrete architecture discussions and even there I really don't care with engaging on a forum concerning that. But concerning my job I really.......really do not like to be questioned by people that know way the fuck less than me. I started coding when I was 17, I am 30 now, with a degree and years of experience. I really hate to be questioned by this dude.3
The people who are developing the Hostbill billing platform: please stop. Quit your jobs, and go do something else because you fucking SUCK at your JOBS!
I've had it with your shitty API! You ever heard of scalar types beyond string? "1", "0", "false".. Learn to use TYPES even though it's PHP! THERE'S TYPE SUPPORT THERE NOW YOU FUCKING IMBECILES! Some are typed, some or not, you never know! Guess and win!
And don't get me started on the documentation, OR THE LACK OF! Having to contact customer support to figure out HOW IM SUPPOSED TO DISPATCH DATA TO THE API BECAUSE YOU CAN'T BE BOTHERED TO WRITE THE INTERFACES OR EXAMPLES! FUCK YOU!3
Employer: Hey, we are moving an API update live tomorrow morning that could affect our apps. Can you regression test the apps to make sure they all work?
Me: The API team is pushing code overtop of live endpoints that can break them?
Employer: Yes, we need the updates to work with a new product we are developing.
Me: And nobody thought about versioning these endpoints so we guarantee uptime on all existing services using them now?
Employer: We looked at that but it cost extra and required us to use the cloud solution so we don’t use versioning.
Me: Okkk… I also take it that the API’s don’t have integration tests written?
Employer: What are integration tests? Are unit tests the same thing?
Me: No, so when do I need to regression test all 7 production apps?
Employer: The API’s are moving to production at 4am and we need it signed off by 7am.
Me: I only have 3 hours to regression test 7 production apps at 4am? Each app, if I just skim over them, would take me 2 hours each. I will do my best but that’s a very short time to ensure complete functionality.
Employer: Don’t you have unit tests?1
Had anyone experienced with an impatient boss who require you to complete the project in the month you just recently got hired?
Here's the story, I recently got hired by a company, joined on 1st April 2022, the boss expect me to complete the app for Android and iOS by the end of this month. (An e-commerce applications exactly like shopee.com) Without providing me the Backend ApI , that they mentioned. They just gave me a and expect me to know what's happening at the backend.
He require me to give him a specific date that I can launch the app to play store and Apple store. (From my experience, it take days, weeks or months). He need a milestone of what I need , did , and will do (which predictably that they will reject any new ideas proposed) .
I even considering to quit, but I need opinions. Am I just too sensitive or there's something wrong?18
Follow up to: https://devrant.com/rants/5047721/....
1- The attacker just copy pasted its JWT session token and jammed requests on the buy gift cards route
2- The endpoint returns the gift card to continue the payment process, but the gift card is already valid
3- Clients wants only to force passwords to have strong combinations
4- Talk about a FIREWALL? Only next month
5- Reduce the token expiration from 3 HOURS to 10 minutes? Implement strong passwords first
6- And then start using refresh tokens
BONUS: Clearly someone from inside that worked for them, the API and database password are the same for years. And the route isn't used directly by the application, although it exists and has rules that the attacker kows. And multiple accounts from legit users are being used, so the person clearly has access to some internal shit7
WE TEST ON THE STAGING SITE. I DON'T BUST MY ASS WITH A SEPARATE STAGING API AND HTTPS://STAGING.WHATEVERTHEFUCKYOUWANTOBUILD.COM/..., SO THAT YOU CAN MESSAGE ME THAT NOTHING IS WORKING. THAT IS BECAUSE YOU ARE NOT ON THE STAGING SITE. IF I HAVE TO REMIND YOU AGAIN, I AM NEVER TALKING TO A NON TECHNICAL PERSON AGAIN
THIS IS THE FIFTH TIME. ITS LITERALLY LIKE A BROKEN RECORD SO WHY DO I EXPECT ANYTHING TO CHANGE, EVERY CLIENT IS THE SAME, EVERY TIME, GOD I HATE IT MAKE IT STOP4
I really hate sales people. My stakeholder wants to buy an address verification service but is hesitant to purchase now because the dev time needed would be substantial. Now the sales rep has planted seeds of doubt in my SH and SH thinks I grossly overestimated the labor I quoted.
Sales rep is all “major corporations have installed this in a weekend.” 🤬🤬🤬 Major corporations also have more than one developer and probably aren’t dealing with a website that has a dozen address forms that all work differently. Oh, and I DON’T WORK WEEKENDS MOFO.
My SH originally requested a labor estimate for installing the AVS on all address forms and that’s what I delivered. My audit revealed a dozen different forms. I’m working with a legacy code base that’s been bandaged together and maintained by an outside dev agency. The only thing the forms have in common is reusable address fields. They all work differently when it comes to validating and submitting data to the server and they all submit to different api endpoints. At least a quarter of those forms are broken and would need to be fixed (these are mostly admin-facing). I also had to provide an estimate on frontend implementation when I have no idea what they want the FE to look like.
My estimate was 5-8 weeks for implementation AND testing. I wrote up my findings and clearly explained the labor required, why it was needed, and the time needed. All was fine until the sales rep tried to get into SH’s head.
My SH is now asking for a new estimate and hoping for 1-2 weeks of labor, which is what will SH to buy the AVS. Then go to the outside dev agency you used to work with and ask for a second opinion. I’m sure they’d also tell you at least month if not more for testing, implementation, and deployment because you have a DOZEN FORMS you want to add this to. 1-2 weeks is only possible for a single form.
My manager doesn’t work in the same coding language I do, but he read my documentation and supports my original estimate.
I honestly want to ask my SH if this sales rep is giving a very good price for the AVS. If not, are there other companies in the mix? Because right now you have a sales rep that’s taking you for a ride and trying to pressure you all so he can get another notch in his belt for getting another “major corporation” as his account. I don’t think it’s a good idea to be locked in with a grimy sales rep.3
Can someone please write a plugin that automatically translates bug tickets into startup-ese? It would make it very easy to present the most common offenders to higher management on quarterly reviews.
$< "screen A is all messed up"
$> "We are disrupting the establishment in screen A"
$< "API B is not responding, giving timeout errors"
$> "We are facing logistical challenges in API B"4
Good morning to everyone, except that one Twitter dev who one day woke up and was like "YOU KNOW WHAT, MY APPLICATION WILL FEATURE BOTH OAUTH1 AND OAUTH2 ENDPOINTS, BUT SOME FEATURES WILL BE EXCLUSIVE TO EITHER OF THE TWO -NOT NECESSARILY THE MOST RECENT, JUST A RANDOM ONE-, AND ALSO THE OFFICIAL TWITTER LIBRARY WON'T COVER ALL THE ENDPOINTS SO PEOPLE WILL HAVE TO RESORT TO RAW HTTP REQUESTS INSTEAD OF USING MY SDK AND ALSO I'MMA MAKE DEVELOPERS FILL 2 VERY DETAILED FORMS, REQUIRING PERSONAL DATA AND ACTUAL REAL PHONE CALLS, JUST TO START DEVELOPMENT WITH 7 DIFFERENT AUTHENTICATION TOKENS, BECAUSE SOME REQUESTS WILL REQUIRE A DIFFERENT AUTHENTICATION METHOD THAN THE OTHER REQUESTS DESPITE ALL OF THEM PERTAINING TO THE SAME FUCKING ENTITY"3
I am building my portfolio website and added a contact section. In the API call to the backend, I am logging potential API failures to Firebase Analytics. Is it ethical to include the request data (content of the contact form) in log data?5
What the FUCK im fixing integrations on some dumbass's API. Biz wants this in prod on monday. It's fucking saturday. Anyway
Me: why did you give us a 200 even if its an error
Them: thats normal
Me: If it's an error it shouldnt be 200
Them: its a 200 because the api params are correct but differ in value so its not an http error but an api error
Weeks after our partner has been nagging us to release to production because we've been putting it off because their API sucks and wouldn't properly work.... we finally did....
except their production API doesnt even work LMAO
Just JIRA things:
We've got a very descriptive ticket with the title: "API Interface"
Can't wait for the rest of this Friday to play out, I'm already joyful and in the holiday spirit.2
a friend of mine has applied at a company who have sent them this task* to complete before the job interview.
They gave about 10 days to complete this.
*I rewrote it
Personally I think this is super overblown and way too much to complete as a test before the first interview.
They expect the applicant to configure an SQL database, a backend with a custom API and a UI.
It's like a fullstack prototype software, not a task.
Im not in web development and I wouldn't feel confident learning these technologies in my free time in just a few days.
I said that this felt like some HR manager writing up the test or that they want the applicant to create a prototype for free.
Am I being too extreme here? To me it feels overkill, what do you all think? Is this common?
Oh and I should mention, this is for an internship position for a bachelors student.22
If you feel it’s time to change I have a great job offer for you…
proceeds with offer with maximum wage that is half what you earn and by the way you need to know React, TypeScript, NextJS, Redux, NodeJS, ES6, Webpack, RESTful i GraphQL API
Nice to have is Python and Go
Girl you need to decide if it’s great offer or technology mishmash.
Hell no, glad you didn’t mentioned young and dynamic team cause I clearly see some dynamic technology stack there.
Company helps people find medical treatment clearly forgot about treatment on their stack.
Someone needs to tell them their tech leads are complete morons but since you’re not looking for head of technology it won’t be me lol.
So I made an update to my React Native app. I changed UI of a couple of screen, added a few animations here and there, refactored how my graphQL resolvers work in the backend(no breaking changes), changed how data gets loaded into the database etc.
It worked in dev so I figured hey let's deploy it. Today is(was because it's now 3am but more on that later) a national holiday so no one goes to work so no one will use my app so I have an entire day to deploy.
I started at 15:00(because i woke up at 13:00 lol). I tested the update once again in dev and proceeded to deploy it to prod. I merged backend to master, built docker images, did migrations on the db, restarted docker-compose with new images. And now for the app. I run ./gradlew assembleRelease and it starts complaining that react-native-gesture-handler is not installed. Ugh, rm -rf node_modules && yarn install. It worked. But now gradlew crashes and logs don't tell me anything. Google tells me to change a bunch of gradle settings but none of them work. Fast forward 5h, it's around 20:00 and I isolated the issue to, again, react-native-gesture-handler. They updated from 2.2.4 to 2.3.0 which didn't fucking compile. 2 more hours passed (now 22:00) and I got v2.3.1 working which fixed the problem in 2.3.0 but made my app crash on startup. YOUR FUCKING LIBRARY GETS 250K WEEKLY DOWNLOADS AND YOU DONT EVEN BOTHER CHECKING IF IT COMPILES IN PROD ON ANDROID?! WHAT THE FUCK software-mansion?
After I solved that, my app didn't crash. Now it threw an error "Type errors: Network Request Failed" every time I fetch my legacy REST API(older parts use rest and newer use graphql. I'll refactor that in the next update). I'll spare you the debugging hell i went through but another 5h passed. Its 3am. My config had misspelled url to prod but good for dev... I hate myself and even more so react-native-gesture-handler.3
Me: You decided some records in system A should be obsolete, but the records are tied to active user accounts on the website. Now, I have users emailing and asking why their profile’s last name field says “shell record - do not use.”
Stakeholder: Oh…can’t you stop those profiles from loading? Or redirect the users to the right record in system A? In system A, we set up a relationship between the shell record and the active one.
Me: 😵 Um, no and no. If I stop a user’s profile from on the website, that’s just going to cause more confusion. And the only way to identify those shell record is to look at the last name field, a text field, for that shell record wording. Also, the website uses an API to query data from system A by user id. Whatever record relationship you established isn’t reflected in the vendor’s API. The website can’t get the right record from system A if it doesn’t have the right user id.7
A new update was just released to AltRant!
This update features:
- Massive UI responsiveness fixes and enhancements, including many fixes for UI bugs, fixes and things that needed tweaking
- A COMPLETE overhaul of all devRant API methods (a switch to my new library, SwiftRant)
- Progress with Android compatibility (replaced incompatible libraries for compliance with Mutata)
- Enhanced security with the Keychain
Here’s the link to join again:
Just started Online Banking at my bank. Checked how much money I have and what I can do on the website.
Afterwards I opened the dev tools and see that there is a js warning. So I open the console and the fucking first thing I see is: Loglevel set to INFO. WHAT THE FUCK?!?
Other things I found out:
API Endpoints are logged here. Two deprecation warnings for a function used. A warning about a deprecated service used.
The log level is now set to WARN. Several more deprecation warnings for the framework from before.
The fuck is this?12
I had to explain that it’s a security measure that’s been up for almost a month. PM knows this but left it to me to explain because ownership of the site is on me. The donations page and api gets hit by a lot of bots because it’s a public api and there are no security measures like captchas to deter the bots. I’m inheriting this website and I didn’t build it.
Staff member says other staff want to know if the Cloudflare page can be customized so it looks more legit. Um, Cloudflare is a widely known legit service. Google it.
A few thoughts pop into my head:
1. Engineering communicated to stakeholders about the Cloudflare messaging a month ago.
2. Wow, stakeholders don’t share relevant info with their staff who aren’t on these emails.
3. Woooow, stakeholders and staff don’t look at the website that often.2
Did this question really deserve a down vote?
Stackexchange community is so annoying at times. It's just that a few handful of experts are helpful.
But again my recent questions on stackoverflow were answered by myself only after a week or so 😐9
Feel utterly deflated today. Working with an API that gives no feedback what so ever. Going around in circles and making little progress. What’s worse is we quoted 1 days work.
With all my experience I should be better!2
The Zen Of Ripping Off Airtable:
(patterned after The Zen Of Python. For all those shamelessly copying airtables basic functionality)
*Columns can be *reordered* for visual priority and ease of use.
* Rows are purely presentational, and mostly for grouping and formatting.
* Data cells are objects in their own right, so they can control their own rendering, and formatting.
* Columns (as objects) are where linkages and other column specific data are stored.
* Rows (as objects) are where row specific data (full-row formatting) are stored.
* Rows are views or references *into* columns which hold references to the actual data cells
* Tables are meant for managing and structuring *small* amounts of data (less than 10k rows) per table.
* Just as you might do "=A1:A5" to reference a cell range in google or excel, you might do "opt(table1:columnN)" in a column header to create a 'type' for the cells in that column.
* An enumeration is a table with a single column, useful for doing the equivalent of airtables options and tags. You will never be able to decide if it should be stored on a specific column, on a specific table for ease of reuse, or separately where it and its brothers will visually clutter your list of tables. Take a shot if you are here.
* Typing or linking a column should be accomplishable first through a command-driven type language, held in column headers and cells as text.
* Take a shot if you somehow ended up creating any of the following: an FSM, a custom regex parser, a new programming language.
* A good structuring system gives us options or tags (multiple select), selections (single select), and many other datatypes and should be first, programmatically available through a simple command-driven language like how commands are done in datacells in excel or google sheets.
* Columns are a means to organize data cells, and set constraints and formatting on an entire range.
* Row height, can be overridden by the settings of a cell. If a cell overrides the row and column render/graphics settings, then it must be drawn last--drawing over the default grid.
* The header of a column is itself a datacell.
* Columns have no order among themselves. Order is purely presentational, and stored on the table itself.
* The last statement is because this allows us to pluck individual columns out of tables for specialized views.
*Very* fast scrolling on large datasets, with row and cell height variability is complicated. Thinking about it makes me want to drink. You should drink too before you embark on implementing it.
* Wherever possible, don't use a database.
If you're thinking about using a database, see the previous koan.
* If you use a database, expect to pick and choose among column-oriented stores, and json, while factoring for platform support, api support, whether you want your front-end users to be forced to install and setup a full database,
and if not, what file-based .so or .dll database engine is out there that also supports video, audio, images, and custom types.
* For each time you ignore one of these nuggets of wisdom, take a shot, question your sanity, quit halfway, and then write another koan about what you learned.
* If you do not have liquor on hand, for each time you would take a shot, spank yourself on the ass. For those who think this is a reward, for each time you would spank yourself on the ass, instead *don't* spank yourself on the ass.
* Take a sip if you *definitely* wildly misused terms from OOP, MVP, and spreadsheets.5
Do you have a routine? I work from home everyday since quarantine and I don't think we are going back to the office.
I would like to be more productive, not in the sense of forcing myself to do more job and add more stress, no one is complaining about the time it takes me to finish tasks.
I'm looking for a way to scatter my working hours so I have chunks of focus and chunks of breaks in which I go out for a walk or something instead of a big chunk of focus mixed with distraction. I'm behaving as if it were a "9-5 job" when it is actually "8 hours per day" with flexible schedule.8
Must be great to be a giant fucking dumbass company raking in more than enough money, that you can't add 40-50 more characters on why your API doesn't like our call.
"Here's an API call with 3 different ways to make a call, we will show you an example for only the easiest method, AND if you get the more complex ways wrong, we'll just respond with an error code 422 with the error message "validation failed".
I don't give a fuck about calling them out:
There has to be a software project bingo somewhere where I could just mark one item at a time of what's wrong and should be fixed, eventually leading to the same loop all over again. Items include, but are not limited to:
- The application is too tightly coupled
- There are too many repos and people can't keep track
- Someone forgot to create a naming convention for everything
- Nobody is reviewing pull requests
- Someone opened a PR for their 1 month of work
- Some team created a service for themselves, that doesn't cover use cases for every other team (who didn't tell anyone they needed it), thus it was a bad thing
- Business owners telling something needs to get done now and go talk directly to a developer
- Nobody thought about network latency in microservice architecture
- There's an invalid translation in this string, let's push the MVP another two months to make sure everything is perfect before launch
- The API gateway has business logic in it
- Business wants to focus on output, development teams in outcome
- "You need to request a virtual machines from the IT department so we know you won't mine bitcoin there!" Takes two months to fulfill that request.
- <add documentation here>
- 675 vulnerabilities in packages
- People complain about not knowing what others are doing, but nobody wants to speak up1
my brain feels like an AI. It just slices things it sees and layers them over and over again. It doesn’t even change things, leaving them pristine and intact, it doesn’t filter stuff out. I cite memes exactly, word by word, with the exact intonation, because I literally just lip syncing to that meme playing in my head as if I was watching a youtube video. Some days I’m not even conscious of my surroundings, I don’t realize where I am, what I do, I’m just caught in that process I can barely put in words. People ask me to do something for them, I do it, and they’re like “no! it’s not what I asked for, well, it is, but not in this sense!” If they asked me if I could make their company the most profitable one in their niche, my brain will probably decide to instead sink and destroy other companies there. All that unspoken, “common sense” knowledge, I don’t understand. I feel detached, as if everyone else was “in” on something, some common notion, meanwhile I’m alone with my perfect things. I feel like a perfect Haskell codebase trying to interact with biker bar gloryhole dirty equivalent of an API. I want things to be exact, I want things to be precise, I want words you say to have specific meaning that I can understand, and I’ll ask you even though it takes overcoming my anxiety and guilt for asking “stupid” questions. If you throw in some clue, my brain will generate a Vsauce video worth of elaboration on that, and I’ll just tell it to you. Sometimes I feel like I just don’t fit, I can’t have fun at party with other people, if there are more than five of them, I’ll probably cry for no apparent reason. My consciousness operates smoothly, and then it don’t, it overheats, crashes and burns, then comes the numbness and derealisation.
I’m not okay. Now more than ever, I sometimes want to just end it.5
I've actually already discussed this one on here I believe
I see this job looking for an android developer for Kotlin with UI experience with XD & Figma and experience with Firebase. I have all of these qualifications so I throw my resume into the fray within an 2 hours the recruiters contact me. they have an offer of 76,000 and I'm looking for junior so I'm like, eh whatever, I give them a copy of my resume and we hold discussion for a few days and then radio silence. I then see a job posting EXTREMELY similar but with a "different company" so I throw my resume in and again within 2 hours I get a call only THIS TIME ITS THE INTERNAL HR. She sounds interested we have a good conversation and sets me up for 96,000 and they schedule me for my first interview within the week. Interview goes great, next I meet with the CTO and we have a pretty good conversation, I'm expecting a technical exam but it doesn't happen instead they give me a case study. they send me requirements for an app API to use, architecture, and a week time span to do it. I finish the app with extra features within 6 days, in my understanding of MVVM and I was excited and happy about this app because its JUST NICE. a week goes by and I meet with the tech team. They grill me on my application, scalability, use cases, how would I advertise or place advertisement and I'm answering everything they love the UI (I included mockups I made on XD), they say everything sounds good everyone leaves with smiles they say they have to find out on what team to place me because they have multiple apps and that HR will be in contact with me in the next few days... A WEEK GOES BY and I randomly get the declination email that next Friday. When I asked for feedback they said it wasn't true MVVM. I was devastated until the next week when I was accepted for a higher paying job that didn't require me to move. After I accepted this job guess who calls? THE FIRST RECRUITER and for this long I was wondering if this was the same job due to the very similar job description so I ask "is your client XXXXXXX?" it was I just told him "I'm good" and hung up4
I did not think that making a serverless Discord bot would be such a learning experience. The code itself was easy. The hard part was the infrastructure, because I decided to automate it all with Terraform and deploy it on AWS.
Before this project, I had no idea how API Gateways worked. Now I still have very little idea how they work but I managed to build one anyway. Eventually. And then I had to figure out how to automate the deployment of a lambda layer and function that would both still be managed in the Terraform state, with any code changes triggering a rebuild and update for the resource.
And then I had to untangle a dependency mess because API Gateways have some weird issues where two resources that have no explicit dependencies on each other will throw an error if they don't deploy in the right order.
And then I went the wrong way with Github actions trying to conditionally chain multiple workflows together before I realized I could just put multiple jobs with conditions in a single workflow.
And now after all that work over the course of 2 days, I have a bot that does this:2
I got a long weekend. I decided to see what React has been up to these days.
I happen to learn more about Suspense that now it allows f**king data fetching with relay.
I decided to give it a try . First time I am actually inclined towards trying out relay just so I can see what the f**king fuss about `Suspense` is all about.
Honestly the API is much better than what it looks like .
However what the fuck is this fucking relay. They have a page in their doc called glossary and most of the sections says TODO .
I wanted to see how the fuck data driven code splitting works . Due to the lack of proper documentation about it I could not get it right for two days . I stumbled upon couple of docs / blogs / github issues about it and then finally managed to get it working .
Well the end result wasn't as cool as I thought it would. The fucking API's to achieve this needless method of code splitting is insane
There are lot of better ways to achieve this with Suspense and the API relay offers is so shitty and not fucking type safe.
Now today I wanna learn more about the directives relay offers and there is no fucking documentation about them except for a fucking bold `TODO` explanation under the sections.
If relay developers thinks that they are fucking wizards and talk all about improving fucking performance . Please don't fucking over engineer API's and make it un un maintainable for the consumers of the library
Wow this feels good . first Day in rant and I m feeling great4
"Did you know that this popup saved the life of countless API calls by preventing users from frantically clicking the 'Continue' button?'
Another funny line I added to a dialog in my project today as one of its finishing touches :D
When a senior asks me, the guy who started 4 months ago about documentation on something that they’ve been using for several years. Haha, yeah bro, wouldn’t all of our job be a lot easier? I’ve been going down entire rabbit hole networks trying to find credentials and API tokens for the last month because there was no documentation 🤷🏻♂️6
I was on Instagram and I saw a boy advertising to sell 5k followers and I was wondering, how do they do that? Can they programmically create and control those accounts? I know they can use the Instagram API to some degree but I feel like Instagram probably has security set up to detect that type of stuff (5k accounts following someone at the same time, etc). Does anybody know? I’m actually really curious7
When you're using openapi generators and stuff for generating SDK code and let "the architect" handle the data structure and nomenclature, don't you hate having to add 33 (I counted) models, most of which are just the same class with different name or one property apart from each other, serialization of which gives request body overhead 56-132x (actual calculated results depending on the model complexity) the size of actual data you want to send, just to add support for one endpoint that needs just one model that started this whole madness?
I just had to add this one top level model reference and this happened to me. Those 33 models are not including the ones I already had included in my project so they didn't have to import them again.
For the love of <your_belief_here /> and all that's holy, never ever agree on generating code based on openapi if the person responsible for that is unexperienced. It will do more harm than good, trust me.
Before we decided to go with generated SDK my compiled product was a bit over 30KB, and worked just fine, but required a bit of work on each breaking API change. Every change in the API requires now 75% of that work and the compiled package is now over 8MB (750KB of which is probably my code and actually needed dependencies).
Adding an endpoint handler before? Add url, set method and construct the body with the bare minimum accepted by the server
Now? Add 33 models (or more), run full-project find&replace and hope it will work with the method supplied by the generated code, because it's not a mature tech and it's not always guaranteed it will work.
Are you content with your job or always searching for greener pastures?
I'm split inbetween. Current pay is very decent and working conditions are flexible. However, the work itself is not always that great. I find it to be comedically true how "hard workers" don't get promoted or bonuses, they get more work. There has recently been a heavy influx of what I'd like to classify as "shit tickets" since a guy who was the main "shit ticket doer" left the company after being burnt out.
I work with a small-ish digital agency as a BE dev, so I'm mostly dealing with small to medium scale projects built with WordPress/WooCommerce, with often custom API/ERP integrations on top. I'm not a big fan of the stack as a developer but as a contractor I can understand the business reasons why it is used. Part of me wants to find something else, part of me thinks I'm looking for a perfect company that doesn't exist and I should lower my expectations -- I might find better work for sure, but with the same pay and conditions? It seems unlikely at the moment. The company was recently acquired, so I'm hopeful for the future.4
GraphQL question here!
So i recently noticed (few years after everyone?) That graphql seems popular... I decided to try it out, but after playing with it a bit, the conclusion I came to is, that it's a great idea from FE point of view, but for the backend not so much.. a simple sql to return data to ui turns into a bunch of parts, all independant and with even the simplest relationship to some other entity the whole thing becomes very not optimized and when googling about it, all i found were some very awkward libs for work arounds to force everything into 1 optimized query again... But wait, i already have 1 optimized query in my rest api 😆
I don't understand if I'm missing the brilliance of graphql that everyone saw, or is everyone fell for the hype and use a stupid tool and pretend it's cool? 4
I'm still using .then().catch() instead of the async await.
So, first of all, Fuck you for calling it a STANDARD now. its nowhere near to be called standard. You wanna get some data from an API? Wanna call it using axios or fetch? What if the server is down? what if there's an error that you don't even know existed? Where do I get that kinda error in async await? try-catch? no thanks :| I'm good -_-7
And the website says "Lonely geeky people do need apply"
So I put my on my glasses and I went in to ask him why
He said you look like a fine outstanding young man, I think you'll do
So I shook his hand and, I said "I am glad I will be working for you."
Code, code, everywhere there's code
Neo vision, tweakin' my mind
Do code this, and API that, can't you read the fucking manual
And the sign says "If you want to use this site you must accept our cookies"
So I found the CEOs address and doxxed him all night!
To put up a dialog and block content from my sight.
If Todd was here, he'd tell it to your face, man, "it just works"
Code, code, everywhere there's code
Neo vision, tweakin' my mind
Do code this, and API that, can't you read the fucking manual
Oh, say now mister, can't you code
You got to have a laptop and a hoodie to get a job
You can't work, no you can't standup, you ain't supposed to be here
And the website says "You got to have an employee ID to get inside" - yo!
And the website says "Everybody welcome, come in, code and share"
But then they passed around a git pull at the end of it all
And I didn't have a character to code
So I got me laptop and I made up my own fuckin' code
I typed, "Thank you OSS for thinking 'bout me, I'm alive and doing fine", yeah
Code, code, everywhere there's code
Neo vision, tweakin' my mind
Do code this, and API that, can't you read the fucking manual
Code, code, everywhere there's code
Neo vision, tweakin' my mind
Do code this, and API that, can't you read the fucking manual
Yes! Some old song, called "Code code", I wish we did write that one, but
We didn't - git blame!
! rant, but should I be concerned?
I'm writing an election results API and I imported the bottlepy+pandas and prepped the CSV that contains the data. The first row contains the column names, followed by the actual data.
As I typed my routes, VSCode kept suggesting route names, parameters, and return values. At first I was "nice!" but then it kept suggesting my intent, as if someone was reading my brain. I do have GitHub Co-pilot installed, but I didn't realize my access had been approved.
How many layers of tin foil do I need?3
Did you know that C# still allows you to make low level system calls giving you the power of C when you need it?
everything is going as planned! :)
Learned Rust Lang. i loved it (that doesn't mean i am done learning na? No! never stop)
new language i could do game memory hacking in without worrying about C++ memory leaks or issues. it also compiles to assembly! another of my favorite languages!
(i use rust for game development and other stuff)
i am not leaving C / C++ though that would be harsh!,
finished learning the android java api so im basically set anything i want to make i can just go on my pc, listen to music and write it out in a couple of days.
well phazor what are you going to do now?!
i will code till i am old.
i will leave my mark like a shid that made its skid in the bowl :)5
Wtf is wrong with AWS CDK? I add one EC2 instance and it deletes all my queues and api resources, then fails to create my EC2, does some fucking rollback then attempts and fails at some fucking rollback clean up.
So it nuked my entire fucking stack because why?
Because FUCKING WHY JEFF. WHY IS YOUR ROCKET SHAPED LIKE A PENIS AND WHY IS YOUR SHITTY FUCKING DEPLOYMENT SYSTEM FUCKING WITH ME LIKE THIS.
I can’t do this anymore. I’ve been doing this for months now. I really don’t know whether to laugh or have a mental break down.
Complete Disaster Kunt. That’s what I’m calling this shit from now on. I just don’t get how it can fuck itself up so much4
I had a pretty good year! I've gone from being a totally unknown passionate web dev to a respected full stack dev. This will be a bit lengthy rant...
- Got my first full time employment dev role at a company after being self-taught for 8+ years at the start of the year. Finally got someone to take the risk of hiring someone who's "untested" and only done small and odd jobs professionally. This kickstarted my career, super grateful for that!
- Started my own programming consulting company.
- Gained enough confidence to apply to other jobs, snatched a few consulting jobs, nailed the interviews even though I never practiced any leet code.
- Currently work as a 99% remote dev (only meet up in person during the initialization of some projects.) I never thought working remotely could actually work this well. I am able to stay productive and actually focus on the work instead of living up to the 9-5 standard. If I want to go for a walk to think I can do that, I can be as social and asocial as I want. I like to sleep in and work during the night with a cup of tea in the dark and it's not an issue! I really like the freedom and I feel like I've never been more productive.
- Ended up with very happy customers and now got a steady amount of jobs rolling in and contracts are being extended.
- I learned a lot, specialized in graph databases, no more db modelling hell. Loving it!
- Got a job where I can use my favorite tools and actually create something from scratch which includes a lot of different fields. I am really happy I can use all my skills and learn new things along the way, like data analysis, databricks, hadoop, data ingesting, centralised auth like promerium and centralised logging.
- I also learned how important softskills are, I've learned to understand my clients needs and how to both communicate both as a developer and an entrepeneur.
- First job had a manager which just gave me the specifications solo project and didn't check in or meet me for 8 weeks with vague specifications. Turns out the manager was super biased on how to write code and wanted to micromanage every aspect while still being totally absent. They got mad that I had used AJAX for requests as that was a "waste of time".
- I learned the harsh reality of working as a contractor in the US from a foreign country. Worked on an "indefinite" contract, suddenly got a 2 day notification to sum up my work (not related to my performance) after being there for 7+ months.
- I really don't like the current industry standard when it comes to developing websites (I mostly work in node.js), I like working with static websites (with static website generators like what the Svelte.js driver) and use a REST API for dynamic content. When working on the backend there's a library for everything and I've wasted so many hours this year to fix bugs and create workarounds related to dependencies. You need to dive into a rabbit hole for every tool and do something which may work or break something later. I've had so many issues with CICD and deployment to the cloud. There's a library for everything but there's so many that it's impossible to learn about the edge cases of everything. Doesn't help that everything is abstracted away, which works 90% of the time but I use 15 times the time to debug things when a bug appears. I work against a black box which may or may not have an up to date documentation and it's so complex that it will require you to yell incantations from the F#$K
era and sacrifice a goat for it to work properly.
- Learned that a lot of companies call their complex services "microservices". Ah yes, the microservice with 20 endpoints which all do completely unrelated tasks?
I had to contact technical support for an API. I’m pretty sure I was emailing with a bot because I was getting all sorts of stupid replies.
Me: I’m using your SDK for language X. It’s returned null for some properties. In the user portal, I can see there are values for those properties for the transaction. I don’t know why I’m not receiving them on my end.
Tech Support: Hi! I see the following was sent in the API response. [Sends api response to me.] You can also go the the portal to see those values.
Me: Yeah, I know. You just repeated everything I wrote to you. I don’t want to go to the portal. I told you I want to figure out why your SDK doesn’t seem to map those properties correctly when I receive the api response.
TS: Let me look at the docs. I think you need to send the properties you want in your request in order to get them back in the reply from the api. Such as <property>value<property> in the xml message.
🤨 The docs do not say that. They don’t even imply that.
Me: What the fuck?! That makes absolutely no sense. We have already established that the api **is** returning values for those properties. I want to troubleshoot why your SDK is mapping them as NULL.
I hate it when I want to implement a 3rd party API and their docs have no hint at how to create a test account.. Why do they make me call their sales team / bother their support for that?4
I'm working with an API where, for some reason, half of the numbers are returned as numbers and half as strings. I'm baffled more than David composing hallelujah.5
Just fucking hate how expensive and hard to find a cheap SMS gateway
And as in cheap, I mean cheap as send email
I found Cheap Global SMS and it doesn't have a professional website nor a good API but it is way more cheap
Downside? I must pay with a payment gateway made by the same company (coincidence?)
And NO WAY I'm sending my id to a payment gateway that no one uses
I'll try sending some random image to see if they accept it
But, still, no confidence to put my credit card in there3
The thing about startups is that you have the opportunity to be involved in a lot of different things. I easily get bored with repetitively doing almost the same thing day in day out.
In my current company, I have been working on the same mobile app for close to two years. It’s the same basic thing, build UI, make API calls, and fix bugs. I am so bored that I’m fit to climb a wall. Anyways, I’ve started applying for backend positions.
But then startups are volatile and things are almost always unorganised.2
Postman freaking sucks now. It's bloated and can't easily do what's it's supposed to do without hassle. You have to login first, then it will inexplicably lose all your previous API requests.
I guess the company has forgotten who their base customers are.6
Quick update on our partner's API that doesn't work (see previous rant).
They gave the wrong URL! Wow!! Well we have the new URL but
the production credentials don't work!!!2
Day of days! Insomnia supports environment variables! And has for a long time! I just missed it is all!
I hate group project so much.
I yet again successfully stirred up a big drama in my project group. For project, I proposed a CDN cache system for a post only database server. Super simple. I wanted to see what ideas other people come up with. So I said I am not good at the content and the idea is dumb. Oh man, what a horrible mistake. One group member wants to build a chat app with distributed storage. We implemented get/put for a terribly designed key value store and now they want to build a freaking chat app on top of a more stupid kV store using golang standard lib. I don't think any of those fools understand the challenges that comes with the distributed storage.
I sent a video explaining part of crdt. "That's way too complicated. Why are you making everything complicated."
Those fools leave too much details for course stuff's interpretation and says
"course stuff will only grade the project according to the proposal. It's in the project description".
I asked why don't they just take baby steps and just go with their underlying terribly designed kV store.
"Messaging app is more interesting and designing kV store with generic API is just as difficult"
😂 Fucking egos
Then I successfully pissed off all group members with relatively respectful words then pissed off myself and joined another group.1
What did the CS student say when he totally killed his web API class and got an A?
"REST easy now."1
Quick question for you all: How do you deal with a problem in production that you cannot fix, even over an extended period of time (say 2 months)?
For context I feel like I’m losing my sanity here, we’ve had this problem on our production API since the beginning of March this year. I’ve done so much testing, got in contact with various teams of my company to try to figure out any potential candidate that would explain the bug, but none worked out. No need to say I’ve spent a considerable amount of time searching on the internet for others with the same problem or similar… We’ve even opened a ticket with the cloud host to see if they would have more details about the problem without success. So how do you deal with that ?5
How many keywords are appropriate to put in a "skills" section on a resume?
Technically I've played with a lot of tech and stacks, and done tiny one offs, tutorials and independent projects but nothing that wasnt more than a day on any one of them.
Basically im fast at picking up a language and api and just rolling with it and getting something done, even without tutorials or tons of googling. Though I find myself constantly relying on manuals and reading apis.
Is this normal or should entry level be familiar with the api of something from the get go?
I see a lot of people say to game the system just to get your foot in the front door past the automated keyword filters and on to an interviews where the real requirements are listed.
But I'd rather not list under the skill section something I only used for all of ten hours in one or two sittings.
Also is it acceptable to list a "learning", "would like to learn/know more of", or "planned skill additions" section?
Also what do I add for extras? "Achievements"? "Volunteer work"? "Hobby projects?", "past times?"
Is any of this seen as necessary or well rounded?
If it is really just about the numbers I'll just go scrape junior and entry level positions and take their keywords and automatically fill out template resumes to automate applying.
Could even use SQLite to store the results and track progress lol.
I've never worked as a professional programmer, but it's the only thing I ever enjoyed doing for 12 hours a day.16
Microsoft Windows can burn.
I have this feature where I configure a remote API via some endpoints and the API pushes data back to some webhooks in my API.
Yesterday I set everything up for the final test; fired up my own API with some test data, added some configuration and started trace logging to ensure that everything works as expected when the remote site tries to send me data.
I was ready to collect ! Enter this morning: Windows have forcibly rebooted to install an update and shut everything down.
inb4 install Linux; No, I can not. Windows is company policy and I am required to use shit that is only designed for Windows.6
New strategy to combat managers:
If you claim we can't afford the additional time for the tests that come with the feature, I won't build the feature.
If you claim we can't afford the additional time for the proper API versioning that comes with the feature, I won't build the feature.
And finally, if the internationalized texts, designs, and image assets are not complete when it comes time for development, I won't build the feature.
It's time to rise and stand against the "You're an engineer! do it all!" notions. I'm not a designer. I'm not a translator. I'm not a by-hand manual customer tester. And I'm certainly not going to take any more of your shit.2
I recently built an automated payout functionality for bank-to-bank transfers, and we initially looked at using the pain.001 XML schema to do it. Luckily, we ended up finding a service that has a simple REST API to do this instead. (Thank god we didn't go with the XML method, I know how much of a headache that could become, I can imagine the treasure trove of memes with naming an XML schema with the name PAIN)
Anyway, for one of our big-brained product managers, this will forever be the infamous "XML Task" that he continues to ask about and bring up. I've already clarified a few times that we have long chosen a solution process that has nothing to do with XML, but to no avail, it will forever be his "XML Task". Wonder what name he'll pick next time we need XML in a solution? "Second XML Task?" Let's just keep the mental overhead idiot train going!3
Hi mates 👋
Am going to dedicate myself to dev & open source communities.
I want to build an API that solves something, and I'm looking for your suggestions: what problems in your day-to-day dev life that you would love to have it automated/have it available programmatically?10
It’s a huge nightmare to develop a React front-end when:
- you have to adapt Bootstrap 3/jQuery based components to React
- the “back-end” is a sparse collection of micro services with cryptic URLs and finding the correct name means searching on a laggy WSO2 API manager
- the documentation of said micro services can be outdated and that means wasting a lot of time trying requests on cURL rather than in doing actual development and continuously breaking your concentration
- sometimes the micro services just become unavailable altogether
- the back-end shuts down at
6PM everyday, usually when after I finally achieved a flow and I’m doing meaningful progress2
I completely *detest* that the MongoDB *shell* is just a fucking jS interpreter with extra API calls sprinkled on top and whoever came up with that idea should have all their commits reverted immediately, working with that thing is a punishment!
I don't even know a way to parse and chew through the json it spits out in my own json viewers, as it's "Extended", and none of my editors understand that!
Ugh, haven't been this frustrated with a tool for a while...5
@dfox For some reason, I can favorite my own rants if I send a request to do it manually, I guess that's not... good?8
Is there a portable DB format like sqlite but stores data like Mongo.
Each record contains key value pairs.
I guess I could install Mongo again... But kinda want to play with the data first. Pulls from a web api
I guess other alternative is to just save the json responses to disk in separate folders and files for now...
And abstract the DB layer behind an interface6
Twitter developers will authenticate half of their endpoints with some authentication method and the other half with a totally different one (which doesn't work) and their sales team will have the guts to contact you to check if you're still interested to access their API.
My only interest is feeding your corpse to the ravens.2
Begin to hate Java, moving to kotlin soon . For android development at least with Jetpack compose. Java is deprecated in almost every API.
Question for someone who uses Mongo Atlas Search:
If I'm only interested in autocomplete from the start of the text, which is more performant?
1) standard analyzer + edgeGram tokenizer
2) keyword analyzer + edgeGram tokenizer
I don't see why I should index separate words if I don't care about random positions :/
I now know why Google Clouds sucks compared to AWS, and Azure.
1. No free tier
2. Pricing is confusing and designed for comp scis
3. Too componentized.
I wanted to translate text in an image like Google Translate/Lens.
Google: after a long search of the site's developer docs, I need the Translate and Vision APIs which have separate pricing specified in hours and task type
Microsoft: search Translate API,
Does images, first 5 million characters are free8
Utility libraries, because I actually get to see my life improve because I have them. Creating new projects becomes easier because I put parts I reuse somewhere else.
There was an old config file generator/manager I kept using for a while, some string conversion libraries between formats, some REST/WebRTC API wrappers, I have a web audio API I create tunes with in various projects. CI/CD scripts for laziness so I never have to know how to set anything up again. Lately the thing I'm most happy about is I turned some free text saving service into a makeshift database and it's been working well for about half a dozen projects now. Wouldn't handle large amount of users but can't beat free and easy.
I also find merit in prototypes/old projects, because I can reference random things I did in them in newer unrelated projects. Things too small to warrant their own utility library, argh!
I'm try to make a color picker browser extension and I want to open eyedropper element in firefox using `EyeDropper` api but it doesn't support in firefox it is only support in chrome, is there any alternative of it in firefox?8
Backend developer does not even sort his API results by ID or name. Damn. I hate dependencies like this. Simple things but they are too lazy to do.1
postman to manually check api endpoint works
try again later, doing what you think was the exact same shit, which you've documented, reread your document get 404
find out its returning a 404 when the code i added fails, welp4
Can you recommend me some simple php+mysql based backend framework in order to build a simple rest api (with login, signup, scope data) ?6
One of our previous clients is not paying the rest of the payments after receiving the codes. What are the things we can/should do digitally to make them pay the payment?
btw, it was a web app. we worked on the front end and the backend of the app. So, naturally we know all the API endpoints, we have the database access, and so on. So yeah, we can do so many things.
But still I wanna ask you guys, what would you do to make someone pay?3
Just asked our devops guy to create 2 environments for 2 repos (BE and FE). He said this would take around 10h. Is this normal? Nothing fancy just a NestJS API and a React FE. It’s in AWS.8
Is there up-to-date API documentation for devrant? I am stuck on the posting API calls, especially on what data is required.8