Fuck the memes.

Fuck the framework battles.

Fuck the language battles.

Fuck the titles.

Anybody who has been in this field long enough knows that it doesn't matter if your linus fucking torvalds, there is no human who has lived or ever will live that simultaneously understands, knows, and remembers how to implement, in multiple languages, the following:

- jest mocks for complex React components (partial mocks, full mocks, no mocks at all!)
- token cancellation for asynchronous Tasks in C#
- fullstack CRUD, REST, and websocket communication (throw in gRPC for bonus points)
- database query optimization, seeding, and design
- nginx routing, https redirection
- build automation with full test coverage and environment consideration
- docker container versioning, restoration, and cleanup
- internationalization on both the front AND backends
- secret storage, security audits
- package management, maintenence, and deprecation reviews
- integrating with dozens of APIs
- fucking how to center a div

and that's a _comically_ incomplete list; barely scratches the surface of the full range of what a dev can encounter in a given day of writing software

have many of us probably done one or even all of these at different times? surely.

but does that mean we are supposed to draw that up at a moment's notice some cookie-cutter solution like a fucking robot and spit out an answer on a fax sheet?

recruiters, if you read this site (perhaps only the good ones do anyway so its wasted oxygen), just know that whoever you hire its literally the luck of the draw of how well they perform during the interview. sure, perhaps some perform better, but you can never know how good someone is until they literally start working at your org, so... have fun with that.

Oh and I almost forgot, again for you recruiters, on top of that list which you probably won't ever understand for the entirety of your lives, you can also add writing documentation, backup scripts, and orchestrating / administrating fucking JIRA or actually any somewhat technical dashboard like a CMS or website, because once again, the devs are the only truly competent ones - and i don't even mean in a technical sense, i mean in a HUMAN sense of GETTING SHIT DONE IN GENERAL.

There's literally 2 types of people in the world: those who sit around drawing flow charts and talking on the phone all day, and those WHO LITERALLY FUCKING BUILD THE WORLD

why don't i just run the whole fucking company at this point? you guys are "celebrating" that you made literally $5 dollars from a single customer and i'm just sitting here coding 12 hours a day like all is fine and well

i'm so ANGRY its always the same no matter where i go, non-technical people have just no clue, even when you implore them how long things take, they just nod and smile and say "we'll do it the MVP way". sure, fine, you can do that like 2 or 3 times, but not for 6 fucking months until you have a stack of "MVPs" that come toppling down like the garbage they are.

How do expect to keep the "momentum" of your customers and sales (I hope you can hear the hatred of each of these market words as I type them) if the entire system is glued together with ducktape because YOU wanted to expedite the feature by doing it the EASY way instead of the RIGHT way. god, just forget it, nobody is going to listen anyway, its like the 5th time a row in my life

we NEED tests!
we NEED to know our code coverage!
we NEED to design our system to handle large amounts of traffic!
we NEED detailed logging!
we NEED to start building an exception database!

BILBO BAGGINS! I'm not trying to hurt you! I'm trying to help you!

Don't really know what this rant was, I'm just raging and all over the place at the universe. I'm going to bed.

My last wk93 story, the time we discovered school faculty was spying on students and we uncovered student's deepest secrets.

I call it, kiddiegate.

So if you've read my past rants you've noticed I did some pretty childish and reckless stuff with my highschool's systems when I was younger, but nothing compares to this thing.

After resetting the sysadmin account pwd on some machines it occurred to me I could write a keylogger to capture teachers Moodle accounts and so on, I decided to try it out on a regular lab computer first.

Imagine my surprise when I found a hidden keylogger already installed! I couldn't believe it but then I thought, what if other PC's have it? So I recruited my mates and teached them the process to check if a PC had been infected...ALL PCs were, over 30 computers we checked had been logging for over 3 months! That damn sysadmin! >:[

We were shocked and angry, but then I thought "hey. . . My work has been done for me, better take advantage"

So we did, we extracted each log and then removed it from the PCs along with the keyloggers. There were hundreds of records and then one day we started snooping into the fb accounts of some students (we shouldn't have) we uncovered so many nasty, shocking secrets...

One of the school's lady's man had a drunk one nighter with one of our gay friends, the most secluded and shy guy was sexting like crazy with 15 chicks at the same time, things like that...we promised to never say a word and deleted the logs.

After that we didn't do much and continued highschool as every teenage minor should, getting drunk and avoiding responsibilities, though we could never see many of our classmates the same way. The sysadmin was fired shortly after I graduated, no reason was stablished.

I want to clear out we were minors and laws in my country weren't clearly stablished at the time plus no harm was ever done. I don't condone hacking or any kind of illegal activity, just thought I'd share.

Worst hack/attack I had to deal with?

Worst, or funniest. A partnership with a Canadian company got turned upside down and our company decided to 'part ways' by simply not returning his phone calls/emails, etc. A big 'jerk move' IMO, but all I was responsible for was a web portal into our system (submitting orders, inventory, etc).

After the separation, I removed the login permissions, but the ex-partner system was set up to 'ping' our site for various updates and we were logging the failed login attempts, maybe 5 a day or so. Our network admin got tired of seeing that error in his logs and reached out to the VP (responsible for the 'break up') and requested he tell the partner their system is still trying to login and stop it. Couple of days later, we were getting random 300, 500, 1000 failed login attempts (causing automated emails to notify that there was a problem). The partner knew that we were likely getting alerted, and kept up the barage. When alerts get high enough, they are sent to the IT-VP, which gets a whole bunch of people involved.
VP-Marketing: "Why are you allowing them into our system?! Cut them off, NOW!"
Me: "I'm not letting them in, I'm stopping them, hence the login error."
VP-Marketing: "That jackass said he will keep trying to get into our system unless we pay him $10,000. Just turn those machines off!"
VP-IT : "We can't. They serve our other international partners."
<slams hand on table>
VP-Marketing: "I don't fucking believe this! How the fuck did you let this happen!?"
VP-IT: "Yes, you shouldn't have allowed the partner into our system to begin with. What are you going to do to fix this situation?"
Me: "Um, we've been testing for months already went live some time ago. I didn't know you defaulted on the contract until last week. 'Jake' is likely running a script. He'll get bored of doing that and in a couple of weeks, he'll stop. I say lets ignore him. This really a network problem, not a coding problem."
IT-MGR: "Now..now...lets not make excuses and point fingers. It's time to fix your code."
IT-VP: "I agree. We're not going to let anyone blackmail us. Make it happen."

So I figure out the partner's IP address, and hard-code the value in my service so it doesn't log the login failure (if IP = '10.50.etc and so on' major hack job). That worked for a couple of days, then (I suspect) the ISP re-assigned a new IP and the errors started up again.

After a few angry emails from the 'powers-that-be', our network admin stops by my desk.
D: "Dude, I'm sorry, I've been so busy. I just heard and I wished they had told me what was going on. I'm going to block his entire domain and send a request to the ISP to shut him down. This was my problem to fix, you should have never been involved."

After 'D' worked his mojo, the errors stopped.

Month later, 'D' gave me an update. He was still logging the traffic from the partner's system (the ISP wanted extensive logs to prove the customer was abusing their service) and like magic one day, it all stopped. ~2 weeks after the 'break up'.

Is this really what tech-startup culture is?

A year ago I wanted to make a change and joined my friend who is a VP at a startup. She and my team are great even up to the C-suite level. But after a recent encounter with the core developer team here… I’m at my
breaking point.

This dev team is extremely tribal. It’s as if they view other tech teams as “others” and it’s “us vs. them”. My team works on a different vertical so I’ve never interacted with them before and a timeline of events is below. Is this kind of behavior a normal thing at a tech startups?

/story
Here’s some highlights from the last month…

- Customer demands a deliverable because it’s in a contract signed a year ago.
- No one in dev can be troubled to lift a finger (holiday season). I get called in to support.
- This isn’t my code - I’ve never seen or used it before.
- None of dev’s documentation is up to date.
- Find out dev hasn’t touched client’s project in a year.
- Spend weeks working with it. Find fundamental flaws which could have put us in legal jeopardy.
- I realize dev never finished this project because it doesn’t even have basic functionality to do what customer needs.
- Spent entire Christmas/New Year working.
- Create dozens of bug tickets and merge requests.
- Barely squeeze by and save multi-million $ contract renewal.

So what happens next?
- Reprimanded by the dev lead. He tells me I’m “hurting people’s feelings” by pointing out so many problems.
- A PM in a public Slack channel told me I was “passive aggressive” for a Jira issue where I wrote (verbatim) “Can we enable code highlighting in this text box? It’s difficult to show steps to reproduce the bug.”
- get told by VP to stop talking to them
- a bunch of merge requests rejected without explanation
- weeks later I see someone in dev run into a bug I found. I sent him the fix. They accepted his MR in the same day and it actually added another new bug.
- I lookup the recent commits of the lead-dev who chewed me out, he’s been working on adding colors to his console log output for print debugging. This is a time-critical application and he adds 30% overhead with logging debug information in production.
- Meanwhile dozens of major bugs exist and are ignored.
- The CTO at this company loves these people - though he hasn’t brought in any new business (literally) ever.
- My team is about to close a new contract and we’ve spent 15 days to work on it.
- The CTO said my team is slow and doesn’t fit with the business model of the company.

My team has never dealt with these devs before, so I checked Glassdoor for other experiences, the dev team apparently…
- uses “vulgar slurs for women”
- talking about technical issues “resulted in a lot of resentment”
- has an apparent “desire for revenge”

/ end story

This last month really shocked me because for my career so far I’ve never dealt with this kind of behavior. I could see a startup accepting this kind of culture if was bringing in a lot of revenue but they aren’t. They dropped the ball so hard we all lost our bonuses this year. It’s made even worse with the fact that they are constantly producing complete dog poop code (I’ve kept that opinion to myself though).

I’m really left wondering if this is just how it is in the high-stakes startup world.

Sorry - this started out as a question but ended up another dev rant.

Dear Atlassian Support,

In my life I had a lot of experiences...

But your software manages to replace all these experiences with a unique feeling of depression, hatred, anger... Only negative emotions.

Not once have I said anything good about your software - not once in > 5 years.

Whenever your chum bucket of mismanagement and misanthropy stops working, it's never the fault of the end user, the administrator or someone else.

It's entirely your fault.

Fucked up upgrades, lack of documentation, catastrophic handling of logging, lack of support of current database systems, lack of proper migration and clean up of plugins, ....

I could go on. But it's really just and endless tirade.

I wish I could stop management for even giving you money for the pile of poo you call software, but sadly they don't listen.

But there's hope on the horizon.

Thanks for making people go cloud only.

No one wants that.

It would mean entrusting that pile of poo to the craptastic hands of your irresponsible people.

No one really wants that.

Not even management who blindly paid the license fees all the times.

Thank you for your cloud only movement.

Maybe we can finally find an alternative and I can finally start a therapy for the PTSD I have thx to your software.

CR: "Add x here (to y) so it fits our code standards"
> No other Y has an X. None.

CR: "Don't ever use .html_safe"
> ... Can't render html without it. Also, it's already been sanitized, literally by sanitize(), written by the security team.

CR: "Haven't seen the code yet; does X change when resetting the password?"
> The feature doesn't have or reference passwords. It doesn't touch anything even tangentially related to passwords.
> Also: GO READ THE CODE! THAT'S YOUR BLOODY JOB!

CR: "Add an 'expired?' method that returns '!active'?"
> Inactive doesn't mean expired. Yellow doesn't mean sour. There's already an 'is_expired?' method.

CR: "For logging, always use json so we can parse it. Doesn't matter if we can't read it; tools can."
CR: "For logging, never link log entries to user-readable code references; it's a security concern."
CR: "Make sure logging is human-readable and text-searchable and points back to the code."
> Confused asian guy, his hands raised.

CR: "Move this data formatting from the view into the model."
> No. Views are for formatting.

CR: "Use .html() here since you're working with html"
> .html() does not support html. It converts arrays into html.

NONE OF THIS IS USEFUL! WHY ARE YOU WASTING MY TIME IF YOU HAVEN'T EVEN READ MY CODE!?

dfjasklfagjklewrjakfljasdf

So... I'm pretty much dead inside.

But today I laughed in a meeting.

Nearly died of laughter.

We're currently understaffed for various reasons, especially the ongoing migrations etc.

So a lot of projects are currently in "maintenance" mode (e.g. no new features) - cause we lack the necessary man power.

The meeting was more or less:

Team: We had an ongoing discussion in the team regarding logging and possibilities of tracing and XY suggested we implement OpenTelemetry in *all* projects in the next weeks, can we do that?"

Sometimes I'm not sure If I'm in a sitcom for torture experts.

X: Hi, regarding that ticket that you made...

You said "Implement logging to find out the culprit in site generation"...

What do you mean exactly?

Me: "Read the meeting notes, we had a full discussion on this 2 weeks ago".

X: "We don't understand it..."

Me: "As I said before, I have no experience in this tech stack... I'd expect bla to have a logging framework and I'd - for easier recognition - implement additional logging levels based on criteria <me just reading the meeting notes>"

X: But how do we do it?

...

I wish I had invented this discussion.

Because it hurts.

For the jolly of it, I had similar discussions today.

Three times to be exactly.

As I asked some dev what I should do next, put a foley catheter up his urethra or change the bed pan he wasn't amused.

Guess I'll get monday a call of HR.

So Monday I have less work to do, which is awesome.

I created our login system to be secure and reliable.

One coworker hardcoded the roles a person who is logging in receives and built a backend to just assign roles you want. He pushed this to prod...

Yeah...

Following on from yesterday's catastrophe...
It happened again overnight!
And THEN another server failed when backing up the DBs...turns out 2 websites have activated logging .. each of around 20GB in the database!

So this morning both of our servers are down for different but similar reasons.

It's absolutely fine everybody.
I'm fine,
we're fine,
it's FINE!

I'm getting annoyed with the increasing number of platforms that implement the "Oops, something went wrong" vague error message.

Still on the primenumbers bender.
Had this idea that if there were subtle correlations between a sufficiently large set of identities and the digits of a prime number, the best way to find it would be to automate the search.

And thats just what I did.

I started with trace matrices.
I actually didn't expect much of it. I was hoping I'd at least get lucky with a few chance coincidences.

My first tests failed miserably. Eight percent here, 10% there. "I might as well just pick a number out of a hat!" I thought.

I scaled it way back and asked if it was possible to predict *just* the first digit of either of the prime factors.

That also failed. Prediction rates were low still. Like 0.08-0.15.

So I automated *that*.

After a couple days of on-and-off again semi-automated searching I stumbled on it.

[1144, 827, 326, 1184, -1, -1, -1, -1]

That little sequence is a series of identities representing different values derived from a randomly generated product.

Each slots into a trace matrice. The results of which predict the first digit of one of our factors, with a 83.2% accuracy even after 10k runs, and rising higher with the number of trials.

It's not much, but I was kind of proud of it.

I'm pushing for finding 90%+ now.

Some improvements include using a different sort of operation to generate results. Or logging all results and finding the digit within each result thats *most* likely to predict our targets, across all results. (right now I just take the digit in the ones column, which works but is an arbitrary decision on my part).

Theres also the fact that it's trivial to correctly guess the digit 25% of the time, simply by guessing 1, 3, 7, or 9, because all primes, except for 2, end in one of these four.

I have also yet to find a trace with a specific bias for predicting either the smaller of two unique factors *or* the larger. But I haven't really looked for one either.

I still need to write a generate that takes specific traces, and lets me mutate some of the values, to push them towards certain 'fitness' levels.
This would be useful not just for very high predictions, but to find traces with very *low* predictions.

Why? Because it would actually allow for the *elimination* of possible digits, much like sudoku, from a given place value in a predicted factor.

I don't know if any of this will even end up working past the first digit. But splitting the odds, between the two unique factors of a prime product, and getting 40+% chance of guessing correctly, isn't too bad I think for a total amateur.

Far cry from a couple years ago claiming I broke prime factorization. People still haven't forgiven me for that, lol.

Other staff: I’m having trouble logging in to website A. My password doesn’t work.

[Me thinking: That’s weird. When I set up your account, the password worked. I told you to change it. So maybe you forgot your new password. We haven’t changed anything to about the login process.]

Me: I reset your password. [sends new password]

Other Staff: The new password doesn’t work. But I can log in with Google.

Me: 😶 Website A does not have sign in with Google. What website are you actually on???

You know modern cars, they have these computer thingies that tell you when something isn't working with little warning lights.

How useful !

"Take me to repair shop!" it says, and even sets the SatNav route.

Of course, the place might be closed, but still, its trying to help. :-)

Anyhow, by chance just happen to be there getting said car serviced..

Mention the several warning thingies that sprang up on the way in..

After service..

Which took twice as long as a normal service, so I was hopeful they was fixing things !

Though every time I go and ask how things are, magically its just been finished and I haven't been waiting for no good reason because no one remembered I was waiting..

No, they didn't fix any of the faults...

Why I asked without getting angry..

Because the diagnostic computer said there wasn't any..

But there was !

Come back when the fault returns they said..

But..

If the fault disappears before their computer gets plugged in, they will just say there isn't a fault..

Apparently on the car there is no fault logging, its either, a fault right now, or no fault at all..

This might explain why a few months ago all the brakes seized up ( Its less than 2 years old, it shouldn't do that ! ), if some computer part is playing up..

So, I'll get my own car diagnostic computer and wait for it to play up, and maybe get some more error codes/etc. to pass on to the car fixing place !

Today's lesson, logs are important !

Also, just because a computer says there isn't something wrong with something, doesn't mean there isn't, so go and check it physically !

And, the customer is always right !

Previously had an issue with a part that had worn out, asked for it to be replaced.

Went to pick up the car, asked if the part had been replaced.

No it hadn't !

They thought it wasn't worn out !

I asked, did they look at it ?

No they didn't was their reply..

I told them, if you take it off, you can see its worn out.

I watched them take it off, ( After much struggling, to which I remarked that yes, when I took it off to look at it, I had similar trouble ! ) they then saw it was worn out and put a new one on !

They then struggled to put the new one on, which I also mentioned I had the same trouble.

Being as it was my first time taking off one of those parts, you could be forgiven to think I was just a beginner.

But you might think a professional would be able to do a better job..

You just can't get the staff these days !

Ask me about that one time a motherfucking LOG STATEMENT caused the code to not work properly, breaking both the Test and QA environments, but failed in a way that made it maddening to figure out (in conjunction with the cloud-based hosting environment and the abomination that is centralized logging, which just makes EVERYTHING more difficult).

Actually, DON'T ask me about it, because it was today, it wasted most of my day, and I'm still salty as fuck about it.

We receive an email from Splunk when errors go above a certain threshold, and a particular service has been especially problematic this week (throwing hundreds of exceptions). Email response from the team mgr responsible for the service.

"We are working to address these errors. We don’t currently have a way to prevent a user who’s account is locked from logging into the service and performing work."

The exception? NullReferenceException: Object reference not set to an instance of an object.

The code? (paraphrasing)

var user = GetUser(request.Login);
if (user.CanPerformWork) ...

<facepalm>

I'm doing my best not to reply .."Really? No way? You do realize we can read code, right?"

Supervisor: YOU NEED TO INCREASE THE COVERAGE OF YOUR UNIT TESTS! THE FILE logger.js DOESN'T HAVE >80% COVERAGE! IMAGINE PICKING THIS UP 6 MONTHS FROM NOW!

Bro. It's a Winston instance.
I am literally exporting a fucking Winston instance with 0 custom logic.
If 6 months from now I take a file and can't understand a Winston instance anymore, you're well within your right to fire me on the spot.

They've been in a meeting with some clients the whole morning.
12PM, time for me to go. Say Happy New Year and am on my way home.
12:20 Got home, took shirt off, got something to eat from the fridge.
12:22 Bit the first slice of pizza. Phone rings.
- "Yo' we wanted to show them app 2 but I can't log in."
+ "I left the laptop (and the whole dev environment) there, and there's no PC on in my house (and no dev environment whatsoever)."
- "Well check with your phone. [SIC] Tell me when you fix it."
12:32 I had turned my personal computer on; checked the problem was what I imagined (unpkg lib with no version defined on the link had a new major/non-retrocompatible version); grabbed an online FTP tool; remembered IP, user & password; edited the single line that caused the problem; and checked it worked. Calling back.
+ "It's fixed."
- "Thanks!"
12:38 CEO sent me an image of the app not working, due to a known bug.
+ "That happens if you try to access app 1 having accessed app 2 and not logging off." (app 2 isn't being used / sold, as it's still in development) "Try logging off and logging in again from app 1."
- * radio silence *
+ * guess they could get in *

They had the whole freaking morning. 😠
I'm the hero CMMi's level one warns you about. But at what cost.
Happy early New Year's Eve everyone.

I am building my portfolio website and added a contact section. In the API call to the backend, I am logging potential API failures to Firebase Analytics. Is it ethical to include the request data (content of the contact form) in log data?

God I fucking hate macs.
I got a mac at work. I tried to install ubuntu, with rather questionable results (unfortunately, I expected that) - so I tried to get mac work for me the way I like a system to work. I needed to download slack, simple enough, right? Ha, you wish. It's gotta be done through Apple store, so I went to create an Apple ID inside the Apple Store form. And, well, it just errored out on the submission. Great start. I went then to the settings and created an account there, great success, went back to Apple Store. Unfortunately being logged in at the system level doesn't mean you are logged in to the store. So, I went to log in to the store, simple enough, right? No, nothing's simple with Apple. After logging in I got a message that the Apple ID has not yet been used with Apple Store and that I need to review the account's setting. So, I click the "review" button and... I'm presented with a log in form. Yep, a perfect log in loop. I can't log in because I can't review the account but I can't review the account because I can't log in. Fun :)

You can't just go to the web admin panel for your account to review it for Apple Store, that would too be too easy. After a bit of searching I've found an answer on StackOverflow. You need to log in to iTunes. Through a fucking MUSIC APP. To install a free application from the store you need to log in to a music app. Yes, we're all mad here.

Then, after finding out that to be able to use side buttons on my mouse I need an app that I need to manually restart every time I restart the machine and that I need to have an app to fucking transfer files from an android I need another fucking app, because reading a storage of a linux-based system would be too standards compliant - something in me broke. I found out that installing windows on a mac is officially supported.

Supported doesn't mean that it's easy. I tried to install it trying different solutions from SO, but each time I would get an error that Windows couldn't modify the boot partition. Turns out that even wiping the drive and reinstalling OSX doesn't remove residual files on a boot partition and Windows installer is not allowed to modify them. It took me hunting into some shady looking site to actually find this answer. I have no fucking idea how long it all took me, but, finally, great success, Windows, WSL, side buttons working, I can even install slack from an installer. I just wish I could have those hours of my life back.

Today after longer vacation I came back to work.

Edit: wrote this rant long time ago, but never finished. Was too pissed.

Some easy meetings, then wanted to start on an easy job.

Just migrating some things from bash regex voodoo to proper tools like JQ.

Finished in roughly 1 h. Lovely.
Made some tea, ate some cookies.

Set up dev environment, found no documentation what so ever, got it running after half an hour.

Annoying, but ok.

Then I tried my scripts...

They worked... Except they didn't.
Console log empty, response code 200 with state: GENERATE_NO_FILES.

Eh. Fuck you. Just fuck you.

Fixed the logging configuration, which was broken since uhm... 2 years plus?

Well... Another half another hour gone...
Kinda pissed now.

Still script return failed...
Poking and trying to sprinkle debug all over that shit cause everything seems ... An incohesive, inconsistent diarrhea.

3 hours later...

Made the ticket to rewrite it.

I did nothing wrong at all.

The API just has no workflow at all. The
*seperate* API calls have to be in an **specific** order - as otherwise the generation will fail, as the prerequisites for the generation are not fulfilled.

Yeah. Completely logical. Especially not to give out any kind of warning or an error message like requirements not met, blablabla.

I drank that evening 2 six packs of beer. I was raging mad....

Then gave that shit to another manager, as I never want to touch that nuclear waste again....

How can someone be so brain damaged -.-

I dont understand the Log4j vulnerability.

Isnt the ability to execute code a feature they added so that you can add dynamic data to the logs?

If it is a feature then isnt it written in the documentation?

Is the problem that a lot of companies forgot to sanitize the input before logging it?

A large pool of application instances' is writing logs to the same physical file. No way to distinguish which instance wrote which line.

Welcome to hell

We're being asked questions. We're replying that we cannot help unless logging is fixed. Noone's bothering to fix this mess and instead returns tickets with requests to investigate more.

F.U.N
/s

Apple added medicine logging feature.

Do you know how they tell you you should take your medicine? It’s “It’s time to log in your medications”. It’s not “take your meds now”. Otherwise, imagine those lawsuits, ooga booga iphone told me to take meds and I died.

Why is it called logging and why are they called logs?

We had made an api which had endpoints for each different domain model, so /user, /company, the usual. Beyond being restful they all had basic filtering and pagination.

We also had an endpoint to return an entity from any set based on guid for when you needed to attach the related entity to notifications and logging and such.

We received a bug report on how you couldn't use filtering or pagination on this endpoint, and after weeks of asking what they need it for we just had to implement it.

You can imagine how non-trivial it is to "just" filter across different datasets, but we eventually got it working so now you can get a user via /user/123 or /entity?type=user&id=123. They only use it for one type and id at the time.

Continuing to learn k8s ecosystem and to achieve acceptable level
With trying eventually Helm, Argo CD and even trying to use not managed setup for k8s.

Going though books to find out theory about being SRE.
And about data intensive apps.

Learning and trying Kafka

Learning and trying FastAPI and diving in generally to async python ecosystem

Learning Go.

Learning few more books to increase code quality and its compositioning.

Getting more practice in monitoring and logging systems with applicating them to k8s.

What the hell is the point of this small projects team spending 2-3 months on developing extensive logging system for an internal application for inside and outside customers to use if your application isn’t going to log any of the fucking errors. Sure you write the failure status to the database, but it just says failure with an even more vague explanation than microsoft’s errors. “An error occurred”. No shit, that’s why I’m looking in the logs and database to debug the application to get these files on their merry way so our company can stay in compliance with the state, feds, and not pay out the wazzoo in fines. All our other applications state where the error occured such as “failed to connect to the email server”, why can’t this one.

> totally disable logging on console
> logging is redirected instead on some 1200 separated files (no, not "log files rotated through 1200 days"; every part of the program has its own log file, and there's 1200 of them)
> still, in all those files, none of them contains MY log; somehow it disappeared

Why some people even chose to become developers will always elude me

I had a pretty good year! I've gone from being a totally unknown passionate web dev to a respected full stack dev. This will be a bit lengthy rant...
Best:
- Got my first full time employment dev role at a company after being self-taught for 8+ years at the start of the year. Finally got someone to take the risk of hiring someone who's "untested" and only done small and odd jobs professionally. This kickstarted my career, super grateful for that!
- Started my own programming consulting company.
- Gained enough confidence to apply to other jobs, snatched a few consulting jobs, nailed the interviews even though I never practiced any leet code.
- Currently work as a 99% remote dev (only meet up in person during the initialization of some projects.) I never thought working remotely could actually work this well. I am able to stay productive and actually focus on the work instead of living up to the 9-5 standard. If I want to go for a walk to think I can do that, I can be as social and asocial as I want. I like to sleep in and work during the night with a cup of tea in the dark and it's not an issue! I really like the freedom and I feel like I've never been more productive.
- Ended up with very happy customers and now got a steady amount of jobs rolling in and contracts are being extended.
- I learned a lot, specialized in graph databases, no more db modelling hell. Loving it!
- Got a job where I can use my favorite tools and actually create something from scratch which includes a lot of different fields. I am really happy I can use all my skills and learn new things along the way, like data analysis, databricks, hadoop, data ingesting, centralised auth like promerium and centralised logging.
- I also learned how important softskills are, I've learned to understand my clients needs and how to both communicate both as a developer and an entrepeneur.
Worst:
- First job had a manager which just gave me the specifications solo project and didn't check in or meet me for 8 weeks with vague specifications. Turns out the manager was super biased on how to write code and wanted to micromanage every aspect while still being totally absent. They got mad that I had used AJAX for requests as that was a "waste of time".
- I learned the harsh reality of working as a contractor in the US from a foreign country. Worked on an "indefinite" contract, suddenly got a 2 day notification to sum up my work (not related to my performance) after being there for 7+ months.
- I really don't like the current industry standard when it comes to developing websites (I mostly work in node.js), I like working with static websites (with static website generators like what the Svelte.js driver) and use a REST API for dynamic content. When working on the backend there's a library for everything and I've wasted so many hours this year to fix bugs and create workarounds related to dependencies. You need to dive into a rabbit hole for every tool and do something which may work or break something later. I've had so many issues with CICD and deployment to the cloud. There's a library for everything but there's so many that it's impossible to learn about the edge cases of everything. Doesn't help that everything is abstracted away, which works 90% of the time but I use 15 times the time to debug things when a bug appears. I work against a black box which may or may not have an up to date documentation and it's so complex that it will require you to yell incantations from the F#$K
era and sacrifice a goat for it to work properly.
- Learned that a lot of companies call their complex services "microservices". Ah yes, the microservice with 20 endpoints which all do completely unrelated tasks?

Microsoft Windows can burn.

I have this feature where I configure a remote API via some endpoints and the API pushes data back to some webhooks in my API.

Yesterday I set everything up for the final test; fired up my own API with some test data, added some configuration and started trace logging to ensure that everything works as expected when the remote site tries to send me data.

I was ready to collect ! Enter this morning: Windows have forcibly rebooted to install an update and shut everything down.

inb4 install Linux; No, I can not. Windows is company policy and I am required to use shit that is only designed for Windows.

Somebody: (whinwy) we need something to log into nonprivileged technical accounts without our rootssh proxy. We want this pammodule pam_X.so
me: this stuff is old (-2013) and i can't find any source for it. How about using SSSD with libsss_sudo? Its an modern solution which would allow this with an advantage of using the existing infrastructure.
somebody: NO I WANT THIS MODULE.
me: ok i have it packaged under this name. Could you please test it by manipulating the pam config?
Somebody: WHAT WHY DO I NEED TO MANIPULATE THE PAMCONFIG?
me: because another package on our servers already manipulates the config and i don't want to create trouble by manipulate it.
Somebody: why are we discussing this. I said clearly what we need and we need it NOW.

we have an package that changes the pam config to our needs, we are starting to roll out the config via ansible, but we still use configuration packages on many servers
For authentication as root we use cyberark for logging the ssh sessions.
The older solution allowed additionally the login into non-rootaccounts, but it is shut down in the next few weeks after over half an year of both systems active and over half an year with the information that the login into non-privileged accounts will be no more.

I've been asked to release a project which has been written by someone else, then rewritten by another developer, and both have left the company.

I can't release it yet because there is an inconsistent bug throwing some values out.

We've got it running side by side with an older legacy system which it's going to replace. Before the 2nd developer left they added some logging to our live system to record both values so that they could be monitored to make sure there was no inconsistency.

There are some inconsistencies... however, when I run the same data through the new system and the legacy system in a test environment they both come out correct.

FML

I've considered quitting...

Checking for root is maintaining a false façade of security. By the definition of root it can always be bypassed and we should be designing workflows to discourage logging in from an untrusted device unless you have 2fa.

What does devrant think about custom IDs?

Instead of:
- "d2ac9db1-3222-4e99-97cb-e14fb4240f43"

Something like this:
- "user-d2ac9db1-3222-4e99-97cb-e14fb4240f43"
- "document-34ea29ce-6022-40d4-821d-95b240633ba9"

They can be saved as binary in DB (like in the old days before native UUID support), have basic protection against being confused with IDs of another prefix and are pretty much self-documenting (better debugging/logging experience).

Plus, every ID would have their own value object (increased type safety) and if required, prefix can be omitted for 3rd party systems.

I think, it would be well worth it... 🤔

Websites that use a snow effect in Winter, with many little snowflakes moving on screen, needlessly drain the battery of mobile devices. Since batteries in portable electronics are usually not replaceable as of 2022, it also shortens the overall useful life of mobile devices.

If web designers feel the need to appear creative, which the snowflake effect isn't since it apparently existed since the 2000s, they should at least give users an option to turn it off. And that option should be available without logging in. Perhaps this useless effect should be turned off by default for mobile users.

How do I deal with this;

Edge case hiccup on production, no errors in the available logs(very shallow logging), no access to the production server, issue unreproducable on staging and a manager that want me to fix it AFTER I already said that im kind of sailing blind and can't do much without logs or access, and already looked at it with another dev who also has no idea what is going on

Quick question. I'm currently working on a project that requires extensive activity logging. What do you recommend for some sort of monitoring and logging of user access on a Linux box?

Big thanks in advance. <3