Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Search - "one file to rule them all"
-
!rant
This was over a year ago now, but my first PR at my current job was +6,249/-1,545,334 loc. Here is how that happened... When I joined the company and saw the code I was supposed to work on I kind of freaked out. The project was set up in the most ass-backward way with some sort of bootstrap boilerplate sample app thing with its own build process inside a subfolder of the main angular project. The angular app used all the CSS, fonts, icons, etc. from the boilerplate app and referenced the assets directly. If you needed to make changes to the CSS, fonts, icons, etc you would need to cd into the boilerplate app directory, make the changes, run a Gulp build that compiled things there, then cd back to the main directory and run Grunt build (thats right, both grunt and gulp) that then built the angular app and referenced the compiled assets inside the boilerplate directory. One simple CSS change would take 2 minutes to test at minimum.
I told them I needed at least a week to overhaul the app before I felt like I could do any real work. Here were the horrors I found along the way.
- All compiled (unminified) assets (both CSS and JS) were committed to git, including vendor code such as jQuery and Bootstrap.
- All bower components were committed to git (ALL their source code, documentation, etc, not just the one dist/minified JS file we referenced).
- The Grunt build was set up by someone who had no idea what they were doing. Every SINGLE file or dependency that needed to be copied to the build folder was listed one by one in a HUGE config.json file instead of using pattern matching like `assets/images/*`.
- All the example code from the boilerplate and multiple jQuery spaghetti sample apps from the boilerplate were committed to git, as well as ALL the documentation too. There was literally a `git clone` of the boilerplate repo inside a folder in the app.
- There were two separate copies of Bootstrap 3 being compiled from source. One inside the boilerplate folder and one at the angular app level. They were both included on the page, so literally every single CSS rule was overridden by the second copy of bootstrap. Oh, and because bootstrap source was included and commited and built from source, the actual bootstrap source files had been edited by developers to change styles (instead of overriding them) so there was no replacing it with an OOTB minified version.
- It is an angular app but there were multiple jQuery libraries included and relied upon and used for actual in-app functionality behavior. And, beyond that, even though angular includes many native ways to do XHR requests (using $resource or $http), there were numerous places in the app where there were `XMLHttpRequest`s intermixed with angular code.
- There was no live reloading for local development, meaning if I wanted to make one CSS change I had to stop my server, run a build, start again (about 2 minutes total). They seemed to think this was fine.
- All this monstrosity was handled by a single massive Gruntfile that was over 2000loc. When all my hacking and slashing was done, I reduced this to ~140loc.
- There were developer's (I use that term loosely) *PERSONAL AWS ACCESS KEYS* hardcoded into the source code (remember, this is a web end app, so this was in every user's browser) in order to do file uploads. Of course when I checked in AWS, those keys had full admin access to absolutely everything in AWS.
- The entire unminified AWS Javascript SDK was included on the page and not used or referenced (~1.5mb)
- There was no error handling or reporting. An API error would just result in nothing happening on the front end, so the user would usually just click and click again, re-triggering the same error. There was also no error reporting software installed (NewRelic, Rollbar, etc) so we had no idea when our users encountered errors on the front end. The previous developers would literally guide users who were experiencing issues through opening their console in dev tools and have them screenshot the error and send it to them.
- I could go on and on...
This is why you hire a real front-end engineer to build your web app instead of the cheapest contractors you can find from Ukraine.19 -
Worst thing you've seen another dev do? Here is another.
Early into our eCommerce venture, we experienced the normal growing pains.
Part of the learning process was realizing in web development, you should only access data resources on an as-needed basis.
One business object on it's creation would populate db lookups, initialize business rule engines (calling the db), etc.
Initially, this design was fine, no one noticed anything until business started to grow and started to cause problems in other systems (classic scaling problems)
VP wanted a review of the code and recommendations before throwing hardware at the problem (which they already started to do).
Over a month, I started making some aggressive changes by streamlining SQL, moving initialization, and refactoring like a mad man.
Over all page loads were not really affected, but the back-end resources were almost back to pre-eCommerce levels.
The main web developer at the time was not amused and fought my changes as much as she could.
Couple months later the CEO was speaking to everyone about his experience at a trade show when another CEO was complementing him on the changes to our web site.
The site was must faster, pages loaded without any glitches, checkout actually worked the first time, etc.
CEO wanted to thank everyone involved etc..and so on.
About a week later the VP handed out 'Thank You' certificates for the entire web team (only 4 at the time, I was on another team). I was noticeably excluded (not that I cared about a stupid piece of paper, but they also got a pizza lunch...I was much more pissed about that). My boss went to find out what was going on.
MyBoss: "Well, turned out 'Sally' did make all the web site performance improvements."
Me: "Where have you been the past 3 months? 'Sally' is the one who fought all my improvements. All my improvements are still in the production code."
MyBoss: "I'm just the messenger. What would you like me to do? I can buy you a pizza if you want. The team already reviewed the code and they are the ones who gave her the credit."
Me: "That's crap. My comments are all over that code base. I put my initials, date, what I did, why, and what was improved. I put the actual performance improvement numbers in the code!"
MyBoss: "Yea? Weird. That is what 'Tom' said why 'Sally' was put in for a promotion. For her due diligence for documenting the improvements."
Me:"What!? No. Look...lets look at the code"
Open up the file...there it was...*her* initials...the date, what changed, performance improvement numbers, etc.
WTF!
I opened version control and saw that she made one change, the day *after* the CEO thanked everyone and replaced my initials with hers.
She knew the other devs would only look at the current code to see who made the improvements (not bother to look at the code-differences)
MyBoss: "Wow...that's dirty. Best to move on and forget about it. Let them have their little party. Let us grown ups keeping doing the important things."8 -
In a meeting yesterday working through our WebAPI coding standards, starting from File -> New project..etc..etc.. and ironing out some of the left-or-right decisions so we can have a consistent coding style, working in a meeting room with an overhead projector and sharing keyboard around with one another.
Then we hit the routing 'rules' in the WebApiConfig, "api/{controller}/{id}"…
DevMgr: "Do we need the 'api' prefix? It seems redundant."
Ralph: "Yes it's needed. Prefixing the controllers with 'api' is industry best practice. Otherwise, how is anyone to know it's a web api"
Prancer: "Yea, it's part of the REST standard."
Me: "I don't think so. That is only part of the Asp.Net routing rule. We can put anything we want or take anything out."
DevMgr: "Yea, it looks silly. All the new services are going to be business process specific."
Ralph: "That's how everyone does it. It's kind of the point of why REST services are called WebApi"
Prancer: "What's the point of doing any of this work if we're not going to follow industry standards."
Me: "I understand if the service is part of larger web site, but we're developing standalone services. Prefixing routes with 'api' is redundant. I mean who are these 'everyone' you're talking about?"
<ralph rolls his eyes>
Ralph: "Lets see …uhhh… Netflix?. They're kinda a big deal."
Me: "Like I said, it's an integral part of their site and the services they provide. That's fine. I'm talking about the 12 other 3rd party services we integrate with. None of them have 'api' on any of their routes."
Prancer: "We're talking about serious web services."
Me: "Last time I checked, UPS is a big and serious service."
Ralph: "Their services are a fracking joke" – he didn't say fracking.
Me: "Our payroll system, our billing system, billion dollar companies, didn't have '/api' prefix anywhere. Heck, even that free faxing service we used for a while was a dead-simple routing path."
<I take the keyboard away from Ralph, remove the 'api' from the route.>
Me: "There. Done. Now, lets talk about error handling.."
Rest of the meeting Ralph and Prancer don't say much of anything, arms crossed…I swear Ralph looked like he was going to cry.
This morning I catch my boss…
Me: "What did you think of the meeting? I thought Ralph was going to take a swing at me when I took the keyboard away from him."
DevMgr: "Oh yes…I almost laughed out loud….blows my freaking mind how worked up people get about crap that doesn't matter. Api..or not…who the frack cares. Just make it consistent"
Me: "Exactly…I didn't care either way, but I enjoyed calling out that nonsense."
DevMgr: "Yes..waaay too much."
If I didn't call them on their BS and the 'standard' allowed to continue, I can bet my paycheck when the subject comes up in a few months (another mgr asks 'isn't this api prefix redundant?') Ralph and Prancer will be the first to say "Yea, its stupid. We fought really hard to remove it from the standard...its not our fault...its <insert scapegoat> fault." -
I would have wanted to bring up SICP again, with the great big warning about the evil assignment operator and state and all the troubles that ensue (just think: concurrency).
But in a way, nothing has really come up from this or my attempts to dig deeper into "everything is a file/object" (Unix, smalltalk), neither from formal languages or the Curry-Howard correspondence. - Maybe there's just nothing, no firm bottom ground to discover. Like the physicists going for their world formula, but instead of a grand, beautiful symmetry that explains everything, we face a shattered world of (incompatible) theories, that is ever so more complex and chaotic through our theories applied to it. There may not be a Platonic ideal world of ideas, but rather partial constructs explaining some particular perceptions.
Similarly the one perfect programming language to rule them all, the perfect abstraction, pattern is probably just another prepubertal fantasy to be sunk.
So maybe instead of seeking the perfect epiphany, we should go for something quite different: the nagging, brooding uneasiness that something is wrong there, that there's something to be fixed... that even negative feeling would propel us to search further, not to stay in whatever is touted as the real thing.
Such irritations I found with Pieter Hintjens' writings. For example when he actively engaged in conspiracy theories. And I'm still not sure, if he just went off the cliff or he's even right alluding that these theories are an act of sanity, a self-defence against the hidden evil mights. I just don't know. Anything. -
#Suphle Rant 6: Deptrac, phparkitect
This entry isn't necessarily a rant but a tale of victory. I'm no more as sad as I used to be. I don't work as hard as I used to, so lesser challenges to frustrate my life. On top of that, I'm not bitter about the pace of progress. I'm at a state of contentment regarding Suphle's release
An opportunity to gain publicity presented itself last month when cfp for a php event was announced last month. I submitted and reviewed a post introducing suphle to the community. In the post, I assured readers that I won't be changing anything soon ie the apis are cast in stone. Then php 7.4 officially "went out of circulation". It hit me that even though the code supports php 8 on paper, it's kind of a red herring that decorators don't use php 8 attributes. So I doubled down, suspending documentation.
The container won't support union and intersection types cuz I dislike the ambiguity. Enums can't be hydrated. So I refactored implementation and usages of decorators from interfaces to native attributes. Tried automating typing for all class properties but psalm is using docblocks instead of native typing. So I disabled it and am doing it by hand whenever something takes me to an unfixed class (difficulty: 1). But the good news is, we are php 8 compliant as anybody can ask for!
I decided to ride that wave and implement other things that have been bothering me:
1) 2 commands for automating project setup for collaborators and user facing developers (CHECK)
2) transferring some operations from runtime to compile/build TIME (CHECK)
3) re-attempt implementing container scopes
I tried automating Deptrac usage ie adding the newly created module to the list of regulated architectural layers but their config is in yaml, so I moved to phparkitect which uses php to set the rules. I still can't find a library for programmatically updating php filed/classes but this is more dynamic for me than yaml. I set out to implement their library, turns out the entire logic is dumped into the command class, so I can neither control it without the cli or automate tests to it. I take the command apart, connect it to suphle and run. Guess what, it detects class parents as violations to the rule. Wtflyingfuck?!
As if that's not bad enough, roadrunner (that old biatch!) server setup doesn't fail if an initialization script fails. If initialization script is moved to the application code itself, server setup crumbles and takes the your initialization stuff down with it. I ping the maintainer, rustacian (god bless his soul), who informs me point blank that what I'm trying to do is not possible. Fuck it. I have to write a wrapper command for sequentially starting the server (or not starting if initialization operations don't all succeed).
Legitimate case to reinvent the wheel. I restored my deleted decorators that did dependency sanitation for me at runtime. The remaining piece of the puzzle was a recursive film iterator to feed the decorators. I checked my file system reader for clues on how to implement one and boom! The one I'd written for two other features was compatible. All I had to do was refactor decorators into dependency rules, give them fancy interfaces for customising and filtering what classes each rule should actually evaluate. In a night's work (if you're discrediting how long writing the original sanitization decorators and directory iterator), I coupled the Deptrac/phparkitect library of my dreams. This is one of the those few times I feel like a supreme deity
Hope I can eat better and get some sleep. This meme is me after getting bounced by those three library rejections