Watch out for these fucking bug bounty idiots.

Some time back I got an email from one shortly after making a website live. Didn't find anything major and just ran a simple tool that can suggest security improvements simply loading the landing page for the site.

Might be useful for some people but not so much for me.

It's the same kind of security tool you can search for, run it and it mostly just checks things like HTTP headers. A harmless surface test. Was nice, polite and didn't demand anything but linked to their profile where you can give them some rep on a system that gamifies security bug hunting.

It's rendering services without being asked like when someone washes your windscreen while stopped at traffic but no demands and no real harm done. Spammed.

I had another one recently though that was a total disgrace.

"I'm a web security Analyst. My Job is to do penetration testing in websites to make them secure."
"While testing your site I found some critical vulnerabilities (bugs) in your site which need to be mitigated."
"If you have a bug bounty program, kindly let me know where I should report those issues."
"Waiting for response."

It immediately stands out that this person is asking for pay before disclosing vulnerabilities but this ends up being stupid on so many other levels.

The second thing that stands out is that he says he's doing a penetration test. This is illegal in most major countries. Even attempting to penetrate a system without consent is illegal.

In many cases if it's trivial or safe no harm no foul but in this case I take a look at what he's sending and he's really trying to hack the site. Sending all kinds of junk data and sending things to try to inject that if they did get through could cause damage or provide sensitive data such as trying SQL injects to get user data.

It doesn't matter the intent it's breaking criminal law and when there's the potential for damages that's serious.

It cannot be understated how unprofessional this is. Irrespective of intent, being a self proclaimed "whitehat" or "ethical hacker" if they test this on a site and some of the commands they sent my way had worked then that would have been a data breach.

These weren't commands to see if something was possible, they were commands to extract data. If some random person from Pakistan extracts sensitive data then that's a breach that has to be reported and disclosed to users with the potential for fines and other consequences.

The sad thing is looking at the logs he's doing it all manually. Copying and pasting extremely specific snippets into all the input boxes of hacked with nothing to do with the stack in use. He can't get that many hits that way.

porting a script that supports barewords to something that doesn't....

string up = "up", down = "down";

if(position === up)

its all well and good until you find someone copyies and pwastes that to have in every function

string up = "up", down = "down";

if(position === up)

string up = "up", down = "down";

if(position === up)

string up = "up", down = "down";

if(position === up)

then imagine a much larger dictionary. Also there was a spelling mistake, several in fact.

also who rewrote the parser to try to support keywords as variables?

Is programming a girls dream come true?

I want a package for something so I search NPM, 50 results.

I could spend a life time browsing, shopping for packages, trying them out to see if they fit.

It's all I bloody do these days.

I use the ICU format often for translation because it's simple enough and supported on many platforms. It's something of a standard so I can use the same translation string format and similar library functions everywhere.

ICU is like a really simple templating language, somewhere between printf and something like smarty or twig simplified and specifically intended for internationalisation.

I updated a library providing ICU compatible parsing and formatting for one of the platforms I'm using and find tests break. I assume that only thing to change is the API. ICU very rarely changes and if it did it would be unexpected for it to break the syntax in a major way without big news of a new syntax.

The main contributor of the library has changed since some time last year. Someone else picked up the project from previous contributors.

Though the library is heavily advertised as using ICU it has now switched to using a custom extended format that's not fully compatible and that is being driven by use case demand rather than standardisation.

Seems like a nice chap but has also decided for a major paradigm shift for the library.

The ICU format only parses ICU templates for string substitution and formatting. The new format tries to parse anything that looks XML like as well but with much more strict rules only supporting a tiny subset of XML and failing to preserve what would otherwise be string literals.

Has anyone else seen this happen after the handover of an opensource library where the paradigm shifts?

I take the train well out side of rush hour when the trains are about half empty (though most seats taken). I have to come in because it's not like I can afford to have a workspace comparable to the cockpit of the millennium falcon both at home and at work.

I don't believe going into a panic about coronavirus but take obvious basic precautions to at least reduce the chance and slow the spread and that should do a good amount to reduce overloading the system. I kid you not, at this point medical facilities are considering buying diving equipment for enriched O2 supplies to keep up.

Today, as usual, some fucking piece of shit cunt twat psycho beggar that literally needs to be in an asylum with a massive fucking great gob of snot dangling out his nose is going up the entire train, every carriage, begging groping every hand rail along the way and potentially exposing several hundred people every hour.

I told this sorry sack of shit, surprisingly politely, that he'll end up rapidly spreading coronavirus if he keeps going all the way up and down the carriage like that. After he's fucking muttering on trying to make people feel bad about fucking ignoring him not being all caring and shit and then doesn't give a shit about giving everyone coronavirus after fucking waltzing down the entire fucking length of the train his pockets stuffed with coin. Then he threatens to assault me. I was fucking this > < far away from unleashing a life changing beat down and kicking his ass off the train with no pain or injury spared.

At the same time, that piece of scum waste of skin the mayor has apparently informed the public that you can't get coronavirus on the train or buses. How the fuck did he come to that conclusion? Is this really happening? How can something that clinically fucking thick as shit be our lord and master?

I fucking thought the great toilet paper rush was brain dead. Jesus fucking Christ and people voted for this fucking championship moron. Why don't they just all save themselves the fucking hassle and all march themselves off a fucking cliff?

These dumb shits without two neurons to rub together only need to put a dozen or so plain clothed police offices on the trains to catch these fuckers.

Why am I even fucking paying taxes? Where's it all fucking going? Another fucking lets give a billion quid to Fujitsu fucking failed IT project again I bet. Can't people bloody do anything these days? Does there have to be an app for fucking everything?

Someone should make a fucking facial recognition app so I can snap a shot of these fuckers and then if one of these fucking passes the phone camera anyone else with the app it'll set of there's a fucking imbecile in the vicinity alert.

These people need to be dragged out into the street, lined up against the wall and shot. No remorse. Toss them in a pit, cover it with dirt and be done with it. Why even bother with the execution? Throw them down the hole and fill it with dirt.

You don't have to go mental like it's the plague but people could at least show some fucking common sense, common decency and basic decorum. Even minimal measures, is that much to ask? Absolute scum of the Earth. How we even allow them to walk to Earth I do not fucking know.

One of the worst practices in programming is misusing exceptions to send messages.

This from the node manual for example:

> fsPromises.access(path[, mode])

> fsPromises.access('/etc/passwd', fs.constants.R_OK | fs.constants.W_OK)
> .then(() => console.log('can access'))
> .catch(() => console.error('cannot access'));

I keep seeing people doing this and it's exceptionally bad API design, excusing the pun.

This spec makes assumptions that not being able to access something is an error condition.

This is a mistaken assumption. It should return either true or false unless a genuine IO exception occurred.

It's using an exception to return a result. This is commonly seen with booleans and things that may or may not exist (using an exception instead of null or undefined).

If it returned a boolean then it would be up to me whether or not to throw an exception. They could also add a wrapper such as requireAccess for consistent error exceptions.

If I want to check that a file isn't accessible, for example for security then I need to wrap what would be a simple if statement with try catch all over the place. If I turn on my debugger and try to track any throw exception then they are false positives everywhere.

If I want to check ten files and only fail if none of them are accessible then again this function isn't suited.

I see this everywhere although it coming from a major library is a bit sad.

This may be because the underlying libraries are C which is a bit funky with error handling, there's at least a reason to sometimes squash errors and results together (IE, optimisation). I suspect the exception is being used because under the hood error codes are also used and it's trying to use throwing an exception to give the different codes but doesn't exist and bad permissions might not be an error condition or one requiring an exception.

Yet this is still the bane of my existence. Bad error handling everywhere including the other way around (things that should always be errors being warnings), in legacy code it's horrendous.

Your pizza with Uxbridge is on its way and should be with you in -32 minutes.

Well the timing is accurate at least but the failure to name the vendor looks deliberate.

Just saw someone complaining about apple spell check. How about Chrome's spell check? Can we all spam various authorities with anti-competition complaints?

It's absolutely awful and very clearly designed to end up steering towards people just searching for the word anyway.

Today I fucking learnt that RHEL is no longer an open source operating system in the full meaning of the terms starting from 8 onward as it shifts toward being a binary only distribution.

What does this mean? Historically in RHEL you could install packages that would allow you to compile software that would use the system libraries.

Now you can't. These packages are being taken away and no longer provided.

If you wanted an operating system you could develop on or build software on well you need something other than RHEL.

The OS is now crippled. There's a bunch of things you used to be able to do where as now you have to pay for a support contract.

Every day I am astonished by how helpful and clear composer error messages are...

Your requirements could not be resolved to an installable set of packages.

Problem 1
- The requested package whoami/whatami ~v4.1.55 exists as whoami/whatami[master, v0.1, v0.2-alpha, v0.3.0, v1.0.0, v1.0.1, v1.0.10, v1.0.11, v1.0.12, v1.0.13, v1.0.14, v1.0.15, v1.0.16, v1.0.17, v1.0.18, v1.0.19, v1.0.2, v1.0.20, v1.0.21, v1.0.22, v1.0.23, v1.0.24, v1.0.3, v1.0.4, v1.0.5, v1.0.6, v1.0.7, v1.0.8, v1.0.9, v1.1.0, v1.1.1, v1.1.2, v1.1.3, v1.1.4, v1.1.5, v1.1.6, v1.1.7, v1.1.8, v1.1.9, v1.2.0, v1.2.1, v1.2.2, v1.2.3, v1.2.4, v1.2.5, v1.2.6, v3.0.0, v3.0.1, v3.1.0, v3.1.1, v3.1.2, ... 100s more] but these are rejected by your constraint.

In laymans terms, couldn't find version ~v4.1.55.

At this point there's a poo poking its nose out my butthole but only a few more minutes and I can finally see the output of this program, finish, go to the loo and then go home.

When you're developing it's very well advised to run your software locally in an environment as much as possible matching the real environment.

So for example, if you're running linux on production then you also run it locally to run your code.

Here's where people need to shut the fuck up:

No, mac is not good for linux development. Not unless portability is already a concern that you have and even then it might be counter productive. So many times when people say this, portability isn't not a concern. What runs on servers is up to them.

If your servers are going to be centos, then you develop with centos. Not with debian, gentoo, ubuntu, maxosx, etc.

Even different linux distros are a headache for portability when it's just to support a few desktops for development so don't think that macosx is going to cut it. It might not be as radical a difference as between windows and linux traditionally is but it's still not good for "linux" development. I don't think people making that statement really know what linux is now how different distributions work.

What you use for your graphical operating system doesn't matter to much but when you run your code then there's a simple solution.

Another thing people need to shut up about. It's not docker, unless you're already in Linux where docker is one of many options such as chroot or lxc.

This question always comes up, how do you developer for linux in windows? No it's not docker it's virtual machine.

It's that simple. You download the ISO for the distro you want and then install it on a VM. What does docker for windows do? It runs a linux VM that runs docker.

This may come as a great shock to developers around the world but it is possible to run linux in a VM and then any linux application your want including docker.

Another option is to shove a box in the corner, install what you need on it, share the file system and have people use that to run their code. It really is that easy.

Epic code fight broke out today when one developer fronted himself for leader due to having beat all the metrics by a factor of ten. Claimed he could replace the entire department based on LOC alone.

Another developer told him to fucking zip it.

After almost coming to blows someone managed to explain to him that he had to put his code into a compressed archive.

As it compressed to ten times smaller than the next smallest contribution he declared victory because his compressed better. Another developer joked better call bomb squad.

Why can't they get power saving right? Every keyboard I have to pull out the sleep button. Once you press it that's it. PC is dead. Put to sleep.

Do I have to venture into the ancient forest and find a prince to wake it up?

Same thing with monitors these days acting all weird.

Can we put a wake up button on these things? They're backwards. At least have a screen explaining its waking up. The slightest indication.

If power saving is going to be such a hassle I'm going to turn it off.

Persisterising derived values. Often a necessary evil for optimisation or privacy while conflicting with concerns such as auditing.

Password hashing is the common example of a case considered necessary to cover security concerns.

Also often a mistake to store derived values. Some times it can be annoying. Sometimes it can be data loss. Derived values often require careful maintenance otherwise the actual comments in your database for a page is 10 but the stored value for the page record is 9. This becomes very important when dealing with money where eventual consistency might not be enough.

Annoying is when given a and b then c = a + b only b and c are stored so you often have to run things backwards.

Given any processing pipeline such as A -> B -> C with A being original and C final then you technically only need C. This applies to anything.

However, not all steps stay or deflate. Sum of values is an example of deflate. Mapping values is an example of stay. Combining all possible value pairs is inflate, IE, N * N and tends to represent the true termination point for a pipeline as to what can be persisted.

I've quite often seen people exclude original. Some amount of lossy can be alright if it's genuine noise and one way if serving some purpose.

If A is O(N) and C reduces to O(1) then it can seem to make sense to store only C until someone also wants B -> D as well. Technically speaking A is all you ever need to persist to cater to all dependencies.

I've seen every kind of mess with processing chains. People persisting the inflations while still being lossy. Giant chains linear chains where instead items should rely on a common ancestor. Things being applied to only be unapplied. Yes ABCBDBEBCF etc then truncating A happens.

Extreme care needs to be taken with data and future proofing. Excess data you can remove. Missing code can be added. Data however once its gone its gone and your bug is forever.

This doesn't seem to enter the minds of many developers who don't reconcile their execution or processing graphs with entry points, exist points, edge direction, size, persistence, etc.

If you think parametised queries will save the day think again.

I occasionally test sites I visit throwing a few quotes at inputs and query params.

I also always test logging in as % with user or pass.

Not only are plaintext passwords a thing but so is this:

WHERE username LIKE ? AND password LIKE ?.

Once I saw an OR.

Is your code green?

I've been thinking a lot about this for the past year. There was recently an article on this on slashdot.

I like optimising things to a reasonable degree and avoid bloat. What are some signs of code that isn't green?

* Use of technology that says its fast without real expert review and measurement. Lots of tech out their claims to be fast but actually isn't or is doing so by saturation resources while being inefficient.
* It uses caching. Many might find that counter intuitive. In technology it is surprisingly common to see people scale or cache rather than directly fixing the thing that's watt expensive which is compounded when the cache has weak coverage.
* It uses scaling. Originally scaling was a last resort. The reason is simple, it introduces excessive complexity. Today it's common to see people scale things rather than make them efficient. You end up needing ten instances when a bit of skill could bring you down to one which could scale as well but likely wont need to.
* It uses a non-trivial framework. Frameworks are rarely fast. Most will fall in the range of ten to a thousand times slower in terms of CPU usage. Memory bloat may also force the need for more instances. Frameworks written on already slow high level languages may be especially bad.
* Lacks optimisations for obvious bottlenecks.
* It runs slowly.
* It lacks even basic resource usage measurement.

Unfortunately smells are not enough on their own but are a start. Real measurement and expert review is always the only way to get an idea of if your code is reasonably green.

I find it not uncommon to see things require tens to hundreds to thousands of resources than needed if not more.

In terms of cycles that can be the difference between needing a single core and a thousand cores.

This is common in the industry but it's not because people didn't write everything in assembly. It's usually leaning toward the extreme opposite.

Optimisations are often easy and don't require writing code in binary. In fact the resulting code is often simpler. Excess complexity and inefficient code tend to go hand in hand. Sometimes a code cleaning service is all you need to enhance your green.

I once rewrote a data parsing library that had to parse a hundred MB and was a performance hotspot into C from an interpreted language. I measured it and the results were good. It had been optimised as much as possible in the interpreted version but way still 50 times faster minimum in C.

I recently stumbled upon someone's attempt to do the same and I was able to optimise the interpreted version in five minutes to be twice as fast as the C++ version.

I see opportunity to optimise everywhere in software. A billion KG CO2 could be saved easy if a few green code shops popped up. It's also often a net win. Faster software, lower costs, lower management burden... I'm thinking of starting a consultancy.

The problem is after witnessing the likes of Greta Thunberg then if that's what the next generation has in store then as far as I'm concerned the world can fucking burn and her generation along with it.

> im an operating system

> when I feel like operating

> lifes good

> i reboot when i feel like it

> i take the entire screen whenever i want

> when im changed from landscape to portrait i still snap windows horizontally

> sometimes, when i know the laptop lid is closed and a keyboard is attached i still ask for your finger

> thats what you get for having the finger print scanner under the lid i say

I really hate PHP frameworks.

I also often write my own frameworks but propriety. I have two decades experience doing without frameworks, writing frameworks and using frameworks.

Virtually every PHP framework I've ever used has causes more headaches than if I had simply written the code.

Let me give you an example. I want a tinyint in my database.

> Unknown column type "tinyint" requested.

Oh, doctrine doesn't support it and wont fix. Doctrine is a library that takes a perfectly good feature rich powerful enough database system and nerfs it to the capabilities of mysql 1.0.0 for portability and because the devs don't actually have the time to create a full ORM library. Sadly it's also the defacto for certain filthy disgusting frameworks whose name I shan't speak.

So I add my own type class. Annoying but what can you do.

I have to try to use it and to do so I have to register it in two places like this (pseudo)...

Types::add(Tinyint::class);
Doctrine::add(Tinyint::class);

Seems simply enough so I run it and see...

> Type tinyint already exists.

So I assume it's doing some magic loading it based on the directory and commend out the Type::add line to see.

> Type to be overwritten tinyint does not exist.

Are you fucking kidding me?

At this point I figure out it must be running twice. It's booting twice. Do I get a stack trace by default from a CLI command? Of course not because who would ever need that?

I take a quick look at parent::boot(). HttpKernel is the standard for Cli Commands?

I notice it has state, uses a protected booted property but I'm curious why it tries to boot so many times. I assume it's user error.

After some fiddling around I get a stack trace but only one boot. How is it possible?

It's not user error, the program flow of the framework is just sub par and it just calls boot all over the place.

I use the state variable and I have to do it in a weird way...

> $booted = $this->booted;parent::boot();if (!$booted) {doStuffOnceThatDependsOnParentBootage();}

A bit awkward but not life and death. I could probably just return but believe or not the parent is doing some crap if already booted. A common ugly practice but one that works is to usually call doSomething and have something only work around the state.

The thing is, doctrine does use TINYINT for bool and it gets all super confused now running commands like updates. It keeps trying to push changes when nothing changed. I'm building my own schema differential system for another project and it doesn't have these problems out of the box. It's not clever enough to handle ambiguous reverse mappings when single types are defined and it should be possible to match the right one or heck both are fine in this case. I'd expect ambiguity to be a problem with reverse engineer, not compare schema to an exact schema.

This is numpty country. Changing TINYINT UNSIGNED to TINYINT UNSIGNED. IT can't even compare two before and after strings.

There's a few other boots I could use but who cares. The internet seems to want to use that boot function. There's also init stages missing. Believe it or not there's a shutdown and reboot for the kernel. It might not be obvious but the Type::add line wants to go not in the boot method but in the top level scope along with the class definition. The top level scope is run only once.

I think people using OOP frameworks forget that there's a scope outside of the object in PHP. It's not ideal but does the trick given the functionality is confined to static only. The register command appears to have it's own check and noop or simply overwrite if the command is issued twice making things more confusing as it was working with register type before to merely alias a type to an existing type so that it could detect it from SQL when reverse engineering.

I start to wonder if I should just use columnDefinition.

It's this. Constantly on a daily basis using these pretentious stuck up frameworks and libraries.

It's not just the palava which in this case is relatively mild compared to some of the headaches that arise. It's that if you use a framework you expect basic things out of the box like oh I don't know support for the byte/char/tinyint/int8 type and a differential command that's able to compare two strings to see if they're different.

Some people might say you're using it wrong. There is such a thing as a learning curve and this one goes down, learning all the things it can't do. It's cripplesauce.

I've optimised so many things in my time I can't remember most of them.

Most recently, something had to be the equivalent off `"literal" LIKE column` with a million rows to compare. It would take around a second average each literal to lookup for a service that needs to be high load and low latency. This isn't an easy case to optimise, many people would consider it impossible.

It took my a couple of hours to reverse engineer the data and implement a few hundred line implementation that would look it up in 1ms average with the worst possible case being very rare and not too distant from this.

In another case there was a lookup of arbitrary time spans that most people would not bother to cache because the input parameters are too short lived and variable to make a difference. I replaced the 50000+ line application acting as a middle man between the application and database with 500 lines of code that did the look up faster and was able to implement a reasonable caching strategy. This dropped resource consumption by a minimum of factor of ten at least. Misses were cheaper and it was able to cache most cases. It also involved modifying the client library in C to stop it unnecessarily wrapping primitives in objects to the high level language which was causing it to consume excessive amounts of memory when processing huge data streams.

Another system would download a huge data set for every point of sale constantly, then parse and apply it. It had to reflect changes quickly but would download the whole dataset each time containing hundreds of thousands of rows. I whipped up a system so that a single server (barring redundancy) would download it in a loop, parse it using C which was much faster than the traditional interpreted language, then use a custom data differential format, TCP data streaming protocol, binary serialisation and LZMA compression to pipe it down to points of sale. This protocol also used versioning for catchup and differential combination for additional reduction in size. It went from being 30 seconds to a few minutes behind to using able to keep up to with in a second of changes. It was also using so much bandwidth that it would reach the limit on ADSL connections then get throttled. I looked at the traffic stats after and it dropped from dozens of terabytes a month to around a gigabyte or so a month for several hundred machines. The drop in the graphs you'd think all the machines had been turned off as that's what it looked like. It could now happily run over GPRS or 56K.

I was working on a project with a lot of data and noticed these huge tables and horrible queries. The tables were all the results of queries. Someone wrote terrible SQL then to optimise it ran it in the background with all possible variable values then store the results of joins and aggregates into new tables. On top of those tables they wrote more SQL. I wrote some new queries and query generation that wiped out thousands of lines of code immediately and operated on the original tables taking things down from 30GB and rapidly climbing to a couple GB.

Another time a piece of mathematics had to generate all possible permutations and the existing solution was factorial. I worked out how to optimise it to run n*n which believe it or not made the world of difference. Went from hardly handling anything to handling anything thrown at it. It was nice trying to get people to "freeze the system now".

I build my own frontend systems (admittedly rushed) that do what angular/react/vue aim for but with higher (maximum) performance including an in memory data base to back the UI that had layered event driven indexes and could handle referential integrity (overlay on the database only revealing items with valid integrity) or reordering and reposition events very rapidly using a custom AVL tree. You could layer indexes over it (data inheritance) that could be partial and dynamic.

So many times have I optimised things on automatic just cleaning up code normally. Hundreds, thousands of optimisations. It's what makes my clock tick.

Want to make someone's life a misery? Here's how.

Don't base your tech stack on any prior knowledge or what's relevant to the problem.

Instead design it around all the latest trends and badges you want to put on your resume because they're frequent key words on job postings.

Once your data goes in, you'll never get it out again. At best you'll be teased with little crumbs of data but never the whole.

I know, here's a genius idea, instead of putting data into a normal data base then using a cache, lets put it all into the cache and by the way it's a volatile cache.

Here's an idea. For something as simple as a single log lets make it use a queue that goes into a queue that goes into another queue that goes into another queue all of which are black boxes. No rhyme of reason, queues are all the rage.

Have you tried: Lets use a new fangled tangle, trust me it's safe, INSERT BIG NAME HERE uses it.

Finally it all gets flushed down into this subterranean cunt of a sewerage system and good luck getting it all out again. It's like hell except it's all shitty instead of all fiery.

All I want is to export one table, a simple log table with a few GB to CSV or heck whatever generic format it supports, that's it.

So I run the export table to file command and off it goes only less than a minute later for timeout commands to start piling up until it aborts. WTF. So then I set the most obvious timeout setting in the client, no change, then another timeout setting on the client, no change, then i try to put it in the client configuration file, no change, then I set the timeout on the export query, no change, then finally I bump the timeouts in the server config, no change, then I find someone has downloaded it from both tucows and apt, but they're using the tucows version so its real config is in /dev/database.xml (don't even ask). I increase that from seconds to a minute, it's still timing out after a minute.

In the end I have to make my own and this involves working out how to parse non-standard binary formatted data structures. It's the umpteenth time I have had to do this.

These aren't some no name solutions and it really terrifies me. All this is doing is taking some access logs, store them in one place then index by timestamp. These things are all meant to be blazing fast but grep is often faster. How the hell is such a trivial thing turned into a series of one nightmare after another? Things that should take a few minutes take days of screwing around. I don't have access logs any more because I can't access them anymore.

The terror of this isn't that it's so awful, it's that all the little kiddies doing all this jazz for the first time and using all these shit wipe buzzword driven approaches have no fucking clue it's not meant to be this difficult. I'm replacing entire tens of thousands to million line enterprise systems with a few hundred lines of code that's faster, more reliable and better in virtually every measurable way time and time again.

This is constant. It's not one offender, it's not one project, it's not one company, it's not one developer, it's the industry standard. It's all over open source software and all over dev shops. Everything is exponentially becoming more bloated and difficult than it needs to be. I'm seeing people pull up a hundred cloud instances for things that'll be happy at home with a few minutes to a week's optimisation efforts. Queries that are N*N and only take a few minutes to turn to LOG(N) but instead people renting out a fucking off huge ass SQL cluster instead that not only costs gobs of money but takes a ton of time maintaining and configuring which isn't going to be done right either.

I think most people are bullshitting when they say they have impostor syndrome but when the trend in technology is to make every fucking little trivial thing a thousand times more complex than it has to be I can see how they'd feel that way. There's so bloody much you need to do that you don't need to do these days that you either can't get anything done right or the smallest thing takes an age.

I have no idea why some people put up with some of these appliances. If you bought a dish washer that made washing dishes even harder than it was before you'd return it to the store.

Every time I see the terms enterprise, fast, big data, scalable, cloud or anything of the like I bang my head on the table. One of these days I'm going to lose my fucking tits.

When you have a long line like this...

if ($obj->getStupidlyLongNamedThing() + $hard + $harder * $hard / $harder + $obj->getAlsoStupidLongThing([$sillyLongExpression, $thing]) > $obj->omgThisIsInsane());

If you're just going to be lazy and break it up however where where ever so it looks like crap...

if ($a->b()
____&& $a->c());

Then I urge you to do one of two things:

* Shut up your face and turn on word wrap in the IDE rather than manually doing it even worse.
* Break the long parts into variable assignments or something.
* (or get a wider screen)

Example:

$a = $obj->getStupidlyLongNamedThing();
$b = $hard + $harder * $hard / $harder;
$c = [$sillyLongExpression, $thing];
$d = $obj->getAlsoStupidLongThing($c);
$e = $obj->omgThisIsInsane();

if ($a + $b + $d > $d);

With sensible variable names.

line 8426345 col 4575 Expected an identifier and instead saw 'catch' (a reserved word).

Now all my promises be:

deleteUser()['catch'](() => {});

Fucking mobile single player online games.

So there I am, sitting on the tube, being passed around London like a unit of sweet corn taking a ride on the mud salad that decorates the interior of the common worm.

Game can't boot. Sorry, You paid but it wont start until you pay with your personal data we're trying to upload first things first.

One day some psychopath who sees what they're up to is going to find out where they live and then there will be no where that they live.

On another note. This is devrant. Vent, be angry, let it out.

It's turning into some pathetic joke.

Stop pussy footing around you bunch of pussyholes.

Have a shout, have a bout, have a laugh none of us nerds have ever had a bath because none of it is real, it's just a nerfed/gussied up forum you waste of cum.

WHEN YOU DON'T FIND YOUR LIMITS, YOUR LIMITS WILL FIND YOU!

I'm shitting there hammering out some code butchering some real problems when I suddenly realise I'm surrounded. I look around and yes it's the bloody committee.

The committee is what I call the rest of the department and it is dominated by the old guard which comprises of the programmers that have been around for longer.

None of the old guard can program particularly well but because they had been around the longest they'd all grown senior. The committee had free reign but anyone else doing anything differently has to get approval from the committee.

The only way to code otherwise was to copy and paste existing code then to primarily rename things. If anyone did anything that hadn't been seen before then it would have to be approved by the committee. Individual action was not permitted unless you were old guard.

I swept my headphones away expecting it to be something unimportant. It was.

First things first they announce. We're going to add extraneous commas to the last element of all possible lists separated by comma including parameters or so they say. Ask but why so I do.

Because the language now supports it. They added support for it so it must be the right way someone proclaimed. Does it? I didn't realise we were waiting for it. Why do we want it though?

Didn't you hear? It's all over the blogosphere. It massively improves merge requests. But how I ask?

Five minutes later I grow tired of the chin stroking, elbow harnessing, slanted gazes into the yonder and occasionally hearing maybe its because and ask if they mean when you for example add an element the last element registers as changed from adding a comma. Turns out that's all it is.

How often do we see that tiny distraction and isn't it pointless to make the code ugly just for a tiny transient reduction in diff noise I ask. Everyone's stumped. This went on and on and got worse and worse. But it makes moving things around easy half of them say in unison like the bunch of slobs that they are. I mean really. It doesn't make expanding and contracting statements from multiline to single line easy and it's such a stupid thing. Is that all they do all day? Move multi-line method parameters up and down all day? If their coding conventions weren't totally whack they wouldn't have so many multiline method prototypes with stupid amounts of parameters with stupidly long types and names. They all use the same smart IDE which can also surely handle fixing the last comma and why is that even a concern given all the other outrageously verbose and excessive conventions for readability?

But you know what, who cares, fine, whatever. Lets put commas all over the shop and then we can all go to the pub and woo the ladies with how cool and trendy we are up to date with all the latest trends and fashions then we go home with ten babes hanging off each arm and get so laid we have to take a sick day the following to go to the STD clinic. Make way for we are conformists.

But then someone had to do it. They had to bring up PSR. Yes, another braindead committee that produces stupid decisions. Should brackets be same line or next line, I know, lets do both they decided. Now we have to do PSR and aren't allowed to use sensible conventions.

But why, I ask after explaining it's actually quite useful as a set of documents we can plagiarise as a starting point but then modify but no, we have to do exactly what PSR says. We're all too stupid apparently you see. Apparently we're not on their level. We're mere mortals. The reason or so I'm told, is so that anyone can come in and is they know PSR coding styles be able to read and write the code. That's not how it works. If you can't adjust to a different style, a more consistent style, that's not massively bizarre or atypical but rather with only minor differences from standard styles, you're useless. That's not even an argument, it's a confession that you've got a lump of coal where your brain's supposed to be.

Through all of this I don't really care because I long ago just made my own code generators or transpilers that work two ways and switch things between my shit and their shit but share my wisdom anyway because I'm a greedy scumbag like that.

Where the shit really hit the fan is that I pointed out that PSR style guide doesn't answer all questions nor covers all cases so what do we do then. If it's not in PSR? Then we're fucked.

Fuck the EU.

Their privacy laws fucking suck and don't even get me started on their braindead cookie law.

I think we should be able to make laws for them and not just them making laws for us.

First order of business is that by law all EU bureaucrats must have "I'm a fucking moron, punch me in the face to accept." tattooed to their foreheads in large bold letters with the rest of their face in intricate detail tattooed explaining what a fucking moron is so to educate their subjects.

I JUST WANT TO FUCKING EXCLUDE A DIRECTORY....

I run the code cleaner tool, OH CHRIST it's trying to sanitise the automatically generated code, I don't want this.

I try to exclude... takes ages to work out that while specifying the dirs is absolute you can only exclude relative but from what? I want to block a/b but not a/c/b but no it's all you can only block all b b it a/b, b/b, c/b, c/b, a/c/b, etc.

I google for other solutions, nothing but trash, docs a trash, here's some examples but we don't tell you the actual behaviour. All I want is to get everything in /home/hilldog/emails but not /home/hilldog/emails/topsekret how hard can it be?

I use the source but what's this, BeefJerkyIteratorIteratorBananaSpliterator all over the shop how much convolution and LOC does it take to provide a basic find facility?

Screw this...

$finder->in(explode("\n",trim(exec('find '.escape_args(...$good).' -type d ' . implode('
-o ', prefix('\! -wholename', escape_args(..$bad))) . ' -etc | grep -vETC \'pretty_patterns\''))))

OOP ze daisy