Joined devRant on 2/13/2018
Do all the things like ++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatarSign Up
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple APILearn More
[Rust] What are alternatives to argument drilling for something like a string interner which is technically a memory leak so it really shouldn't be global but at the same time all but a couple top level functions depend on its existence? I'm aware of context objects and that's all ChatGPT could give me as well, but I'm wondering if there's more to this problem than that.1
My job quickly went down the shitter. A mass exodus happened, with half of top talent leaving, and the other half let go. The gig started out great, and offered me the growth I needed at the time, but sadly, life changes and moves on.
Determined to leave amicably on my own terms, I started looking elsewhere about a month ago.
I got an offer today! It's a perm position to offer stability to my fam, but with a consulting firm, so I'm excited for the relatively consistent change of pace with projects, technologies and clients. After spending years on end working on good projects that fizzled out and never saw the light of day, I'm longing to have my code released to the wild! (Not counting various patches and bug fixes)
Wish me luck!3
I'm fixing a security exploit, and it's a goddamn mountain of fuckups.
First, some idiot (read: the legendary dev himself) decided to use a gem to do some basic fucking searching instead of writing a simple fucking query.
Second, security ... didn't just drop the ball, they shit on it and flushed it down the toilet. The gem in question allows users to search by FUCKING EVERYTHING on EVERY FUCKING TABLE IN THE DB using really nice tools, actually, that let you do fancy things like traverse all the internal associations to find the users table, then list all users whose password reset hashes begin with "a" then "ab" then "abc" ... Want to steal an account? Hell, want to automate stealing all accounts? Only takes a few hundred requests apiece! Oooh, there's CC data, too, and its encryption keys!
Third, the gem does actually allow whitelisting associations, methods, etc. but ... well, the documentation actually recommends against it for whatever fucking reason, and that whitelisting is about as fine-grained as a club. You wanna restrict it to accessing the "name" column, but it needs to access both the "site" and "user" tables? Cool, users can now access site.name AND user.name... which is PII and totally leads to hefty fines. Thanks!
Fourth. If the gem can't access something thanks to the whitelist, it doesn't catch the exception and give you a useful error message or anything, no way. It just throws NoMethodErrors because fuck you. Good luck figuring out what they mean, especially if you have no idea you're even using the fucking thing.
Fifth. Thanks to the follower mentality prevalent in this hellhole, this shit is now used in a lot of places (and all indirectly!) so there's no searching for uses. Once I banhammer everything... well, loads of shit is going to break, and I won't have a fucking clue where because very few of these brainless sheep write decent test coverage (or even fucking write view tests), so I'll be doing tons of manual fucking testing. Oh, and I only have a week to finish everything, because fucking of course.
So, in summary. The stupid and lazy (and legendary!) dev fucked up. The stupid gem's author fucked up, and kept fucking up. The stupid devs followed the first fuckup's lead and repeated his fuck up, and fucked up on their own some more. It's fuckups all the fucking way down.19
Friday 13th. Superstition.
0655, got WFH laptop going. 0700, VPN'ed in. Bluescreen, first in ages. Yes, Windows, the hatred is mutual. Rebooted. Windows claimed memory fault, offered check, 40 minutes. Noped out. Started machine. VPN'ed in. Some strange script error that I'd never seen before. Rebooted. Script error again. Shut down machine, then rebooted, same problem. 0715, fuck, still wearing sweaters, my e-scooter not charged, and an important Teams call at 0800.
Got dressed, stuffed laptop into backpack, hurried up by foot. Took the bus. Fuck, the next connection on the change station just had gone off. Took a taxi to make it. Arrived at the company, plugged in the laptop, started with no issues. Had the important call.
Took the laptop to IT. Tested it with external network connection and VPN. Worked with no script error. Had it checked for RAM issues. No issue. WTF had happened in the morning?!5
$work: Ey @Root, make this super simple thing.
$work: No, not like that.
$work: It also needs to do A, B, and C.
$work: No, not there. You should build it somewhere else, but I won't tell you where.
$work: You need to build out F and G, too.
$work: What do you mean you don't have the data? Just ask support drone #3. (who directs me to #2, and that one to #8 who doesn't know, and that one to #12 who won't answer)
$work: Why can't I do K, Y, or S? You should be able to infer these from the mind of whoever wrote the ticket by its wording, despite no mention of them whatsoever.
$work: Are you done yet? It's a super simple ask!7
(Forgot to post this a few days ago. Was just too tired.)
Finally finished the code review from hell.
The patch on top of the PR is +1448 -1114, and nearly all of it is rearchitecting, not moving.
I think I spent six days on it, 4-5 productive hours a day? Seems like a lot. This codebase is a bitch to work in.
@Root has a code review.
CR comment: “Why would you do it this way? It’s awful. Clean it up!”
Totally fair. I had copied the legendary dev’s code, and it was ick. Cleaning it was easy and enjoyable. I cleaned the source, too.
CR comment: “Why would you touch this? It’s outside the scope of the ticket. You could get it working without changing all this.”
CR comment: “The interfaces don’t match. Now it’s confusing, and that makes it harder to maintain.”
We had to review a design document written by our partners, and have it approved by end of Dec.
While I was reading it, I noticed that we committed to a module I wasn't familiar with. I asked the other two lab mates, and they had a surprised Pikachu face.
So we called the boss to discuss this. And it dawned on him that we committed to a task that was assigned 20 months of work, but nobody started working on it. And considering Holidays and other commitments, we had like 3 months to do it from scratch and deliver.
My advisor panicked, and his first response was to assign this task to me.
I politely declined, and after digging in my email box, found that he actually assigned the task to someone else. So I showed it to him.
Thinking I would save him after he treated me badly for nearly 2 years was hilarious. For a better manager, I would have definitely agreed to assist. But as it is now? I'll be eating cookies while I'm watching the project burn.13
The nightmare continues.
Currently dealing with a code review from a “principal” dev (one step above senior), who is unironically called a “legendary dev” by some coworkers. It’s painfully obvious he didn’t read the code, and just started complaining and nitpicking.
It’s full of requests to do things that make absolutely no sense, and would make the code an unmaintainable mess.
• Ex: moving the logic and data collection from the module’s many callers into the module instead of just passing in the data.
• Ex: hiding api endpoint declarations by placing them in the module itself, and using magic instance variables to pass data to it. Basically: using global functions and variables instead of explicit declarations and calls.
• Ex: moving the logic to determine which api endpoint to use, for all callers, into the view.
More comments about methods being “too complex” (barely holds water) right next to comments saying “why are these separate? merge them together!”
Incredulously asking how many times I’m checking permissions and how ridiculous it all is. (The answer? Twice.)
Conflating my “permissions” param and method names with a supposedly forthcoming permissions system overhaul, and saying I shouldn’t use permissions because my code will all have to get rewritten. Even if that were true, and it’s likely not, the ticket still needs to use the current permissions. I can’t just ignore them because they might be rewritten someday.
Requests to revert some code cleanup because the reviewer thought the previous heavily-nested and uncommented versions (with code duplication) were easier to read. Unsurprisingly, he wrote them.
On the same ticket, my boss wants me to remove all styling and clientside validation, debouncing, and error messages from a form. Says “success” and “connection failed” messages are good enough. The form in question sends SMS and email using arbitrary user input for addresses. He also says it shouldn’t be denounced on the server, and doesn’t want me to bother checking permissions. Hello, spam!
Related: the legendary dev reviewer says he can’t think of a reason why we would want to disable the feature for consumers, so I should remove the consumer feature flag.
You can’t make this stuff up.9
I got two lines of code done today, and they were just changing numeric defines. Time to do that: 2 seconds.
Time for analysing the measurement data of various runs in order to know which numbers will work out: the rest of the day.6
Week 278: Most rage-inducing work experience — I’ve got a list saved! At least from the current circle of hell. I might post a few more under this tag later…
TicketA: Do this in locations a-e.
TicketB: Do this in locations e-h.
TicketC: Do this in locations i-k.
Root: There’s actually a-x, but okay. They’re all done.
Product: You didn’t address location e in ticket B! We can’t trust you to do your tickets right. Did you even test this?
Root: Did you check TicketA? It’s in TicketA.
Product guy: It was called out in TicketB! How did you miss it?!
Product guy: (Refuses to respond or speak to me, quite literally ever again.)
Product guy to everyone in private: Don’t trust Root. Don’t give her any tickets.
Product manager to boss: Root doesn’t complete her tickets! We can’t trust her. Don’t give her our tickets.
Product manager to TC: We can’t trust Root. Don’t give her our tickets.
TC: Nobody can trust you! Not even the execs! You need to rebuild your reputation.
Root: Asks coworker a simple question.
Root: Asks again.
Root: nudges them.
Root: Asks again.
Coworker: I’ll respond before tomorrow. (And doesn’t.)
Root: Asks again.
Root: Fine. I’ll figure it out in my own.
TC: Stop making it sound like you don’t have any support from the team!
Root: Asks four people about <feature> they all built.
Root: Okay, I’ll figure it out on my own.
TC: Stop making it sound like you don’t have any support from the team!
Root: Mentions multiple meetings to discuss ticket with <Person>.
TC: You called <Person> stupid and useless in front of the whole team! Go apologize!
Root: Tells TC something. Asks a simple question.
Root: Tells TC the same thing. Asks again.
TC: (No response for days.)
TC: Tells me the exact same thing publicly like it’s a revelation and I’m stupid for not knowing.
TC: You don’t communicate well!
Root: Asks who the end user of my ticket is.
Root: Asks Boss.
Root: Asks TC.
Root: Fine, I’ll build it for both.
Root: Asks again in PR.
TC: Derides; doesn’t answer.
Root: Asks again, clearly, with explanation.
TC: Copypastes the derision, still doesn’t answer.
Root: Asks boss.
Boss: Doesn’t answer.
Boss: You need to work on your communication skills.
Root: Mentions asking question about blocker to <Person> and not hearing back. Mentions following up later.
<Person>: Gets offended. Refuses to respond for weeks thereafter.
Root: Hey boss, there’s a ticket for a minor prod issue. Is that higher priority than my current ticket?
Root: Hey, should I switch tickets?
Root: … Okay, I’ll just keep on my current one.
Boss: You need to work on your priorities.
Everyone: (Endless circlejerking and drama and tattling)7
001 REM Code review
010 PRINT "Nitpick nitpick nitpick nitpick nitpick"
011 GOSUB REFACTOR
020 PRINT "This function is too complicated, break it up"
021 GOSUB REFACTOR
030 PRINT "Why do you have three methods for this? Put all the logic in one method."
031 GOSUB REFACTOR
040 GOTO 020
041 REM ARGH
998 PRINT "Looks good."
My third paper got accepted, doing localization with this cute baby in the picture. Had a lot of fun collaborating with a good friend of mine from ETH.
My advisor declines every request I have, and then ignores me most of the time. No wonder the motivation in the lab is lower than the Dead Sea.
I have no words to describe how much I hate every second of my existence, but simultaneously I refuse to change my toxic circumstances so I have only myself to blame. Cheers.17
Trash, trash, trash.
Who the fuck writes this shit?
Who the fuck lets these trash should-be-junior devs roll their own crypto? and then approves it?
The garbage heap of a feature (signing for all apis) doesn't follow Ruby standards, doesn't follow codebase conventions, has `// this is bridge` style comments (and no documentation), and it requires consumer devs to do unnecessary work to integrate it, and on top of all this: it leaks end-user data. on all apis. in plaintext.
Had QA call my "simple, quick" ticket a "monster ticket" in front of everyone. Hear it and weep, micromanager!
Also had them tell me i thought of everything, it was beautiful, and that i have a knack for frontend :)8
Yo I heard you like compiling C/Cpp so we make you compile and link each individual file so you need a makefile for compiling everything. But that shit still gets to annoying to maintain so you make the make files with cmake. Just so you can compile a library basically at all.
And dont get me started on autoconf and random configure scripts you have to run before you actually configure shit.
Can we make compiling a regualr program any more difficult so that we need a whole ass A4 page of documentation just to end up with a binary of something?15
Windows 10 had one groundbreaking UI innovation, but no one adopted it and even Windows 11 discareded this revolutionary idea:
BUTTONS NEXT TO EACH OTHER AND AT THE EDGE OF A BOX DON"T NEED AN ADDITIONAL MARGIN
Windows 10 was the first and last OS where I never accidentally clicked right next to the X on a window, in a passive area that had no other purpose so it might as well have belonged to that motherfucking button.
I passionately hate this trend, adopted nowadays by every OS, that everything needs to be rounded, separated from the things around it, and "allowed to breathe". They don't breathe. They're not alive. They're fucking UI elements and the space between them is unused, lost space.
The only interaction a button has with its surroundings is that it pushes other content away to make room for itself and responds to the cursor. It doesn't wiggle, it doesn't grow and shrink, and it ESPECIALLY doesn't fucking breathe. Please, just let me click the motherfucking button.
Relatedly, do you know of a good, preferably bluish dark GTK theme that provides window decorations that stretch the full height of the titlebar and are laid out next to each other at the very end of the bar without gaps?8
#Suphle Rant 3: Road to PHP8, Flow travails
Some primer: Flows is a feature that causes the framework to bypass handling the request now but read it from cache. This cache entry is meant to be populated without warming, based on the preceding request. It's sort of like prefetching but done on the back end
While building Suphle, I made some notes on some chapters about caveats and gotchas I may forget while documenting. One such note was that when users make the Flow request, the framework will attempt to determine who user is, using authentication mechanism defined on the first module (of the modular monolith)
Now, I got to this point during documentation and started wondering whether it's impossible for the originating request to have used a different authentication mechanism, which would result in an empty entry for returning user. I *think* it's possible cuz I've got something else called "route mirroring", where web based routes can be converted to API routes. They'll then return JSON, get served under defined API path, use JWT, all automatically. But I just couldn't connect the dots for the life of me, regarding how any of this could impact authentication on the Flow request
While trying to figure out how to write the test for this or whether it was even necessary (since I had no use case), it struck me that since Flow requests are not triggered by an actual user, any code attempting to read authenticated user will see nothing!
I HATE it when I realize there's ambiguity or an oversight, after the amount of attention and suffering devoted. This, along with a chain of personal troubles set off despondency for a couple of days. No appetite for food or talk. Grudgingly refactored in this update over some days. Wrote some tests, not all passed. More pain. May have to convert them to unit tests
For clarity, my expectation is, I built this. Nothing should be impossible for me
Surprisingly, I caught a somewhat lucky break –an ex colleague referred me to the 1st gig I'm getting in 1+ year. It's about writing a plugin for some obscure forum software. I'm not too excited cuz it's poorly documented and I'll have to do a lot of groping, they use arrays instead of objects etc. There's no guarantee I'll find how to implement all client's requirements
While brooding last night, surfing the PHP subreddit, stumbled on a post about using Rector to downgrade a codebase. I've always been interested in the reverse but didn't have any incentive to fret over it. Randomly googled and saw a post promising a codebase can be upgraded with 3 commands in 5 minutes to PHP 8. Piqued my interest around 12:something AM. Stayed up all night upgrading it, replacing PHPSTAN with Psalm, initializing the guy's project, merging Flow auth with master etc. I think it may have taken 5 minutes without the challenge of getting local dev environment to PHP 8
My mood is much lighter than it was, although the battle is not won yet –image tests are failing. For some weird reason, PHP8 can't read generated test images. Hope I can ride on that newfound lease on life to study the forum and get the features working
I have some other rant but this is already a lot to digest in one sitting. See you in rant #4
My company’s code base is so messy that the dev branch and master branch is so buggy. But they put the blame on me as usual.
I use git blame, I wasn’t the author .7
Spent an hour and a half renaming a method everywhere in a project from `feature_name` to `feature_name!`. There are a lot of constants, symbols, and other methods that use "feature_name" as a prefix (plus comments and spec descriptions), so was a little more difficult than normal.
Should have taken like 5 minutes with a proper IDE refactor tool. but noo, it was too difficult for RubyMine. wah wah wah. Stupid thing. Not even the search tool was useful -- it's limited to 100 results, and there were around 250 for that substring.
I ended up having to run specs repeatedly to find all the remaining instances, which took freaking forever. blahhh20
It's nice that more and more languages are introducing async/await syntax, but by the example of Rust in particular I'm starting to wonder why we don't instead introduce this syntax for monads in general?
We could have a keyword (say, `bind`) which unwraps a value from any monad provided that the return value of the function is wrapped in the same monad. The ? operator does something a little similar, and I'll be intrigued whether it can actually be implemented for monads other than Result and Option once GATs are stabilized. In particular in the case of Rust, it would be possible to create a reference counting monad for heap-bound management of objects derived from references.9
So I got an assignment for literature class to make and present some sort of creative project about transcendentalism. Time suggestion: 2-3 hours of work. 10 hours later, I have a videogame with 0 polish that I can convice the professor is about transcendentalism. I regret nothing.1
Hey. This code look broken. What should I do?
It isn't broken. It's doing what it's supposed to.
Well, it's hard to follow, but it certainly doesn't look right. And it isn't doing what I expect. Also, why is it calling method(a_class1_or_class2) with a class3?
It isn't hard to follow, and it works just fine. Let me show you. ... huh. looks like it isn't right. and there's a comment here saying the calls aren't clear. but it works just fine. Just copy it over and do it the same way.
I already did that. and it isn't working.
What are you talking about? Of course it works fine. Did you check your code?
Really, dude? It doesn't work fine. but, guess what? It works fine* when I change it to call that method with a class2 like it asks for. (Surprise!) But I can't tell him that. Nope. Bossmang get offended. Still won't admit I was right about anything, either.
Ahh... the continual joy of working with (and for) trash.
* well, more fine; the rest of the feature is still wrong. but nope, i'm not allowed to fix it. because why would they want anything to work properly? Already-accepted wrong behavior is good enough. Can't clean up the code, either, because that "muddies the waters." Bitch, I couldn't see the bottom of this sewer if it was half an inch deep! Which is more important: the last contributor entry beside the code, or that code being readable and maintainable? or it, you know, working?
need to scoot.8
Ticket: Add <feature> to <thing>. It works in <other things> so just copy it over. Easy.
Thing: tangled, over-complicated mess.
Feature: tangled and broken, and winds much too deep to refactor. Gets an almost-right answer by doing lots of things that shouldn't work but somehow manage to.
I write a quick patch that avoids the decent into madness and duplicates the broken behavior in a simple way for consistency and ease of fixing later. I inform my boss of my findings and push the code.
He gets angry and mildly chews me out for it. During the code review, he calls my patch naive, and says the original feature is obviously not broken or convoluted. During the course of proving me wrong, he has trouble following it, and eventually finds out that it really is broken -- and refuses to admit i was right about any of it. I'm still in trouble for taking too long, doing it naively, and not doing it correctly.
He schedules a meeting with product to see if we should do it correctly. He tells product to say no. Product says no. He then tells me to duplicate the broken behavior. ... which I already did.
At this point I'm in trouble for:
1) Taking too long copying a simple feature over.
2) Showing said feature is not simple, but convoluted and broken.
3) Reimplementing the broken feature in a simpler way.
4) Not making my new implementation correct despite it not working anywhere else, and despite how that would be inconsistent.
Did everything right, still in the wrong.
Also, they decided I'm not allowed to fix the original, that it should stay broken, and that I should make sure it's broken here, too.
You just have to admire the sound reasoning and mutual respect on display. Best in class.19
"Root, go fix this bug. It'll take you two days."
The "bug" is a feature that was never implemented for one particular payment type.
The code in question is two years old, full of typos, smells, junior-isms, and is convoluted AF. The feature's commit touched 190 files and implemented many other features as well. Thus far, I have been unable to narrow down where this particular feature's code lives for the other payment types, nor which code or payment paths lead to it. Burned out, I can barely focus on the screen, let alone follow its many twisting and dynamically-inferred paths. I hint as to the ticket's scavenger hunt nature during standup.
"But I wrote comments on the ticket telling you exactly where to look to fix it," Thundercunt admonishes in front of the team.
"Sure, you did," Root replies. "You reworded what the original dev had said in the comments 20 minutes prior, and agreed with him. His comments were helpful, but it doesn't tell me how any of it works," she continues.
TC scoffs and closes the meeting.
Root stares blankly, seeing neither code nor screen, questions her life decisions, and recalls the previous tickets she has worked on: nearly every one of them busywork, fixing other people's bugs. Bugs she never could have gotten away with if she tried.
"Why do I put up with this?" She asks. "They don't care, and it's killing me."
But the bills remain, and so must she.
"Fuck my life" she finally decides.20
$work is migrating to a new HR performance review service (15five). Instead of a private (ish) review once a quarter, it'll be public (and uneditable) reviews due every friday. Better make sure that review is perfect.
also, praising a coworker is required.