Joined devRant on 7/19/2020
Do all the things like ++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatarSign Up
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple APILearn More
I would not say my company (at least as a rookie dev as me) is "willing" to neglect rigor and discipline.
maybe I did not give enough context, basically my team is API team which focus on the business logic implementation via our code, there is a separate team handling the security check work, however, things got lost and messed up during many times of product ownership transfer / reorg, our team are expected to provide some extra security check for specific endpoints besides the existing check (due to some fresh new hacker tech), it is kind of breaking change for the users who already integrated with us.
it is just a example how we should design the system well so we don't have those historical debt, the designer of the architecture was good at that time, but he was not able to know how the industry or technology changes, what new requirements comes, that is what I mean by "hard".
I am also working in a team which provide RESTful API services, we keep finding the history issues due to the bad design before, I would say it it something very hard to avoid as the product evolve.
Recently thinking about a new side project to build some framework to handle the security check issue, but one thing is, we cannot mess the existing integration so the framework must has some whitelist and it is not able to be perfect