CodeSOD: Contains Some Bad Choices
While I'm not hugely fond of ORMs (I'd argue that relations and objects don't map neatly to each other, and any ORM is going to be a very leaky abstraction for all but trivial cases), that's not because I love writing SQL. I'm a big fan of query-builder tools; describe your query programatically, and have an API that generates the required SQL as a result. This cuts down on developer error, and also hopefully handles all the weird little dialects that every database has.
For example, did you know Postgres has an @> operator? It's a contains operation, which returns true if an array, range, or JSON dictionary contains your search term. Basically, an advanced "in" operation.
Gretchen's team is using the Knex library, which doesn't have a built-in method for constructing those kinds of queries. But that's fine, because it does offer a whereRaw method, which allows you to supply raw SQL. The nice thing about this is that you can still parameterize your query, and Knex will handle all the fun things, like transforming an array into a string.
Or you could just not use that, and write the code yourself:
exports.buildArrayString = jsArray => { // postgres has some different array syntax // [1,2] => '{1,2}' let arrayString = '{'; for(let i = 0; i < jsArray.length; i++) { arrayString += jsArray[i]; if(i + 1 < jsArray.length) { arrayString += ',' } } arrayString += '}'; return arrayString; }There's the string munging we know and love. This constructs a Postgres array, which is wrapped in curly braces.
Also, little pro-tip for generating comma separated code, and this is just a real tiny optimization: before the loop append item zero, start the loop with item 1, and then you can unconditionally prepend a comma, removing any conditional logic from your loop. That's not a WTF, but I've seen so much otherwise good code make that mistake I figured I'd bring it up.
exports.buildArrayContainsQuery = (key, values) => { // TODO: do we need to do input safety checks here? // console.log("buildArrayContainsQuery"); // build the postgres 'contains' query to compare arrays // ex: to fetch files by the list of tags //WORKS: //select * from files where _tags @> '{2}'; //query.whereRaw('_tags @> ?', '{2}') let returnQueryParams = []; returnQueryParams.push(`${key} @> ?`); returnQueryParams.push(exports.buildArrayString(values)); // console.log(returnQueryParams); return returnQueryParams; }And here's where it's used. "do we need input safety checks here?" is never a comment I like to see as a TODO. That said, because we are still using Knex's parameter handling, I'd hope it handles escaping correctly so that the answer to this question is "no". If the answer is "yes" for some reason, I'd stop using this library!
That said, all of this code becomes superfluous, especially when you read the comments in this function. I could just directly run query.whereRaw('_tags @> ?', myArray); I don't need to munge the string myself. I don't need to write a function which returns an array of parameters that I have to split back up to pass to the query I want to call.
Here's the worst part of all of this: these functions exist in a file called sqlUtils.js, which is just a pile of badly re-invented wheels, and the only thing they have in common is that they're vaguely related to database operations.
.comment {border: none; }CodeSOD: Waiting for October
Arguably, the worst moment for date times was the shift from Julian to Gregorian calendars. The upgrade took a long time, too, as some countries were using the Julian calendar over 300 years from the official changeover, famously featured in the likely aprochryphal story about Russia arriving late for the Olympics.
At least that change didn't involve adding any extra months, unlike some of the Julian reforms, which involved adding multiple "intercalary months" to get the year back in sync after missing a pile of leap years.
Speaking of adding months, Will J sends us this "calendar" enum:
enum Calendar { April = 0, August = 1, December = 2, February = 3, Friday = 4, January = 5, July = 6, June = 7, March = 8, May = 9, Monday = 10, November = 11, October = 12, PublicHoliday = 13, Saturday = 14, Sunday = 15, September = 16, Thursday = 17, Tuesday = 18, Wednesday = 19 }Honestly, the weather in PublicHoliday is usually a bit too cold for my tastes. A little later into the spring, like Saturday, is usually a nicer month.
Will offers the hypothesis that some clever developer was trying to optimize compile times: obviously, emitting code for one enum has to be more efficient than emitting code for many enums. I think it more likely that someone just wanted to shove all the calendar stuff into one bucket.
Will further adds:
One of my colleagues points out that the only thing wrong with this enum is that September should be before Sunday.
Yes, arguably, since this enum clearly was meant to be sorted in alphabetical order, but that raises the question of: should it really?
CodeSOD: C+=0.25
A good C programmer can write C in any language, especially C++. A bad C programmer can do the same, and a bad C programmer will do all sorts of terrifying things in the process.
Gaetan works with a terrible C programmer.
Let's say, for example, you wanted to see if an index existed in an array, and return its value- or return a sentinel value. What you definitely shouldn't do is this:
double Module::GetModuleOutput(int numero) { double MAX = 1e+255 ; if (this->s.sorties+numero ) return this->s.sorties[numero]; else return MAX ; }sorties is an array. In C, you may frequently do some pointer arithmetic operations, which is why sorties+numero is a valid operation. If we want to be pedantic, *(my_array+my_index) is the same thing as my_array[my_index]. Which, it's worth noting, both of those operations de-reference an array, which means you better hope that you haven't read off the end of the array.
Which is what I suspect their if statement is trying to check against. They're ensuring that this->s.sorties+numero is not a non-zero/false value. Which, if s.sorties is uninitialized and numero is zero, that check will work. Otherwise, that check is useless and does nothing to ensure you haven't read off the end of the array.
Which, Gaetan confirms. This code works "because in practice, GetModuleOutput is called for numero == 0 first. It never de-references off the end of the array, not because of defensive programming, but because it just never comes up in actual execution.
Regardless, if everything is null, we return 1e+255, which is not a meaningful value, and should be treated like a sentinel for "no real value". None of the calling code does that, however, but also, it turns out not to matter.
This pattern is used everywhere there is arrays, except the handful of places where this pattern is not used.
Then there's this one:
if(nb_type_intervalle<1) { } else if((tab_intervalle=(double*)malloc(nb_lignes_trouvees*nb_type_intervalle*2 \ *sizeof(double)))==NULL) return(ERREUR_MALLOC);First, I can't say I love the condition here. It's confusing to have an empty if clause. if (nb_type_intervalle>=1) strikes me as more readable.
But readability is boring. If we're in the else clause, we attempt a malloc. While using malloc in C++ isn't automatically wrong, it probably is. C++ has its own allocation methods that are better at handling things like sizes of datatypes. This code allocates memory for a large pile of doubles, and stores a pointer to that memory in tab_intervalle. We do all this inside of an if statement, so we can then check that the resulting pointer is not NULL; if it is, the malloc failed and we return an error code.
The most frustrating thing about this code is that it works. It's not going to blow up in surprising ways. I never love doing the "assignment and check" all in one statement, but I've seen it enough times that I'd have to admit it's idiomatic- to C style programming. But that bit of code golf coupled with the pointlessly inverted condition that puts our main logic in the else just grates against me.
Again, that pattern of the inverted conditional and the assignment and check is used everywhere in the code.
Gaetan leaves us with the following:
Not a world-class WTF. The code works, but is a pain in the ass to inspect and document
In some ways, that's the worst situation to be in: it's not bad enough to require real work to fix it, but it's bad enough to be frustrating at every turn.
Error'd: Cruel Brittanica
"No browser is the best browser," opines Michael R. sarcastically as per usual for tdwtf. "Thank you for suggesting a browser. FWIW: neither latest Chrome, Safari, Firefox, Opera work. Maybe I should undust my Netscape."
An anonymous dessert lover ruminates "The icing on the cake is that it's for HR where names can be quite important. Just goes to show that not even SAP can do SAP."
Another anonymous dessert lover (because honestly, who isn't) cheers "2024 is back again."
Thrice capitalled B.J.H. capitulates. "I guess I'm not cleared to know what topic I subscribed to."
Jeopardy fan Jeremy P. digs a quick quiz.
It's from Britannica.com. I thought "TV remote control" because it would effectively turn off the TV. The correct answer is toaster.
To understand what went wrong, the previous correct answer was "blunderbuss".
Apparently this is a test for clairvoyance, which will have come in handy.For a bonus buzz, Jeremy sent in another.
This time it's "guess the novel from the picture". There was a subtle clue in this one.
You're a monster, Jeremy.
CodeSOD: Consistently Transactional
It's always good to think through how any given database operation behaves inside of a transaction. For example, Faroguy inherited a Ruby codebase which was mostly db.execute("SOME SQL") without any transactions at all. This caused all sorts of problems with half-finished operations polluting the database.
Imagine Faroguy's excitement upon discovering a function called db_trans getting called in a few places. Well, one place, but that's better than none at all. This clearly must mean that at least one operation was running inside of a transaction, right?
def self.db_trans(db,stmt) db.execute(stmt) end # self.db_transOh.
.comment { border: none } [Advertisement] Picking up NuGet is easy. Getting good at it takes time. Download our guide to learn the best practice of NuGet for the Enterprise.CodeSOD: Cover Up
Goodhart's Law states that when a measure becomes a target, it ceases to be a good measure. Or, more to the point: you get what you measure.
If, for example, you measure code coverage, you are going to get code coverage. It doesn't mean the tests will be any good, it just means that you'll write tests that exercise different blocks of code.
For example, Capybara James sends us this unit test:
@MockitoSettings class CentralizedLoggerTest { @InjectMocks private CentralizedLogger centralizedLogger; @Test void logAround() throws Throwable { centralizedLogger = new CentralizedLogger(); MethodSignature signature = mock(MethodSignature.class); ProceedingJoinPoint joinPoint = mock(ProceedingJoinPoint.class); when(joinPoint.getSignature()).thenReturn(signature); centralizedLogger.logAround(joinPoint); Assertions.assertTrue(true); } }It doesn't really matter what the mocks are, or what gets instantiated, or honestly, anything that's happening here. The assertion is the beginning and ending.
James writes:
The only requirement was sonar coverage to push the code to production. There is no other purpose.
One Version of Events
Jon supports some software that's been around long enough that the first versions of the software ran on, and I quote, "homegrown OS". They've long since migrated to Linux, and in the process much of their software remained the same. Many of the libraries that make up their application haven't been touched in decades. Because of this, they don't really think too much about how they version libraries; when they deploy they always deploy the file as mylib.so.1.0. Their RPM post-install scriptlet does an ldconfig after each deployment to get the symlinks updated.
For those not deep into Linux library management, a brief translation: shared libraries in Linux are .so files. ldconfig is a library manager, which finds the "correct" versions of the libraries you have installed and creates symbolic links to standard locations, so that applications which depend on those libraries can load them.
In any case, Jon's team's solution worked until it didn't. They deployed a new version of the software, yum reported success, but the associated services refused to start. This was bad, because this happened in production. It didn't happen in test. They couldn't replicate it anywhere else, actually. So they built a new version of one of the impacted libraries, one with debug symbols enabled, and copied that over. They manually updated the symlinks, instead of using ldconfig, and launched the service.
The good news: it worked.
The bad news: it worked, but the only difference was that the library was built with debug symbols. The functionality was exactly the same.
Well, that was the only difference other than the symlink.
Fortunately, a "before" listing of the library files was captured before the debug version was installed, a standard practice by their site-reliability-engineers. They do this any time they try and debug in production, so that they can quickly revert to the previous state. And in this previous version, someone noticed that mylib.so was a symlink pointing to mylib.so.1.0.bkup_20190221.
Once again, creating a backup file is a standard practice for their SREs. Apparently, way back in 2019 someone was doing some debugging. They backed up the original library file, but never deleted the backup. And for some reason, ldconfig had been choosing the backup file when scanning for the "correct" version of libraries. Why?
Here, Jon does a lot of research for us. It turns out, if you start with the man pages, you don't get a answer- but you do get a warning:
ldconfig will look only at files that are named lib*.so* (for regular shared objects) or ld-.so (for the dynamic loader itself). Other files will be ignored. Also, ldconfig expects a certain pat‐
tern to how the symbolic links are set up, like this example, where the middle file (libfoo.so.1 here) is the SONAME for the library:
libfoo.so -> libfoo.so.1 -> libfoo.so.1.12
Failure to follow this pattern may result in compatibility issues after an upgrade.
Well, they followed the pattern, and they found compatibility issues. But what exactly is going on here? Jon did the work of digging straight into the ldconfig source to find out the root cause.
The version detecting algorithm starts by looking directly at filenames. While the man page warns about a convention, ldconfig doesn't validate names against this convention (which is probably the correct decision). Insetad, to find which filename has the highest version number, it scans through two filenames until finds numeric values in both of them, then does some pretty manual numeric parsing:
int _dl_cache_libcmp(const char *p1, const char *p2) { while (*p1 != '\0') { if (*p1 >= '0' && *p1 <= '9') { if (*p2 >= '0' && *p2 <= '9') { /* Must compare this numerically. */ int val1; int val2; val1 = *p1++ - '0'; val2 = *p2++ - '0'; while (*p1 >= '0' && *p1 <= '9') val1 = val1 * 10 + *p1++ - '0'; while (*p2 >= '0' && *p2 <= '9') val2 = val2 * 10 + *p2++ - '0'; if (val1 != val2) return val1 - val2; } else return 1; } else if (*p2 >= '0' && *p2 <= '9') return -1; else if (*p1 != *p2) return *p1 - *p2; else { ++p1; ++p2; } } return *p1 - *p2; }NB: this is the version of ldconfig at the time Jon submitted this, and the version that they're using. I haven't dug through to check if this is still true in the latest version. That's an exercise for the reader.
While we have not hit the end of the first string, check if the character in that string is numeric. If it is, check if the character in the second string is numeric. If it is, keep scanning through characters, and for as long as they're numeric, keep parsing them into numbers. If the numbers aren't the same, we return the difference between them.
If the first string contains numbers at this point, but the second string doesn't, return 1. If the second string contains numbers but not the first, return -1. Otherwise, increment our pointers and go to the next character. If we reach the end of the string without finding numeric characters, return the difference between these two characters.
Also, correct me if I'm wrong, but it seems like a malicious set of filenames could cause buffer overruns here.
Now, I'll be honest, I don't have the fortitude to suggest that ldconfig is TRWTF here. It's a venerable piece of software that's solving an extremely hard problem. But boy, DLL Hell is an unending struggle and this particular solution certainly isn't helping. I'm honestly not entirely certain I'd say that there was a true WTF here, just an unfortunate confluence of people doing their best and ending up laying landmines for others.
But here's the fun conclusion: the 2019 version of the library actually had been updated. They'd deployed several new versions between 2019 and 2024, when things finally blew up. The actual deployed software kept using the backup file from 2019, and while it may have caused hard-to-notice and harder-to-diagnose bugs, it didn't cause any crashes until 2024.
.comment { border: none; }CodeSOD: Invalid Passport
Gretchen wanted to, in development, disable password authentication. Just for a minute, while she was testing things. That's when she found this approach to handling authentication.
passport.authenticate('local', { session: true }, async (err, user) => { if (err) { res.send({ success: false, message: 'Error authenticating user.' }) } else if (!user) { User.query() .where({ username: req.body.username }) .first() .then(targetUser => { if (targetUser) { const hash = User.hashPassword( targetUser.password_salt, req.body.password ) if (hash === targetUser.password_hash) { res.send({ success: false, message: 'Incorrect username or password.', }) } else { res.send({ success: false, message: 'Incorrect username or password.', }) } } else { res.send({ success: false, message: 'Incorrect username or password.', }) } }) .catch(err => { res.send({ success: false, message: 'Internal server error' }) }) } else if (user.firstLogin) { //...... } })(req, res, next);passport.authenticate invokes its callback after attempting to authenticate. Now, normally, this is called as middleware on a route defined on the webserver- that is to say, you don't call it from within your application code, but as part of your routing configuration. That's not the case here, where this blob is inside of a controller.
That's weird, but let's just trace through this code. We attempt to authenticate. When the process completes, our callback function executes. If authentication failed, there's an error, so we'll send an error message. Then, if the user object isn't populated, we attempt to look up the user. If we find a user with that user name, we then hash their password and check if the hash matches. If it does, we send an error message. If it doesn't, we send an error message. If we didn't find the user, we send an error message. If anything goes wrong, we send an error message.
Wait a second, back up: if the user exists and their password matches, we send an error message?
I'll let Gretchen explain a bit more:
passport.authenticate returns an error if the authentication failed and a user object, if it succeeded. We check this immediately: if error is set, return an error message. But then, we check if the user does not exist (aka: the authentication failed).
Yes, the reason user would be null is because the authentication failed. So the error would be set. So that entire branch about validating the user won't happen: either the authentication worked and we know who the user is, or it failed, in which case we'd have an error. There's no reasonable world where there's no error but also no user object.
So yes, if authentication failed, but you manually re-run the authentication and it succeeds for some reason, yeah, you probably should still return an error. But I don't know if it's "Incorrect username or password". It probably should be "Invalid reality, please restart the universe and see if the problem persists."
[Advertisement] Plan Your .NET 9 Migration with ConfidenceYour journey to .NET 9 is more than just one decision.Avoid migration migraines with the advice in this free guide. Download Free Guide Now!
Error'd: When All You Have is a Nail
...everything looks like a hammer.
"Where is this plane?" wondered erffrfez (hope I spelled that right), explaining "I was on a flight across Aus, and noticed that the back of seat display doesn't seem to know exactly where the plane is. There are two places where 'distance to destination' is displayed. They never matched and the difference varied through the flight." I have a suspicion this is related to the January 20 WTF.
Roadtripping Adam R. rued "I'm studying the time tables for the buses in the Italian alps, and I was a little dismayed to find that 19 hours will have elapsed between the 11:05 departure and 12:05 arrival. "
Also Adam R. in the airport shared "After my inbound flight to MAD was cancelled, AA couldn't decide if my connecting flight was arriving or departing, so it decided that it was undefineding."
Meanwhile B.J.H. "Earlier the monitor had accurate information about a departed flight, but they were able to fix that by bringing in a technician to get the display ready for the flight to Godot."
Also B.J.H. pleaded "Won't someone help LATAM airlines find the missing key so we can leave." Apparently they found it eventually.
CodeSOD: Brillant Python Programmers
Sandra from InitAg (previously) tries to keep the team's code quality up. The team she's on uses CI, code reviews, linting and type checking, and most important: hiring qualified people. Overall, the team's been successful recently. Recently.
The company got its start doing data-science, which meant much of the initial code was written by brilliant PhDs who didn't know the first thing about writing software. Most of that code has been retired, but it is impossible to dispatch all of it.
Which brings us to Stan. Stan was a one-man dev-team/sysadmin for a mission critical piece of software. No one else worked on it, no one else looked at it, but that was "okay" because Stan was happy to work evenings and weekends without anyone even suggesting it. Stan loved his work, perhaps a little too much. And as brilliant as Stan was, when it came to software engineering, he was at best "brillant".
Which brings us to a file called utils/file_io.py. As you might gather from the full name there, this is a "utility" module stuffed with "file and IO" related functions. Let's look at a few:
def del_rw(action, name, exc): """ See https://stackoverflow.com/questions/21261132/shutil-rmtree-to-remove-readonly-files Is used by shutil.rmtree to remove read only files as well """ os.chmod(name, stat.S_IWRITE) os.remove(name)This, I think, is a case of "maybe this shouldn't be a function?" Given that it's only two lines, it's more clear what you're doing if you just include the lines. Also, it takes three parameters and uses one of them.
def safe_rmtree(remove_dir, minimum_parent_dir, min_parent_parts=2): """ Recursively removes all files in a directory that should contain the min parent dir :param remove_dir: :param minimum_parent_dir: :param min_parent_parts: nr of folders that the parent should contain to avoid removing eg C: :return: """ if not os.path.exists(remove_dir): print(f"WARNING in safe_rmtree: {remove_dir} does not exist, nothing is removed") return remove_path = pathlib.Path(remove_dir) minimum_parent_path = pathlib.Path(minimum_parent_dir) if not minimum_parent_path.is_dir(): raise AssertionError("Min parent dir not a valid dir {}".format(minimum_parent_dir)) if len(minimum_parent_path.parts) <= min_parent_parts: raise AssertionError( "Unsafe removal of {}: minimum parent dir is too short {}".format( remove_dir, minimum_parent_dir ) ) if minimum_parent_path in remove_path.parents: print("REMOVE {}".format(remove_dir)) shutil.rmtree(remove_dir, onerror=del_rw) # use del_rw to also remove read only files else: raise AssertionError( "Unsafe removal of {}: does not contain minimum parent dir {}".format( remove_dir, minimum_parent_dir ) ) time.sleep(0.1)I definitely don't like this. We do at least use all of our parameters. While the documentation doesn't really make it clear what they all do, this will remove a directory if and only if the directory is contained under minimum_parent_dir, and the minimum_parent_dir is at least min_parent_parts levels deep.
I understand, broadly, why you want some checks around a potentially destructive operation, but I have to wonder about why this is the set of checks we added.
Also, why the tenth of a second sleep at the end? shutil isn't doing things on background threads, it just manipulates the file-system via syscalls.
Now, what's notable about this one is that we're using the pathlib.Path API for interacting with file paths. This is the correct way to do things in Python, which is why this method is just funny:
def file_name_from_path(path, extension=False): """ Get the name of a file (without the extension) given a path :param path: :param extension: default false, but if true fn will include extension :return: a string with the file name (optional extension) """ basename = ntpath.basename(path) if extension is True: return basename else: return os.path.splitext(basename)[0]This reinvents methods that are already in pathlib.Path. I also like that the documentation contradicts itself: this returns the name of the file (without the extension) except when it also returns the extension.
def create_dir(new_dir, remove_data=False, verbose=False): """ Create a new directory. NOTE: this function only creates one new folder, the root folder must already exist. :param new_dir: directory to create :param remove_data: if yes, remove existing data in folder. :param verbose: :return: a string containing the new directory """ if remove_data and os.path.exists(new_dir): shutil.rmtree(new_dir) time.sleep(0.1) if os.path.exists(new_dir): if verbose: print("Output directory {} already exists".format(new_dir)) else: os.makedirs(new_dir) return new_dirThis function creates a new directory and possibly deletes the old one. Not "safely", though, but hey, that random sleep is back.
def dirs_in_dir(data_dir, contains=""): """ Get the paths of all directories in a directory containing a set of characters, the basename :param data_dir: directory for which to list all paths with a base name :param contains: characters that should be in the name of the directory :return: a list of all directory paths """ if not os.path.exists(data_dir): print("Warning in get_dirs_in_dir: directory {} does not exist".format(data_dir)) return dir_paths = [ os.path.join(data_dir, d) for d in os.listdir(data_dir) if (os.path.isdir(os.path.join(data_dir, d)) and contains.lower() in d.lower()) ] return dir_pathsThis is another reinvention of functionality that already exists in pathlib.Path. I'd say, "And they already know about that!" but they clearly don't; they copied code off StackOverflow and didn't read it.
How about writing to a log file in possibly the slowest way possible?
def write_to_log(text_string, file_path, level="INFO", code="I_NOTDEFINED", entry="PROJ"): print(f"Log: {text_string}", flush=True) if not os.path.exists(file_path): file = open(file_path, "w") file.close() lookup_dict = error_lookup_dict responsible = lookup_dict[code]["responsible"] with open(file_path, "a") as file: dt_string = datetime.datetime.now().strftime("%Y-%m-%d %H:%M:%S") log_text = "{}; {}; {}; {}; {}; {}".format( dt_string, entry, level, responsible, code, text_string + "\n" ) file.write(log_text)Most logging frameworks open a file when you start, and keep the handle open until you're done logging. This one not only checks if it exists, but reopens it again and again for every write. And while it's at it, it also prints what it's logging. And Python has a built-in logging framework that definitely handles all these features.
Finally, what file_io library would be complete without a way to call shell commands?
def run_command_window(cmd, log_path=None): std_output = [] updated_env = {**os.environ, "PYTHONPATH": str(config.repos_dir)} with Popen( cmd, stdout=PIPE, bufsize=1, universal_newlines=True, shell=sys.platform == "linux", env=updated_env, ) as p: for line in p.stdout: print(line, end="", flush=True) # process line here std_output.append(line) if log_path: with open(log_path, "a") as log: log.write(line) return p.returncode, std_outputBroadly speaking, if you're trying to automate things via Python, you might come up with something very much like this. But I draw your attention to their updated_env which populates a PYTHONPATH variable: they're calling Python code by shelling out and launching a new interpreter.
Sandra writes:
This is one of the better files in the project.
Thankfully, this one has a happy ending: management is well aware that this project is legacy garbage, and has authorized a full-scale rework to make it maintainable. Whether the guy doing the work escapes with his sanity intact is another question
Honestly, as "I don't actually know Python but I'm very smart," code goes, this isn't so bad. I mean, it's terrible, but it's clearly written. Even the parts that shouldn't have been written are clean and easy to understand. That, I suppose, just makes it worse, doesn't it. Picking through the code that needs to be thrown away will be harder than one expects because you can't just go, "kill it with fire," you have to think about what you're throwing away.
Error'd: On the Dark Side
...matter of fact, it's all dark.
Gitter Hubber checks in on the holidays: "This is the spirit of the Black Friday on GitHub. That's because I'm using dark mode. Otherwise, it would have a different name… You know what? Let's just call it Error Friday!"
"Best get typing!" self-admonishes.
Jason G.
Suffering a surfeit of snark, he proposes
"Not sure my battery will last long enough.
Finally, quantum resistant security.
I can't remember my number after the 5000th digit.
" Any of those will do just fine.
Don't count Calle L. out. "This is for a calorie tracking app, on Thanksgiving. Offer was so delicious it wasn't even a number any more! Sadly it did not slim the price down more than expected."
"Snow and rain and rain and snow!" exclaims Paul N. "Weather so astounding, they just had to trigger three separate notifications at the same time."
It's not a holiday for everyone though, is it? Certainly not for Michael R. , who is back with a customer service complaint about custom deliveries. "I am unlucky with my deliveries. This time it's DPD. "
[Advertisement] Plan Your .NET 9 Migration with Confidence
Your journey to .NET 9 is more than just one decision.Avoid migration migraines with the advice in this free guide. Download Free Guide Now!
Classic WTF: Teleported Release
Matt works at an accounting firm, as a data engineer. He makes reports for people who don’t read said reports. Accounting firms specialize in different areas of accountancy, and Matt’s firm is a general firm with mid-size clients.
The CEO of the firm is a legacy from the last century. The most advanced technology on his desk is a business calculator and a pencil sharpener. He still doesn’t use a cellphone. But he does have a son, who is “tech savvy”, which gives the CEO a horrible idea of how things work.
Usually, this is pretty light, in that it’s sorting Excel files or sorting the output of an existing report. Sometimes the requests are bizarre or utter nonsense. And, because the boss doesn’t know what the technical folks are doing, some of the IT staff may be a bit lazy about following best practices.
This means that most of Matt’s morning is spent doing what is essentially Tier 1 support before he gets into doing his real job. Recently, there was a worse crunch, as actual support person Lucinda was out for materinity leave, and Jackie, the one other developer, was off on vacation on a foreign island with no Internet. Matt was in the middle of eating a delicious lunch of take-out lo mein when his phone rang. He sighed when he saw the number.
“Matt!” the CEO exclaimed. “Matt! We need to do a build of the flagship app! And a deploy!”
The app was rather large, and a build could take upwards of 45 minutes, depending on the day and how the IT gods were feeling. But the process was automated, the latest changes all got built and deployed each night. Anything approved was released within 24 hours. With everyone out of the office, there hadn’t been any approved changes for a few weeks.
Matt checked the Github to see if something went wrong with the automated build. Everything was fine.
“Okay, so I’m seeing that everything built on GitHub and everything is available in production,” Matt said.
“I want you to do a manual build, like you used to.”
“If I were to compile right now, it could take quite awhile, and redeploying runs the risk of taking our clients offline, and nothing would be any different.”
“Yes, but I want a build that has the changes which Jackie was working on before she left for vacation.”
Matt checked the commit history, and sure enough, Jackie hadn’t committed any changes since two weeks before leaving on vacation. “It doesn’t looked like she pushed those changes to Github.”
“Githoob? I thought everything was automated. You told me the process was automated,” the CEO said.
“It’s kind of like…” Matt paused to think of an analogy that could explain this to a golden retriever. “Your dishwasher, you could put a timer on it to run it every night, but if you don’t load the dishwasher first, nothing gets cleaned.”
There was a long pause as the CEO failed to understand this. “I want Jackie’s front-page changes to be in the demo I’m about to do. This is for Initech, and there’s millions of dollars riding on their account.”
“Well,” Matt said, “Jackie hasn’t pushed- hasn’t loaded her metaphorical dishes into the dishwasher, so I can’t really build them.”
“I don’t understand, it’s on her computer. I thought these computers were on the cloud. Why am I spending all this money on clouds?”
“If Jackie doesn’t put it on the cloud, it’s not there. It’s uh… like a fax machine, and she hasn’t sent us the fax.”
“Can’t you get it off her laptop?”
“I think she took it home with her,” Matt said.
“So?”
“Have you ever seen Star Trek? Unless Scotty can teleport us to Jackie’s laptop, we can’t get at her files.”
The CEO locked up on that metaphor. “Can’t you just hack into it? I thought the NSA could do that.”
“No-” Matt paused. Maybe Matt could try and recreate the changes quickly? “How long before this meeting?” he asked.
“Twenty minutes.”
“Just to be clear, you want me to do a local build with files I don’t have by hacking them from a computer which may or may not be on and connected to the Internet, and then complete a build process which usually takes 45 minutes- at least- deploy to production, so you can do a demo in twenty minutes?”
“Why is that so difficult?” the CEO demanded.
“I can call Jackie, and if she answers, maybe we can figure something out.”
The CEO sighed. “Fine.”
Matt called Jackie. She didn’t answer. Matt left a voicemail and then went back to eating his now-cold lo mein.
[Advertisement] Picking up NuGet is easy. Getting good at it takes time. Download our guide to learn the best practice of NuGet for the Enterprise.