Like snakes and mongooses , QA and developers are natural enemies. Through an unfortunate series of events, developer Bridget found herself working on a QA team. She was deep in enemy territory, and not full prepared for the rigors of QA, so she focused on her core developer skills. She helped the testers automate things.

“Well, we already have automated scripts,” her new co-worker, Jim, said. “We just… well, we only use them for really big regressions.”

“Why not? It seems like you could save a lot of effort.”

“They were written by the guy you replaced, and… well, you’d have to look at them.”

Bridget did. Take everything you know about scripting, about writing clear code and naming things in meaningful ways, then run it through a paper shredder, feed it to a dog, wait a few hours, and then reassemble it. The scripts weren’t scripts, as much as they were piles of cryptic regexes stacked high enough to smother someone. She waded past /^[\s]*(?:(P.+?)[\s]+(?:[_][\s]*[\n\r]+)?)?(F.+)[\s]+(?:[_][\s]*[\n\r]+)?([a-zA-Z][\w]{0,254})(?:[\s\n\r_]*\((?:[\s\n\r_]*([a-zA-Z][\w]{0,254})[,]?[\s]*)*\))?/gi, and a thousand other nearly identical lines of code. The only comment she found was at the top of one subroutine which simply said: “I forget what this does.”

One methods was invoked by every script, the informatively named choex. It tended to throw a lot of errors, but aside from that, she was nearly certain it didn’t actually do anything. Nearly certain wasn’t all certain, and before she could cut it away, she needed to know out what it was actually trying to do. After a few hours, she finally figured out that choex stood for “CHeck Object EXistence”, which still didn’t tell her what it did. It didn’t do much but invoke other similarly named methods, like gsc and mob.

Bridget traced through those methods, and many more, and finally thought she had an idea what the script was doing. choex checked that the objects the script needed to use existed. It seemed paranoid but harmless, since they’d get an error either way. She still didn’t understand how on earth the method choex, called in every script, could know what objects the script actually needed. It wasn’t hard-coded, that she could see, and there was no sign of a configuration file anywhere, either.

When she explained it to Jim, he laughed. “The code must be psychic. The script apparently reads itself to find out what it’s doing.”

Bridget started to laugh along with Jim, but something he said clicked. Her mind flashed to something she’d seen in the code, something that she’d scrolled right past. It took her a mere two hours to dig through the chain upon chain of indirection and obfuscated names to find the module she was thinking of. Like a needle in a stack of manure, she found a call out to the command-line to invoke svn.

From there, it was relatively easy to trace backwards and understand what was going on. Each time any script ran, it called choex. That method checked what script file was currently running, and then downloaded it from their script repository. Then, it matched a regex across the entire script to find all of the objects referenced, which worked for objects that followed the “proper” naming convention which was some confused variation on Hungarian notation (a microsopic fraction of objects). Once it had a list of object names, the script iterated across that list and ran another regex match to confirm that those object names existed in the script that it had just extracted the object names out of.

When Bridget explained this to Jim, he stopped laughing. “Kill it. Kill it with fire. And delete it from the script, too.”