- Feature Articles
- CodeSOD
- Error'd
-
Forums
-
Other Articles
- Random Article
- Alex's Soapbox
- Announcements
- Best of…
- Best of Email
- Best of the Sidebar
- Bring Your Own Code
- Coded Smorgasbord
- Mandatory Fun Day
- Off Topic
- Representative Line
- News Roundup
- Editor's Soapbox
- Software on the Rocks
- Souvenir Potpourri
- Sponsor Post
- Tales from the Interview
- The Daily WTF: Live
- Virtudyne
Admin
Does anyone else want to try to make something like this just to see if it will work, as a POC? I mean, that's some amazing engineering there...
Admin
You tell them. Maybe they trust you, or maybe not.
But if they are real management, reflecting on how a novice could break the system withing two weeks from being hired, they should start wondering if their shiny system is not hiding some horendeous flaws, and start bringing some rnowned experts to do some digging.
Admin
My understanding is that Jake was never informed that his modifications were going live automatically, nor was he provided any way to test.
Admin
Jake probably did verify that the code ran before checking it in. Quite possibly he even checked that it was doing what it was supposed to do. He just failed to notice that a bunch of other records were getting deleted or incorrectly updated as a side-effect.
Addendum 2016-07-28 00:54: Note also the gap between what Jake actually did ("You must have had database updates in some comments?!") and how it was described to / understood by the VPs: ("Jake did delete the database.")
Admin
I've seen things you people wouldn't believe. Attack ships on fire off the shoulder of Orion. I watched C-beams glitter in the dark near the Tannhäuser Gate. But believe me, JDSL is the most fucked up piece of shit I've ever seen. Time to die.
Admin
WTF?!?!?!
At first I read it as each function was in a separate file (rather than in different commits of the same file)...I actually did that for a C++ program years ago that I was reverse engineering. Given the entire team who knew anything was long gone it was a very workable intermediate condition....
Admin
Not to mention the gap that such a runtime executes SQL directly. It's in the comments. There is no connection (eg. server) defined? Hardcoded? Why would it understand SQL-literals at all? Some pretty big part of the story is missing here it it got obfuscated way too heavily.
Admin
Somewhat similar to BobX but waaaay more genius, in an evil genius way!
Admin
Trust me, new hired break things more than you'd like to see, especially if you know no one is guiding the new hire when they modify the codebase.
I see nothing wrong other than the check-ins will possibly go live automatically. But chances are the senior management or at least the development manager know it too.
Admin
Jake probably did verify that the code ran [ins]locally[/ins] before checking it in.
I suspect more likely this way, at then he forgets that when the code need to pass through other processing functions like eval() or others, you need to further escape the comment marks first. (you either need to create a script element, or to pass the server returned code to eval(), in order to make the code function that can run. Guess which way did they choose given the behavior described in the article?
Addendum 2016-07-28 09:06: ["Jake did delete the database"]
Actually, I think Jake broke the function because it was not escaped correctly, so this and all other functions later are treated as broken code and discarded by the browsers. Making the site behaves as if those functions are also missing.
Admin
[Given the entire team who knew anything was long gone it was a very workable intermediate condition....]
The following is in WinForm and not web perspective...
Agreed. As a bonus they can evade the DLL hell problem that "many companies which uses central shared BLLs" will eventually experience. In this way check-in 75 and 104 of function A can live together peacefully in multiple projects which have circular dependency on versions that they do not agrees.
Admin
I think the top right box is a giveaway. It says "prediction: false". This is a made up story.
Admin
Damn right I do! Sadly I don't see how I could do it with Git and we don't have Subversion in house. So I'm not going that far.
Great story though!
Admin
"How the hell do morons like this get jobs?"
They get hired by morons.
It is turtles all the way down.
Admin
At least, an interpreted online build system is something new (at least, to me) ... and it's future-proof, you may even move it to the cloud ... ;-)
Admin
Seriously: This isn't that far away from Alan Kay's notion that objects and methods should have web addresses. But it's for sure not what Alan Kay was thinking about.
Admin
Why would you edit your configuration using JSON? Use something both readable and parse-able like XML. If a downstream module requires it in JSON format, then write something to translate your config into JSON.
Admin
"like XML"
Oh, you had me going there for a minute. XML!!!
Admin
It doesn't matter if it's Git, SVN, TFS, or your mom. This has to be the worst way to program I have ever heard.
Unless you're joking, of course.
But using source control as a programming tool is still TRWTF.
Admin
I would bet that Tom made the system, do exactly what management wanted.
Admin
... "Functions" : [ "4a0a19218e082a343a1b17e5333409af9d98f0f5", "51e69892ab49df85c6230ccc57f8e1d1606caccc", "84a516841ba77a5b4648de2cd0dfcb30ea46dbb4", "13fbd79c3d390e5d6585a21e11ff5ec1970cff0c", "8af56de68279cb6f5ed022f31af18b9fcdcc2e92" ] ...
Admin
Still trying to figure out how the Tom's get in their position (So i can do it myself and never need to really work again). But I know how his colleagues put up with it.
See, there are tons of people working in the industry who don't have any basic skills. They started in some other part of the company and then migrated over at some point and got trained by the people already working there. Or they got hired with zero technical experience but lots of enthusiasm and a connection with someone working there. So all they know is what the previous guy told them and the knowledge of how to accomplish specific tasks without really knowing how it all fits together or what they're really doing.
The worst is when one of those guys gets promoted up, and then you have the trained monkey who doesn't know what he's doing running the ship. While resenting the hell out of all the "fancy college grads" that roll in, figure out it's a clusterfuck and peace out. At a certain point, they start handing around aphorisms like "bah, you don't need to hire someone with training. Just makes it harder to train the bad habits out of em" or "these millenials are so entitled".
Eventually the few competent people who slip through the cracks give up and shut up. Better to get paid and put out shitty work than to stand by your principles in the breadline. Especially when you have student loans to pay off.
Admin
Well, yeah, but they could replace the codebase in a week.
Admin
Don't blame me - I'm just a contractor with a 20-second commute. And I've actually been able to improve a lot of things at my current employment.
BTW I would have used YAML (our parser even supports it with an additional module ...) - I'm thinking of suggesting we change to it. Or at least enable comment parsing in the configuration files.
Admin
It's Tom, get my name right.
Admin
You know a limited subset of C could be pretty much everything.
Admin
Sorry. This can't be real. Too far fetched.
Admin
Truly brillant. Of course the company is fucked if Tom gets hit by a bus.
Also, it really needs MongoDB thrown in there somewhere. Or maybe it doesn't, because even MongoDB would be a better fit than svn.
Admin
"Another WTF is how colleagues of Tom who worked with JSDL put up with this architecture" Are you sure you know what architecture means? A steaming pile of dingo's kidneys is not an "architecture"
Admin
No, we're not using C0. Our language 'EQAL' (anonymized to protect the guilty... and my job) is developed completely in house and has not escaped our company as of yet. But looking at it, I can't get off the feeling that EQAL and C0 began with the same basic idea... only difference is that EQAL got a head start of ca. 10 years
Admin
It is turtles all the way up.
FTFY.
Admin
please do it
Admin
that Tom IS a genius, he's clearly a scam artist
Admin
This made me almost as sick as the university lecture I had about FORTRAN or the last time I used Maven.
Admin
Yep... Reminds me old times where I as novice sent incorrect XML doc with couple hundred entries to admins and manage to break all University knowledge base and left lectors without teaching material for a week... Good old days when life was simple... One day you are promising young rookie and in next morning you are fired...
Admin
Yeah yeah, the system sucks and Tom is a complete cock.
BUT DON'T EVER CHECK ANYTHING IN UNTIL IT HAS BEEN CODE REVIEWED!
Admin
Sounds very very familiar. I used to work for this book distribution company in East Anglia where the IT manager had written a bespoke order fulfillment system using Cognos Powerhouse sometime in the early nineties and did everything possible to ensure that it never got replaced in order to retain his position in the company as someone indispensable.
Eventually all the devs quit in quick succession some years ago once they realised that they had no future there.
Admin
I think fundamentally fubarred system are not as uncommon as you might think.
I have personally seen work done by 2 contractors, which I was asked to "fix so it can go live", that completely misunderstood what the Spring Framework was all about. In short, it instantiated the whole framework for every single web-request that came in...
And I've been asked to "sort out the performance problems" with a Drupal system, where it was taking 2 minutes to post a comment in a discussion forum. I eventually ran the CMS in isolation, and found the generated SQL text for an update was over 2 Megs in size. The "expert agency" which had produced this system, at considerable expense, had included over 100 plugins/modules, most of which generated and fired off SQL whenever a web-request was received, resulting in mayhem.
Honestly I'm not exaggerating one bit.
Admin
It remembered me of a company where you couldn't delete code. Every time I had to fix a bug, I had to keep the broken part commented and add new code below it, even if it was an entire function.
The same company also did not allow two programmers to edit the same file in SVN because... I don't know.
Admin
Microservices. drops mic
Admin
Visual Sourcesafe only allowed one person to edit a file at a time (I think). You never have merge conflicts but things become somewhatannoying when someone goes on leave without checking the file back in.
Admin
There's another TRWTF no-one has mentioned. Never deploy anything on a Friday.
Admin
Or on a Monday. Did you know that on average up to 40% of bugs can be found in code that was deployed on a Monday or a Friday?
Admin
ISYDT. You should write labels for health products.
Admin
There's a very good reason not to have comments in JSON. It would have destroyed interoperability. See https://plus.google.com/+DouglasCrockfordEsq/posts/RK8qyGVaGSr
The difference is JSON is commonly used for communication between disparate systems. Most config file formats, and certainly most programming languages are not.
Admin
Oh geez, not that hoary old chestnut. Anyone abusing JSON to put processing directives in comments can just as easily put processing directives in strings. Removing comments only made the format less usable without doing anything to prevent idiots from breaking your parser.
Admin
What a maintenance nightmare. Wow, Tom created a Jenga stack of flaming poo... genius. Unfortunately, this is not as uncommon as you would think. It happens when management has no idea as to what is going on under the covers.
Admin
Nice try, Tom.
Admin
That's what I was thinking! if it's JSON based, I would expect there either be support for comments, or blow up with a parse error. Not some half baked state where JSON containing comments is parsed successfully but then treated as, JSON, because comments are not supported? makes no sense. calling shenanigans.
Admin
You are confusing intelligence and wisdom. Common mistake for someone not so intelligent. Learn from this and maybe you will have the wisdom to know next time.