Weakly Courses

by in CodeSOD on

Kerin inherited a scheduling application for a university. This application stored the scheduled days for a class in the database… as one comma-separated field. This was a problem for Kerin, who was hired to add predictive scheduling and classroom density measurements to the system.

This particular function was written to take that data and transform it for display. Sort of.

Nullable or Not

by in CodeSOD on

Nullable types, at least in theory, make our code simpler and easier to maintain. If nothing else, we know when there's a risk of a null value, and can handle it with some grace. At least, that's how it works if we understand what they do.

Boaz's co-worker knows that nullables are valuable, but doesn't quite get it.

Nice Work If You Can Get IT

by in Error'd on

Danish cookie connoisseur Jørgen N. contributes our starter course this week. "Cloudera has an interesting way of implementing "Required only" cookies." It's an exercise for the frist poster to explain to the peanut gallery what's so distasteful about third-party cookies.


The String Buildulator

by in CodeSOD on

"Don't concatenate long strings," is generally solid advice in most languages. Due to internal representations, strings are frequently immutable and of a fixed length, so a block like this:

string s = getSomeString(); s = s + "some suffix";

Failed Successfully

by in CodeSOD on

Martin's company had written a set of command line tools which their internal analysts could then string together via shell scripts to do their work. It was finicky and fragile, but frankly didn't work too badly for most cases.

There was one tool, however, which seemed to be the source of an unfair number of problems. Eventually, Martin sat down with an analyst to see what was going wrong. The program would exit successfully, but wouldn't actually do any of the work it was supposed to. Instead of doing the normal thing and writing errors to STDERR, the tool wrote to a file. Which file, however, was determined by reading some shell variables, but the shell variables used by each of the tools were slightly different, because why would you build a consistent interface for your suite of analytical tools?

The GUID Utillity

by in CodeSOD on

Let's say you saw a method called StrToGuid, in a C# codebase. Your first thought might be: "Wait, isn't there a built in parse? Well, I guess maybe they might do some sort of exception handling. But it still doesn't seem right." And then you'd take a look at the method signature and see that it takes both a string, and an integer named counter, and you'd think: "Wait, what?"

Henrik H had a similar experience. His team hired a new developer, someone with 15+ years of experience. This is what they contributed to the codebase:

An Animated Block

by in CodeSOD on

"There are a few more functions like this in the same file," writes Jenny, about today's submission. This is one which largely does speak for itself.

const gright = () => { setIscountright(isCountright + 1); if(isCountright === 0) { setIsleft(!isLeft); setIsfirstdot(!isFirstdot); setIssecdot(!isSecdot); setInfof('Once activated buttons on the right panel will appear'); setIssquareleft(!isSquareleft); setIsanimBottRightIn(!isAnimBottRightIn); } if(isCountright === 1) { setIssecdot(!isSecdot); setIsthirddot(!isThirdtdot); setInfof('Tap on them to change content of the projection on the wall'); setIselmscale(!isElmscale); setIssquareleft(!isSquareleft); setIsmap(!isMap); setIsmapdot(!isMapdot); setIsborderwhite(!isBorderwhite); } if(isCountright === 2) { setIsright(!isRight); setIsthirddot(!isThirdtdot); setIsfourthdot(!isForthdot); setInfof('Use the menu bar in top left corner to switch between pages'); setIssquareleft(isSquareleft); setIsanimBottRightIn(!isAnimBottRightIn); setIselmscale(!isElmscale); setIsmap(!isMap); setIsmapdot(!isMapdot); setIsborderwhite(!isBorderwhite); setIsindicator(!isIndicator); setTimeout(():void => { setAnimain(false); setMainsec(true); setIsindicator(false); setIsindicator2(true); }, 1000); setTimeout(():void => { setMainsec(false); setMainth(true); setIsindicator2(false); setIsindicator3(true); setShowdone(true); }, 2200); } }


by in Error'd on

This week's edition of Err'd gets off to a flying start with one that came in "over the transom" as t'were. Ordinarily, expired certs are a bit mundane for this column, but in this case, where this foible fetched up is at least worth a chuckle.

Jim M. wrote directly to the editor with this explanation. "If you're looking for compliance reports to prove that your cloud provider has solid security practices, be wary of this WTF with Azure. Quoting the site, SOC 2 Type 2 attestation report addresses the requirements set forth in the Cloud Security Alliance (CSA) Cloud Controls Matrix (CCM), and the Cloud Computing Compliance Criteria Catalogue (C5:2020) created by the German Federal Office for Information Security (BSI). Sounds impressive! The link for Azure DevOps SOC 2 Type 2 attestation report goes to this link, https://docs.microsoft.com/en-us/compliance/regulatory/offering-soc-2, which shows that the cert for this page has expired. Try it here: https://servicetrust.microsoft.com/ViewPage/MSComplianceGuideV3 "