Category: Programming

Welcome to the “Future” of App Deployments

I’m sitting here watching the braintrust in our IT organization tell everyone about a NEW! “PRO!” product that will do database migrations with Jenkins, and I’m just sitting over here thinking about the native migrations available by default in Ruby on Rails since version 1.0, which I’ve been enjoying for the past 15 years. I’ve deployed Rails apps with Jenkins, but I still like Capistrano better, because it’s “native.” I’ve yet to fool with their new Docker-based deployment tool because cap works so well.

They showed a script to call the Jenkins API to do deployment jobs. Again, I’m just sitting here wondering what in the world they’re talking about. Jenkins literally does all of this for you. They seem to think that Jenkins can’t handle deploying to separate environments, and therefore you need to script it so that you can parameterize the deployment with tags that live in git. I haven’t used Jenkins for 1o years, but — without even looking — I’d bet my eye teeth that Jenkins can do this without needing a script to call its API.

They’re signing off their dog and pony by looking for volunteers to demonstrate new things in this space. I think they’d barf if I demonstrated my workflow with Rails and Capistrano, and by so doing, illuminated how much time, effort, and money is wasted on a default stack using Java, React, and Oracle. It doesn’t use any sort of middleware, and therefore doesn’t have any steps to sit and wait for rubber stamp approvals by useless middle managers who aren’t going to actually review the changes, so I’m sure it would go over like a lead balloon.

The Six Dumbest Ideas in Computer Security

The opposite of “Default Permit” is “Default Deny” and it is a really good idea. It takes dedication, thought, and understanding to implement a “Default Deny” policy, which is why it is so seldom done. It’s not that much harder to do than “Default Permit” but you’ll sleep much better at night.

Source: The Six Dumbest Ideas in Computer Security

This was from 2005, and if your organization’s approach was always Default Deny, then it’s a great idea. The problem with Default Deny isn’t the idea, it’s switching away from Default Permit after decades of acclimation. One comment in the HackerNews discussion about this article says it adds “three more steps” to the conversation with IT to fix your app after the change. I would argue that it’s a whole lot more than that.

A friend of mine has trouble running a very important vendor application used in his department. It stopped working some time ago, so he opened a ticket with IT. It was so confusing to them that it got to a point that they allowed him to run Microsoft’s packet capture application on his machine. He followed their instructions, and captured what was going on. But, despite the capture, they were unable to get it working through the firewall.

Out of frustration, he sent the capture to me and asked me to take a look. Even though our laptops are really locked down, as a dev, I get admin on my machine, and I have MSDN, so I downloaded Microsoft’s tool, and looked over the capture. It was a complicated architecture, using a client/server implementation on the local machine. The front end was working over networking ports to talk to its back end, and the back end was using other ports to talk to the vendor’s servers.

I knew what to look for because I had just undergone a lot of pain with my own development workflow, because the company had started doing Default Deny, and it was messing with my development workflow in several ways. Not too long before, they dropped the bomb that EVERY network communication through the firewall required the Cisco Umbrella certificate (so that they can intercept and inspect all traffic, despite SSL). I had to figure this all out on my own, based on the behavior I was seeing, but I was able to figure out how to download that cert and include it in the chain to work with both bundle and HTTP calls in Rails, and psql for Postgres.

Then they locked out Postgres’ default port entirely. They reopened it for me at my request at first. Then six months later, they closed it again, and told me that I needed to formally request permissions for that, which was going to be a many-years-long process. I “just” rewrote the functions I needed in my Rails app to use HTTPS instead of using a direct database connection.

Anyway, I told my friend what ports IT needed to open, and how that he needed to explain to the vendor that they had to include the Umbrella cert in their chain on the back end, but he’s still having problems. Why am I being vague about the details here? It’s not because of confidentiality, though that would apply. No, it’s because my friend had been “working with IT” for over a year to get to this point, and this was two years ago, and I’ve simply forgotten a lot of the details.

“I said all of this to say” that saying it will take “3 extra rounds” is a bit of an understatement when IT starts doing “default deny,” at least in legacy manufacturing companies.

Corporate IT “Support”

I couldn’t mount network drives on my work laptop, so I opened a ticket. That was FIVE weeks ago. The ticket was closed by the first person after 3 days without even contacting me. I immediately re-opened it, and it proceeded to worm its way through an additional EIGHTEEN people, and finally came back to the original person who closed it, who — for at least the 4th time in the email chain — asked me questions I had “pre” answered in the original complaint.

Disgusted, I finally took a couple of hours, and figured it out myself. When I was finishing up, and documenting the fix on the ticket, the first guy contacted me on Teams, and asked me to bring the laptop into the office and try to do what I’ve shown over and over in screenshots couldn’t be done.

I guess I’m just lucky that I have admin rights on my laptop.

FWIW, the problem started when I installed WSL to test using for developing Rails apps. When I recognized the coincidence, and since I hadn’t actually used it yet, I uninstalled the Ubuntu image. This wasn’t enough to fix the problem.

The error message was clearly about not being able to resolve machine names, but I didn’t want to monkey around with the resolution settings because #CorporateIT does nasty things to our laptops, and I was afraid of screwing up their configuration.

I finally removed WSL entirely, and got a different error message when trying to mount a drive, which led me to this Stack Exchange post. I copied the registry setting from a computer which works (which was the same as what was listed in the top answer), and all was sorted again.

To me, the worst part of this charade is that the “original” guy will get the credit for “resolving” the issue, and that really burns me.

Programming Language Gatekeeping

Great. Just, great.

Programming language gatekeeping, from the government. As if “the government” knows anything about anything, let alone technology created in the last 50 years, let alone programming languages specifically.

This guy gets it. As usual, it’s governmental interference to impede free markets for literally anything and everything, to protect campaign-contributing incumbents in a segment, and guarantee re-election funds.

Nevermind that VB.Net compiles to the same bytecode as C#. That’s officially off the list. Feels like Microsoft is getting the feds to pressure people away from a language that is still popular, but which they don’t want to support any more.

I can hear it from the decades-behind-the-curve gatekeepers in my Fortune 250 now: “Sorry, Dave, but Ruby isn’t on the government’s recommended languages list, so you can’t use it.”

Reddit Knows Programmers

I “use” Reddit to look at subs for ESO and Fallout 76. That’s it. When I’m bored, I sometimes click over to the “popular” tab, and just have a look. It’s more of an anthropological experiment than an interest in reading what’s there. Sometimes, I can’t get past the front page, because, most of the time, Reddit is just a living monument to people being awful to each other. Sometimes, I make it to the next page. Sometimes, I make it to a gem. Most of the time, I see Reddit’s twenty-something, white, middle-class, male, under-sexed, under-employed hive mind on full display, like this.

“He,” here, refers to Elon Musk.

Reddit. ‘Nuff said.

This guy thinks “backend and fullstack” programmers “know shit about OSes and PC in general.” And, as of 13 hours of being posted, deep in the thread, has 84 upvotes. (On a post with 2200+ votes.)

I’ve been programming since I was 12, on a Vic-20. I’ve been doing it professionally my entire career, for about 30 years now. Even the people who I would consider “casual” programmers know how operating systems and PC’s work. I’ve met some posers, but they wash out. To blithely say “most” programmers “don’t understand computers” is utter nonsense, and, frankly, weapons-grade cope.

Welcome to Reddit, I guess. “Enjoy” your stay.

Reddit just made a deal to sell their “content” to Google, to train AI. Good luck with that. With what we’ve seen over the past few days with their AI product, using Reddit seems like a really good fit.

I weep for the future.

We keep making the same mistakes with spreadsheets, despite bad consequences | Ars Technica

Spreadsheets represent unknown risks in the form of errors, privacy violations, trade secrets, and compliance violations. Yet they are also critical for the way many organizations make their decisions. For this reason, they have been described by experts as the “dark matter” of corporate IT.

Source: We keep making the same mistakes with spreadsheets, despite bad consequences | Ars Technica

As I often say, making real applications out of these Frankenstein monsters of data has been my bread and butter throughout my career. The function that the central IT departments in blue chip manufacturing companies could never quite wrap its arms around keeps getting bigger and bigger, and making larger and larger gaps to fill by people in the trenches. So… too right, mate, and keep it up.

Why do people use VBA?

Why do people use VBA? In order to answer this question, we must first look at another question – who actually uses VBA in the first place? In 2021 I ran a poll on /r/vba where I asked redditors why they code in VBA. From these data, we can clearly see that the majority of people who use VBA do so mainly because they have no other choice. Many organisations run their entire business processes with Excel, and when a little bit of automation is required VBA is usually #1 on the list.

Source: Why do people use VBA?

I was just ranting about this to my kids a couple days ago.

Even in large companies, with massive IT departments, and lots and lots of internal databases and information systems, US businesses are still run on Excel. That’s not subjective. I’ve worked for decades inside three Fortune 250’s (and a couple smaller shops), and bad Excel “applications” are in use at all of them. And after one person learns enough VBA to get a spreadsheet dealing with a particular issue to save a little time for themselves, they start sharing them with their colleagues, and the problem gets worse. Half of my career has been built on making “real” applications out of Excel spreadsheets that were wobbling under their own weight.

But why?

Back in the old days, IT grew out of the accounting department. They had the only computer in the building, and it was an IBM mainframe. Great stuff, right? Saved a lot of time and paperwork, right? Except that it didn’t. It quickly ossified the company’s work flow, and permanently hobbled its ability to adapt to change. It would take years to get any changes made in the mainframe group, and people were frustrated. Along came spreadsheets, and everything changed.

I saw it myself in my first engineering job in 1993. We got new computers with Windows 3.1 and Quattro Pro. (And AutoCAD. And, of course, on mine: DOOM!) After weeks of bugging the lady who ran the mainframe — who apparently had to write a whole program — I got her to dump the BOM for a couple of our products to compare for similarities. I downloaded the 2 files to my PC with a token ring mainframe interface card. I think they were only about 1MB each. With 8MB of RAM, I had twice as much memory as our System 36, and I could open both BOM’s in a spreadsheet, and analyze them to my heart’s content. Understanding that I had more processing power on my desk than the freezer-sized unit in the other room was eye-opening.

American manufacturing companies (at least) never got the message. The invention of the spreadsheet spared them from facing the fact that the mainframe had become the black hole of their IT world. As changes were becoming impossible to get from the mainframe group, PC’s with Windows and Excel allowed people at all levels and in all job functions to start working around the mainframe and its limitations.

Now, these kinds of companies are decades behind the curve. They thought “outsourcing” was going to fix all of their problems. When it didn’t, they thought “consultants” would be the trick. Surely “agile” will do it this time, right? No. It’s not the process; it’s the mainframe. Forcing every corporate workflow and piece of data to be kept canonically inside a 40-50-year-old legacy system’s limitations is quite literally killing the company. It’s certainly killing their competitive advantage.

My current company still breaks our primary software component into 8 pieces because that’s what would fit on floppies to send to the plant to program the hardware. Every IT system — and every spreadsheet — in the company has to deal with this 40-year-old legacy issue because that’s what we programmed the mainframe to expect, and now that’s the only way to bill a customer for it. So the logistics of dealing with multiple trees and branches of software (and multiple trees and branches of documentation about the software) is multiplied by a factor of 8 to this day. There is no escape from this black hole. You can’t re-engineer this situation. It’s too ingrained.

I worked for one group which, on every engineering release, had to get a giant table of software versions — each with their 8 part numbers — into the mainframe. The process was so onerous that they would spend days clicking through mainframe terminal emulator screens to get the information they needed, to make a spreadsheet in a particular format, which they would send to another group to actually enter back into the mainframe. Part of the problem was the spreadsheet had to be in 3 columns, but the mainframe screens were in 4 columns (or vice versa), so a lot of it was purely formatting. I wrote a little program to automate all of this, but I’ve left the group, and I’m sure no one uses it any more. The particularly stupid part of this story is that people fought me to write a little software that saved these people 10’s of hours a week in the name of their own job security.

And no one in the corporate hierarchy cares. In this day and age, the executives are all just playing the waiting game, letting things atrophy — saying all the right things publicly — while they wait until the financials are inverted enough to make the company a juicy prospect for a buyout in an industry-wide rollup by private equity.

Meanwhile, actual people have to get stuff done to stay employed and feed their families. Inside the company, the managers have to look at the three year lead times to get a simple application written by “corporate IT,” and can do nothing but just continue to throw bodies and VBA macros at it. Or, in my case, have me write something to do it. That is, until it gets successful enough that people notice, and it gets taken away from me, but that’s another story…

Get a Job Doing Software Development, They Said

It’ll be fun, they said.

Every day, it seems, I bang my head on the wall. Today? Tower — a normally-great git frontend on Mac — decided to throw up its hands and refuse to work on my work laptop, running Windows, of course. It’s trying to use AskPass.exe, which doesn’t exist. Did it get cleaned out by my company’s “security” scanning? I mean, there are only about 30 different scripts that run on login, to make sure I don’t do anything they don’t want me to do. Did one of them do something here? Why would that file go missing, all of a sudden?

So I go to Tower’s over-engineered, Apple-product-pages-inspired mess of a web site, and try to download an installer. No, instead, I get the same single run-in-place executable 3-times. Do they not have an installed version any more?

Is this a problem with git? Did git for Windows take a dump?

Is this even a problem with that file being gone, or is this a spurious error message? Lots of Stack Overflow questions seem to indicate that this happens with Visual Studio, but the file reference is clearly not in any Visual Studio installation location. It’s obviously trying to reference something in Tower’s files. And, of course, I can’t find a single reference in Google to this. Once again, I’m the only person in the entire world with a particular technical problem.

So I sent a request for support from Tower, then installed GitHub Desktop, got my new branch pulled, and moved on. But, dang.

Why does this stuff need to be like this? And why does it need to be like this so often?

The State of Javascript Development

Mocked in this article:

The pain is barely tolerable when you reach dependencies. So, so many of them. There’s left-pad, the legendary tiny package that broke all internet, collectively causing the amount of pain and drama comparable to the destruction of Alderaan.

Discussed here:

The Javascript Front End Developer Experience

I know just enough about the Javascript frontend world to understand that this is a good description of what it entails. When people try to gaslight me about how great Javascript is, pointing to Stack Overflow’s consistent top-tier ranking of the language, I know this is the part that isn’t being said out loud.

I’m just sitting over here enjoying the fact that my app isn’t big enough to warrant separating the front end from the back, and I can blissfully get away with server side rendering built into Rails, with bits of Javascript in the page, only for convenience.

The early days of Linux

My name is Lars Wirzenius, and I was there when Linux started. Linux is now a global success, but its beginnings were rather more humble. These are my memories of the earliest days of Linux, its creation, and the start of its path to where it is today.

Source: The early days of Linux

Great little reminisce. I just thought a couple of quotes were particularly funny.

While this was happening, I was taking a nap, and I recommend this method of installing Linux: napping, while Linus does the hard work.

And..

In the spring of 1994 we felt that Linux was done. Finished. Nothing more to add. One could use Linux to compile itself, to read Usenet, and run many copies of the xeyes program at once.

The first version of Linux I installed was Slackware 3. If memory serves, this was early 1995. I downloaded 54 1.5MB floppy images over a 28.8K modem, using a free PPP service called SlipNet. (I think it was located in California. They were around for a long time after this, but I can’t find any reference to them now.) What I didn’t know was that Slackware was a direct descendant of the first “distribution,” SLS.