Category: Programming

The Case for C# and .NET. It has been interesting as I’ve shifted… | by Charles Chen | ITNEXT

It has been interesting as I’ve shifted out of .NET ecosystem which I’ve worked with on the server side (and some stints of desktop…

Source: The Case for C# and .NET. It has been interesting as I’ve shifted… | by Charles Chen | ITNEXT

There are a couple of takeaways from this article. He talks about it from the perspective of a fan of .NET. I see strong points in favor of Rails as well.

First and foremost, I want to talk about speed. As a fan of Rails, I hate it when critics bring up the speed of Ruby, because I have to acknowledge that there is a definite, unavoidable penalty there. And why shouldn’t there be? It’s the interpreted nature of Ruby that makes ActiveRecord in Rails so dang flexible and easy to use. But I came to using Rails after about 10 years of using PHP, and it was painful to compare page load speeds in apps I rewrote from PHP to Rails. However, the relative productivity of the Rails stack made it a no-brainer over PHP for me.

In this article, the author compares some particular benchmark amongst various languages typically used for web application development. Here, he’s pointing out how slow Javascript is compared to .NET. But what I want to point out is that Ruby’s performance is often discussed in the context of using Java, and there’s basically no difference.

Further speed point here: https://benhoyt.com/writings/count-words/

Another thing to point out is the package mess. From the top graph, above, you can see the explosion of dependencies in the Javascript stack. Comparatively, it dwarfs everything else. Combine that with this graph, below, and the situation gets even worse. Sure, by this, you can see that .NET stack wins this race, but it’s also interesting to me that Rails clearly comes in second, especially when you also consider that it has zero critical vulnerabilities.

Over and over, Ruby and Rails gets dissed, these days, as somehow being unuseful, for a variety of reasons. I find those reasons specious. Over and over, when you dig into the rationale behind those reasons, you find out the situation is better than people give it credit for being. Rails continues to be a strong contender in the web application development world. Lots of big players continue to use it, despite how critical the HN crowd is about it. Even if it weren’t suited for those big, commercial web platforms, it would still continue to dominate in writing small, focused, line-of-business CRUD apps, and I continue to find it amazingly powerful to work with.

If I were to criticize the Rails stack, my first point of contention would be the Turbolinks thing. I’ve been sort of forced into using Ag-Grid as a drop-in Javascript data table widget, and, despite a lot of effort, I can’t find a way to make it play nice with Turbolinks.

The Problematic Black Box Nature of Neural Networks and Deep Learning – Brightwork Research & Analysis

Neural networks and deep learning are normally black box systems. This black box nature of neural networks leads to problems that tend to be underemphasized in the rush to promote these systems.

Source: The Problematic Black Box Nature of Neural Networks and Deep Learning – Brightwork Research & Analysis

I find this article absurd. If I were to create a neural network, the very second thing I would program into it would be the capability for it to log WHY it did the thing I programmed it to do. Are you really telling me that the tools available to us right now are incapable of this?

LinkedIn? In My GitHub? It’s More Likely Than You Think

Outlook Integration with LinkedIn

I didn’t much care when Microsoft bought LinkedIn, because no one actually likes LinkedIn. What little usefulness it has exists only because there’s nothing else in the space. A Facebook for work. Really? That’s boring squared. Who cares? But when Microsoft bought GitHub, I was really disappointed. I felt it was “unwarranted.”

Linus Torvalds wrote Linux, and changed the world. Despite never being able to make a dent in desktop usage, it destroyed what little progress Windows was making on the server side compared to Unix and minis, and now runs basically everything that isn’t a desktop (or an Apple device).

Then Linus changed the world again, and wrote git. Except for the absolute biggest repositories (e.g., Microsoft Windows, or, say, Oracle), it quickly ate all other source code management software, paid or free. And then Microsoft patched git to handle their codebase, and uses it now as well.

GitHub was one of the first big Ruby on Rails apps to prove the framework’s viability at scale; a huge platform success that didn’t involve either Microsoft or Oracle.

So, from my perspective, GitHub — hosting git repos using Rails running on Linux and MySQL — represented everything in the software world that was NOT MICROSOFT.

And then Microsoft threw a couple billion at the founders, the government shrugged their shoulders at such a “small” acquisition, and GitHub, like so many before, became another head on the software world’s biggest hydra. I actually felt a little betrayed by the founders, if I’m being honest. I hate the M&A activity that’s destroying our economy, capturing our government, and producing a new feudal-like aristocracy, but I suppose, of all the companies that had the resources to give the founders their exit, a DOJ-chastened Microsoft wasn’t the worst possibility. Certainly better than Oracle or Salesforce.

Now I see this tomfoolery in the updated version of Outlook, which my corporate laptop just self-installed. Uh, no thanks? In fact, I can’t imagine something I want less than this, but Microsoft is always surpassing themselves, so I’ll just give it time. I would complain about jamming more “stuff” into an already over-stuffed application, but Outlook may be the software world’s poster child for bloat at this point, so what’s another useless “social” add-on?

I’m saying all of that to say this: I fully expect GitHub to get some sort of LinkedIn integration like this in the near future as well. “Link your professional software portfolio with a click of the button!” it will say, as if you can’t stick a link in there already. And then it will build a graph of user data behind the scenes for only-God-knows-what further marketing purposes.

I also expect that there will be some linkage between GitHub and Azure Devops. I had been thinking that Microsoft would simply phase out Devops for GitHub. Devops has never been particularly interesting as a product. However, a thoughtful person on Twitter — “There are dozens of us!” — disabused me of that notion. I’m sure he’s right: Microsoft certainly has too many paying customers for Devops to do anything drastic with it now, and it has become another lame-duck victim of Microsoft’s own success, destined to limp on forever because of backward compatibility. But I’m certain that they’re not just going to leave these two, so-closely-related silos sitting right beside each other with no connection, and I’m also certain I won’t like it when they finally do something.

“How do you define ‘unwarranted?'”

UPDATE: A comment on HN pointed out that Microsoft already has “boss ware” in the form of “Workplace Analytics,” and it’s bundled in Office365. Ticking this box, then, will allow them to associate a real person with a user in your company’s “analytics.” Will they rank people for recruiters based on this data? Will they provide a report for companies who are considering you for a job? Sounds like a perfectly valid, dystopian business opportunity to me. Right up their alley. I wouldn’t put it past them.

Reselling gig work is TikTok’s newest side hustle

Resellers buy gig work for as cheap as $5 to resell for profit

Source: Reselling gig work is TikTok’s newest side hustle

Yes, you can make money by looking for opportunities to match up supply and demand, and legitimately take a cut of the transaction. I didn’t read the whole thing, but I doubt that they talk about the flip side of this “work.”

I read a classic Hacker News comment by a person who claimed that they were employed by 3 or 4 companies at any given time, and sent all of their work to 3rd-world countries, to be done by contractors. They “did nothing,” and collected multiple salaries. Except that… they didn’t “do nothing” at all. Managing all of this work would be a lot of work in and of itself.

See, in either the case of using TikTok to work the arbitrage, or in misrepresenting yourself as an employee (and not a outsourcing firm), this takes real work. You have to constantly be hustling. Not only that, but in doing all of these things, you’re going to frequently be getting mixed up, caught in the middle, and have people (from both sides) getting mad at you. You have to the special kind of person — e.g., a psychopath — for this to not affect you, if you want to do this sort of thing for any length of time. So this is hardly some sort of quick and easy way to get rich doing nothing.

Unseen Effort – The Daily WTF

The only downside to working for him was his disdain toward open source solutions. Anita couldn’t use any NuGet packages whatsoever; everything had to be built from scratch. She learned a ton while making her own JSON parsing library and working out OAuth 2.0 authentication.

Source: Unseen Effort – The Daily WTF

At the bottom of the article, there’s an in-line advertisement for a product which wraps NuGet with permissions. What a perfect way to deliver an ad. Is the whole story fake, in order to deliver it? And what a perfectly “corporate” product, to further exacerbate developer frustrations in large company environments.

Please don’t tell my company (Initech) about the existence of this product. I think there are several mid-level managers who would experience actual arousal at the thought of implementing it.

From Node to Ruby on Rails | D U N K

Building the web app in Rails took me 2 days – the same thing in Node would have taken 2 weeks. I’ve also included things I wouldn’t have attempted to build on Node/Express until I proved the idea out (editing a profile? Psht please – I’ll wait till someone requests that). People in the HN comments always accuse the Node ecosystem of making you re-invent the wheel for every project. But I thought that was just the way things were. Now I realize the truth to their words.

Source: From Node to Ruby on Rails | D U N K

I’ve been saying this for years, but DHH endorsed this writeup.

SQL Is Obnoxious

I find SQL obnoxious, due to its brevity. Getting complicated desired behavior from it sometimes requires clever understanding and combinations of very simple primitives. Because it’s taken me about 2 weeks (off and on) to work it out, I present, with no explanation, this code:

WITH vars (var) AS (
  SELECT UNNEST(string_to_array(ancestry, '/')::integer[]) FROM calibrations AS a
)
SELECT c.id AS cal_id, p.id AS param_id, t.id AS tuning_id, o.* FROM tunings t
  LEFT JOIN LATERAL json_array_elements(t.data::json) WITH ORDINALITY AS o ON TRUE
  JOIN variables v ON v.tuning_id = t.id
  JOIN calibrations c ON v.calibration_id = c.id
  JOIN parameters p ON p.label = t.label
WHERE c.id NOT IN (SELECT var FROM vars)
  AND t.data_type = 'Z_Axis'
  AND p.label = 'C_PME_GainFactor_Table'

OKAY | Why the status quo is so hard to change in engineering teams

Before we talk about how to prevent it, let’s see how learned helplessness can happen in a development team. There are 2 main patterns:

Pattern #1: Process-related Learned Helplessness

In this case, the team needs to follow processes that have either been externally imposed, or internally imposed but no-one remembers exactly why.

Pattern #2: Complexity-related Learned Helplessness

In this other case, the source of powerlessness is sheer scale and/or complexity. There is truly no-one who understands the emergent behavior of the system.

Source: OKAY | Why the status quo is so hard to change in engineering teams

So I’m currently reading the book Learned Optimism, by Martin Seligman, which just so happens to be the seminal psychological work which teaches people how to combat learned helplessness. I’ll skip trying to give a primer on the process, but the one key that I need to talk about here is that you have to be objective in finding explanations for negative things in your life. Pessimists generally blame themselves for everything, and we all know that’s not fair. Even pessimists wouldn’t blame other people for their own problems when it’s obvious that they aren’t, but they will happily continue to blame themselves for problems that they know they are not responsible for.

People often think I’m a pessimist, but I’m not. I’m objective. I’m so objective that it’s almost a superpower. In that objectivity, I often realize that I am the source of the problem. That may appear to others that I’m a pessimist. However, I’m not afraid of calling a spade a spade, and pointing out that a problem is someone else’s fault, either. And I’m about to explain how this whole topic of discussion is, in fact, someone else’s fault, it’s systemic, and it’s not going to change.

The quoted article found its way to “Hacker” “News,” but you have to understand that this is a blog post from a company which sells software that purports to solve these problems for teams of programmers. I say, “hogwash.”

Every one of the problems listed in the article is the result of bad management.

Period. There’s no getting around it, and there’s no sugar coating it. In the vein of the article, “there are 2 main patterns” why.

First, in our modern feudalism of corporations, the low-level managers are like barons, the middle managers are like earls, upper managers are like dukes, and the C-levels are like princes. Everything flows from the top down. Everyone is playing political intrigue for more power, in the only terms that the corporate structure can understand and deal with: budget and headcount. No one will deal with fixing a problem if it doesn’t directly contribute to their standing with their peers or superiors, and problems with software build systems, infrastructure, or technical debt are simply invisible to anyone not dealing with it directly.

Second, the days of building a company to last 100+ years is gone. J. Irwin Miller built Cummins into a world-spanning empire, and then retired. Then the company started implementing all the trendy business-school ideas, and was getting run into the ground. Miller came out of retirement and righted the ship, and then retired again. Those days of people caring about a company like this are gone. Everyone is out to “get theirs,” and then hit the brcks. Everyone knows this, but we still like to pretend that anyone in the bridge cares if the company actually survives in its efforts to make the next $100M.

From HR systems to compensation to benefits, companies are deeply, deeply afflicted with myopic vision. It’s driven from the very top, where every decision of significance is made in view of the almighty stock price. Corporate boards encourage this behavior by tying executive pay to stock options. For decades now, we’ve watched big companies sacrifice long-term performance for short-term gains, because it will net the corporate officers tens of millions of dollars in stock grants. If there’s any hope in this situation, it’s that most of the excess capacity in corporate America has already been wrung out (q.v., the recent supply chain issues), and there’s nothing left to pillage, either internally, or by corporate raiding. (The play now is to merge to form effective monopolies and duopolies, and extract all the profit from your market, but that’s another topic.)

When you combine a lack of visibility with a lack of vision, you get an appalling lack of concern for issues that the rank-and-file serfs deal with.

The fact that issues that programming teams deal with are highly-technical doesn’t matter at all. In fact, it works against them, because fixes are more expensive than in other teams. Say, like buying yet another web service, on top of all the others you already subscribe to, in order to apply metrics to problems that management will never fix, because they neither understand nor care.

There are a lot of examples I could write about here, but one stands out. I know of a person who was briefly involved with an effort to quantify the development process for his Fortune 150-sized company, much like the linked article. When he talked with a knowledgable insider about the system, it was one shocking revelation after another. The system was down more often than it was up. There was no way to estimate how long a build would take. There was no way to check on the current load of the system. There was no way to check on jobs, other than to log into a remote machine and tail a log file. The system wouldn’t even send out an email at the end of the build to indicate success or failure, because it would show how badly the whole thing performed.

So a “baron” in another group got the bright idea that they would oversee the writing of a dashboard to overlay metrics on the process, so that the “earl” who was responsible for it could “see what parts to focus on.” Let that sink in… Do you see the problem here? This manager thought that he would be allowed access to the various running processes of the system, to quantify, graph, and display them — like, on the shared screens in common spaces — when the owner of the system wouldn’t even allow emails about the success or failures of builds to be sent out, which is the most basic of all metrics, and which would have required only a single checkbox to be ticked. The mere idea of this project was so hopeless as to border on insanity.

The people responsible for the system already knew about its problems. They didn’t need metrics. They didn’t care! Whether that was from a lack of budget or a lack of headcount or a lack of technical ability or a lack of communication with other teams… none of that mattered. The people responsible for the system weren’t willing to spend their political capital to fix the problems of the system. And whether that lack of will came from their own political ambitions or a lack of understanding or a lack of vision… none of that mattered either.

The article talks about why developers get frustrated, and proposes that metrics will fix it. Their system won’t help, because, in most companies, it’s not about a lack of metrics. It’s a lack of will, motivated by personal ambition, gamed by incentivizing short-term productivity. As a developer in a group like this, you can blame yourself, or you can look for opportunities internally, or you can take your show to a different stage. All of those responses are in the HN thread about the article. We all have to find our own balance points between our predilections and our companies’.

As a developer, you can alter your internal “explanatory style” to move the blame for the problems you have to deal with to systems or software or people, but all of that misses the real point.

In post-modern, Fortune-sized, American corporations, the problem is management, and all management starts from the top. The corporate officers set the leadership paradigm the rest of the company will adopt, and they are being strongly incentivized against long-term investment in tooling and process. This mindset trickles all the way down to the bottom. If there are problems with “getting stuff out the door,” they will almost always hire more people, because that’s almost always the easier and cheaper solution than retooling an entire department with new software and process. And then, every 5-10 years or so, they will bury their failure to address actual productivity problems with yet another “reorg” or sweeping IT platform change.

Ruby on rails : problem of verifiying the SSL certificate while installing bundle

I’m new with ruby on rails and while creating my first project with this command rails new n_project, i got this error

run bundle installFetching source index from https://rubygems.org/ Retrying fetcher due to error (2/4): Bundler::Fetcher::CertificateFailureError Could not verify the SSL certificate for https://rubygems.org/.
There is a chance you are experiencing a man-in-the-middle attack, but most likely your system doesn't have the CA certificates needed for verification. For information about OpenSSL certificates, see .... To connect without using SSL, edit your Gemfile sources and change 'https' to 'http'.
Retrying fetcher due to error (3/4): Bundler::Fetcher::CertificateFailureError Could not verify the SSL certificate for https://rubygems.org/.
There is a chance you are experiencing a man-in-the-middle attack, but most likely your system doesn't have the CA certificates needed for verification. For information about OpenSSL certificates, see .... To connect without using SSL, edit your Gemfile sources and change 'https' to 'http'.
Retrying fetcher due to error (4/4): Bundler::Fetcher::CertificateFailureError Could not verify the SSL certificate for https://rubygems.org/.
There is a chance you are experiencing a man-in-the-middle attack, but most likely your system doesn't have the CA certificates needed for verification. For information about OpenSSL certificates, see .... To connect without using SSL, edit your Gemfile sources and change 'https' to 'http'.Could not verify the SSL certificate for https://rubygems.org/.
There is a chance you are experiencing a man-in-the-middle attack, but most
likely your system doesn't have the CA certificates needed for verification. For
information about OpenSSL certificates, see ...

Source: Ruby on rails : problem of verifiying the SSL certificate while installing bundle

I develop software using a pretty varied mix of technologies, including C#, VB, Postgres, SQL Server, and Azure services of all kinds, but mostly Ruby on Rails. After 15 years of using it, I find that it remains one of the most force-multiplying tech stacks in the world. With it, by myself, I can develop software faster than entire teams of outsourced, waterfall-managed, Java/React projects. (And I proven that multiple times.) Not only that, but the future is looking even brighter with Rails 7.

Anyway, I develop software on my personal MacBook Pro, upload it to a git host, and deploy it to a Linux VM on Azure. But my work-supplied laptop is, of course, a bog-standard, boring Dell running Windows. I feel an obligation to be able to use it to do everything I would normally do on my Mac, just in case the hammer falls, and they outlaw the way I work. So, on Windows, I use RubyInstaller. But, thanks to my company’s bog-standard industry practices of using Cisco products to lock down the laptop within an inch of usability, I’ve been unable to do a bundle update for awhile now, getting the error listed above.

I had previously worked around this situation by using CNTLM to tunnel command-line-based HTTP/S requests through my company’s firewall. This was no longer working.

I tried changing my Gemfile to use HTTP, instead of HTTPS. I tried getting gem to ignore SSL errors (and use HTTP sources). None of this worked either.

Yesterday, I had finally had enough of the problem, and decided to work through it. Helpfully, the error message included the fact that I was missing the Cisco Umbrella CA certificate in the certificate chain. Also helpfully, Cisco has a page where you can download their certificates, ciscoumbrellaroot.pem and crca2048.pem. Also helpfully, I found the linked StackOverflow Q/A. That got me started, and I finally figured out the RubyInstaller people have anticipated this problem. There’s a proper way of adding a certificate to your chain. Just drop the certs in C:\Ruby-xx-x64\ssl\certs. This allowed me to get rid of all the hacky workarounds, and now bundler works like I expect it to work on my work laptop.

Arch Linux

I finally took a look at Arch Linux. I started the process of installing it with Parallels on my MBP. I got to the GRUB configuration step, and then thought, “What in the world am I doing!?” And then I quickly deleted the VM and the install ISO. In the immortal words of Sgt. Murtaugh, “I’m getting too old for this.”