I'm not sure if a CodeClimate plugin could check for this.
I do know that all Lambda Security products will scan for sensitive information but then you have to go serverless and pay for said service.
I like how Amazon Macie can detect (Personally identifiable information) PII and api credentials.
I guess if you're CI/CD is CodePipeline and CodeBuild which places artifacts (zip folders) of your codebase in S3 that maybe Macie could detect these issues. Uncertain if it can peak into zips.
You're the second person to mention this in a few days. We (as in devs who don't share this dread) need to be better at communicating how to use these DBs because they are so important as you said π
Thanks! We just happened to find a somewhat-critical error on Google Analytics and decided to pull the trigger ASAP to get it fixed. Shouldn't be too traumatic of a deploy :)
Awesome! Late night deploys suck, we have to in some cases to reduce user downtime. We had to recently migrate an entire AWS VPN - business team was "shipping their pants". It went fine with minimal downtime. Which leads to a question, when should Developers NOT tell business about some changes? I have found that sometimes they make things worse off than they should be.
A London Web Developer. A lot of my professional experience is in digital agencies and I enjoy helping new front-end developers learn how to code websites.
If they are asking, you don't need to say yes. If you need to get out the building before this, then they are not asking you, in which case you need to LEAVE THAT JOB!
Been using UNIX since the late 80s; Linux since the mid-90s; virtualization since the early 2000s and spent the past few years working in the cloud space.
Location
Alexandria, VA, USA
Education
B.S. Psychology from Pennsylvania State University
I think the goal should be to get to the place where this isn't a big deal. Testing in production should be a thing. That's not a trolling comment, and I'm dead serious.
Get to where you can deploy multiple times a day, every day, all day.
For reference, read stuff by Charity Majors about observability.
I understand the dread and I've felt it. I know I'm weird but writing tests or reverse engineering something is a great way to learn how something works :D
I am a Software Developer for a top 50 Fortune 500 Company where my team specializes in Dev-Ops, by night I am a web developer trying to sharpen my skills and enhance my personal website project!
It happened to me not to long ago but using a Mongo function to clean a database and then wiping out all of the data luckily Mongo has an import function and we had a backup!
Software Engineer @SciFY.
Live to learn something new -and write cleaner and more sustainable code- every day.
Passionate with learning and discovering new technologies, history, and psychology.
Oldest comments (119)
Internet Explorer
I hate it so much.
Pushing/releasing sensitive information/data π°
I'm not sure if a CodeClimate plugin could check for this.
I do know that all Lambda Security products will scan for sensitive information but then you have to go serverless and pay for said service.
I like how Amazon Macie can detect (Personally identifiable information) PII and api credentials.
I guess if you're CI/CD is CodePipeline and CodeBuild which places artifacts (zip folders) of your codebase in S3 that maybe Macie could detect these issues. Uncertain if it can peak into zips.
One Word: Databases :D
So important, yet so dangerous if you're not good at them.
You're the second person to mention this in a few days. We (as in devs who don't share this dread) need to be better at communicating how to use these DBs because they are so important as you said π
Iβm ok at them after a couple years having to manage some, but with legacy DBs with bad tooling I get very nervous ;)
A toxic unsupportive work environment.
The interview process
Production releases on a Friday evening π
πππππ great
Doing this today. Yeah...
Good luck π
Thanks! We just happened to find a somewhat-critical error on Google Analytics and decided to pull the trigger ASAP to get it fixed. Shouldn't be too traumatic of a deploy :)
Hope you have some good CI/CD for that :-)
Yup! Jenkins rules :)
It didn't go as well as it could (some repo drama), but we managed to get stuff done. Yay!
Awesome! Late night deploys suck, we have to in some cases to reduce user downtime. We had to recently migrate an entire AWS VPN - business team was "shipping their pants". It went fine with minimal downtime. Which leads to a question, when should Developers NOT tell business about some changes? I have found that sometimes they make things worse off than they should be.
Been there, done that. Leave before they ask you to work weekends.
If they are asking, you don't need to say yes. If you need to get out the building before this, then they are not asking you, in which case you need to LEAVE THAT JOB!
Don't forget, "when a critical resource is starting two weeks' PTO the next day".
That's bringing it to a whole other level π
I think the goal should be to get to the place where this isn't a big deal. Testing in production should be a thing. That's not a trolling comment, and I'm dead serious.
Get to where you can deploy multiple times a day, every day, all day.
For reference, read stuff by Charity Majors about observability.
exactly :)
Integration and its best friend: "It works on my computer!"
Screwing up authentication and leaking data.
Hopping into an already existing project that has no tests.
110% this.
I understand the dread and I've felt it. I know I'm weird but writing tests or reverse engineering something is a great way to learn how something works :D
You shouldn't have to but still...
See it as an exploration adventure :D
Change.
This.
youtube.com/watch?v=eUHBPuHS-7s
It happened to me not to long ago but using a Mongo function to clean a database and then wiping out all of the data luckily Mongo has an import function and we had a backup!
Deploy in production the Friday at 4PM for 5PM.
A huge major bug in a project I am the only developer, happening while I am on vacations... :(
Customer complaint on a Friday evening :)
Some comments may only be visible to logged-in visitors. Sign in to view all comments.