it's not a war Netanyahu is killing innocent people and taking a full population hostage.
Also, most of the people in Gaza are not Hamas members and are regular civilians. What Natanyahu is doing is basically analog to the following:
A killer take a member of your family as a hostage (Hamas in this case is the killer) so you decide to kill a member of their family every hour until they release your beloved one. Do you think that this is acceptable or are you trying to make it acceptable?
Do you know why you have so many videos of buildings being destroyed in the Gaza strip? Because Israel warns away civilians before destroying them. Doesn't sound to me like Israel is trying to kill civilians.
I often stack PRs to emulate the practice described by Mitchell but it's not ideal as if you need to change an underlying PR l, you need to rebase all of the dependent PRs.
There are tools that solve this problem! I work on one (Graphite), but there's also plenty of others like git-branchless and Sapling. All three of these are inspired by Facebook's internal fork of Mercurial (with Phabricator/"Diffs" for reviewing) -- Google has a similar model with Piper/Critique CLs, with Gerrit as the open source result.
So Facebook is still using Phabricator? Somehow I suspected that they had abandoned it since they seemingly stopped being involved in the open source Phabricator project.
There's a ton of cli tools to automate maintaining a stack of PR's, with new ones coming out all the time. I've seen 'spr' for a long time, and recently there's graphite's and even aviator came out with 'av'.
All supported by Reviewable, of course (sorry for the shameless plug!)
I don't see code review as an overwatch but a good communication tool and a way to think about problems collectively. Code review reduce bugs because it permit to have people think about the problem from multiple angles. About decisions, I think important design decisions need to be taken prior to the code review steps ,and also reviewed.
I'm not sure what context you worked in that gave you that opinion about code review being a sign of distrust and I think the problem lay within the culture in those places not the code review practice it self.
I don’t mind code reviews so I’m not really defending who you’re replying to. There is another way to think about this tho and I actually have found this practice to be light years more effective than code reviews. Where I work we have a practice where before you start doing a ton of work on your card/ticket you should find someone on your team, explain the problem to them, and show them how you’re going to do the work. This gives your teammates an opportunity to give you feedback before anyone has done anything, and you can both poke holes in design decisions before anyone has done anything they feel strongly about. If you do this process 95% of code reviews are pretty much worthless.
I fully agree, we also do this and this is the design review I alluded to.
That said, I think both have different purpose. The design review is more about the approach and the high-level implementation. The code review is about the implementation details.
Also, a great aspect often overlooked around code review is that it's a great teaching tool if used right. Asking question go a long way and make both the reviewer and the reviewee learn.
Code review is often looked to as a senior watching over what juniors are doing. In my experience it should be done for all levels and even juniors should review seniors PR as they can bring novel perspective and at least learn from the code by reviewing it.
I'm gonna rephrase my previous point. What you say makes sense, but only if you understand that it takes away time, money and energies and after knowing it, and the impact of all this time drag you determine it's worth it.
Might apply to huge products making millions $ every day. Sure, delivering a bug will be expensive.
Might apply when you can't trust your colleagues (not skilled, reasonable or experienced enough).
Might apply if your code is niche but mission critical (maybe some safety system on a car or a dangerous tool, or surgery equipment).
Of course I agree with all you said.
But you're writing some Java/TS web app which isn't raking much money, or has still to be launched, or your biggest focus is time to market to beat competitors and you're wasting time on code reviews the author hasn't requested?
In this scenario (my current client) I want to have a team I can trust and gets stuff done. This does not imply that CRs don't happen or design isn't discussed, but it happens when it brings value or it is needed. And I like it that way, where we can build stuff, rather discussing how to build it.
If we want to include the cost of a code review into the equation we should also include the cost of fixing a big that made it to production which is in most of the cases higher then code review. Skill is not a factor here, I work and worked with some of the best engineers in the world and everyone write buggy code sometimes. Software engineering is a complex practice.
If you are writing some prototyping code or some code that will never make it to production or in a very early stage of a startup, sure I can understand your point.
If you are going through writing the do-nothing script anyway why not do a do-something script and remove the error prone human out of the loop, it also can serve as documentation and if you are disciplined enough to never make a change other then trough the automation you can have the benefit of source controlling it and have documentation with historical context
I happen to have just written a do-nothing script, so I can answer why I found it helpful vs. a do-something script.
- I am still developing the procedure in the script, so it is premature to automate. A do-nothing script still benefits you by telling you exactly what to do - in my case, spitting out exact commands to run - but you can assess its steps before performing them.
- The script still gathers a lot of information and associates it together in order to figure out the correct commands. That work is valuable all by itself.
- Even though you have to run commands yourself, it's copy-and-paste vs. hand-typing, so it's already less error-prone.
- The script documents the procedure even without automation, so the benefit is immediate.
Now, I think that it's better for a do-nothing script to _evolve_ into a do-something script. But, if that effort is delayed or never happens, at least you've got something.
A do-something-script is more work to make than a do-nothing-script, which can basically be just be a better tasklist with abstract instructions. Similar, the human may make more errors, but he is also more likely able to fetch errors and correct the script for changes which happened till the script was written.
> If you are going through writing the do-nothing script anyway why not do a do-something script and remove the error prone human out of the loop
You will, eventually, ideally.
But that's extra up-front cost (especially when do something involves a complex integration), the do-nothing script crystallizes the definition of the existing manual process allowing incremental automation of steps (also, making a to-do list for automation.) It is an example of “do the smallest useful unit of work”.
You have comprehensively missed the point. And your questions are answered in the article:
> At first glance, it might not be obvious that this script provides value. Maybe it looks like all we’ve done is make the instructions harder to read. But the value of a do-nothing script is immense:
> * It’s now much less likely that you’ll lose your place and skip a step. This makes it easier to maintain focus and power through the slog.
> * Each step of the procedure is now encapsulated in a function, which makes it possible to replace the text in any
given step with code that performs the action automatically.
> * Over time, you’ll develop a library of useful steps, which will make future automation tasks more efficient.
> A do-nothing script doesn’t save your team any manual effort. It lowers the activation energy for automating tasks, which allows the team to eliminate toil over time.
90% of a code review is not about finding THE BUG in the PR but asking questions and making the author find his own bugs or learning something from him.
If you are performing a code review hunting for bugs you already lost your humility and think you are better then the PR author.
Have you ever written some text, and re-read it, and it sounded just right, and had someone else read it, and they said "what does this mean"? Sometimes the words you write are sufficient to trigger in your own head the thoughts you've already had, but not enough to make someone else think those same thoughts.
Code can be like that, too. You write code, and it's enough to convince you that it does what you think it does. But someone else reading it can sometimes see the holes that you don't see.
Assuming that person X writes bug-free code is bad, whether X is "you", "me", or "that co-worker".
I don't have to be better than the PR author. I just have to be decently good, and be a different person. That's enough.
And of course I'm looking for bugs. That's the absolute first thing to look for!
Now, true, if I can help the author be able to see their own bugs (asking questions, maybe), then that's probably better than me just lecturing them. Teach them how to think so that they can see it themselves next time.
I'm not saying that you will never find bugs in someone PRs I'm just saying it shouldn't be your first intention, your first intention should be to understand it and be convinced by it. Finding bugs will be a side effect of that.
If you reading the code to execute it in your head and find all the weird combination that could trigger a core dump, you should probably check if the author wrote tests for those use cases instead and comment about missing tests.
Genuine interest in others work can go a long way compared to imagining how would you solve it like the article author said.
That's a simplistic way of defining security needs. for example, you can be a dissident originated from a country that threaten your life and need an extra layer of security to avoid being blackmailed or killed.
Based on the high level description given in the article it seems to be related to enum lookup or net number. It's basically a kind of DnS lookup for phone numbers used for sms routing. Also this is used for routing sms that are belonging to a user to an application (in case you want to reroute your sms to an application). The company will change the enum code for the number to a.code that belong to the company and reroute the messages to its services.
So the hack is not really a hack in a sense that it work as intendant, the safety net is missing though. The company operating the enum is supposed to check the legitimacy of the change.
If you give a fully loaded programming language to a programmer to write configuration, It's almost a certainty that you will end up with a program in your configuration file.
With great power come great responsibilities but unfortunately not all of us are super heroes.
Also, most of the people in Gaza are not Hamas members and are regular civilians. What Natanyahu is doing is basically analog to the following:
A killer take a member of your family as a hostage (Hamas in this case is the killer) so you decide to kill a member of their family every hour until they release your beloved one. Do you think that this is acceptable or are you trying to make it acceptable?