Qualities to Look for in a Software Developer

Just a list I’ve been maintaining for a while:

(Disclaimer: This list in no way implies that developers who don’t exhibit all of these attributes are terrible human beings who don’t deserve to live. But working with developers who exhibit many of these traits will probably result in a better experience over the course of your developer career.)

  1. Laziness, Impatience and Hubris – from the well-known (notorious?) Larry Wall quote
  2. Communicates well; is able to explain and communicate his ideas clearly, especially to nontechnical people; able to write good documentation
  3. Understands the concerns with scheduling and project management and communicates clearly with the team to avoid problems. This means: willing to speak up as soon as any problem is encountered that introduces any kind of risk; not bloating estimates or pretending that tasks take longer than they really do; not cutting estimates to make managers happy; 
  4. Cares about writing elegant code; understands the risks involved with code that is complicated or difficult to maintain; Understands the importance of data structures, algorithms and design patterns
  5. An attitude towards learning and self-improvement; owns up to his own faults; ready and willing (and often excited) to pick up new domains or technologies (and advises you of the appropriate schedule risk); Can easily pick up and learn new technologies and programming languages; recognizes and understands programming principles and able to carry them across to different domains or technologies; Able to study or learn new topics with minimal guidance;
  6. Understands engineering tradeoffs; able to tell you the differences in performance, storage, etc among different options.
  7. Works well with others: Willing to help with other people’s work when possible/needed; Has an open mind and willing to consider other people’s suggestions; Doesn’t take criticism personally; Chill AF
  8. Able to think logically and sequentially; able to break down a problem into a discrete set of solvable tasks; Able to investigate and find the cause of problems with minimal info; Able to think outside the box when necessary; Able to point out problems or logical inconsistencies with program requirements;
  9. Able to read and understand and maintain other people’s code; Can update code with the minimal possible changes to avoid breaking things;

Any other suggestions?

 

Online Discussions, Opposing Views, and Street Fighter

“If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle.”
― Sun Tzu, The Art of War

I was reading a forum thread recently about learning competitive Street Fighter. The poster was using a particular character (his “main”) and asking how he could learn to counter the attack strings of other characters. The answers from more experienced players were pretty much what I would have expected: you had to dedicate specific time and effort to each matchup you wanted to study. That meant going into training mode, looking at the opposing character’s attack strings and seeing where he could interrupt them or the proper way to answer them. It meant a lot of hard work too, since fighting games typically have a lot of characters. So reaching the top tiers meant understanding each opposing character in and out, knowing their strengths and weaknesses and so on.

I think it not only applies to competition, but also to any scenario where there is an opposing party or point of view. In order to make any progress or improvement, it is necessary to understand where the other side is coming from and study their motivations. Sadly, in online debates it often turns into the equivalent of a shouting match where everyone just screams out their POV hoping to brute force their opponent into some kind of “submission”.

Back to Street Fighter: When picking up a new fighting game, I typically try to sample all the available characters until I find one whose fighting style I like and am comfortable playing as “main” (hint: it’s often Ryu lol).

In the same way, in any online discussion it’s important to expose yourself to a variety of opinions, and not limit your discussions only to people with similar views. Political discussion online can get toxic so it becomes tempting to block out those views that you disagree with, but this tends to create an echo chamber effect. It’s a good idea to keep a healthy amount of opposing views on your feeds. Although where you draw the line is of course your own decision; Personally I try to avoid blocking any friends and have not yet had occasion to do so, although I do block any sites that tend to promote misinformation or stuff like racism.

Unlike competition, the goal of an online discussion (especially for sensitive topics like politics) isn’t really winning. Discussion should lead to some sort of progress or learning, or in the worst case, “agreeing to disagree”. But regardless of the outcome, understanding opposing points of view should give you valuable insights into your own views, and maybe even convince you to reconsider them.

The Simplest Code That Can Do The Job

So the other day I was reworking a Python script that I had been using for years on my home PC to manage and categorize some downloaded files for me. This time I wanted to add some smarter behavior to make it more able to figure out when to group files into folders without constantly needing manual intervention from me. To do this, I needed to persist some data between runs – so that the script remembers how it categorized previous files and is able to group similar files together.

Now since my software development career has largely been as an enterprise-y kind of developer, my first thought was to just use a database to store the data. I already had a MySql installation on my machine so that was fine, I just needed Python to interface with it. After looking up how to do it, I balked at having to install a new Python library just to connect to MySql and reconsidered.

As programmers, we have a tendency sometimes to over-engineer solutions because that’s what we’re used to doing. Did I really need a database for this? The data won’t be very big, and I won’t need to do any sort of maintenance on it, so maybe a simpler solution was in order.

I ended up just using pickle, which was already built-in to Python:

def load_db():
	all_series = {}
	with open(DATABASE_FILE, 'rb') as handle:
		all_series = pickle.load(handle)
	return all_series
 
def save_db(all_series):
	with open(DATABASE_FILE, 'wb') as handle:
		pickle.dump(all_series, handle, protocol=pickle.HIGHEST_PROTOCOL)

(Above code probably gives you an idea what kind of files I’m sorting…)

As an added benefit, I didn’t need to design any database schemas or tables or whatnot, pickle just lets me serialize the map as-is and reload it later from disk without any hassle.

I guess my lesson here was: don’t over-complicate things when something simple will work fine. Write the simplest code that can do the job.

Thoughts on Authoritarianism vs Democracy

“Democracy is the worst form of government, except for all the others.”
― Winston S. Churchill

In the current world political climate, it seems that in many instances democracy and the related values (equality, human rights, and so on) are increasingly taking a back seat to populism and increasingly authoritarian leaderships. One sometimes has to consider whether authoritarian states would in fact be more effective in this day and age. After all, China’s ascension as a world power shows that even authoritarian states are able to achieve great gains.

The allure of authoritarianism is understandable for anyone who’s been exposed to problematic democracies: progress is often held back by countless deliberations, committee meetings, legislative mills, and various other processes that mean elected officials are able to accomplish very little until it’s time again for them to think about the next election.

The authoritarian state on the other hand has the advantage of being able to push a singular vision, since it has concentrated power unto itself, it can set aside any dissent and other discussion, put its foot down and say “this is what we’re doing, let’s do it.”

I guess it might also seem to be easier on an individual level? You just have to trust your leadership (since you probably don’t have a choice) and not think too hard about things other than what’s going on in your own life. This is probably also why authoritarian states are more likely to try to get away with rights violations and such – people are more concerned with their own survival and their own lives and not too worry too much about the things the state is doing to “other people”.

The risk of course of such a single-minded “getting things done” attitude is: you might not be doing the right thing. When the state has concentrated power unto itself, there is a tendency to promote only those ideas and projects and whatnot that adhere to the state’s singular vision. Another problem is that anyone who dissents or holds different values than the authoritarian state’s singular vision can be labelled or vilified as enemies of progress.

Authoritarian states also have the tendency to set aside values commonly held in democratic states: freedom of expression and religion, human rights and equality, and so on, if they are seen to hinder progress. I guess you have to consider whether as a society, you are willing to sacrifice these values in the name of getting things done. And it’s sad when you find that many of your countrymen don’t consider democratic values all that important.

Democracy on the other hand, due to the nature of (in theory) every voice being given value, has a stronger tendency towards a diversity of ideas, so that more options are considered and thus theoretically better decisions are made. This mirrors the natural world, where genetic diversity allows a species to more easily thrive and adapt to changing circumstances. In the same way, we hope that by encouraging debate and dissent democracies are better able to adapt to the challenges the world presents.

Authoritarianism is great when you have leadership that you can trust to make good and wise decisions for the betterment of all. But humans are weak and fallible beings prone to faults such as arrogance, pride, greed, and so forth, so more likely than not the leadership in an authoritarian state cannot be trusted. While the same can be said of democracies (since in the real world there are no perfect democracies), at least in democracies we have a greater chance of being able to change the state of affairs to try something new.

 

Client and Server Validation in Web applications

Because of the nature of the web and the fact that you should never trust user input, all the validation in a web application should be done on the server side. You can additionally provide validation on the client side (via JavaScript), but this is only a concession towards a better user experience and should not be used as a substitute for server-side validation.

One would think that anyone with a basic understanding of how HTTP works would understand the above easily and any failure to practice it should be considered amateur hour. But in shops where most of the testing is done manually, developers can easily fall into the habit of adding the client-side validations (since failing to do so would earn them a bug report) and forgetting the server-side validations altogether.

The main problems are that (a) HTTP requests can be spoofed, they do not need to have come from a form submitted via a browser; and (b) even for forms submitted via a browser, the Javascript validations may have been tampered with on the client-side.

For explicit validations for which you wrote out some logic (for example: email address must be so-and-so format), it is obvious that you need that on the server side. But for some classes of validation you may forget to handle them especially if they do not explicitly generate errors in the webpage on the client-side.

First example: when the contents of a drop-down list are dependent on some other value on the form. On the client-side you probably already restrict the choices such that the user is unable to select an invalid combination so it doesn’t look like a check is needed. But on the server-side, you still have to check that the choice submitted for the drop-down field is a valid value given the other values submitted in the request.

Second example: when you hide or disable certain fields in the web page depending on some other value on the form. Same as above, you don’t need to add a specific check on the client-side since the user is already prevented from doing so by the UI. But on the server-side, you have to make sure not to save or process any values from those hidden/disabled fields if the other values on the form indicate they shouldn’t be processed.

Weak validations on the server side are dangerous because at the very least they will create bad data in your system and at the very worst may expose you to security vulnerabilities.

My 2016 in numbers

Random statistics from 2016:

  • 74 blog posts (total of 769 currently on this site, some imported from as early as 2002. The record for a single year was 148 back in 2008, but that was back when I didn’t do social media much so even short posts made it to the blog, delicious bookmarks were auto-posted here, etc.)
  • 50,135 words written for Nanowrimo
  • 321 sketches submitted to r/sketchdaily
  • Duolingo streak: 225 days
  • Answers written on Quora: 427
  • Programming languages/frameworks learned: 4
  • Instagram posts: 390
  • Facebook activity: 218 statuses, 178 links, 164 photos, 31 videos. You can generate your own report at Wolfram Alpha
  • New facebook friends: 39
  • People I unfriended due to political discourse: 0
  • People who unfriended me (probably due to political discourse): 1
  • Baptisms attended: 4
  • Weddings attended: 2
  • Wakes attended: 1
  • Games purchased (not including any I got for free for some reason): 19 (2 PS4 retail, 1 Wii U retail, 16 Steam including 3 from Humble Bundle)
  • Games “finished” (story/campaign completed OR achievement complete): 11
  • Best Hearthstone rank: 9
  • Best Duelyst rank: 7
  • Average points per turn in Words with Friends: 26.5 (up from 25)
  • Books read: 30 (year target was 52). Here’s the list.
  • Things watched on Netflix: 880
  • Quiz nights attended: 11 (we won prizes 8 times, first place 5 times)
  • Uber trips: 22
  • Minutes spent outside walking or running: 21,772 (slightly under 59.5 minutes per day)
  • Donuts eaten: 4
  • Times I won the lotto: 0
  • Bears defeated in single combat: 0

New Year’s Checklist

In no particular order:

  • Greet your loved ones and friends and anyone else you hold dear. Maybe even those you disagree with
  • Ponder why people give so much significance to the transition between an arbitrarily-chosen pair of 24 hour periods
  • Take stock and reflect on the past year
  • Think about what you’d like to learn this year or how you want to improve
  • Count your blessings for the past year and be grateful
  • Change your passwords
  • Buy a new toothbrush
  • Make a New Year’s joke (“My New Year’s Resolution is 1440×900!”)
  • Set a target of how many books you’ll read in 2017
  • Choose the first book to read
  • Throw away a few things you no longer need
  • Make a list of where you will travel to in 2017
  • Check out what movies are coming out this year and which ones you want to watch
  • Audit your financials – where is your money going, how much do you owe, how much are you earning, where should you invest, etc
  • Make another New Year’s joke (“I haven’t taken a bath since last year!”)
  • Pick up your keyboard and shake out all the grime that’s gathered there over the past year
  • Make a list of projects you want to do in 2017
  • Choose something from the past year that you’re going to stop watching or doing
  • Eat your favorite food. Or ice cream. Ice cream is great.
  • Remember that there’s a new episode of Sherlock today (well January 1 in the UK)
  • Get rid of 2016 calendars
  • Make a list for the new year!

Review: Xenoblade Chronicles X

Just in time for the end of the year, I finally finished Xenoblade Chronicles X, which I started playing around the first week of August (5 months!), with 120+ hours of game time. The game doesn’t have the best graphics (WiiU, etc), but I really like how it looks and how the world is built and all the different environments and the weird and sometimes absurdly large beasts.

There’s a whole lot of stuff to do in-game. It plays mostly like a single-player MMO, with party members that act on their own and most skills on a cooldown. There’s a ridiculous number of quests and items to grind for, I’m even tempted to still continue with the post-game content (if only I didn’t have FFXV waiting for me!), as I’m only at around 70% completion.

The story was okay, at many points well-told and hitting a lot of emotional highs (although some of the characters felt a bit over-acted). The ending was… well, kind of sequel-baiting. A mixture of disappointment and confusion and hope haha. I don’t imagine that they’ll have a sequel set in the same universe/timeline, so it felt a bit like they made up a ridiculous explanation that would attempt to explain some of the nonsense that happens in the game.

Here’s an imgur album with some stuff I screen-grabbed along the way:

Cleaning up your Code

In one of my most recent projects, a large system that had gone through a relatively long and unstable period of many, many changes due to sales demonstrations, different clients and whatnot, one of the “fun buffer tasks” I always kept around for devs was code cleanup. Because of the unstable nature of the project, there was always a lot of duplication, unused/unnecessary/obsolete classes/functions/files and so on. Unnecessarily large CSS files where most of the selectors were no longer really needed or JS libraries that weren’t actually used. That kind of thing.

It’s one of those things that you’ll never get official approval from management to do, so you have to somehow sneak it in during your daily tasks. But it’s important for a couple of reasons:

  • Having too much cluttered code makes your system a lot harder to grok. That means new developers will have a much higher learning curve, and existing developers will find it difficult to be assigned tasks in modules and functions they’re not familiar with. Lower understanding means more bugs, lower quality and so on.
  • Having a lot of unused files, classes, functions, etc. bloats the build process (making build times longer, extending development cycles) and makes build files bigger (extending deployment times)

A lot of developers prefer not to throw away old code, for fear that “we might need it later”. They would prefer to just comment them out in large blocks (making the code a lot more unreadable) or just leaving dangling functions/classes unused. The reason is hogwash of course, since you should be using source control, and source control means never being afraid to delete old code. (Of course, you should make sure what you’re deleting is really no longer in use!)

 

Decluttering

I traditionally try to save some time on the week between Christmas and New Year’s Day to do some cleaning up and decluttering of my stuff. One would assume that having more time meant I would be better able to organize my stuff and all that, but one would be wrong. My room still has stacks of books, toys, Magic cards and other stuff in random places.

Or maybe I just have too much OCD that I want everything to be neat and organized, but I’m not industrious enough to make it happen. I’m sure there are people a lot more cluttered than me.

Towards the start of the year, I told myself I should throw out/get rid of/dispose of at least one thing a day. It’s one of those relatively easy things to do I haven’t been able to maintain.

Why do we keep around all this old stuff we don’t need?

Part of it may be from a mentality of scarcity – we don’t want to throw away stuff for fear of finding out that we may need it later. But reasonably, if you haven’t used a thing in years, maybe you’ll never use it and even if you had need of one, how difficult would it be to find one again? Some kind of pack rat mentality. I know a few of my friends who would be very familiar with this.

Other things we keep around for some sort of nostalgia or as keepsakes of other people and faraway places. That’s fine I suppose, but maybe one shouldn’t put too much value in things that don’t actually have them. Case in point: I have a bunch of rocks here from different countries I visited in Europe, haha. Pictures, letters, and other personal keepsakes one might consider digitizing and storing in the cloud.

Having a cluttered space has a cost, one that’s difficult to ascertain or quantify. Not only do things look messy, but things are harder to find when you need them most. There’s also a strange satisfaction that comes from achieving a fine, organized space (before it all falls back into chaos of course.)