|laziness, impatience, and hubris|
Re: What quality is your company's code?by HaB (Sexton)
|on Dec 07, 2000 at 01:12 UTC||Need Help??|
In my short (just over 2 years) time as a developer, I have seen an overwhelming trend towards security being a complete afterthought. Out of the 3 jobs I have had, none of them used strict, or modules (aside from DBI), or any kind of data integrity checks (-T or otherwise).
I will say however that except for one, none of them had specific perl developers, but rather guys who were C or java guys, who would hack perl with the camel book firmly in hand.
More startling than the lack of security to me, tho was just plain bad style issues. 500 line programs that used NO modules and NO subroutines. Just one big long while(1) loop. I know perl isn't the strictest language when it comes to style, but c'mon. It was like they wrote some of this stuff thinking they would never have to look at it again.
Then we have the company I'm currently at, who had 2 of their major internal tools written in perl by someone who (I think) learned on Perl4, and never bothered to pick up anything new since then. His subroutine count record is 2 in a 650 line program, and that's including the main loop. They were so soured on perl at this point, that I was actually only called in to document existing code, so they could support it until they came up with another solution. Luckily for me (and them), I have managed to show them a lot more about what the language can do, to the point where the new solution was to let me rewrite the tools for them, since perl is already implemented on all the machines that run them.
Sadly, instead of job-related checks and balances my code review usually is limited to a PM posting, or a post to a mailing list. I think some of the lack of QA I've seen at work stems from ego. I had a posting just today on the Perl-TK mailing list that was asking if there was a better way to do something I had already done, and I got an answer that was so simple and so obvious that I just had to grin at the sheer elegance of it. I mentioned it to a friend and he said that he finds that kind of thing bittersweet. I asked about the bitter part, and he said he always feels lame about not seeing it himself. Bah on that. I don't claim to have all the answers, and I'm more than glad to let other eyes review something I've done for the sake of it being better code, not to mention my own education.
Just my $0.02 worth.