• BearOfaTime@lemm.ee
    link
    fedilink
    arrow-up
    5
    arrow-down
    6
    ·
    1 month ago

    “mistake”

    I call BS. The reviews I’ve gone through for trivial stuff would’ve exposed this.

    This was intentional.

    • HiddenLayer555@lemmy.ml
      link
      fedilink
      English
      arrow-up
      9
      arrow-down
      2
      ·
      1 month ago

      Hanlon’s Razor revised: Never attribute to malice what can be attributed to incompetence, except where there is an established pattern of malice.

      • BearOfaTime@lemm.ee
        link
        fedilink
        arrow-up
        1
        ·
        1 month ago

        Then incompetence at a level that’s incomprehensible.

        A code review certainly exposed this, and some manager signed off on the risk.

        Again, changes I make are trivial in comparison, and our code/risk reviews would’ve exposed this in no time.

    • masterspace@lemmy.ca
      link
      fedilink
      English
      arrow-up
      5
      arrow-down
      1
      ·
      1 month ago

      Yeah, cause trivial systems are a lot easier to parse and review. At a base level that’s nonsense logic.

      • BearOfaTime@lemm.ee
        link
        fedilink
        arrow-up
        1
        arrow-down
        1
        ·
        1 month ago

        My point being the extensiveness of a review process.

        The more important a system, the more people it impacts, etc, the more extensive the review process.

        Someone chose to ignore this risk. That’s intentional.

        • masterspace@lemmy.ca
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 month ago

          You quite frankly, don’t know what happened and if you’re confident it’s intentional, all that says is that you’re a grump who likes to complain.

      • BearOfaTime@lemm.ee
        link
        fedilink
        arrow-up
        1
        ·
        1 month ago

        I generally agree.

        But any decent code review process would’ve exposed this, or at least a data surveillance system that checks this stuff. I’ve received a few notifications about my logs storing inappropriate data, as a result of a scanning system.

        Some manager knew about this during a code review, and signed off on the risk because it was only in-house.