WTF Bites

topspin

@Bulb said in WTF Bites:

@topspin I don't know about Matlab, but Atom and PyCharm are keeping the plugins there—after all you can install them for yourself and you normally don't have write access to the installation directory, so that's the only place to put them. And for these tools, plugins is where all the useful bits live. So at least those have an excuse for storing more than a couple of changed settings.

This directory also contain caches, see https://www.jetbrains.com/help/pycharm/2019.3/tuning-the-ide.html#default-dirs

Good to know, thanks.

And caches are huge. They contain all known libraries, fully indexed for fast searching by various parameters (including fulltext, return/parameter type, etc). Less than 1/2 GB is actually rather small - my cache is 6.5GB right now (and that's just cache; plugins and settings are in a completely different location on mac). Preferences alone is actually just 5kB (plus JDBC drivers and shelved commits).

In any case - definitely something that should never, ever touch NFS!

Yeah, I don't see how reading files from there would be faster than just reading files from where they are to begin with. Can you just disable the cache?

@topspin I suggest you move that cache away ASAP.

Good old rm -r did the trick.

Bulb

@boomzilla said in WTF Bites:

Still, the environment variable would not have been something I'd have considered, if only because they're such a pain to maintain, etc, vs having it stored in / as a file somewhere.

Ultimately it is stored in a file—or database—somewhere, just the storage is decoupled from the application itself. The launcher—be it systemd, docker, kubernetes or something else—reads the environment variables from some file or database and passes them to the application. That way you don't have to care where the application will run when you write it, because you know everything will have environment variables—while getting config files in the right places may be more tricky (not in Kubernetes though; there both are easy).

Bulb

@topspin said in WTF Bites:

Yeah, I don't see how reading files from there would be faster than just reading files from where they are to begin with.

Reading the indices from the cache is faster than parsing and basically compiling the files from where they are though. It isn't the original files there.

Good old rm -r did the trick.

But you'll have do it again shortly as it will rebuild the cache. You really want to direct the cache somewhere on local disk instead.

It's really using directories like .PyCharmCE2019.3 directly in ~ that is . That's what we have the XDG base directory specification¹ for. If they followed it, the caches would go in $XDG_CACHE_HOME/PyCharmCE2019.3 and your environment would just set XDG_CACHE_HOME to somewhere outside the NFS mount (default is ~/.cache) and call it a fortnight and you'd have no problem. But after all the years that specification exists most applications didn't learn to use it, so we have this shit (then, Windows has it's specification for the same purpose even longer and many applications use it wrong anyway too).

dkf

@Bulb said in WTF Bites:

It's really using directories like .PyCharmCE2019.3 directly in ~ that is . That's what we have the XDG base directory specification[¹] for. If they followed it, the caches would go in $XDG_CACHE_HOME/PyCharmCE2019.3

Put this in your .profile, job done!

export XDG_CACHE_HOME=`pwd`

Bulb

@dkf That won't work. .profile is executed with PWD=$HOME and Bourne shell does not have any lazy variable expansion like Make. In this case the caches need to go to some /var/cache/user/$UID or /tmp/cache-$UID or something like that. Must be writable by user, on local disk, and may be cleaned on reboot, though cleaning it on some condition like the user didn't log in for a month would be better.

Gąska

@Bulb said in WTF Bites:

Bourne shell does not have any lazy variable expansion like Make.

And I'm so glad it doesn't.

dkf

@Bulb said in WTF Bites:

.profile is executed with PWD=$HOME

Bulb

From the codebase of current project:

// created custom deleter with "no op" to avoid cppcheck errors
shared_ptr<http_initech_de_DE_PT_Projectum_Configuration::Document> pIpcRequest(
        new http_initech_de_DE_PT_Projectum_Configuration::Document(true),
        [](http_initech_de_DE_PT_Projectum_Configuration::Document *){});

Notes:

The namespace is generated by xmlplus from the xml namespace http://initech.de/DE_PT/Projectum and root element Configuration.
I think something takes ownership of the object later in a way cppcheck can't see.
The company has some quality metrics and keeping the cppcheck error count low is part of that. It does not help the readability of the code (it is of the spaghetti with meatballs variety), but at least catches some bugs, which is better than poke in the eye.
But instead of properly marking the ownership, or at least suppressing the error with a sane comment, we have this.

Gąska

@Bulb said in WTF Bites:

The namespace is generated by xmlplus from the xml namespace http://initech.de/DE_PT/Projectum and root element Configuration.

And as usual, this C++ code is written by people who don't really know C++ and don't realize namespace aliases are a thing.

I think something takes ownership of the object later in a way cppcheck can't see.

What do I trust more - a very popular static code analysis tool that's renowned for its very low false positive rate, or somebody that put an empty deleter in shared_ptr?

bobjanova

@Bulb said in WTF Bites:

Do you encrypt, in the application, the password the application uses to access the database—and give it another password to decrypt the first one?

We do essentially exactly that yeah ... the password is in config but encrypted, and the decryption key is elsewhere in the application. This is not protection against a targeted attacker with access to our code, but it is protection against a config file getting leaked or to an attacker who doesn't know where in the massive pile of code and JARs to look to find the decryption key.

I know it sounds silly but actually I think this is a layer of protection that is worth it.

Kamil Podlesak

@Bulb said in WTF Bites:

@topspin said in WTF Bites:

Yeah, I don't see how reading files from there would be faster than just reading files from where they are to begin with.

Reading the indices from the cache is faster than parsing and basically compiling the files from where they are though. It isn't the original files there.

Yes, this. Without these indexes, simple autocomplete could easily take 5 seconds or even 5 minutes. Do not want.

Good old rm -r did the trick.

But you'll have do it again shortly as it will rebuild the cache. You really want to direct the cache somewhere on local disk instead.

Although... it's definitely a good idea to delete old versions. They are kept only for the possibility to run older version (or several versions at once), which is kinda theoretical.

It's really using directories like .PyCharmCE2019.3 directly in ~ that is . That's what we have the XDG base directory specification¹ for. If they followed it, the caches would go in $XDG_CACHE_HOME/PyCharmCE2019.3 and your environment would just set XDG_CACHE_HOME to somewhere outside the NFS mount (default is ~/.cache) and call it a fortnight and you'd have no problem. But after all the years that specification exists most applications didn't learn to use it, so we have this shit (then, Windows has it's specification for the same purpose even longer and many applications use it wrong anyway too).

Actually, looks like it is already implemented
At the very least, the default locations are now conformant

bobjanova

@Bulb don't you have @SuppressWarnings or //NOSONAR equivalents in cppcheck? For the case where this is actually a warning that you legitimately know better than the static analysis tool, at least.

Bulb

@Kamil-Podlesak said in WTF Bites:

Actually, looks like it is already implemented
At the very least, the default locations are now conformant

Took them mere 12 years to do it. And it's from 2020.1 only (maybe @topspin actually has 2020.x already and all those directories are holdovers from the distant past, in which case there might actually be some improvement now).

Bulb

@bobjanova said in WTF Bites:

@Bulb don't you have @SuppressWarnings or //NOSONAR equivalents in cppcheck? For the case where this is actually a warning that you legitimately know better than the static analysis tool, at least.

Of course cppcheck has // cppcheck-suppress. That's why it's a .

Bulb

@Gąska said in WTF Bites:

@Bulb said in WTF Bites:

The namespace is generated by xmlplus from the xml namespace http://initech.de/DE_PT/Projectum and root element Configuration.

And as usual, this C++ code is written by people who don't really know C++ and don't realize namespace aliases are a thing.

I fear it would only make the code even less readable. That's what word completion is for.

I think something takes ownership of the object later in a way cppcheck can't see.

What do I trust more - a very popular static code analysis tool that's renowned for its very low false positive rate, or somebody that put an empty deleter in shared_ptr?

I don't trust either here. The ownership rules around sending XML requests over that IPC mechanism is wacky enough that cppcheck can't understand it, at least not without some hint. But of course the “fix” is insane.

TwelveBaud

@topspin said in WTF Bites:

For some reason, then, IT decided forever ago to have a ridiculously tiny quota for home directories of 5GB. That's a bit of a side- but shouldn't be a problem.

alt detected!

Zerosquare

No, he said "but shouldn't be a problem", not "BECAUSE THOSE IDIOTS ARE STUCK IN THE MID-NINETIES BACK WHEN 5 GB OF STORAGE COST MORE THAN A DIME WHARGBLLL!!!".

topspin

@TwelveBaud said in WTF Bites:

@topspin said in WTF Bites:

For some reason, then, IT decided forever ago to have a ridiculously tiny quota for home directories of 5GB. That's a bit of a side- but shouldn't be a problem.

alt detected!

IDGI.

I mean, it was a bit of a rant, but far from a Blakey-rant.

TwelveBaud

@topspin By far his most frequent rants were about how everyone assumes $HOME/%HOME% is always local and has infinite space to dump anything and everything. His rants were about Windows machines and how nobody ever uses %LOCALAPPDATA%, while your troubles arise because nobody ever uses $XDG_CACHE_HOME, but in both cases -- quite possibly the same software -- not using the proper place causes easily-preventable-had-they-read-the-god-damn-docs problems.

Bulb

@TwelveBaud said in WTF Bites:

%LOCALAPPDATA%, ~~while~~ and […] $XDG_CACHE_HOME

They are the same concept. Pretty much exactly, and quite intentionally.

Applied Mediocrity

And then there are those who put config files in %LOCALAPPDATA% (good) and then put documents in Documents (they absolutely insist on having some stupidly named "My Fllozigsjdjg 2018 Projects" folder, but ok). AND THEN STORE MORE CONFIG AND TEMP WITH THE GODDAMN DOCUMENTS

dkf

@Applied-Mediocrity said in WTF Bites:

And then there are those who put config files in %LOCALAPPDATA% (good) and then put documents in Documents (they absolutely insist on having some stupidly named "My Fllozigsjdjg 2018 Projects" folder, but ok). AND THEN STORE MORE CONFIG AND TEMP WITH THE GODDAMN DOCUMENTS

But don't worry, they'll also put your save files in %LOCALAPPDATA%!

cvi

To be fair, if e.g. Visual Studio started dumping it's enormous caches (IntelliCrap and related) into %LOCALAPPDATA%, I'd probably be more annoyed. Right now it's in the .vs folder in the project by default -- this way I at least get to occasionally wonder why the project is taking up 8GB of disk space again, and nuke that. Digging around in %LOCALAPPDATA% would be far more annoying (and probably create subtle errors when there are two different copies of the same project).

boomzilla

Trying to get my son's ass in gear in terms of homework. He's missing a variety of assignments from a variety of subjects. They changed the policy for this semester so that they can turn assignments in until the end of the quarter. Which is good for him.

It's currently 3rd quarter and I'm trying to get a handle on what he needs to do. The online system has a "Gradebook" section where you can filter by the subject and the quarter (and then into the quarter final test and final grade?!). The quarter stuff gives you the grade for the quarter but it keeps all the old assignments in there. And they're counted in totals of stuff like, "3 assignments missing."

Of course, that assumes that the teacher keeps on top of everything. There have been times where I've gotten a progress report a week or two before the grading period where all his grades look decent, then, BAM, they process the backlog of several weeks, only to reveal that he's got a bunch of missing shit and the shit grade to go along with it.

FUCK YOU GUYS

dkf

@boomzilla said in WTF Bites:

They changed the policy for this semester so that they can turn assignments in until the end of the quarter. Which is good for him.

They might have that policy. You don't have to be so lax.

boomzilla

@dkf no, but I can only spend so much time and effort micro-fucking-managing his. This at least gives us both a bit of slack to play catch up.

Rhywden

@boomzilla said in WTF Bites:

Of course, that assumes that the teacher keeps on top of everything. There have been times where I've gotten a progress report a week or two before the grading period where all his grades look decent, then, BAM, they process the backlog of several weeks, only to reveal that he's got a bunch of missing shit and the shit grade to go along with it.

To be fair to the teacher, I've run into the same trap where I simply took the tasks from my original coursework and transferred that as digital coursework.

Now, with the way a normal lesson goes, I can usually take a measure of a pupil's performance for roughly half the class - i.e. some stood out either positively or negatively, others I took a specific look at, the rest is usually internally marked as "bodily present". When I'm giving them a task, this gives me another chance to look at what they're doing by walking around. And when we compare results, I usually only have to pick two or three results which are then used as a master.

When I'm trying to do the same thing digitally, everything before the end result simply is not available. This means I can only grade the result - and the pupils kind of expect a grade because they handed something in! So now I have ~25 papers for each task I have to go through.

Unless I only want to do multiple choice or similar questionaires which can be tallied automatically, this approach kind of doubles or even triples my workload.

I haven't found a proper solution yet. But yes, this does result in that kind of backlog. I didn't like it either.

boomzilla

@Rhywden said in WTF Bites:

@boomzilla said in WTF Bites:

Of course, that assumes that the teacher keeps on top of everything. There have been times where I've gotten a progress report a week or two before the grading period where all his grades look decent, then, BAM, they process the backlog of several weeks, only to reveal that he's got a bunch of missing shit and the shit grade to go along with it.

To be fair to the teacher, I've run into the same trap where I simply took the tasks from my original coursework and transferred that as digital coursework.

This issue has actually gotten a lot better with online schooling, presumably because the software has already done the grading and they just have to put it into the grade system.

Rhywden

@boomzilla Yeah, but that only works for problems you can grade algorithmically. As soon as you have multi-step problems or have to give an opinion on something, this goes out the window.

Then again, that's usually not stuff you'll find very often in primary schools.

error

You can only opt-out in the state where it's legally mandatory. DO NOT USE if you're not in California!

LaoC

@Rhywden said in WTF Bites:

@boomzilla Yeah, but that only works for problems you can grade algorithmically. As soon as you have multi-step problems or have to give an opinion on something, this goes out the window.

As a sentient human being you'd think so, right? You'd be wrong

topspin

@error said in WTF Bites:

You can only opt-out in the state where it's legally mandatory. DO NOT USE if you're not in California!

And then of course they made it impossible to tell if that fucking check box is on or off.
But it’s probably not wired to anything anyway.

bobjanova

@topspin Yeah I hate this new style of slider toggle. I think the standard is that right = on. But what's wrong with a checkbox with a tick in it?

Applied Mediocrity

@topspin Do not rescind the permission to prevent selling your personal information

https://dilbert.com/strip/1993-03-26.

BernieTheBernie

@boomzilla said in WTF Bites:

It's a private key:

In order to use the private key I've been to my admin panel and added it to environment variable (EE_PRIVATE_KEY).

Yeah...it wouldn't occur to me put something like that in an environment variable.

What about the password to the Radiology Information System?
Real story: a customer complained that he found the plain-text password for their Radiology Information System in the log files of our application. Our application just logged the environment variables at startup, and ...

error

@Kamil-Podlesak said in WTF Bites:

@Bulb said in WTF Bites:

@topspin I don't know about Matlab, but Atom and PyCharm are keeping the plugins there—after all you can install them for yourself and you normally don't have write access to the installation directory, so that's the only place to put them. And for these tools, plugins is where all the useful bits live. So at least those have an excuse for storing more than a couple of changed settings.

This directory also contain caches, see https://www.jetbrains.com/help/pycharm/2019.3/tuning-the-ide.html#default-dirs

And caches are huge. They contain all known libraries, fully indexed for fast searching by various parameters (including fulltext, return/parameter type, etc). Less than 1/2 GB is actually rather small - my cache is 6.5GB right now (and that's just cache; plugins and settings are in a completely different location on mac). Preferences alone is actually just 5kB (plus JDBC drivers and shelved commits).

In any case - definitely something that should never, ever touch NFS!

@topspin I suggest you move that cache away ASAP. Link is to version 2019 (which you apparently have).

And I thought npm was bad.

TimeBandit

@error said in WTF Bites:

And I thought npm was bad.

It doesn't make it less bad

PleegWat

@Applied-Mediocrity said in WTF Bites:

@topspin Do not rescind the permission to prevent selling your personal information

https://dilbert.com/strip/1993-03-26.

I think this is going in my "Don't sign what you don't understand" big shopping bag.

error

@PleegWat said in WTF Bites:

@Applied-Mediocrity said in WTF Bites:

@topspin Do not rescind the permission to prevent selling your personal information

https://dilbert.com/strip/1993-03-26.

I think this is going in my "Don't sign what you don't understand" big shopping bag.

Can one contract compel you to accept another contract?

error

That hot new debugging feature, alert:

Bulb

@error I am out of sideways owls, so I'll have to borrow a from Patina. Unfortunately he isn't sideways.

error

@Bulb The article goes on to explain that you can redirect these messages to a log file, but it's still far from cutting edge technology we're talking about here. It beats the old method of, "try it. If it doesn't work, I guess try something else until it does."

error

@Bulb said in WTF Bites:

@error I am out of sideways owls, so I'll have to borrow a from Patina. Unfortunately he isn't sideways.

Needs more fa-spin.

Filed under: I was the first one to use that class in a post, but the real genius was the guy that figured out you could nest it.

Bulb

@error said in WTF Bites:

The article goes on to explain that you can redirect these messages to a log file

Why on Ursa Minor Beta not use the normal log function then?

error

@Bulb said in WTF Bites:

@error said in WTF Bites:

The article goes on to explain that you can redirect these messages to a log file

Why on Ursa Minor Beta not use the normal log function then?

It's talking about proxy configuration files. They run in a background thread. You can't really interact with it (YMMV, depending on browser).

Bulb

@error It does not matter. They have to implement some logging function for it. It would make more sense to call it the same as you use in web pages than call it alert—unless it is actually popping up an alert, in which case it is .

Zerosquare

@Bulb said in WTF Bites:

@error I am out of sideways owls, so I'll have to borrow a from Patina. Unfortunately he isn't sideways.

Gąska

@error said in WTF Bites:

Filed under: I was the first one to use that class in a post, but the real genius was the guy that figured out you could ~~nest it~~inject it into the entire forum page.

error

@Bulb said in WTF Bites:

@error It does not matter. They have to implement some logging function for it.

They have to? Until recently, they didn't. That's the context for this blog post's "new" technique!

Actually alert did used to work, but it was considered a bug, and they changed it to be a no-op. And changed it again, to be a log function.

It would make more sense to call it the same as you use in web pages than call it alert—unless it is actually popping up an alert, in which case it is .

It's probably because the proxy.pac is a sort of de facto standard that doesn't have that API already, so adding it would make scripts incompatible with other platforms.

Bulb

@error Oh, right, the ethernal excuse of compatidebility.