[Chugalug] OT bugs and code quality
stephen at averagesecurityguy.info
Fri Mar 14 13:55:51 UTC 2014
> if you've got an MVC system that is "7 layers deep" in abtraction and a framework that only the writer of the framework understands, then you get what you deserve for letting it get that complex
I didn’t mean a framework like Drupal, Django, or Rails. I meant a simple library that does all the input validation/sanitization and parameterized SQL queries.
> I consider myself quiet fortunate to be on a small team (3 programmers and a QA person) who have all been with the company for at least 6 years and we know the system and how it works, and despite getting paid peanuts and no bonuses, we still care about our work, and I really think that keeps a lot of our bugs down
This is by far the best way to keep bugs out of your system.
> plus we're all good lookin, that helps.
Correlation != Causation. :)
Owner, ASG Consulting
On Mar 14, 2014, at 9:43 AM, Ed King <chevyiinova at bellsouth.net> wrote:
> I've seen software written by fortune500 refugees that is just as buggy/unmaintanable as any other stuff I've ever seen, despite all the fancy tools used and money spent
> bugs are gonna happen, best thing you can do is to keep the complexity down, and hire/keep people who care who can fix the bugs quickly and learn from the mistake
> From: Christopher Rimondi <chris.rimondi at gmail.com>
> To: CHUGALUG <chugalug at chugalug.org>
> Sent: Friday, March 14, 2014 9:17 AM
> Subject: [Chugalug] OT bugs and code quality
> For those of you are on/lead teams of developers or engineers what do you do keep everyone focused on reducing bugs and thinking through the impact of changes? I get there is a lot that can be done with unit and integration testing and formal QA. However, what I am asking centers more on keeping quality front and center in the team's mindset.
> There is probably no easy answer to this but, how do you separate bugs that are caused from "moving fast/meeting deadlines" versus we probably should have caught this one?
> Chris Rimondi | http://twitter.com/crimondi | securitygrit.com
> Chugalug mailing list
> Chugalug at chugalug.org
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 842 bytes
Desc: Message signed with OpenPGP using GPGMail
More information about the Chugalug