Edit: so im done with my preliminary research into this codebase.
Our corporate SSO provider is changing, so I’ve been updating our tools to take advantage of the new badges. I found this in a web application that I started on today. The original developer is long gone, and according to our PaaS, this app has been running for just under 3 years without an update.
There is no CI/CD, blue-green deployment, or back ups. The database is an H2 db with ddl-auto set to create-drop on startup, meaning that this database will delete itself if the app is restaged but thanks to this guys code, it won’t populate itself. 🤷
Good Lord, this makes my hands sweaty. Why is your entire prod database leaning on one line of code that’s prone to human error? There should be 20 extra accidental steps taken to do something like this.
Look, if you hold the lever tight you can safely put the pin back in the grenade!
^C^C^C^C^C^Cwhat do you mean? there’s 20 lines of comments warning about it!
Turns out we were always one copy paste error from a major incident.
Don’t worry, I’m fixing it 🤷
Heh. That looks like it has decent odds of being a “company ending event” incident, to be specific.
But at least there’s lots of comments. And maybe someone already put a safety net in somewhere else and just forgot to update the 20 comments. It could happen.
Under different circumstances, sure. As it is, worst they could expect is a fine from our regulators for data retention hits. We could recreate the info easily enough if our suppliers played nicely.