Edit: so im done with my preliminary research into this codebase.
Our corporate SSO provider is changing, so I’ve been updating our tools to take advantage of the new badges. I found this in a web application that I started on today. The original developer is long gone, and according to our PaaS, this app has been running for just under 3 years without an update.
There is no CI/CD, blue-green deployment, or back ups. The database is an H2 db with ddl-auto set to create-drop on startup, meaning that this database will delete itself if the app is restaged but thanks to this guys code, it won’t populate itself. 🤷
Classic
When I sat down today I thought I was just going to be updating some properties file with oauth end points.
This is so blatantly stupid that I now have to pick through the code base and write up a change request and incident avoidance report 😕
Only thing better is finding commented out code below that which would actually prevent it from running in Prod. Bonus if there’s a code comment next to it saying “disabled per email” with no further explanation.