I came across this post in a rare break between meetings. Since I’m an IT manager now, I found it good reading (and a good ego check as well).
Category: Opinion
The right penalty for breaking a software build
Maybe I should institute this at my office on Monday.
String.Format is your friend
One of the consultants that works for me was trying to figure out the best way to format strings for writing messages to the event log for a Windows service he’s writing. He was using the horrifying “blah blah blah” +
A quick Google search revealed an excellent String.Format 101 blog post by Kathy Kam. Karl Seguin’s post on the same topic brings performance advantages into the discussion. Another bit of information I didn’t know before reading his post was that the StringBuilder class has an equivalent AppendFormat method.
SQL Injection
It’s one thing to know that SQL injection is bad, and quite another to have some stats to back it up. I came across a Michael Sutton blog post on the topic via Joel Spolsky‘s latest blog post.
Out of 708 sites checked, 80 had potential vulnerabilities to SQL injection attacks. Beyond the importance of the topic as a security hole, the most interesting thing about Sutton’s article was the tool he built to come up with these stats. He used a C# app with the Google API to get his results. I only wish I had time to build a tool that clever and useful.
Home computer backups
Some friends of mine in California have been discussing backup strategies over the past few days. They came across a post by Jeremy Zawodny on using Amazon S3 in addition to his existing backup strategies.
I’m still only using an external hard drive for my backups. I don’t backup my machines regularly enough either. Before Seagate bought them (and before I joined the cult of the Mac), I had a lot of interest in a Mirra Personal Server. At the time it was Windows-only, but now it supports Mac OS X as well. Recently, I started using Deja Vu for backing up the Mac mini. So far, it’s been completely painless.
Continuous Integration
The practice is well-defined in a couple of articles on Wikipedia and on Martin Fowler’s website. But as long as I’ve been reading about this best practice, I’ve never seen it implemented at any of my past jobs (or my current one for that matter). Fortunately, one of the consultants I’m currently working with not only has it implemented, but has the necessary software and test projects on a USB key that he carries with him from job-to-job.
Before I demonstrate it to the broader software team as a practice, I’m trying to get it working on my own machine. Because he uses MbUnit instead of NUnit as part of his implementation, it took me a little longer to get the second of his six test projects working. A little googling for Nant and MbUnit yielded an article that listed 5 files to be copied to the bin directory of Nant. Once I did that, the second test project worked fine.
Strangely, I only saw 4 of the 5 files in this list:
- MbUnit.Core.dll
- MbUnit.Framework.dll
- MbUnit.Tasks.dll
- Quickgraph.dll
- QuickGraph.Algorithms.dll
The core dll was missing, but copying the other 4 dlls did the trick.
Stop users from double-clicking Submit buttons
I came across this tip via 4GuysFromRolla.com. It’s some JavaScript to disable a form’s Submit button once it’s pressed.
This extended post talks about changing the text value of the Submit button to “Submitted” (or something equivalent) to further communicate that the button has been pressed (and prevent it from being clicked again).
While not a terribly sophisticated tip, it does a great job of preventing certain user errors.
Leaving Lockheed Martin
I’ve left to join APS Healthcare as a manager of software development. My last day at Lockheed Martin was September 20.
In nearly two years at Lockheed Martin (and Aspen Systems prior to its buyout) as a combination project manager, systems analyst, and lead developer, I learned many different lessons about myself–some painful, some not.
The necessity of diplomacy
When I first arrived at Aspen Systems, I was blunt in discussing areas I felt needed improvement (code quality, process, etc). Because I wasn’t always diplomatic in the way I talked about what I saw, some people responsible for the work took offense. It was irrelevant that I was describing standard industry best practices. Co-workers who were offended became far more difficult to work with. Being more diplomatic would have made life easier.
The importance of corporate culture
My experience at Aspen Systems led me to conclude that corporate culture is as important as profitability. It affects the quality of work, the caliber of employees, how co-workers treat each other, how management treats staff, and employee retention. I had a lot of disagreements with how things worked in all of these areas (which is probably why I only lasted two years in a company that had an average tenure of seven years). Two other people who joined Aspen after I did ended up leaving before I did. Corporate culture played a role in their departures too.
Project management is really personality management
I didn’t manage difficult personalities very well on my projects. To succeed at project management, it’s vital to have that ability. Being able to put together realistic work breakdown structures, project plans, and budgets is important–and I did all those things well–but being more able to persuade others to do certain tasks would have made my job much easier. When the people assigned to your project(s) don’t actually report to you, persuasion is the only tool you have. Being more diplomatic would have helped me. Beyond that however, the role of project manager needed far more support from the organization than it received.
While the skills are useful, project management is not something I’ll take on as a full-time role in the future. I’m better at other things.
Aston-Martin & Jaguar Changing Hands
There’s been quite bit of buzz in the press about the possibility of Aston-Martin (and possible Jaguar and Land Rover) being sold lately. It interests me not because an Aston-Martin has usually been what James Bond drives in the movies, but because of a negotiation assignment in business school. My final assignment was to lead a team of my classmates (we represented Ford) in negotiating the purchase Jaguar (another team of classmates). As it turned out, our negotiations failed (Ford and Jaguar stayed separate).
The negotiations failed because we I didn’t account for the interests of a few of the Jaguar execs who would be “redundant” in the new organizational structure (they wanted their golden parachutes). But a few of us, myself included, thought the numbers in the case study alone were a sufficient argument against Ford buying Jaguar. It’s been a couple of years since that class, but the recent sales talk feels a bit like vindication.
Stored Procedures vs. Ad-hoc SQL Redux
I’ve written on the never-ending stored procs vs. ad-hoc SQL debate before, but there are quite a few more perspectives on both sides of it than I referred to in my previous post. Here are a few of them:
- Frans Bouma (ad-hoc SQL camp) compiles a summary post with links to various arguments here.
- Jeremy D. Miller (ad-hoc SQL camp) rejects stored procedures because they make test-driven development (TDD) slower. This is an argument I hadn’t thought of. The apps I build tend to be database-driven websites. Testing logic that makes database calls at any point does slow things down quite a bit. Miller especially dislikes the idea of putting business logic into a stored procedure (defined as anything other than a CRUD operation).
- Jeff Atwood (ad-hoc SQL camp) argues against stored procedures because he prefers parameterized SQL and a single development environment.
- Microsoft’s official guidance is to use stored procedures instead of direct SQL.
- Rob Howard writes in favor of stored procedures. Community Server 2.1 makes significant use of them.
These arguments make me a lot more curious about object-relational mapping and code generation.