|
|
|
|
|
|
by Hajuijj
1860 days ago
|
|
|
I think it is worth it in the lo g run. In best case your team grows and the original hurdles are fixed. It's always problematic for bad colleges which just do the same mistakes over and over and over again but what do you wanna do? Accept a potential security bug because it is too much effort? If your code is so complex or big that you have 120 people on it, you should have enough people in governance positions and hierarchical quality gates. |
|
|
Yes. It is important to have the serenity to accept the things you cannot change.
In the choice between
A. Burning out on a fool’s errand of attempting to fix/prevent all the security bugs.
B. Giving up as you accept that people write security security bugs and as an individual contributor you have insufficient power to stop all of them.
C. Accepting the existence of bugs all around you and focusing on changing the small bits of code that you can.
The latter is preferable.