Hacker News new | ask | show | jobs
by the_af 1650 days ago
> In-house development

... keeps resulting in shit code, too! There's no evidence standards of quality are rising. In my own extremely limited view of in-house software -- i.e. my own professional experience -- code quality is crap, standard quality practices are very low and actually worse than in FOSS projects (I've seen someone mention more than once that "this crap PR simply wouldn't fly if this were an open source project, it's so bad nobody would want to review it!"), absolutely dumb bugs keep hitting production, and people think of automated testing as "that thing we don't want to do".

In-house code is just code you don't know is garbage because you cannot look at the code.
2 comments
moksly 1650 days ago
I didn’t say in-house code was good, but it does keep you from being exploited by things like what recently happened with NPM.

Companies genuinely don’t care about the software they use, as long as it works and isn’t hacked. This is especially true in non-tech enterprise. At my former place they still had hundreds of ASP Webforms with custom in-house ASP libraries that were utter shit, but they worked.

What I’m postulating is that this is the alternative to the current status que.

I’d personally love for NPM to review their packages, or for a big player like Microsoft to step in and make a more limited platform with reviews, but I just don’t think anyone is going to be willing to pay for it.

link
the_af 1650 days ago
> At my former place they still had hundreds of ASP Webforms with custom in-house ASP libraries that were utter shit, but they worked.

But the same is true of open source. I thought you wanted non-shit software.

In-house software is easily exploitable and full of security bugs as well.

link
moksly 1650 days ago
I think I’m too senior to believe in non-shit software.

I work in non tech enterprise. You’d think that things like the ransomware scandals, GDPR, the increased risk-awareness would have improved the business processes or management awareness or all the things are “corporate digital maturity” but the pressure to get things done fast with minimal resources has frankly never been higher.

In that environment we’re always going to have shit-software. If anything I agree with you, which is why I said that I thought that the current status quo was the best ever.

link
moksly 1650 days ago
I didn’t say in-house code was good, but it does keep you from being exploited by things like what recently happened with NPM.

Companies genuinely don’t care about the software they use, as long as it works and isn’t hacked. This is especially true in non-tech enterprise.

At my former place they still had hundreds of ASP Webforms with custom in-house ASP libraries that were utter shit, but they worked.

link