Kissaki

@ Kissaki @programming.dev

Posts

59
Comments

455
Joined

3 yr. ago

@GitHub, website

14h ago

Deleted

We couldn’t resist… Wordle is now on The Hideout 🟩🟨⬛
Jump
1

Kissaki @programming.dev 14h ago
No, it's not on the user's end. It's because you didn't use correct Markdown syntax for your link. I verified this in your post source before commenting.
You used: [https://joinhideout.vercel.app/]() - which is a link without a target, so it defaults to this page we're on.
You should have used one of
<https://joinhideout.vercel.app/>
[https://joinhideout.vercel.app/](https://joinhideout.vercel.app/)
[joinhideout.vercel.app](https://joinhideout.vercel.app/)

14h ago

The Software Quality and Productivity Crisis Executives Won’t Address

Great analysis / report. At times a bit repetitive, but that could be useful for people skimming or jumping or quoting as well.

Despite 91% of CTOs citing technical debt as their biggest challenge, it doesn’t make the top five priorities in any major CIO survey from 2022–2024.

Sad. Tragic.

I'm lucky to be in a good, small company with a good, reasonable customer, where I naturally had and grew into having the freedom and autonomy to decide on things. The customer sets priorities, but I set mine as well, and tackle what's appropriate or reasonable/acceptable. Both the customer and I have the same goals after all, and we both know it and collaborate.

Of course, that doesn't help me as a user when I use other software.

Reading made me think of the recent EU digital regulations. Requiring due diligence, security practices, and transparency. It's certainly a necessary and good step in the right direction to break away from the endless chase away from quality, diligence, and intransparency.

14h ago

The Software Quality and Productivity Crisis Executives Won’t Address

Jump

Kissaki @programming.dev 14h ago

"You can save 20% time by using Robo for automation!" Click. Can't even automate what I do.

14h ago

The Software Quality and Productivity Crisis Executives Won’t Address

Jump

Kissaki @programming.dev 14h ago

That's wonderful to read, that it caught and motivated you.

I suspect these systematic issues are much worse in bigger organizations. Smaller ones can be victims, try to pump out, or not care about quality too, but on smaller teams and hierarchies, you have much more impact. I suspect the chances of finding a good environment are higher in smaller companies. It worked for me, at least. Maybe I was just super lucky.

1d ago

The Shadow Campaigns: Uncovering Global Espionage

Jump

Kissaki @programming.dev 1d ago

It's crazy how border control and sanctions are normalized political topics, yet I've never heard suggestions of applying that to the internet.

Suppressive regimes often control their network and network borders. Everyone outside not doing so is quite asymmetric.

1d ago

A Software Library with No Code

Jump

Kissaki @programming.dev 1d ago

A library with no code, no support, no implementation, no guarantees, no bugs are "fixable" without unknown side effects, no fix is deterministic even for your own target language, …

A spec may be language agnostic, but the language model depends on trained on implementations. So, do you end up with standard library implementations being duplicated, just possibly outdated with open bugs and holes and gaps and old constructs? And quality and coverage of spec implementation will vary a lot depending on your target language? And if there's not enough conforming training it may not even follow the spec correctly? And then you change the spec for one niche language?

If it's a spect or LLM template, then that's what it is. Don't call it library. In the project readme don't delay until the last third to actually say what it is or does.

2d ago

We couldn’t resist… Wordle is now on The Hideout 🟩🟨⬛

Jump

Kissaki @programming.dev 2d ago

your link is broken

2d ago

PSA: including a diff in your git commit message can lead to it being applied to the code

Jump

Kissaki @programming.dev 2d ago

… which arguably makes them not "normal people" (referring to the earlier comment).

Surely, most people use different, more integrated tooling.

2d ago

Why I am moving away from Scala

Jump

Kissaki @programming.dev 2d ago

The only way out of this is regulation, which requires political activism.

The EU did some good process on that through GDPR and the newer digital laws regarding safety, disclosure, maintenance, and due diligence requirements. Prosecution with fines is there, but slow, and arguably too sporadic.

Political activism in this direction is unthankful work and a lot of effort. I am reminded of someone who has pushed for public institutions to move away from US big tech for many years. Now Trump is the reason for change, and their effort can surely feel pointless.

I do occasionally report GDPR violations, etc. That can feel pointless as well. But it's necessary, and the only way to (support/influence) agencies to take action.

3d ago

Notepad++ users take note: It's time to check if you're hacked

Jump

Kissaki @programming.dev 3d ago

Direct link to the indicators of compromise that you can check on

The update system hoster determined the compromise was only used against specific targets, so it's relatively unlikely "normal people" would have been compromised. But if you want to check, you can check on those indicators. These only cover what was discovered on identified compromise, though.

3d ago

Trust signals are broken

Jump

Kissaki @programming.dev 3d ago

Did trust signals change? Part of my reviews has always been checking assumptions and broader (project) context. I don't think polish implied understanding.

6d ago

Forget technical debt

Jump

Kissaki @programming.dev 6d ago

they asked me if I could develop some useful metrics for technical debt which could be surveyed relatively easily, ideally automatically

This is where I would have said “no, that's not possible” or had a discussion about risks where things you simply can't cover with automated metrics would lead to misdirection and possibly negative instead of positive consequences.

They then explore what technical debt is and notice that even many things outside of technical debt have significant impact you can't ignore. I'm quite disappointed they don't come back to their metrics task at all. How did they finish their task? Did they communicate and discuss all these broader concepts instead of implementing metrics?

There's some metrics you can implement on code. Test coverage, complexity by various metrics, function body length, etc. But they only ever cover small aspects of technical debt. Consequently, they can't be a foundation for (continuously) steering debt payment efforts for most positive effects.

I know my projects and can make a list of things and efforts and impacts and we can prioritize those. But I find the idea of (automated) metrics entirely inappropriate for observing or steering technical debt.

6d ago

Forget technical debt

Jump

Kissaki @programming.dev 6d ago

As a lead dev I have plenty of cases where I weigh effort vs impact and risk and conclude to "this is good enough for now". Such cases are not poor management - which I assume you mean something like "we have to ship more faster, so do the shortest". Sometimes cutting corners is the correct and good decision, sometimes the only feasible one, as long as you're aware and weigh risks and consequences.

We, and specifically I, do plenty of improvements where possible and reasonable. Whatever I visit, depending on how much effort it is. But sometimes effort is too much to be resolvable or investable.

For context, I'm working on a project that has been running for 20 years.

6d ago

Why I am moving away from Scala

Jump

Kissaki @programming.dev 6d ago

Next post: “Why I am moving away from Medium” (hopefully)

6d ago

Notepad++ Hijacked by State-Sponsored Hackers

Jump

Kissaki @programming.dev 6d ago

Yes, that's what it means.

And apparently, it happened selectively, not generally, but for specific people/request sources.

It would only be if you use the Notepad++'s own update mechanism. If you used other package managers or went and downloaded the installer to update you'd be fine.

1w ago

GregKH awarded the Prize for Excellence in Open Source 2026

Jump

Kissaki @programming.dev 1w ago

Our recognition of Greg honors his leading work on the Linux kernel and in the Linux community, particularly through his work on the stable branch of Linux. Greg serves as the stable kernel maintainer for Linux, a role of extraordinary importance to the entire computing world.

1w ago

Is software ever done?

Jump

Kissaki @programming.dev 1w ago

I would say doneness is about completeness within context, not immutability.

The environment may change, but within context, it can still be considered done.

It's fine to say and consider software never done, because there are known and unknown unknowns and extrapolations and expectations. But I think calling something done has value too.

It is a label of intention, of consideration, within the current context. If the environment changes and you want or need to use it, by all means update it. That doesn't mean the done label assigned previously was wrong [in its context].

We also say "I'm done" to mean our own leave, even when there is no completeness on the product, but only on our own tolerance.

In the same way, if you shift focus, done may very well be done and not done at the same time. Done for someone in one environment, and not done for someone in another.

More often than 'done' I see 'feature complete' or 'in maintenance mode' in project READMEs, which I think are better labels.

1w ago

Problems with dark-theme toggle

Jump

Kissaki @programming.dev 1w ago

aside: A simple head meta tag with color-scheme light dark will make the web-browser respect user settings and show light or dark. No need for a toggle the user has to activately activate. One meta tag is enough.

<meta name="color-scheme" content="light dark" />

MDN meta color-scheme

If you override the default colors, the light-dark() CSS function is very useful, if the "newly available" compatibility is enough.

css

    
html { background-color: light-dark(#fff, #222); }

or with variables for reuse and centralized definitions :root { --bg-0: light-dark(#fff, #222); } html { background-color: var(--bg-0); }

Well, I only wanted to suggest the meta alternative and went on a longer tangent. I want to see more websites with dark scheme, especially given how easy it is to enable, and how straight-forward it is if you know how to get started even with custom coloring.

1w ago

Assessing the Latest AI Coding Hotness

Jump

Kissaki @programming.dev 1w ago

and figure out whether the new framework with a weird name actually addresses

Couldn't name what this is about in the title, nor in the teaser, I guess?

"Latest hotness" and "the new framework with a new name" isn't very discerning.

1w ago

How AI assistance impacts the formation of coding skills - Anthropic study

Jump

Kissaki @programming.dev 1w ago

From the paper abstract:

[…] Novice workers who rely heavily on AI to complete unfamiliar tasks may compromise their own skill acquisition in the process. We conduct randomized experiments to study how developers gained mastery of a new asynchronous programming library with and without the assistance of AI.
We find that AI use impairs conceptual understanding, code reading, and debugging abilities, without delivering significant efficiency gains on average. Participants who fully delegated coding tasks showed some productivity improvements, but at the cost of learning the library.
We identify six distinct AI interaction patterns, three of which involve cognitive engagement and preserve learning outcomes even when participants receive AI assistance. Our findings suggest that AI-enhanced productivity is not a shortcut to competence and AI assistance should be carefully adopted into workflows to preserve skill formation – particularly in safety-critical domains.