Re: Another anonymized posting.

[Rodney Thayer <rodney () canola-jones com>]

At 04:02 PM 6/9/2004 -0700, Matt Hargett wrote:
> Rodney Thayer wrote:
>
> > At 06:26 PM 6/9/2004 -0400, Dave Aitel wrote:
> >
> > > anonymized posting please:
> > >
> > > BTW, the way things are going, I'd consider switching to svn.
> >
> > and why?  what was the redeeming social value in CVS to begin with?
> > automerge, which never worked?  claims of tree corruption, which
> > were never substantiated?
> > is there some reason you have an intense urge to have a server-based
> > source tree mechanism to slow down development?  what's wrong with RCS?
>
> Auto-merge

Automerge is the most incredibly rock-stupid software engineering technique
since programmers used line printers to generate pin-ups.  Letting a machine
decide that you had two team members pissing on the same source module
is good - for causing exploitable code.

> works most of the time with small non-cowboy development teams who 
> have componentized things decently and therefore don't do double edits.

Professional teams with poor enough team management that they have
double edits deserve to be reamed by the likes of Dr. Aitel and Brother
Moore.

> Clearcase

Clearcase is a baroque piece of shit that is great for 9000 person
development teams run by fist-pounding clueless engineering executives
who'd rather pay 3 cents an hour for shitty offshore code than pay
a competent local developer to build things decently.

> CVS and RCS are both differential based, which some people really don't like.

> They'd rather the client did the diffing, since that's where the smarts for different diffing approaches based on 
> filetype should be done.

What the f. are you talking about?  CVS and RCS both do the diff locally, as 
far as I can tell.  And if you don't based source control on diffs you
never notice the changes ... see previous rantage on how you get exploitable
code.

> Of course, if you don't need diffs, branching, labels, post-commit triggers,
> etc then just tar up your source every x hours and untar in case of disaster.

Post-commit triggers are a sign of poor tool choices, don't go there.
labels and diffs are what you need.

branching is cute but avoidable in real software development teams.
that's what well defined component interfaces are for.  branching is
typically used by engineering teams to stonewall/avoid fixing outstanding
bugs (read: exploitable code.)

The reason I bothered to speak up is that in my opinion, use of these
ornate overengineered source code control systems is not a replacement
for developing software that works and has minimal flaws.  However,
modern software develoment teams will never turn down a chance to go with
a new tool if it allows them to write sloppy code.  Oh, well, more
work for Dave and the snake.

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://www.immunitysec.com/mailman/listinfo/dailydave