[Last Week in .NET #40] – Pour one out for .NET Framework 4.6.1

☠ .NET Framework 4.5.2, 4.6, 4.6.1 will reach End of Support on April 26, 2022 At least, that’s the word right now. Governments around the world are still using Windows XP, so it’s not like this is a firm ‘end of support’.

🀑 Basecamp lost a third of its employees after a controversional series of blog posts last week A CEO couldn’t destroy their company’s reputation any faster if they tried. This is truly impressive in the depth and breadth of DHH and Jason Fried’s stupidity here.

🎁 The Developers @ Redhat blog has a blog post titled “Some more C# 9” Lots of goodies in here that people who write unsafe code will want to know about. And if someone shared this link with you, they’re saying your code is unsafe. Something to think about.

πŸ”Ž .NET Interactive video up for watching Cecil Philip and crew take you through what .NET Interactive is, and how to use it.

πŸ“… .NET Days (produced by Jetbrains) is May 11-12, 2021 No need to attend if you can’t — the videos will be available online after.

πŸ“’ Akka.NET 1.4.19 has been released This maintenance release, includes (quote)

“Akka.NET v1.4.19 is a substantial release that includes a number of critical Akka.Cluster fixes, baseline Akka.NET performance improvements, and entirely new dispatcher that has shown to improve performance when used across all of the major actor groups that run both inside the /user hierarchy and the /system actor hierarchy as well.”

πŸ›‘ If You haven’t updated Windows 10 in the last week, maybe wait a bit longer? Looks like last tuesday’s update can cause your system to … misbehave. Looks like the problem centers around WSL2.

πŸ‘¨β€πŸ’» The “State of .NET” on Survey is done, and the results are… not great 92% of respondents were dudes. That’s embarassing.

🌨 Easily build real-time apps with WebSockets and Azure Web PubSubβ€”now in preview Being a cloud provider means having terrible naming

πŸ“… Microsoft’s Build (virtual) conference is May 25th-May27th, 2021. I don’t see conferences like this going back to in person. The networking is the real value (and the free stuff Microsoft gives away).

If you enjoyed this, please subscribe to the newsletter. If you hated this, please subscribe an enemy (or two) to the newsletter. Oh, and there’s also a podcast version, if emojis aren’t your jam.

[Last Week in .NET #39] – Microsoft’s MVP Program has a new requirement: Shilling

Not much in the way of releases last week, but lots of shenanigans. I spelled that word on the first try which matters not a whit to anyone else but I’m proud of myself. The shenanigans themselves are an age old story: Big Corporation finds feeble consumers, and exploits them.

πŸ€‘Microsoft pushes MVP Influencers to spruik Azure in Lead up to AWS: Reinvent. That’s the headline, here’s the story: Microsoft wants the community MVPs to shill for SQL Server on Azure and claim it’s cheaper and better, when the fact that SQL Server is more expensive on AWS is due to Microsoft’s own licensing model. When an MVP called this out as the bad behavior it is, Microsoft removed them from the MVP Program (for violating an NDA that conveniently hides terrible choices on Microsoft’s part)

Microsoft seems to want MVPs to shill for Microsoft, forgetting that any of the trust these MVPs have is because they don’t shill for Microsoft.

🚚Meet the .NET Upgrade Assistant, Your .NET 5 Moving Company In this blog post, Dave Brock from Telerik shows you what it takes to move from Framework to .NET 5 (Core), with the help of this Upgrade Assistant. Coffee not included.

🌊‘Agile’ F-35 fighter software dev techniques failed to speed up supersonic jet deliveries In other news, water is wet, and Government agency buys into marketing hype and complains when they were hoodwinked.

πŸ•ΉThere’s a series on building Tetris in Blazor A fun way to learn blazor, no doubt.

πŸ“’Visual Studio 2022 is announced and it includes making Visual Studio 64-bit. A lot can change in 10 years, especially when the world changes around you.

⬆Update existing projects to the latest release of Project Reunion. The latest stable release of Project Reunion is 0.5.5, and as it says on the tin this blog post shows you how to upgrade.

πŸ’°Octopus Deploy raises 172.5 Million in venture capital. The 500K on the end seems like an odd number, doesn’t it? I’m not saying the founder needs a little “I’ve been doing this for way too long without a bonus” money, but…

🏬Microsoft is building a new app store for Windows 10 in major revitalization effort. Microsoft is, at its heart, an enterprise software company. It’s the only way to explain why so many of their consumer efforts have failed. To have a successful app store, you have to give developers a compelling reason to write for it and for consumers to adopt it. As of yet, neither has happened with desktop App stores.

πŸ’ΈNetEscapades.AspNetCore.SecurityHeaders 0.14.0 has been released and it supports opting out of FLoC. FloC is a Google’s replacement for Third party cookies. You know Google, right? The Ad giant and owner of the web browser with 90% market share? Neither of those facts say that Google “has the best interests of its users at heart”.

🐧Windows now supports Linux GUI Apps. Somewhere the founder of Lindows is crying.

πŸ”šDavid Fowler shows off how small ASP.NET Endpoints will be in the future A svelte 7 lines to get an endpoint. Of course, there’s no Authentication, Authorization, or any of the database connection code, but still. 7. lines.

☁You can run and debug AWS Lambda from Jetbrain’s Rider. I have nothing snarky to say here. This is just cool.

🐣Intro to Uno Platform, Intelligent Virtual Agents and Cloudflare These three topics are brought to you by scattergories and the Cape Town MS Developer User Group.

πŸ’¨EF Core is now at 93.5% speed of Dapper. Dapper is well known enough for Microsoft to compare to, but not backed by enough money for Microsoft Legal to care enough to change the name of “Dapr” to something that doesn’t conflict.

[Last Week in .NET #38] – The NSA requests you patch your sh*t

Week ending 17 April 2021

🚨🚨🚨🚨Microsoft Exchange has four new vulnerabilities with patches. CVE-2021-28480, CVE-2021-28481, CVE-2021-28482 and CVE-2021-28483. For some things the cloud does not make sense, but for the “I really don’t want to deal with patching my own stuff”, the cloud makes sense. Maybe it’s time to migrate to O365, if you haven’t already?

By the way, this is so bad that the NSA is actually telling everyone about these flaws immediately.

πŸ˜†Schadenfreude is watching someone else try to set up Microsoft Teams​ @mcclure111 tries to set up Microsoft Teams to talk to a client, and all hell breaks loose. It’s a fun read if you define fun as “I’m glad that isn’t happening to me” and “Holy cow did Microsoft not think through their user experience?”

πŸ“†Jetbrains “.Net Days” is May 11-12th and it’s free. Scheduled talks include:

“C#, F#, GraphQL, Blazor, gRPC, Hedy, working with databases, and debugging. On top of that, we’ll discuss stereotypes around legacy code and demonstrate how to build a React app backed with Azure features.”

And Azure makes an appearance because of course Azure makes an appearance.

🎁Visual Studio 2019 16.10 Preview 2 is out with lots of .NET goodies included.

🎈Julia Evans releases her network debugging “Choose Your Own Adventure” game as an early draft. I played through this and it is wonderful. I highly recommend it.

🎁Visual Studio 2019 16.9.4 has been released It patches CVE-2021-27064, CVE-2021-28313, CVE-2021-28321, CVE-2021-28322, and patches several upvoted bugs present in Visual Studio.

🚌EventDriven.EventBus.Dapr 1.0.0 RC 1 has been released Your weekly note that we use the term “RC” because “Using Customers as our QA” has less zest to it.

πŸŽ₯The .NET foundation hosts a project spotlight on “Roslyn” which is also Microsoft owned. Would love a bit more outward focus but Roslyn is cool.

πŸ—£There’s a new C# Standard repo that helps to standardize the language used to describe C# I don’t understand it but perhaps I’m not meant to. This is about standardizing the language we use to describe the language we use?

🧡The next version of C# will support building interpolated strings with a… builder based approach What does this look like in practice? I have no idea because the authors are more concerned with the structure of the API than showing us what that API would mean with examples.

🚚Are you planning to migrate from UWP to WinUI 3 Desktop? These are some guidelines that Microsoft is writing. Also Microsoft promises that this is not another “Lucy with the football” moment.

πŸ§“Andrew Lock writes about Viewing overwritten configuration values in ASP.NET Core Environment variables are from 1979, and we still have not come up with a better to deal with this in 2021, but in true tech fashion “you can always write code for it!”

πŸ’©Instant Feedback Is Here: Introducing Hot Reload in .NET 6 Dave Brock from Telerik shows us what Hot Reload is, and how it works in .NET. And no, this is not an urban dictionary term.

πŸ€–There’s a Root Cause analysis out for CVE-2021-1647 That CVE, just in case you don’t have them memorized, was the Windows Defender CVE. This is a shorter read than the last one I linked to, but still has good information.

🀑Eric S. Raymond believes that it’s easier to tolerate a few jerks than it is to have rules regarding toxicity in a community reaffirming the adage that if you look around the table and can’t see the jerk, the jerk is you.

πŸ’₯The NSA and US Intelligence Community has affirmatively pinned the Solarwinds attack on Russia’s Foreign Intelligence Service, the SVR. When people said “The 80s are back in style” I didn’t think they meant the Cold War.

πŸ“’Announcing Windows 10 Insider Preview Build 21359 Several fixes, previews, and Apparently the Timeline is not going away. I have no idea what the Timeline is, but it’s not going away. Good news?

πŸ‘The Razor Compiler no longer produces a separate Views Assembly in .NET 6 Preview 3 If this affects you, here’s your notice.

πŸ’ΎGit is gitting (sorry) better in Visual Studio 16.10 Preview 2. I’ve started to try out Git in Visual Studio, and it’s not bad. I still prefer the command line, but that’s because I’m a snob.

πŸ…If you’ve made it this far you deserve a treat. Here’s the story as to why He-Man rides a tiger, and I guarantee it’ll take you to places you did not expect​

πŸ•³Microsoft keeps digging itself into a hole with its MVP Program “Astro Turf for SQL Server on Azure” is a helluva strategy.

🀡πŸ₯³Microsoft releases its Hybrid Work Strategy Program It’s only a decade behind the curve.

πŸ“šTurns out the Visual Studio logo has a backstory.

🎁SQL Server Management Studio 18.9 is out Lots of bug fixes and improvements, as always. I used to get on release notes people for writing “Bug fixes and PErformance improvements” but now I realize I can just link to the real release notes and get away with using that term, sooo.

πŸ™‹β€β™‚οΈShow dotnet: Build your own unit test platform? The true story of .NET nanoFramework. Sometimes I share things I’m interested in and this is that other time. I’m sure this is cool but I have no idea what it is.

πŸ‘ΆIf you have a Peloton be aware that it eats children. I don’t feel the need to go any deeper on that, except to say this is not a euphemism.

😒I want AppGet back. Almost a year ago Microsoft released Winget and people who loved AppGet wish they hadn’t. The rest of us are going to wait the requisite 5 years for WinGet to be usable for our day-to-day work.

🍬NPR talks about the Solarwinds Hack. Reese’s make an appearance as do razor blades. I won’t spoil the metaphor any more.

And that’s it for what happened Last Week in .NET.

​

This email goes out weekly at https://www.lastweekin.net, and there’s a podcast version at https://podcast.lastweekin.net. If you enjoyed this, Subscribe here.

[Last Week in .NET #37] … and I would deadlock 10,000 schemas…

This is a post from my weekly mailing list titled (creatively) Last Week in .NET. If this sort of thing interests you, you can sign up for the mailing list here. I also produce an audio version of the same which is available at https://podcast.lastweekin.net.

🎁.NET 5.0.5 has been released. This release fixes an issue where dotnet restore wouldn’t work on Linux.

πŸ’ΈJimmy Bogard takes you through local development on Azure Service Bus. Developers won’t pay $99 a year for a tool that saves them hundreds of hours, but will happily pay to develop software in the cloud.

πŸ•΄Leverage enterprise-scale reference implementations for your cloud adoption. I think Microsoft marketing is skimping on their KPIs: The title doesn’t have the word “Azure” in it.

πŸ™‹β€β™€οΈYour top .NET Microservices questions answered The link itself isn’t as interesting as the links available in the post. If you find yourself wanting to learn more about microservices and their structure and communication patterns, these links are a great place to start.

πŸ“’Announcing .NET 6 Preview 3 performance improvements, more platforms supported (iOS, Apple’s M1, and Android!), and plenty of bug fixes for ASP.NET Core, Entity Framework Core, and the runtime itself.

β˜ πŸ”’Tayrn Pratt, Stack Overflow’s DBA, writes about fighting with deadlocks in SQL Server when needing to generate 10,000 schemas (not a typo). Stack Overflow Teams uses an interesting mechanism for multi-tenancy: database schemas. It scales, but there are some issues. Taryn dives into those issues and how they fixed them.

πŸ•΅οΈβ€β™‚οΈExploiting Windows RPC to bypass CFG mitigation: analysis of CVE-2021-26411 in-the-wild sample Sometimes we get exploits with no code samples, and other times the author goes into a deep dive into how the CVE operates, with examples. This is the latter, and we’re all the better for it.

​ILSpy 7 RC1 is now available and the big news here is that you can now build ILSpy for .NET 5. Oh, and it has dark mode too.

Three Stories about The ‘Best’ Tool

My earlier blog post struck a nerve, specifically around the idea that there’s an objectively “best” thing to use to solve a problem, independent of the team and its context and its point in time. Sean Kileen also left a wonderful comment that links to a talk that says in a much better way what I’m saying.

There is a supposition at play: That independent of the knowledge I have and my team has, even taking into account our constraints (business, social, technical, financial, learning mode), there’s a better choice for us to solve a particular problem and we are hurting ourselves by not learning that choice.

And what I’m saying is this:

The team’s skill level and expertise on a toolset is probably the most important factor on whether they should choose a given tool — that all else being equal (business, social, technical, and financial constraints), that a team is better off choosing a tool they know better than a tool someone else says is better for them. Going further, I’m saying that objectively there is no best tool for the job.

There is, however, the best tool that the team feels the most confident wielding that fits into their business, social, technical, and financial constraints for the particular job they’re trying to do.

The point here is that all of these criteria are internal to a team, and you can safely disregard advice from anyone who does not have your full problem context and a full understanding of the constraints you’re under — most importantly the team’s existing knowledge and threshold for risk and learning.

The Best Framework for writing cross-platform mobile applications

When I was a VP of engineering for a startup that made a wearable; one of the earliest challenges was picking a cross-platform framework for creating mobile applications. This was a startup, and at the time, it was only me writing software. So my constraints were:

Least Time to implement
Good support for Bluetooth Low Energy
Works on Android and iOS
Good community support (in case I ran into a problem)
Good documentation
Easy finding answers on Google
Active open-source libraries
Low cost

At the time (2015), Ionic Framework fit that bill rather nicely (this was in the 1.0 days; it’s only gotten better!). Ionic had three things over your typical phonegap applications (for me):

  1. There was pluggable support for BLE that was maintained by the Ionic team (“ngCordova“)
  2. They had existing an entire cross-platform HTML and CSS based UI library that would allow for native Android and iOS
  3. It was written to be used in Angular 1.x; which at that time I had quite a bit of experience with.

Now I should point out that I had maybe 3 years of production JavaScript experience at that point, but I had 7 years of production experience with C#, and from a generic perspective, Xamarin would have been the better choice — except for me Xamarin didn’t have #2 above that was as easy to implement as HTML and CSS were, which I had over a decade of experience with by that point.

And so I picked Ionic. For me, for that particular context, Ionic was the best choice. But think of a team with better funding and people who knew native iOS and Android development? Well native development might have been better for them, but in my case, native development would have easily added 6 months to a year for each application, which would have been catastrophic.

Now if we had had the money, the even best choice would be to outsource the application for $500,000 and call it a day. But we did not.

At the point where we were starting to be able to hire help (due to me switching to Firmware), one of the very smart candidates that literally wrote the book on React Native asked, why aren’t you using React? From this candidate’s perspective, React Native was objectively the best choice. My answer (having done the research) was that the BLE “bridge” in React Native was at the time far more nascent than the requisite ngCordova library. But, that was a decision made from my perspective. There’s also a little bit of loss-aversion at play; if you have an app 50% done, you don’t want to spend the money to rewrite it, that’s wasteful, especially if you’re a cash-strapped startup. Decisions become context. Context becomes the constraint.

Python and Django for CMS enhancements

At a rather nice company I worked for, they had an existing third-party CMS that was probably 10-15 years old at that point, and it was terrible compared to modern CMSes. Since the lifeblood of the company was financial newsletters and content marketing to sell those financial newsletters, it become a business imperative to ‘own’ the means of production. The team made the choice to move to python and Django, and write a CMS using those tools. The head of that team had played around with Python and Django, but no one had ever produced production code with it. It was a gamble from the outside looking in, but from that team’s context, it made the most sense. However, from a cultural perspective, it represented a shift in the knowledge of the company from ASP.NET and C# based tech stack (With all the requisite scaffolding and tooling built around that) to a Python based tech stack, with all the change that entailed.

To this day I’m still somewhat surprised the move occurred, but it wasn’t too long before I was brought on to a new team to make enhancements to this CMS. At the time, I had *no* python experience, and no one else on the team had python or Django experience that could help (they all had their own work to do), so I was on my own learning Django forms and controls. This made the work much harder than it needed to be for me, and I spent many weeks feeling frustrated and unable to do what I would later realize were basic things (model based forms vs template based forms yay). Ultimately the project failed from a time and budget perspective, and my future at that company was limited because of this failure.

So, was Django and Python the best tool for the team to use to build the CMS? That decision had repercussions felt years later as now developers who were never trained on or hired for Django and Python had to learn it; but outside of that team, none of us are in a situation to say the team picked the ‘best’ or ‘worst’ option; only that team, at that particular point in time, is).

If you find yourself saying “Why didn’t they use WordPress? Or SiteCore? or DotNetNuke, or Drupal”, you’re making the same mistake: We don’t have the full context and constraints that team had, and so we can’t say what would have been the ‘best’ tool for that team. Only that team can answer that question.

Rewrite or Refactor?

The final story is just that, a story, but it’s representative of what we’re talking about today. A business had made the decision to attract a new market segment, and its current software was delivered in a manner ill-suited for that new market segment, even though what it delivered was the same across segments. The team and company made the decision to start from scratch for this new segment, as there was very little expertise on the current codebase, and it was very fragile (it was having numerous production regression bugs with each release that made it difficult to be ‘stable’). Since the company had current revenue coming in for the current product, they decided they should start from scratch — with an accelerated timeline; delivering the same functionality the current system had with 1/5th of the time it took to develop originally.

Was this the ‘best’ choice? For that moment in time, with the business, political, social, financial, and cultural constraints, it was the best choice for that team. In hindsight was it the best choice? Probably not, but there would have been no way to know that at the time. That would have required knowledge the team did not have.

Bottom line

We all want to be absolved of making choices — and that is what you tend to see when someone solicits advice on what tool, language or framework they should use to accomplish a given task. They want to be absolved from the responsibility of that choice, thinking that if other people are using X, then they’ll be successful using X as well.

We also see this in conference talks, even from the best industry thought leaders. The idea that if you just use the practice, framework, tool, or language others are using, you’ll be successful. But you won’t be, or if you are, you’ll either be successful in-spite of it, or because your context and constraints didn’t hinder you.

But always, always, always, look at your contexts (Business, social, cultural, political, financial, and technical) and understand how these contexts shape your decisions, and make the decision that’s right for your team, at this point in time, with what you know right now, that fits your context and constraints.

There is no ‘Best’ Tool

I wrote a provocative post about team language choice, and one of the best questions I’ve gotten in reply is from David:

How will a team ever know the best suited language, framework or tool to pick if they’ve never tried it out before? I would say it is extremely difficult to know the best thing to choose, other than the ones already in our comfort zone.

David Vujic, LinkedIn

This question is great because it illuminates a very common viewpoint in software development, one that hurts teams and software deliver-ability without us even realizing it.

This question puts the language’s needs before the team’s needs, or more correctly, the needs of a human being to grow and learn before the needs of the specific team or the business context that spawns the question of language choice.

This isn’t a value judgment, it’s only natural — human beings, as a truism, must feel a measure of growth or we would stagnate mentally and emotionally and wither away.

Put another way, the question asker is positing that there exists a better language or framework independent of the team’s knowledge, the business, social, and financial context, and that a team should choose that language over something that they already know.

Does that sound absurd to you? I mean, it does when I write it that way. The language and the framework is a tool. It is a means to express the idea of the software into reality.

The language and the framework should be subservient to the team. The language and framework doesn’t drive the goal of the software, nor should it! The team picks the language and framework they’re most familiar with that will solve the problem at hand. The ‘best’ choice for the team becomes an intersection of what they know and what their needs are.

There’s a related idea to this, that a team has a few ‘innovation tokens‘ to spend, and once spent the team should choose ‘boring technology’ that they already know. I argue that innovation tokens are really innovation anchors of an unknown size. They may either weigh you down or they may have no negative impact on development altogether, but you won’t know until you use them. Depending on your comfort with risk and your business’ risk tolerance, this may be an unacceptable risk, or it may be just another Tuesday.

The best suited language or framework does not exist independently of your team’s context. ‘best’ is an internal comparison for your team to make; not a worldwide Olympic ranking of software languages and frameworks. If you don’t know a language or framework, and your team doesn’t have a good understanding of a language or framework, then there’s no possible way it could ever be the best choice for your team — even if it’s the ‘best’ choice for another team that wrote about it on the internet!

To bring it back to the overall theme:

Software tools (like languages and frameworks) and processes are ‘best’ only internally to a team and a specific context. The tools and practices have to align to the team’s culture, its current skill level, the business needs, business culture, financial constraints, and technical and regulatory constraints of the development and deployment environments. There is no such thing as a ‘best’ tool or process that will apply to all teams, everywhere, always.

No one gives a shit what programming language you use

I’ve had it up to here (gestures at nose level) with the bullshit around programming language elitism. Back when I thought it mattered I was just as bad as the bullshit I’m seeing today, but when I see this elitism in 2021, from people who long ago should have learned better, it just sets off my I-can’t-fucking-take-this alarm.

This tweet made its way into my timeline via screenshot; and because it’s Sunday I’m going to respond to it, because I have nothing better to do at the moment. The littlest is taking a nap, the older two are playing on the Switch, and my wife and I are snuggling on the couch. Normally I’d sigh and save my words, but not today. Not today.

I’ve written about the plague of UBM on our industry previously, but unfortunately that plague isn’t going anywhere. It has deep roots that we all must work to yank out, lest it destroy the good parts of our industry.

One such example is the elitism expressed in the above tweet, and in the continual billing of software programming as ‘craftsmanship’, and equating good software developers with ‘craftsman’, as if software exists for its own sake, and purity is the goal. It’s performative craftsmanship, and deeply unlike what you see from actual crafts-people in their field. Take Jiro from Jiro dreams of Sushi, an example of a master of the ‘craft’ of making Sushi. Jiro doesn’t tout that he’s the best at it; but everyone else does. That’s a major difference from UBM’s (and others) self-identifying as a craftsman, is that Jiro doesn’t do that. He humbly learns and tries to get better, and more importantly tries to serve others. He doesn’t parade around with a self-given label that says “Sushi Craftsman” even though he ostensibly is. If you’re good at what you do and you bring value to others, they’ll label you with the appropriate moniker.

This performative craftsmanship is a load of horseshit that we’ve given too much credence to. I hear it from ‘agile’ podcasts, and from UBM and his ilk, and even otherwise level-headed programmers express some sort of allegiance to taking pride in the code as a necessary bar to being a programmer. Anytime you hear a podcast talk about ‘code quality’ in isolation, or about ‘being a professional’, you’re hearing this same sort of elitist attitude towards software development. The only people who have to proclaim they’re professionals are people who are ostensibly not professionals. It’s another example of the idea that you can’t label yourself by your words, others label you by your actions.

In another example of this performative culture of software craftsmanship, and I’ll use wood-working as an example because I grew up in that culture, woodworkers take pride in the finished product, and seeing that finish product being used. They are not all hot on the tools they use, and nor do they value the art of planing for its own sake. No, it’s always in furtherance of the ultimate goal: to produce something another human will enjoy using.

Or put another way, no one gives a shit what programming language you use. No one gives a shit what your framework or technology stack is. I can guarantee without even checking that every single fortune 50 company uses Excel in ways that would potentially cost hundreds of millions of dollars in losses if there were an error. Do you think the person that pays for the VBA programmers cares that they’re using VBA? No. Do you think the programmer is just jonesing to replace VBA with clojure? Not if they understand what side their bread is buttered on, they don’t.

I was going to make a bullshit analogy to a programming language being like a hammer, but that’s too simplistic. The purpose of the software defines the stack you end up using, and there are far more considerations than “this is a nice language to use”. In fact, I’d wager that the niceness of the language is probably the least important part of choosing a language. Just ask everyone who bet the farm on coffeescript.

But the “you should use language X because it’s great” mantra doesn’t stop there. It’s a symptom of a larger problem: Thinking of programming as a worthwhile pursuit on its own, and focusing on the act of programming while ignoring how that software will be used.

With the katas and the code quizzes, we tend to lose sight of the fact that programming for its own sake is mental masturbation, useful only in the most idle of circumstances. Writing tools and frameworks only help if they have a purpose outside of our own gratification. A programming language exists to put software into people’s hands and to make their lives better. It does not exist for the idle purpose of being good at that language, and it certainly doesn’t exist as gatekeeping, as a way of separating programmers into social classes.

The elitist fucktards that create these social classes do so because it makes them feel important. They have created a bar and put themselves above that bar, while the lowly working programmer should follow their example if they want to be a ‘software craftsman’ or a ‘software professional’. It’s self-serving poppycock (another word for bullshit, I’m certain). It’s also why if you brand yourself as a ‘clojure programmer’, there’s literally only two sets of people who will ever care: Other programmers you want to impress, or a recruiter who is looking for a ‘clojure programmer’. Go say you’re a clojure programmer to your spouse or family, and be prepared to realize how much bullshit language segmentation is to people outside of our industry.

I used to suck at programming. I mean, I still do, but I used to too. So I get that it feels good to ‘be good’ at programming. But being good at programming doesn’t matter if you’re not producing valuable software for people to use with those skills.

If the most gifted singer in the world doesn’t sing to an audience, does it matter how gifted they are?

So you want to pick a framework or a language? Great. The last person you should listen to is UBM, and the second to last person you should listen to is me. Pick the language and stack based on your team’s needs and comfort, based on your business’s need and risk tolerance, and based on how easy it will be to produce software for your target users in that language or framework. That’s your criteria. Not what I think, not what UBM thinks, and certainly not the language or framework de jour on Hacker News.

And if you find yourself proclaiming everyone should be using your favorite programming language or framework, save it. We don’t give a shit.

Last Week In .NET #34 – Azure goes Achoo

This is Last Week in .NET for the week that ended 20 March 2021. If you like this sort of thing, you can get it in your email inbox every week by signing up at www.lastweekin.net, or in the sign-up box at the bottom of this newsletter.

☠Azure AD fell down last week, causing outages with Microsoft’s Cloud properties Outlook 365, Office 365, the Azure Portal, and Teams were all affected.

​The root cause was a bug during key rotation, and I’ll let the Azure Post Mortem team take it from here:

Azure AD utilizes keys to support the use of OpenID and other Identity standard protocols for cryptographic signing operations. As part of standard security hygiene, an automated system, on a time-based schedule, removes keys that are no longer in use. Over the last few weeks, a particular key was marked as β€œretain” for longer than normal to support a complex cross-cloud migration. This exposed a bug where the automation incorrectly ignored that β€œretain” state, leading it to remove that particular key.

Metadata about the signing keys is published by Azure AD to a global location in line with Internet Identity standard protocols. Once the public metadata was changed at 19:00 UTC on 15 March 2021, applications using these protocols with Azure AD began to pick up the new metadata and stopped trusting tokens/assertions signed with the key that was removed. At that point, end users were no longer able to access those applications.

Service telemetry identified the problem, and the engineering team was automatically engaged. At 19:35 UTC on 15 March 2021, we reverted deployment of the last backend infrastructure change that was in progress. Once the key removal operation was identified as the root cause, the key metadata was rolled back to its prior state at 21:05 UTC.

This is the second time in six months that Azure AD has gone down. This happened 6 months ago. These are growing pains for Microsoft’s cloud endeavors, and the ops teams involved need #hugops. Microsoft being the “safe bet” for enterprises means in part being stable, and two enterprise outages in 6 months is a lot.

πŸ€‘Microsoft wants to pay you to build Cloud applications on Azure. I jest, but only a little. They want you to try out their new developer experience on Azure, and get your feedback on it.

🎁NuGet 5.9 is out and there’s a nice blogpost by the nuget team on what’s in it. Easier UI around version floating, a new “right click -> update”, and some nice improvements in Visual Studio for NuGet.

🎁Microsoft releases a one click Microsoft Exchange mitigation tool. Download. Click. Mitigate the vulnerability.

πŸ“šMicrosoft has Architecture guides for building .NET applications of all sorts. And of course, because Microsoft can’t do anything without pushing Azure, the guides include how architect those applications in Azure. There’s a reason why the Ebooks are free.

🏫Getting Started with the Microsoft Graph Toolkit is now free on Microsoft Learn. I had to google what Microsoft Graph was, and given the … paucity of the Wikipedia article, I’m not sure anyone knows.

πŸ–₯Announcing Windows Community Toolkit 7.0 It includes a smattering of helpers for developing UWP apps, if that’s your thing.

πŸŽ₯#Include2021 is done, but you can view the videos if you register by March 24th. Include talked about diversity with voices from different industries.

🏰Microsoft Build is May 25th – May 27th, 2021. I don’t have more info but when I do, you can guess where it’ll be.

Chefs and Cooks

I’m pretty good at cooking, if I do say so myself. That may be because I only cook a handful of dishes, or that may be because I’m extra attentive to the ingredients, the taste, and am obsessive about the details.

But, and this is an important distinction: I’m not a chef. I cannot make those beautiful and delicious meals chefs can, nor would I be able to if someone asked.

In the same vein, I can write tests, and I write lots of tests through TDD; but I’m not QA. My tests are documentation, bounds exploring, code that reflects decisions made, and an early warning system for potential problems in the architecture, but, my tests are not the tests a QA person would produce, and confusing the two would have the same effect as confusing my cooking abilities for a chef’s.

In case I haven’t hit the point hard enough home, let me say it outright:

QA has a very important job, a job that keeps most software afloat without the business even knowing it. All the TDD in the world can’t supplant the ability of QA to head off danger, and just saying “Developers can write tests too” doesn’t make Developers QA.

This is a very important lesson that some companies forget, and the markets remind them.

This post comes from my daily email list. If this sort of content appeals to you, you can sign up for the daily email below.

How many decisions do you make?

It’s amazing how many decisions we make in the course of developing a feature:
– How should this work?
– what does a developer need to call this method?
– What other parameters should we add?
– What should logging look like?
– How do we add new capabilities to this feature?
– Where should we store settings for this feature?

and on, and on, and on.

The cognitive load itself can be a bit heavy, and then there’s what can happen when you mix the features together. It starts to look like spaghetti if you aren’t careful.

One of the wonderful things about TDD is that it can help you make those decisions and it can show you the impact of those decisions far faster than implementing logging or setting storage or how parameters get added if you hadn’t had tests in place.

Without TDD, you have to implement a feature in at least two out of three layers of your application: either UI and Code, or Code and Database. With TDD, you take that time and you cut it down to just code.

That’s pretty remarkable, and can help you make decisions faster.

I’m covering this (and more) at the free webinar on March 5th, titled “Intro to TDD For .NET”. We’re not going to spend much time on the mechanics of TDD, rather we’re going to spend the time showing how TDD can actually help you. If that’s interesting to you, sign up here.