问HN:发泄一下,我是有问题,还是这是一家技术文化差的公司?
大家好,你们能帮我检查一下我的想法吗?我是不是一个糟糕的开发者(这总有可能),或者我是不是过于关注一些不重要的事情?
我有超过13年的工作经验,已经在大型科技公司工作了大约4年,刚刚加入一家成立了10年的盈利性初创公司一个月,我在想自己是否在与“影响力”竞争、绩效排名等方面脱节。
我不知道自己是否应该留在这家公司,因为我觉得在这里无法做出好的工作,感觉如果我继续待下去,五年后我的经验会比刚开始时还要少。
-----
所以
我一个月前加入了一家成熟的初创公司,他们正在逐步将一个遗留应用从Angular 1迁移到React。
他们的“好”应用是一个非常复杂的自定义React实现,极难理解,包括某种组件中间件和半成品的Redux集成,根本无法与任何开发工具配合使用。
客户端的JavaScript文件大约有20MB,而本地开发工作流程相当糟糕。
90%的代码是JavaScript,10%是TypeScript,团队实际上并不想转向TypeScript,禁止将现有代码迁移到TypeScript。
我刚开始时注意到一些基本错误,比如没有将package-lock提交到代码库,所以我询问了这个问题并提交了一个增加package-lock的PR,但被拒绝了,理由是“风险太大”。
在npm审计中,package-lock引发了60个严重漏洞,我提出了这个问题,但被告知解决这些问题风险太大。我建议至少应该为应用添加一个CSP,因为一些漏洞与注入攻击有关,但同样被认为“风险太大”。
在开发过程中,热重载时间为30秒,所以我提交了一个PR,添加了`npm run dev:next`,该命令使用Rspack仅为开发构建客户端,将热重载时间缩短了一半,但也被拒绝了。
我注意到他们没有任何自动化测试(有一个海外团队在每次发布前进行手动QA),我询问他们是否愿意构建一个自动化测试套件,他们回答不愿意。
他们也没有任何CI,所有验证都发生在预提交钩子中,他们也不想添加这个。
我发现他们在客户端没有任何可观察性——没有错误率,没有加载时间。我问他们如何知道是否出现了问题,显然,如果在QA中没有发现,“客户会打电话给我们,我们就修复”。我建议采用像Sentry这样的工具来开始跟踪客户端,以帮助量化功能的影响并在错误升级之前预防错误,但再次被告知不行,因为这“风险太大”。
今天早上我的经理和我进行了一对一的谈话,他告诉我不应该尝试在我被分配的任务之外做贡献,并且我每天必须提交一个PR,否则会被解雇。
我重复了我之前的担忧,他说他们雇我就是为了完成任务,仅此而已。
查看原文
Hey all, can you sanity check me? Am I a bad developer (always a possibility), or do I focus too much on unimportant things?<p>I've got 13+ YoE and been working in big tech for about 4 years, joined an established start up (10 years old, profitable) a month ago, and wondering if I am out of touch after the meat-grinder that is competing for delivering "impact", stack ranking and so on.<p>I don't know if I should stay at this company as I feel like I can't really do good work here and it feels like, if I stay, I'll be less experienced at the end of 5 years than when I started.<p>-----<p>Soo<p>I joined an established start up a month ago, they have a legacy app they are incrementally migrating from Angular 1 to React.<p>Their "good" app is a super custom React implementation that's extremely difficult to understand, including some kind of component middleware and half baked Redux integration that doesn't work with any devtools.<p>The client is about 20mb of JavaScript shipped to the browser and the local development workflow is quite poor.<p>90% JavaScript, 10% TypeScript and the team doesn't really want to move to TypeScript, banning porting existing code to TypeScript.<p>There were some basic errors I noticed when I started, like not committing the package-lock to the repo so I asked about it and raised a PR adding one - which got declined because it was "risky".<p>The package-lock raised 60 critical vulns in the npm audit, which I raised and was told addressing them was too risky. I suggested that we should at least add a CSP to the app, given some of the vulns are implicated in injection attacks - again, too risky.<p>During development, hot reload times are 30s so I raised a PR that added `npm run dev:next` which uses Rspack to build the client only for development, which halved the hot reload time, but that was declined.<p>I noticed they don't have any automated testing (there's an overseas team the does manual QA before every release) and asked if they'd be open to building out an automated testing suite - to which they said no.<p>They also don't have any CI, all validation happens in a pre-commit hook, which they are also not interested in adding in.<p>I noticed they don't have any observability on the client - no error rate, no load times. I asked how they know if anything is wrong and apparently, if it's not caught in QA, "customers call us and we fix it". I suggested adopting something like Sentry to start tracking the client to help quantify the impact of features and preempt errors before they escalate and, again, was told no because it was "risky".<p>My manager had a 1:1 with me this morning and told me that I should not attempt to make contributions outside of the tickets I am assigned, and I am expected to raise 1 PR per day otherwise I will be let go.<p>I repeated my above concerns and he said that they hired me to do tickets and that was it.