Do What Hurts

A long time ago I heard a manager at a company say that if something is hard, we ought to practice it more and find ways to make it easy. Barring that, we ought to at least be comfortable with the task. I’m not sure if this manager made this up or read it somewhere, but it’s the same thought expressed by Martin Fowler in this post: “if it hurts, do it more often.”

I’m not sure that’s the advice I want to use with everything. When my shins hurt from running, or my shoulder aches after hitting a number of volleyballs, often I want to take a break. At the same time, I know that stopping isn’t always the productive thing. I can slow down and build up some strength and things will get better. My long running streak started with slow jogs for short distances, slowly building up the strength in my muscles and joints. Regularly hitting volleyballs and slowly increasing the number I hit allows me to get more done without hurting myself.

At the same time, putting a hand on a hot stove doesn’t get better, no matter how slowly I increase the heat over time. There are some things that aren’t worth doing more often to get better, but building software is one where we can get better. Our practice does improve skill, quality, and ability if you practice well. We can decompose our problems easily, we can work in steps, and we can (relatively) easily alter our course of work if we need to do so. In fact, quite a few of the software methodologies adopted in the last 20 years are designed to improve the entire process be ensuring we adapt our work to the customer with regular pauses to evaluate our progress.

When the pain of delays (procrastination) grows, we should find ways to reduce the hassles. Often the pain comes from difficulties, and when that is the case, we might do what Martin Fowler suggests: do it more frequently.

It works well for databases, as he points out in his post, though I’d caution the data professionals to consider the details in his post. Decompose the problems and make the changes across multiple steps, not all at once. When you do that, make sure you plan for pauses in the various stages, not just stringing together multiple scripts into one transaction. That will help you evolve the database along with the application while ensuring your customers can continue working as you make changes.

Steve Jones

Listen to the podcast at Libsyn, Stitcher or iTunes.

Posted in Editorial | Tagged , | Leave a comment

Adding a License to GitHub

I’ve rarely thought about licensing my code, but it’s something to be aware of for your work. Most of us freely share code, though I have started to add a minor copyright and as is notation to some of my presentation scripts.

Recently a user opened an issue on the SQL Cop repository, noting that without a license, there is some ambiguity for how your code might be used. There’s a short read over at https://choosealicense.com/no-permission/ on this.

I pinged a few people at Redgate to decide what might be best and got pointed to the MIT license, which you can read here: https://choosealicense.com/licenses/mit/#suggest-this-license.  After a brief discussion, we decided this would be fine. Actually, people gave me a couple options and said I should pick, so I did.

MIT License it is.

Adding a License

The easy way to do this is to add a file to the repo. If you have this downloaded, just create a new file and commit it. The name should be license.txt (or license). However, you can easily do this online as well.

There is a “Create a new File” in your GitHub repo. Click that.

2019-10-02 09_59_19-red-gate_SQLCop_ tSQLt tests to highlight potential problems in your database

This gives you an editor, with a name. Enter the filename.

2019-10-02 09_59_54-New File

I then pasted in the Mit license into this file. I edited the year and name for Redgate in here as well.

2019-10-02 10_01_01-SQLCop_license.txt at master · red-gate_SQLCop

I then committed, this, adding a comment. However there is another way. Once you enter the name license.txt, a button appears on the right side of the page.

2019-10-02 10_01_50-New File

This says “Choose a license template”. If you click this, you get a page with other choices.

2019-10-02 10_03_15-Add a license to way0utwest_ASimpleTalkDB

If you click the “which license” link on the right, you get taken to https://opensource.guide/legal/#which-open-source-license-is-appropriate-for-my-project, where you can read a bit about the differences. If you’re not sure, read this and try to decide what works for you.

2019-10-02 10_03_31-The Legal Side of Open Source _ Open Source Guides

In our case, we’re really hosting and sponsoring the project, so the MIT license makes sense. If I go back to the previous page and pick that, I see the license overview and the edits on the right.  I changed this from my name to the company, but this defaults to you.

2019-10-02 10_05_15-HTA_10_FinalThoughts.pptx - PowerPoint

If I click this, I go back to the file page, with the edits filled in. Note the name changes to LICENSE.

2019-10-02 10_06_41-New File

I still need to add a commit message and commit this (or create a PR), but this is the meat of the process.

Add a license to your repo to be clear, but make sure it’s the right one for you.

Posted in Blog | Tagged , | Leave a comment

Losing The Security Game

It’s sad some weeks to see reports of security issues at large companies. It’s also discouraging some times when clients or friends will talk about security issues they’ve had in their organization. What’s mostly disappointing is how easy many of these issues would have been to prevent with a little effort.

Joey D’Antoni made some fun of this with his Data Breach Game. It’s a bingo card you can print out and use the next time you hear about an issue. My guess is most of us could win this in about a week with the general state of security in most places. Some of you might win this in a day with inside knowledge.

This is poking a little fun at the poor security practices of many places. There’s a wider article about 9 poor security practices you can read, with some notes about what you should be doing instead. When you read it, you’ll wonder why hasn’t someone just made these simple changes and dramatically improved security? I have asked myself that many times when I’ve seen some environments.

Ultimately, no one wants bad security, but we (as a group) often make poor choices because we’re in a hurry. We can, and should to better. All of the items on this list can be avoided, and should be. Even the complexities of SQL Injection can be fixed with a little code refactoring. No time or that’s too hard? You should be building software in a Compliant Database DevOps manner.

I like the list, though I wish ElasticSearch where on there in number 6 with MongoDB. Too many breaches this year from people dropping that server on their network without a password because they need full text searching of data. Don’t make that mistake. Always, always, always set a password on data resources. Developer or partner complaints aren’t worth the risk of losing data from an unsecured server.

Steve Jones

Listen to the podcast at Libsyn, Stitcher or iTunes.

Posted in Editorial | Tagged , | Leave a comment

Laptop Recommendations for 2019

Every few years I upgrade my laptop. I try to get through three years with them, and I’ve had some good success. At the same time, I’ve also had some wear out sooner, especially with the amount of travel that I do some years. I had one laptop last just a year before it started to constantly crash on me. That one was just out of warranty, which was a shame. Since then I’ve usually paid extra for a warranty to get a couple years of service out of each machine.

It’s not quite that time for me, but it’s getting close. My laptop is about 2 1/2 years old and I’m starting to have some thermal issues. Changes in temperature often cause a crash when I come out of hibernation, which isn’t what a traveling presenter likes to see. I’m also starting to have poor battery performance. A full charge recently netted me only about 3.5 hours before the battery warning came on at 20% left.

I have been pleased with my HP Spectre x360 model right now. It’s held up well and I’ve enjoyed using it. The arrow keys are a little oddly placed for me, but overall, everything else has worked well. There’s a new model, which is one of those I’m considering, but I am keeping an open mind.

This week, I’m asking you what models you might recommend that you’ve used. One you’ve owned or had a friend own that seems to perform well. Keep in mind that I travel quite a bit, so durability and weight matter.

I used to want a 32+GB RAM machine, but these days I do more in the cloud or with smaller demos, so I think 16GB is really the sweet spot for me. A fast CPU and 512GB-1TB storage is nice. I’ve done well with 512 across the last two years, but you never know how things will change, so a 1TB is something I’m considering. As much as I’ve enjoyed USB-C, I still sometimes like the convenience of USB-A, especially when on the go and not wanting to pull out some sort of adapter (like on a plane).

Let me and others know this week which models have worked well for you. While many of us don’t necessarily get the choice of brand, some do, and many might be able to influence the model that they receive. Most of us want a laptop we enjoy using, and having a few recommendations gives us confidence that we’ll choose one that works well for the next few years.

Steve Jones

Listen to the podcast at Libsyn, Stitcher or iTunes.

Posted in Editorial | Tagged | 10 Comments