Comment on Telegram says it has 'about 30 engineers'; security experts say that's a red flag
dandi8@fedia.io 4 months agoIf you have separate developers for writing unit tests, and not every developer writing them as they code, something is already very wrong in your project.
Deployment and infra should also mostly be setup and forget, by which I mean general devops, like setting up CI and infrastructure-as-code. Using modern practices, which lean towards continuous deployment, releasing a feature should just be a matter of toggling a feature flag. Any dev can do this.
Finally, if your developers are 'code monkeys', you're not ready for a project of this scale.
Badeendje@lemmy.world 4 months ago
Infra setup and forget… this is a large system with plenty of stuff that cyclicly needs to be deployed updated and such. Even with automation the sheer volume and tech in use requires bredth of knowledge. Sure you could do it with less I guess. But with changes on supplier side etc it’s still much work.
And for tests, sure you do it as you go along, but usually it helps to have people going over this and making sure it all stays functional, meets standards and fix things.
dandi8@fedia.io 4 months ago
I have never, in my decade as a software dev, seen a role dedicated to "making sure unit tests stay functional, meet standards and fixing them". That is the developer's job, and the job of the code review.
The tests must be up to standards and functional before the functionality they're testing gets merged into main. Otherwise, yes, you may actually need hundreds of engineers just to keep your application somewhat functional.
Badeendje@lemmy.world 4 months ago
So cool that you got to work with teams of devs that where able to do that. Was it for software used in a OT environment? Cause stuff like telegram seems a lot more like that imho.
And the bredth… 30 people can cover it all, yes. Doing that in a 24/7 global environment means 3 of several competences, in shifts, covering timezones. It’s not as if you can just click out at 5 and come back tomorrow.
dandi8@fedia.io 4 months ago
I have no idea why you're even bringing up OT. We're not talking about PLCs or scientific equipment here, we're talking about glorified web apps.
Web apps that need to be secure and highly available, for sure, but web apps all the same.