Threads for nathanmlong

    1. 1

      Looking forward to a genetic engineering post about growing bananas that slice into squares for more efficient packing.

    2. 2

      I like the overall idea, but I’m unclear on something.

      Part 1 says:

      Even logging invalid data could potentially lead to a breach.

      I can’t think how that would be the case.

      Also, the example of that is:

      log_error(“invalid_address, #{inspect address}”)

      In the reworked example, you show

       {:error, validation_error} ->

      But validation_error contains (a couple levels deep) an input: field with the original input. So wouldn’t it have the same problem?

      1. 1

        Yeah, I totally agree that we’re cheating here! This is a design tension that we’re not sure how to resolve. On one hand, we don’t want to expose unsanitized inputs to the caller, while on the other we’d love to log examples of payloads that cause the parser to fail. (For auditability).

        Do you have any pointers (or links to resources) on ways to resolve this tension? There’s always the option of “defanging” the original input by base64-encoding it, etc., but perhaps there’s a more elegant way out?

    3. 13

      What if you just mashed up the banana and spread it on in a uniform layer?

      1. 16

        You’ve just ruined his life’s work, I hope you’re happy

      2. 3

        Alternatively, mashing the banana up and stirring it together into a paste with the peanut butter (and possibly honey) and spreading it that way.

        This method does however introduce the build dependency of a bowl, and additional washing-up debt.

        1. 8

          Take a bite of bread, a bite of banana, and a bite of peanut butter. Let your mouth be the bowl.

          1. 3

            That’s an engineer’s solution if I’ve ever seen one.

            1. 2

              Thank you. 😂

      3. 2

        That would ruin the banana texture.

        My suggestion would be to accept the sandwich as it is, and not try to homogenise the sandwich. This way, you don’t know what you will get in each bite, and you can let yourself be surprised.

        1. 1

          Or just slice the banana lengthwise, it gets better coverage, more bananaliciousness and less waste.

    4. 3

      Back in 2016, this article started me down a rabbit hole and resulted in my half of an ElixirConf talk that James Edward Gray and I gave together.

      In blog post form, here’s how iolists make rendering more efficient in Phoenix:

    5. 1

      If you do use a CSS reset, don’t leave normal elements broken. Sooner or later someone is going to use a bulleted list, and it will be frustrating if it doesn’t have bullets or indentation.

    6. 2

      A Spotify engineer describes replacing a Java-based service with an Elixir-based service and the improvements in observability.

    7. 54

      So, now, here’s the question: if you’re picking out a doctor, which one do you want to go to? The one who reads medical journals for fun, hones their craft constantly, and who volunteers at the free clinic sometimes…or the doctor who doesn’t do anything medicine-related after 5?

      Some people really like what they do for a living, and would do it even if they weren’t getting paid. I would venture to guess that those people, having both passion and more hours under their belt, are generally better at the activity in question.

      1. 88

        The one who is rested.

        I’ve been around the block often enough that I am not sure there is much correlation between number of hours someone put in programming and the quality of their output. I think it is far more important how you spend those hours while you are actually doing it.

        1. 27

          I’m not necessarily talking about someone who stays up til 2 every morning. I’m talking about the person who, when they have free time, decides to spend much of it honing their skills.

          1. 12

            Exactly. What’s favoring your statement is simply experience. They’re acquiring more experience. That might make them better at the job.

            Doesn’t necessarily make them the best hire if considering many factors. For instance, the ones coding all the time might be more likely to jump ship than the person that wants work-life balance to spend time with kids.

          2. 10

            What if they spend their time honing their skills at work?

          3. 9

            I don’t know about the realities of the medical profession so I can’t extend the metaphor, but in the tech industry as it is, the amount of experience someone has programming and their value to a company have nothing to do with each other after a point. Learning new skills and keeping up with the industry is good and necessary of course, which is why many professions mandate it for certification (law comes to mind). I’d love to see part of each work month go towards time that can be spent doing just that.

            But to be honest? I don’t care if my doctor spends 2 hours a night researching new diseases unless that’s what I’m going to them for. I care about the quality of care, bedside manner, etc. Not sure that’s correlated to hours worked.

          4. 4

            If you’re treating a common cold, it’s likely that the extra hours sunk into study don’t affect the outcomes. You might just end up with a very unrelatable doctor, which could affect bedside manners, patient trust, and compliance. It really depends on the problem space - something that I would venture is true for programmers, too.

            1. 3

              Why do you assume that reading medical journals out of interest leads to unrelatability?

              1. 3

                How many patients read medical journals? It’s more likely that someone is more relatable to the average person if they do things that an average person also does.

                1. 5

                  How many average people go to medical school? :)

                  1. 0

                    Doctors are people, even if slightly superior in a few ways. They should be doing roughly the same things as people do.

                    1. 2

                      even if slightly superior in a few ways


                    2. 1

                      And reading interesting things isn’t something that people do?

          5. 2

            I don’t really care what my doctor does in her free time because in my experience this has no bearing on the care I receive.

            1. 5

              How can you rely on your experience in this area? How many doctors do you know well enough to know what they do in their spare time and how effective they are as a doctor?

              For me, that’s really small and I don’t think it’s useful enough to generalize or predict anything.

              Maybe your experience is really different. If so, you may want to describe it so your statement has credibility and usefulness.

              1. 6

                If my anecdote is too small to predict anything than why is the assumption implicit in the generalization at all reliable for you? Why the double standard? I personally just don’t care or worry about it. Same is true of the people who write my software. If the software’s good, it’s good. I could care less if in your free time you prefer doing drugs and making wicker baskets to having arguments on hacker news and writing IRC bots. And vise versa, if your software isn’t good, that’s that, and I don’t start asking if the person writing it just isn’t dedicated enough.

                1. 1

                  I think for me, it’s the different between a logical thought experiment about general guesses vs a real statement of value.

                  I like pondering hypotheticals but would have reacted poorly if GP had said “doctors who volunteer are better” without rationale or reasoning. I like an invitation to provide evidence or data but get put off by a likely baseless statement (“My experience is that all doctors are secretly purple inside their skin even though I only know two doctors and have never looked under their skin”).

                  1. 0

                    My anecdote is at least based in reality. I can’t say the same for the generalization, whose assumption lacks evidence of any sort.

        2. 9

          The one who is rested.

          This is misdirection and does not address the original comment.

          As a separate point, it is of course valid and true.

          But there is an implied “all others things being equal” in the original claim. So now…

          [Assuming they’re both equally rested], if you’re picking out a doctor, which one do you want to go to? The one who reads medical journals for fun, hones their craft constantly, ….

          That is the question you’re on the hook for answering. Imo the answer is clear.

          1. 1

            I don’t believe that finishing at 5pm means you don’t “reads medical journals for fun, hones their craft constantly”. It just means you are not doing it after 5pm. My point is that how much effort someone puts into it does not really tell me anything by itself because I cannot tell what kind of effort it is. I’ve seen enough passionate idiots and occasionally was one, who constantly busied themselves with their craft without advancing much because it really matters what and how you do it. It is very easy to become stupider by not resting enough and not giving time to your mind to process everything.

            So if the only thing I know is that one doctor is very busy and the other one isn’t, I WILL go with the rested one because if nothing else I expect them to make fewer errors.

            P.S: I know doctors were here only for illustration purposes, but as it happens, I actually just recently experienced a local medical expert screwing up my mother’s examination exactly because he is too busy.

          2. -1

            The answer to that question is clear to everybody. I think it’s fine to treat it as a rhetorical question (therefore not answer it) and respond by (implicitly) pointing out that it’s unlikely that both are equally rested.

        3. 5

          The one who is rested and loves medicine. These aren’t exclusive options.

          Here’s my preference:

          1. rested and loves medicine
          2. rested or loves medicine
          3. neutral
          4. tired
          5. hates medicine

          Of course there are many more factors that may be more important so my rank assumes everything else being equal.

        4. 8

          I work on multiple side projects and get more than enough sleep. If doing things outside of work cuts into your sleep, perhaps the problem is your job.

          1. 11

            Do you have children? In my experience they’re a great time sink…

            1. 7

              I don’t. Many friends do. But I feel the same way, at least beyond infancy: If your work forces you to choose between sleeping and spending time with your children, maybe the problem is your job.

              It should be possible to work, do things that you care about, and be well rested. The choice at the start of this thread should be a false one at a healthy workplace.

              1. 4

                But, you see, even if you have a good job, you still have to choose between children and side projects…

                1. 6

                  That’s not strictly true. Source: got 4 kids, soon 5.

        5. 1

          Ironically doctors work long shifts and crazy hours… always felt kinda bizarre to me, and you wonder if you’re really receiving the best care. But that’s the way it is.

      2. 13

        Perhaps it’s true that a programmer who codes in their spare time will be better than one who doesn’t. Let’s assume that’s true. It doesn’t answer whether it’s “OK” to only code at work.

        Is it OK to say “I could be a better programmer if I coded 4 more hours a week, but then I’d be a worse parent, so I won’t”? Is it OK to choose to spend those hours volunteering, playing music, teaching English, being a foster parent, caring for elderly relatives, hiking, or whatever you think is fun or important?

        Yes, absolutely it’s OK. And if anyone tells you it isn’t, they probably don’t have your best interests in mind.

        1. 5

          I think I didn’t phrase my argument well.

          If someone codes/does whatever in their spare time – that is, in the time that is not dedicated to parenting or family obligations or whatever – then I would argue that they will often be better at that activity.

          In other words “if, by choice, your casual hobby is also what you do at work, you will often be better at your job than someone who isn’t as interested.”

          1. 2

            You forget that programming is a social activity, where code must almost always be reviewed and shared as a responsibility. And you forget that those who do nothing but spend all their time at their desk hacking at who cares what are usually not especially worldly and pleasant. Those who instead do things like

            • Go outside
            • Spend time with other people
            • Experience their life

            will often, for some reason, become more rounded individuals, who will usually handle the social element of coding better; and we all know that social element is a big one.

        2. 7

          It’s absolutely ok to be competent but not outstanding. But if you look for outstanding people in their fields, I strongly you will find that they don’t settle for doing just what is required by their jobs.

          Are you looking for competence or excellence?

          1. 3

            Are you looking for competence or excellence?

            I think in the context of this conversation the question is “do you aspire to be competent or excellent?”

            Both are valid aspirations when you consider the trade offs with the other parts of your life. And it’s fine to make different choices at different stages of your life.

            Are you looking for competence or excellence?

            Circling back, I think one reason I react strongly here is that my first full-time development job was at a place with a culture of constant overtime. They had a local reputation for burning people out. And to this day, their job postings ask for “passionate” developers - a code word, in their case, for “willing to be exploited”.

            So I’m resistant to a programmer culture that says you have to work all the time or you’re not good. I’ve been avoiding that mentality at every job since then (10 years) and am doing fine.

            Finally, I think become excellent during work hours is an underrated strategy. You probably work 40 hours a week. I seriously doubt you can spend 40 additional hours of free time programming. So a developer who spends the work week building interesting stuff with smart people, then chills out, is going to grow faster than one who spends the work week doing boring stuff and attending meetings, then crams in 4 extra hours of fun coding.

          2. 3

            IMO excellence is mostly diminished by the pace of work, not the degree of experience. less experienced coders/doctors may take more time to do a thing properly, and they should have the time to do that. they should not be expected to learn things off the job so they can churn out more commits or patients.

            1. 2

              I’m not sure I understand the response. First: Why would you expect world class work from someone less experienced in any circumstances?

              Second: I think you misunderstood the argument. If someone is self motivated enough to choose to spend time playing with code outside of work, I would expect that to correlate strongly with excellence.

              Most jobs don’t need excellence, just competence.

              1. 1

                yeah i think i misunderstood: you were talking about the excellence of the worker, i was talking about the excellence of the product.

      3. 27

        I would venture to guess that those people, having both passion and more hours under their belt, are generally better at the activity in question.

        I’m actually not so sure about this.

        First, I’ve seen plenty of “passionate” people with many “hours under their belt” who were terrible people to work with. Some (not all) are extremely opinionated, arrogant, blind to the possibility there are other ways than $my_favourite_way, and generally just complete twats and impossible to work with.

        Second, I’ve worked with plenty of “I program only at my job”-programmers who are actually pretty good at their jobs.

        Most people would like to be better at their jobs, but not uses the same approach. Focusing just on “has open source contributions” or “spends evenings programming in $hip_new_language” seems rather short-sighted to me. In spite of having plenty of OSS contributions, I’m not so sure it actually made me a significantly better programmer (but perhaps it did? Hard to tell for sure).

        Either way, I think things are a lot more nuanced than you comment.

        1. 3

          Indeed not all practice is productive. Some of the worst artists I’ve ever seen have put in an ungodly amount of hours practicing with no mind in their head.

          1. 2

            The problem here is that I believe to be able to generate quality hours of practise, you still need an accumulation of many hours.

            Now, it’s possible to be stuck in a “spending many hours mindlessly with no good progress” rut - entirely possible. Honest self-evaluation, modifying one’s goals, fixing one’s learning methods, are all difficult challenges. But who can go from beginner/amateur to “efficient, high-quality practise” without many, many hours of junk practise? You need repetitions to even be able to recognize the difference between low quality and high quality practise.

            I can do certain activities in moderation now - I know that 2 effective sessions where I apply a strong effort serves me more than phoning it in 14 times a week, for example. But I needed to go beyond moderation, into obsession, to learn that.

            The strange thing is that I’m still not sure whether this is universal. People who are competent don’t really like admitting, or selectively forget their history of obsession - or they truly never had one. Can one get good something by having their very first practise sessions be high quality, and sustain that indefinitely? How can you start off spending high quality practise time if you’re new to something?

        2. 4

          First, I’ve seen plenty of “passionate” people with many “hours under their belt” who were terrible people to work with.

          Sure, but I have seen people who punch out on time that were terrible to work with. Sturgeons law applies here.

        3. 2

          The question is if there is a correlation or even causation between after-work-work and skill or productivity. Lorddimwit is essentially asking if you believe that there is a correlation.

      4. 8

        I had a doctor that would do things like volunteer for Doctors without Borders. You could get him on the phone for a quick sense of if it’s serious enough to come in. But you know what, he is so good he isn’t taking patients and likely won’t be for a long time. He doesn’t want to rushed, hurried, or be unable to give each patient the time and attention they deserve.

        It’s important not do more than you have time to do. Burnout and spreading yourself too thin is how mistakes and lower quality care happens.

      5. 4

        You’re missing the point. What your doctor does on the weekend is none of your business, and you have no right to know what that even is, let along use it to help your doctor-shopping.

      6. 2

        I always hire the one with the home lab, the one with the open source hobby, etc.

      7. 2

        If we were to do a more fair analogy here, it would be.

        If you’re picking out a doctor to take care of a sick child, which one do you want to go to? The one who reads about cutting edge research and will try to test the child over all the sickness du jour that he saw on medical journals so he can brag with his fellow doctors in his doctor meet-ups about all the cool stuff he does OR the kind family doctor you know and love and treats your kid well.

        When we talk about “coding outside of work” we’re not usually talking about people who reads articles every now and then, we’re talking about the typical tech obsessed developer, which doesn’t correlate with a higher productivity developer from a business standpoint unless yous business is to write prototypes in new languages.

        Besides, for more noble that volunteering for a free clinic sometimes might be, this won’t give a real cutting edge for the professional, they will spend most of the time treating the same diseases they would treat on their normal working hours.

        LASTLY a dr. job is VERY different from an engineer job, and if an engineer isn’t already learning and honing their craft at work, they have a shitty job and should quit.

      8. 2

        There’s a false implication that what a software engineer does is as difficult as what a doctor does which is quite far from the truth.

        Becoming a doctor requires a doctorates degree whereas some software engineers don’t have any degree at all. There’s a much higher bar for who becomes a doctor, and the work they do impacts other humans in more profound ways more directly.

        1. 7

          There’s a much higher bar for who becomes a doctor

          How much of this is because of professional license requirements being used to deflate the number of doctors and keep salaries high?

          While I don’t disagree that doctors require advanced education, it seems like a streak of protectionism runs through the field.

          1. 1

            Not sure TBH. What I can say is that my A&P class was harder than anything I’ve ever done in Tech. And that’s year 1 or 2 for a med student.

        2. 1

          Becoming a doctor requires a doctorates degree

          That’s not what a doctorate means at all. A doctorate is a research degree. Becoming a medical doctor requires an MB/BCh (Bachelor of Medicine/Bachelor of Surgery) or equivalent, not a doctoral degree.

          1. 1

            In America you need a Professional Doctorates in Medicine. You’re right though that it is not the same thing a Research Doctorate. Also TIL it’s a Bachelor’s of Medicine or a Bachelor’s of Surgery in (seemingly most) other countries.

            1. 2

              Oh really? That’s so weird, I never knew that. But I guess it fits with America also requiring a professional doctorate to study law as well. America seems (from my very non-American perspective) to have a bit of an issue with degree inflation.

              1. 1

                School in America is basically a scam you’re required to participate in if you want money, so you’re not wrong :)

      9. 1

        Why would I ‘pick out’ a doctor? I go to my local GP and if they refer me to a specialist I’ll go to the specialist they refer me to.

      10. 1

        Well, programming is not brain surgery. I’d argue that programming is more like tying shoelaces.

      11. 1

        This question might be a wrong one to ask as the comparison to software engineering.

        First, you don’t know which doctors read medical journals for fun, nor hone their craft constantly. If you would ask them that, remember what Dr House said: “All people lie” :) The effect you’re trying to measure (passion and more hours under their belt) is something observable (at least for doctors) through recommendation – most of the people would visit a doctor they got good recommendations for.

        Second, medical profession is a lone wolf profession, which in SE translates to a “hero developer” mentality, something that is quite devastating. We work in teams (at least, huge majority of software engineers), and the major strength doesn’t come from a single persons excellence, but from the ability to work in a team, offer understanding, and deliver maintainable system.

        Finally, the question is posed in a black-white fashion, assuming the situation is either/or. I agree that passion and experience are important factors for excellence, but it is not an implication that after work time spent on coding means more passion or experience, as there are so many other factors that influence our daily routines and our wants (kids, taking care of ill family members, doing community work, having a second job, …).

      12. 1

        The doctor question actually is pretty relevant. One would think mortality rates would be lower for experienced doctors, but the opposite is true: you’re better off (statistically) going to a younger doctor, because even those older doctors who try to keep up with the literature do not manage to update their understanding of the whole of medicine. Young doctors just recently had about a decade of the collectively-understood current best understanding of medicine crammed into their head – plus some more about their particular specialty – and they are generally both up to date and well-balanced. Once out of school, doctors get more selective about their favorite subjects, and the subjects they don’t like so much become blind spots.

        Software developers who study on their own rarely have a well-rounded view of the domain, but neither do devs who just graduated from school. Where I went, we at least had required courses in project management, digital logic, and a handful of distinct languages (so somebody with a degree could draw out a gate-wise 4-bit CPU with microcode and write a straightforward compiler for it), but our language survey course (despite best efforts) was sort of a joke because it was only a single semester, and students graduated writing passable code in only java, c, and sql. A lot of schools stick closer to the standardized curriculum and are basically just java bootcamps, despite being regular degree programs at ordinary liberal arts universities. Self-study, if done well, can fill in some of the gaps left by necessity in a four year curriculum.

        1. 1

          Experienced surgeons get the more difficult cases, which would also explain worse survival stats.

          1. 1

            I had the impression that this particular statistic was about GPs but I might be misremembering. (I can’t even remember where I heard it, so it might even have been debunked!)

            1. 1

              For GPs it does sound plausible; outside hospitals, most work long hours without a second opinion to keep their mind straight. That’s a hard situation to maintain skills in.

      13. 1

        Hmm all else being equal the one who has more experience. However in practice all else is not equal…

        1. 0

          And experience in what? The doctor who explains what is happening in terms that I, a layperson, can understand, is far more valuable to me than someone who writes me a prescription and dismisses me, regardless of how many studies they’ve read or even conducted.

    8. 1

      A few years back, I gave a talk ( and wrote a blog post ( explaining similar concepts in Ruby.

    9. 6

      It’s interesting that podcasts as a medium have been able to somewhat eschew this shitty new paradigm. I wonder why that is.

      1. 4

        The article talks about this.

        Madrigal suggested that the newest successful media bundle is the podcast. Perhaps that’s why podcasts have surged in popularity and why you find such a refreshing mixture of breadth and depth in that form: Individual episodes don’t matter; what matters is getting subscribers. You can occasionally whiff, or do something weird, and still be successful.

        Imagine if podcasts were Twitterized in the sense that people cut up and reacted to individual segments, say a few minutes long. The content marketplace might shift away from the bundle—shows that you subscribe to—and toward individual fragments. The incentives would evolve toward producing fragments that get Likes. If that model came to dominate, such that the default was no longer to subscribe to any podcast in particular, it seems obvious that long-running shows devoted to niches would starve.

        1. 1

          Yes, I was referring to that bit in the article. To clarify, I meant that I wonder why podcasts have been able to mostly avoid being “Twitterized”.

          1. 3

            Seems like technical limitations make it difficult to share segments in isolation; it’s difficult and awkward to share a URL to a specific point of time in a recording.

          2. 2

            Podcasts have a different target market. Tweets / IG posts / outrage clickbait are targeted at “interstitial moments” - breaks, waiting for the bus, standing in the checkout line. Podcasts appeal to captive audiences - commuters, exercisers, people with jobs where they’re stuck in one place but have to use their hands to manipulate machinery.

            I think you’re painting podcast quality in too bright a light though. There’s some very good, well researched and produced content, but most of it is “talk radio” - engaging personalities who riff off each other, snark, and appealing to a shared ideal or prejudice.

      2. 2

        Partly it could be is that RSS (what podcasts are made on) doesn’t have a standard for comments or likes.

    10. 2

      Annoyance about what they’re doing aside, if you have a legitimate reason to hide certain data from a user, this illustrates well why you can’t trust JavaScript to do it. (“Oh no, hackers! They’re using… curl!”) Do your authorization and filtering server-side. Same thing goes for validation - when the data hits the server, assume they didn’t run your JavaScript.

    11. 16

      I found the “Enable DNS over HTTPS” setting in Firefox Developer Edition 69.0b16 (64-bit). It’s not (yet) checked automatically, but if I do check it, I have the option select “Cloudflare (default)” or specify a custom provider.

      1. 4

        It would be nice if you could specify a few to use in round-robin fashion.

        1. 3

          That’s called loadbalancing and you can usually solve that either via DNS or by any other HTTPS loadbalancing method.

          1. 7

            via DNS, you say… :-)

      2. 2

        I implemented my own DNS-over-HTTP/2 implementation for use at home (RFC-8484) isn’t that hard to implement) when it became apparent that Mozilla was shoving this down our throats. The recent version of Firefox wasn’t using it, this possibly explains why.

    12. 4

      See also: “cloud to butt” (

      I wouldn’t actually use either of these, though. I vaguely remember hearing of someone who accidentally had “cloud to butt” modify an important document and didn’t notice.

      1. 7

        The NYTimes published an article that replaced Great Recession with Time of Shedding and Cold Rocks because the writer forgot to turn off the millenial snake people extension.

    13. 18

      It’s missing one, the most common one.

      Create and sell something completely different. eg. An embedded device. A service, whatever.

      However, it uses (probably many) open source components which you contribute to and/or developed to scratch an itch on the way.

      ie. You don’t go into thinking “How do I make money from doing Open Source?”

      You go into it thinking, I’m making money doing X, how do I decrease my input development and maintenance costs?

      How do I create an profitable and rewarding ecosystem (for everybody else) around the stuff I’m making and selling?

      How do I stand on the shoulders of giants and ride them into the future, instead of being stuck in one of their footprints?

      1. 2

        I think it makes more sense to open source something where you are willing do all maintenance for the software, are willing to build a community around a piece of software, or want to use a piece of software across jobs and companies. The normal is still a power law of contributions so you shouldn’t expect open sourcing a piece of software to by itself lighten the development load.

      2. 2

        Create and sell something completely different. eg. An embedded device. A service, whatever.

        Software consulting (not necessarily using the OSS you release) is a popular one. Plataformatec and DockYard (Elixir), ThoughtBot (Ruby), and Cognitect (Clojure) all do this in their respective communities. Their OSS work builds their reputation and gets them business.

        Also, lots of developers get paid while doing small amounts of open source work because the proprietary systems we work on are built using OSS components, and improving those components helps us do our jobs better. That wouldn’t be enough time to own and maintain a complex project, of course.

    14. 1

      What motivates people to rebase branches? I’ve come to the conclusion that it’s about vanity.

      When possible, I like to make a one-commit PR, so that git blame shows a single cohesive change with a single, clear commit message explaining it. I do a bunch of messy commits while working, then squash into one before making my PR.

      I doubt anybody looks at my commit history to judge me, so there’s no vanity at play here, IMO.

      When it’s time to merge, I do not want a squash merge, because that makes git branch --merged useless.

    15. 26

      The most important thing in my experience is: absolutely do not disclose your current salary, and ideally do not even disclose your desired range. The first person you will speak with at a prospective employer is commonly a recruiter or someone in HR. When you are asked what your salary expectations are, just tell this person that your primary concern is that you find the right fit, and that if this opportunity is the right fit for both parties, both parties can be flexible on salary. Then salary is not made to be a blocker up front (as with any negotiation, your BATNA can help your confidence, so being currently employed (rather than job-hunting while unemployed) can be a big asset, at least if your personality is like mine and you don’t automatically tend toward great negotiating confidence).

      Giving the prospective employer any number n makes n + a tiny little bit the absolute maximum that you will be offered. If you cannot proceed without giving a number, it would be greatly beneficial to determine the approximate salary bands at the company you are applying for. I have randomly messaged people on linkedin (outside of my comfort zone, but it comes from my primary advice oracle, see below) and found them receptive to coffee, text chats, linkedin chats, etc - most working developers are various degrees of happy to discuss most aspects of their job with you. Most people who you aren’t already friends with will not disclose their precise salaries in the US in my experience, but any guidance is helpful, as the range is all over the place. For a 5-7yr experienced Rails dev (in my personal experience) you could reasonably expect to ask for anywhere from 90k to 170k, depending on a whole load of factors/circumstances I cannot even pretend to understand. The variance is enormously high in our field. The place you are applying, the level you are applying at, etc are all huge factors that will be unknown to you if you don’t actively try to discover some hints from people who work there or have worked there.

      To put it mildly I don’t generally subscribe to what I take to be his world view, but I have benefitted extraordinarily from the salary/negotiation/career advice in three Patrick McKenzie articles. Most of what I recommended above comes from these three articles (though what I recommended has also proven true in my own decade of experience, and I am consequently making generous salary/benefits/equity I would be happy to discuss in further approximate detail via PM) and I re-read these three articles before any potential job change, salary/promotion discussion, etc that I may engage in:

      1. 5

        I can absolutely subscribe to the first blog post (and curiously, also share your unease with patio11). I was reading this when interviewing last time and the company did everything right by the book as the blog post explains, so I could see right through what and why. To the point where it felt kinda ridiculous since I could basically quote the paragraph by which they are playing.

      2. 5

        The most important thing in my experience is: absolutely do not disclose your current salary, and ideally do not even disclose your desired range.

        This does not always work. Sometimes the potential employer will say “we need to know a ballpark desired range so we can decide if it’s worth continuing or not. We’ve had people ask for unreasonably large amounts at the end of the interview process and it was a waste of everyone’s time.”

        I think that’s reasonable. However, the reverse is equally true - if they need to know a ballpark number to proceed, maybe you do too. Assuming good faith on both sides, something digitally equivalent to “each of us writes down a range and simultaneously hands it to the other” would be fair. (I haven’t actually tried this - can anybody suggest an online way to do this?) Otherwise they’re getting to see your cards when you can’t see theirs.

        1. 4

          This does not always work. Sometimes the potential employer will say “we need to know a ballpark desired range so we can decide if it’s worth continuing or not. We’ve had people ask for unreasonably large amounts at the end of the interview process and it was a waste of everyone’s time.”

          Yeah, I think it’s much less-bad to give a desired range than a current salary (or specific expectation), as long as you understand that the bottom of the range you give is effectively “the number” in their eyes. I have said “mid-hundreds” (mid-hundred-thousand-dollar range), which is a nice phrase if you are in the position to negotiate like that, since it’s vague about the bottom of the range.

          Also, when very pesky employers have repeatedly and pointedly asked what I am making now, I have said as a last resort “This is how much I need to leave. My salary now is not a topic of conversation.” and then given a number. I haven’t ended up taking any of those jobs, though I have gotten offers that way.

          1. 3

            as long as you understand that the bottom of the range you give is effectively “the number” in their eyes.

            Yeah, there’s the rub.

            I have said “mid-hundreds” (mid-hundred-thousand-dollar range), which is a nice phrase if you are in the position to negotiate like that, since it’s vague about the bottom of the range.

            Nice trick!

        2. 2

          I agree that both parties should know early in the process what is the ballpark number each is thinking. As long as they talk about that after they share the number. But having been on both sides of the hiring process I suggest to not give the number first. If you’re applying and they ask, “what kind of compensation are you thinking?” Respond with “I’m still deciding as I learn more about the role, what is the salary range for this role?”

          In California the employer cannot ask you for your current comp, but they can ask what your desired comp is. But you can ask them (and they’re supposed to answer) what the salary range is for the role.

          Reading “How to Win Friends and Influence People” helped me get better at this. And there is a create episode from NPR called “An FBI Hostage Negotiator Buys A Car” that I think could be useful.

          The bottom line is either the company has money to throw at problems like having enough people to do the work or they don’t. Get a feel for that and if you think that might make it difficult to get a comp you want… be ready to show what hep you can bring to their company right from the start. And this is the big one, show them how much you can grow with their company. Hiring is expensive and they should want to invest in people.

          If they’re not engaging in a discussion and are just sticking to an existing range for the role, you’re competing against a market that they think has plenty of other candidates or it is a red flag around how they view their staff.

          Good luck!

      3. 5

        BATNA is incredibly important! Being able to (plausibly) just walk away from a deal gives you much much stronger negotiating position.

        I’ve had situations where the employer said “No, we can’t pay that much”, and when I said “Bye then” (with more pleasantries, that’s a short version), they later came back accepting what I asked for.

        1. 4

          I’ve had situations where the employer said “No, we can’t pay that much”, and when I said “Bye then” (with more pleasantries, that’s a short version), they later came back accepting what I asked for.

          I have had that experience as well - the first time, it was not a negotiating tactic, it just wasn’t worth it for me to take an offer $15k lower than my other offer, even though it was a job I really wanted. I felt that I had walked away, but a week later they called me and had made that $15k happen. It was my first “officially” fully remote job, and I worked there for over 4 years!

      4. 1

        The most important thing in my experience is: absolutely do not disclose your current salary, and ideally do not even disclose your desired range.

        This seems like bad advice. If you have a current job, you should give a number (which should be your current gig + $10k or $15k, depending on what you want to go up to). If they can’t afford you, it’s best to get that out of the way right off the bat and not waste anyone’s time.

        1. 6

          I disagree a great deal. Giving a company a number will peg your salary at that number (maybe plus 5% or so), and it will make negotiating much harder since you’ll be negotiating against a number you provided. It should be feasible to discover whether a company “can afford you” or not before applying, but if not, why limit your potential salary to avoid a potentially waste of time? The risk of wasting ~4 hours of interview time vs the risk of leaving 20k/year over 4 years on the table seems worth taking in my opinion anyway.

          Even philosophically, having a number that you “want to go up to” seems like the wrong mental approach: in the ideal case, you determine what a company is willing to initially offer you, then try to go 5-10% above that.

    16. 1

      Related: remember that your commits are tied to an email address. If you want to associate them with your account long-term (eg, your open source work), be sure you use an email address you control long-term (eg, not a work address).

    17. 2

      I once made a badly-drawn cartoon with a similar point:

    18. 3

      I think this is an awesome idea.

      Instead of random potential users, we would need to use other programmers who may need to read the code later.

      Good reminder that “readable” or “understandable” code is subjective, and the opinions that matter are precisely those who will need to read and understand it.

    19. 13

      This appeals to me. However:

      But how can I then keep the style and layout of all my posts and pages in sync? Simple: don’t! It’s more fun that way. Look at this website: if you read any previous blog post, you’ll notice that they have a different stylesheet. This is because they were written at different times. As such, they’re like time capsules.

      While that’s kind of cool in its own way, I don’t prefer it. Especially when it comes to a site menu.

      My first web sites were hand-coded HTML. My motivation to learn PHP was that I wanted a consistent menu across all pages, and copy-paste was not maintainable, so I landed on PHP’s include. From there it was down the rabbit hole to becoming a web developer.

      I use a static site generator now for, which I mostly write in Markdown. It wouldn’t kill me to write HTML, but I don’t want to copy and paste a menu everywhere.

      1. 8

        Case in point about the downsides, the cv link is correct on the author’s homepage. It is not correct on this page. That’s an easy mistake to make, and I’ve definitely made versions of it. However, it’s much more pleasant to fix when you can fix it everywhere by updating a template.

        1. 3

          Thanks for the heads up :-)

          Edit: Solved by sed -i 's,href="cv",href="../cv",' */*.html. In my mind, simpler than a CMS or static site generator.

          1. 3

            “Simpler”, sure, maybe. At least for now. But maybe it won’t always be such a trivial sed command. Maybe you wrote the html slightly different in certain spots.

            A simple or custom-built static site generator would avoid mistakes like this altogether. You could have one file for your head element. Nicer menus, sidebar, etc. And you could still write most or all of it in pure html if you wanted to.

            Simpler doesn’t necessarily mean better.

            1. 1

              If you need the same template for all of your pages, then yes – a templating engine is a good idea.

              But if you don’t need this, then a templating system makes the process unnecessarily complicated. Creating a template in a special language and fitting all pages to the same mold takes much more effort than most realize, especially in comparison with just writing single HTML pages.

              For example, look at my software page. I have some fancy HTML and CSS to render sidenotes in the margin (unless you use a small screen). Because the page is “self-contained”, I don’t have to worry if I ever edit the style sheet for other posts. But if I used a templating engine, I would have to worry about it.

      2. 5

        Everything old is new again (or something like that)… you can always use server side includes for common elements.

      3. 2

        I like keeping my content and the final HTML site separate, and using the content to generate the site. It makes my content more flexible, but also makes generating the global menus easy, which is important to me so that my readers get a good experience.

      4. 2

        I haven’t actually used it but the caddy web server appears to have built-in templating features:

      5. 1

        Dreamweaver supported keeping sites’ themes consistent when I tried it long ago. It was templates or something. Maybe one of the open editors can do that, too. Otherwise, it would be a good feature for them to add.

      6. 1

        I hear you. I think the obvious solution then is to use something like PHP or SSI. Of course, that’s another layer of complexity, but not as much as a static site generator or CSS.