Skip to main content

The only constant is change

Perhaps one of the few common tool types for all developers is a change control system.  During my career, I have used a progression of them:

  • SCCS
  • RCS
  • ClearCase
  • CVS and SVN
  • Serena Dimensions
  • Git (GitLab and BitBucket)
The key features of a version control system are:
  • Keeping all versions of a file
  • Allowing you to tag or label a set of file versions
  • Supporting concurrent editing by multiple people
It's this last item that starts a lot of very passionate points of view.  You will hear statements like:
"You should only develop on master"
"You should/shouldn't have a branch for feature development"
What you need to keep in mind is that the right answer for a particular development environment will depend on many factors.  Let's talk about a few of them.

Deployment size: the number of dependencies increases with deployment size.  What is reasonable for a micro-service in a single language for a single deployment is not going to be the same as a monolith created by several languages.

Deployment frequency: If you release once a quarter, you probably will need to be able to make bug fixes on those deployments until the next one.  If you have embraced agile and are doing far more frequent releases, you probably don't need to re-create a build from month ago.

Other change control items:  Other software version control systems like docker image registries, artifact and build registries, feature flag capabilities may be providing additional version information that must be considered when looking at your source code control.

Your organizational structure: Conway's law applies to version control.  For example, one feature of a distributed version control system is that a QA group can run their own fork of a project and control the pull requests that are put into the testing environment.

Your development process: Saving the most important for last, what is your development process?  If a build breaks, is that pull request just rejected and development continues?  If that pull request already merged and the build stays broken until it's fixed?  Can other developers continue work in their local environments or on branches until it's fixed?  All of these questions will have different answers and have the most impact on how your organization will be using version control.

Version control and managing the changing of your source code is a universal experience for all professional developers.  It will pay dividends to know not only how to use the version control in your environment, but also the features and possibilities that are not being used.  Because the only constant is change and the answers of today may not be the right ones for tomorrow.
 

Comments

Post a Comment

Popular posts from this blog

Spring Boot native builds when internet downloads are blocked made simple

 No direct access to the internet If you work at a company that controls their software bill of materials, it's quite common to be blocked from directly downloading from: Maven Central Docker hub GitHub (the public parts) Getting the bits Maven Maven is first, because without it, you won't be able to compile your Spring Boot application, let alone move on to turning it into a native docker image. I will be showing changes need to work with artifactory, but you should be able to adapt it to other mirror solutions.  repositories {   maven {     name = "central"     url = "https://artifactory.example.com/central"     credentials {       username = "${project.ext.properties.artifactory_username}"       password = "${project.ext.properties.artifactory_apikey}"     }   } } With this configuration change, you should be able to download your plugins and dependencies, allowing you to compile and ...
Post a Comment
Read more

Kotlin Notebook when you're blocked from Maven Central

 TLDR; If you are blocked getting to maven central when first using Kotlin Notebooks because of company firewalls, you can use a tool like Fiddler Tool to redirect to a different network location. Kotlin Notebooks Kotlin Notebooks are a JDK based environment that brings the Python based Jupyter Notebooks  expressiveness to IntelliJ. From the blog post announcing the plugin, it looks like this: At home, the installation of jar files looked like this: I played around with it at home, but I couldn't use it at work.  Many companies, mine included, do not allow software components to be used when downloaded directly from the internet. In my companies case, we use a product called Artifactory, which allows you to mirror the content from Maven Central while still applying policies like CVE scanning, tracking, etc. The way it should work IntelliJ, as one of the leading IDE's, generally supports this quite well.  In fact, there is a whole setting page dedicated to dealing wi...
Post a Comment
Read more

Active vs. Passive Log4jShell remediation

 Log4jShell  All computer professionals should be aware of the Log4jShell ( CVE-2021-44228 ) and it follow on defects.  There is no shortage of opinions and lessons to be be learned: The difficulty of performing safe interpretation The problems when assumptions are not clearly documented.  I, for one, was completely shocked to find out that a logging system would actually attempt to do variable substitution in an actual message. The difficulty of finding and resolving issues with such a common library that is not provided by an OS package manager. IT'S A LOG4J CHRISTMAS One of my favorite podcasts, Security Now - episode 850 , discussed an analysis by Google regarding the depth of log4j dependencies.  From the show notes : One contributing reason is because Log4j is, more often than not, an indirect dependency. Java libraries are built by writing some code which uses functions from other Java libraries, which are built by writing some code which uses functions f...
Post a Comment
Read more