Android Alebrijes - Dealing with legacy code.

Alebrijes are brightly colored Mexican folk art sculptures of fantastical creatures. Alebrijes are very strange and unknown animals.

A new user story comes for grooming, apparently a very small change, but as part of the requirements you have to change the legacy class, yes that class that no one wants to touch and everyone is scared of, sounds familiar? After reading the story, everyone agreed on 3 points, you think you can do it faster, but you want to be cautious so you say 3.

When the sprint starts you are very excited to do the change, you open the code, and boom, you found an alebrije. What the falafal is going on here?, this story requires more things than I initially thought, how I will be able to finish this? and I’m not even able to understand the code.

Wait, how did we end up with this implementation? Why the code is written in this way? Ummm, there are multiple reasons why this piece of falafal ended up like this, but now is not the time to find a culprit; as one of my managers use to say, “you touch it, you own it” or “Es tu perro y tu lo bañas”, now you are the owner of this code and you are responsible for this.

Let’s be honest, every single project around has code like this, a lot of code is already a mess, and we need to learn how to live with it, so the real question is what can we do to make it better? How can we improve the quality of this code?

Every situation is different, and there is no silver bullet to deal with this mythical beasts, but let’s start with the premise that you got a very old piece of code with zero documentation, zero unit testing, and not following the architecture patterns, conventions and best practices for Android. With that in mind here are some of the things that you can do:

Improving Documentation 

How much documentation do we need? Only whatever you can keep updated. Keep it simple, but not too simple. Add enough detail to understand how the implementation works.

Start by creating a simple diagram. It can be a simple diagram with boxes and their relationships. This will help to understand what components are involved. If the authors of the code are still available, involve them.

After the basic diagram, you can create a navigation flow, a high-level class diagram, and sequence diagrams to understand the flow, dependencies, behaviors, and responsibilities of each component.

When the feature includes complex business logic, use the Debugger and logger to understand it better. Document all your findings.

Start documenting the code

• Public methods. Start with public methods. Those are the ones expose to external invokers and require good documentation.
• Exceptions. Document possible exceptions to be thrown by methods.
• Executable specifications through unit testing. This will continuously increase with each iteration. Try to follow a pattern where we clearly specify the scenarios under test and the expected behavior. One popular naming convention Should_ExpectedBehavior_When_StateUnderTest.

Make a list of to-do items to improve the code. TODOs can be included in the code or using some wiki page. Next time someone has some free time, they can come to the list and pick one of the items.

Improving Estimation

Don’t shout yourself in the foot, be prepared ahead of the grooming. You need enough time to work on legacy code. We need to be as accurate as possible. We don’t want to introduce more technical debt or make the code worst.

Start by reading and understanding the user story.

Identify the changes needed to accomplish the new functionality.

When the story has a big impact on the code, split it into small to-do tasks.

Estimate the required tech tasks to complete the user story. Don’t forget to include integration testing or data preparation when needed.

Improving Testing

Without tests, there is no way to tell if we are breaking existing functionality. Don’t trust code, not including tests.

But where do I start if most of the code is in the views, in private methods, static functions, and final classes?

Robolectric

Robolectric lets you run view tests without an emulator or physical device. This will help you to write tests for the views without installing the app. You can test activities or fragments in isolation. Robolectric extends Android framework with a large set of test APIs. Robolectric uses the concept of shadows to extend the behavior of an Android OS component. You can create your own custom shadow implementations.

Kotlin and Mockk

With the help of Kotlin and Mockk you should be able to test static utility methods, static initializers, final classes, private methods. Powerbock is a really good option if you are allowed to use only java.

Improving the code Quality

We can start with small refactors to improve the readability and maintainability of the code. We can start with changes like renaming classes, variables, and methods. This will help us to get a better understanding of the implementation so we can proceed with bigger refactors.

Please make small PRs when making your changes. If you send a big PR, is very likely that reviewers will not be able to follow the changes. Additionally, include in the PR description the problem you are trying to solve, and the solution.

Problem/Requirement

Include a description of the problem or requirement to solve

Solution

Description of the solution

Refactoring

The next refactors will require a full regression testing by your QA, be very careful about when to do these changes.

• Separate UI logic from application logic. Move logic outside of the Views. Nowadays we have MVP, MVVM, MVI, but all of them have the same intent Separation of Concerns. Try to keep the view classes lean to avoid life-cycle related problems.
• Life Cycle Aware components. Move logic triggered by lifecycle events out of the activity/fragment. This will help you to keep your code more organized and maintainable.
• Use LiveData and Flow to notify data changes to the View.
• Use Coroutines to simplify your background operation handling.
• Move data access logic to repositories.
• Extract code to new classes using kotlin. Kotlin will help to simplify and made the code safer with java support.
• Use DI. Encapsulate related behavior and expose it using interfaces. This will help you with the tests.

Architecture Components and Guide to App architecture

Android already has a guide with the best practices and recommended architecture to help you design robust, testable, and maintainable apps. You don’t need to reinvent the wheel, use the Android guide to App Architecture and Architecture Components collection library. The code works consistently across Android versions and devices so that we can focus on the related to our business domain.

Follow the Boy scout rule

We keep doing small changes to the code to improve it. The code gradually will get better and better. With this rule, we will see the team caring for the system as a whole, rather than individually caring for the parts they build.

And that’s all, I hope little by little we get rid of those alebrijes, and we don’t add more technical debt during the process :).

Are you a good Software Developer?

Are you a good Software Developer? Recently I heard this question and it really caught my attention.

How can we answered this? are we good because we do our testing? because we pass the sonar quality gates? because we finish our tasks on time? or based on production statistics like app rating, or existing bugs? 

Well, tools and reports will definitely help, but I think is also based on expectations. 

I still remember when I heard someone having big expectations from an specific developer. Was he able to fulfill them? Not sure.  

I think the same developer can have a different evaluation depending on whom you are asking. the client, the PO`s, the manager, the architect. 

The true is, We can not ignore those expectations. So let's focus on some of the most common expectations for a Software Developer in the job market. At the end the companies are looking for good Software Developers right? Do we really know what we are signing for?

Problem Solver and analytical skills

Here, We can have technical, and not technical problems. It refers on how we overcome the problems, on how we response to different situations.

So, we get a problem, we set a plan, we execute that plan, and finally we evaluate the results.

But wait, Is the problem even solvable? Did we find the root cause? Is the solution solving the actual need? Did we check the whole impact of the solution? Did we include all the involved parties?

Communication Skills

This very important because we are supposed to work in a team. We also need to stand up to our ideas, suggestions. We need to also interact with not technical people without jargon. If we want to succeed, Is not enough being brilliant, we need to clearly communicate our ideas.

Passion

Sometimes doing software development can be quite stressful. Long meetings, constant changes with rigid deadlines, dependencies with multiple teams with a different commitment to the project, or pressure when critical production defects are found.

And depending on the company you work for is highly possible you don't have a social life.

All of these can be enough to quit being a Software Developer, but If you haven't let's answer these questions: Do you feel satisfied doing this or would you rather being doing something else? Are you proud of your work? Do you stick to only doing your work? Do you feel motivated to keep learning new technology? If you don't have passion is ok, as long as you keep giving results.

Do you go with the best possible solution?

I want to clarify that not everything is bad about being a Software Developer, there are a lot of cool things about it, but we can have those cool things for some other discussion.

Continuous learning

Willingness to keep learning new skills, new technology, new programming languages.

Includes being aware of the latest Software development practices

Learning can come from multiple sources like:

• Books, Blogs.
• Individual courses.
• Coding boot camps. Some of them provide a mentor for some months. They will guide you to speed up your learning in the selected technology.
• Codelabs. I really like Android Codelabs.
• Joining software open projects.
• Find a mentor. 
• Conferences, Meetups.
• 1 on 1 with your manager. I have found this very useful. 

Team player

Is impossible to work alone these days. We are in constant collaboration, and We need to work on the relationships with the other team members.

I have seen amazing engineers not able to succeed in a company because they were unable to integrate with other teams. But that was also as result of lack of communication skills.

Being a good team player means helping to create a collaborative and positive working environment.

Don't being arrogant because you are the most senior developer. It means being humble. We always learn something from each other. We are all responsible for the project(s).

When the team succeed we celebrate, when the team finds some problem, we solve it together.

Are you helping others to succeed? Do you get satisfaction when the teams improved?

Are the team members happily coming to you when they have a question?

Shared knowledge

Mentoring other developers is a very important task in a project. Additionally, when you try to explain something, you know if you really understand the concept.

Are you Collaborating with ideas to improve the code, or the existing processes?

Are you engaged with software communities?

Do you share your knowledge writing Blogs? through code reviews?

Are you teaching by example?

Time/Task management. Achieve results

Can you do multitasking? Are you able to prioritize and work on the most important at the moment?

How accurate are yous estimations?

Can you manage details and keep sight of multiple projects?

Adapt to changes in requirements, and exploring new solutions.

Are you delivering quality results? are they on time?

These expectations will give us an idea of some of the most common expectations for a Software Developer in the market. But what about yourself, how do you feel? what is your personal feedback? are you a good Software Developer?

Having said that, I think I'm a good developer, but I'm not completely satisfied with what I have been doing, I still have a lot of things to improve. :)

How I lost 10x in crypto and lessons learned

and the quarantaine began... 

As a software engineer, I was very lucky to be able to work from home.what could possibly go wrong? 

Being at home, I started cooking, exercising, watching netflix, crunchyroll, amazon video, ohh boy, after two weeks - 24 hours alone, everything became like a routine, very boring, unhealthy, I needed to find something interesting to focus my mental energy. 

What?, Bitcoin, Blockchain, decentralized money, I was getting very excited, all of this sound incredibly amazing; so I started investing my energy in crypto. 

The first time I heard about bitcoin was in 2017,  but by then I was more interested to buying cows than anything else :)

I got some ethereum, bitcoin, chainlink, and by the end of April I was getting very good investment returns. So what went wrong? 

This is what I did wrong, yeah is all my fault and everything started with a Scam. 

I subscribed to a youtube channel posting content about a famous businessman and book author. I want to clarify here, "it was not the official channel of the businessman". My big mistake. 

By May 10, we had all the excitement about bitcoin halving. I still remember seeing in the channel the bitcoin giveaway. How it was supposed to work? you send some bitcoin and you get double amount back to the same address. I checked the site, and the transactions, everything look pretty real. I got very emotional, and yeah I sent some of my bitcoin to that address. 😅

I lost my crypto in a Scam, and the next days I was feeling very silly, stupid, how can I think people will love me so much to give me free money, hahaha. 

The next days, I was thinking, Isn't there some place were I can report all of this cyber crimes? 

After some research, I found a couple of options, but there is a company tracking the scams, so I created a request to investigate the scam I was victim of.

When creating the ticket I had to provide information like my email, phone, and the address where I sent the crypto in the scam. Everything was feeling like general information they will need to do the investigation. 

well, maybe it was a coincidence, but 15 minutes later after creating that ticket, my account was accessed and all my crypto was stolen from my account in a very popular exchange.

How did the hackers got access? I felt like my password was strong enough, I had 2 factor authentication enabled, my Account seed was stored only in paper, and still someone enter to my account, converted all my crypto to bitcoin, and sent to an address. 

I contacted the exchange, with the hope they can return my stolen bitcoin, but after some days, they replied back saying that all the operations were executed using one of my registered devices. 

In some way the hacker got access to my computer, and also got access to my phone authentication code. 

These are the suggestions I got from the exchange:

• Scan the devices with anti virus.
• Reset email password. 
• Check unfamiliar rules, filters, forwarding addresses, recovery emails.
• Reset password in the exchange.
• Contact mobile service provider to inquire about security measures to prevent unauthorized changes such as SIM swap or phone port.

Because it was my fault, the exchange didn't do anything, but they offer help providing transactions details for local authorities. I sent another ticket to the FBI - Internet Crime Complain Center but I never got any replied back.

I was feeling down for a couple of days, the hacker stole the saving I got with a lot of hard work, but after some time I decided to keep learning and investing in crypto, I think is a really good opportunity, but we definitely have some risks to be aware of.

These are the lessons I learned. I hope they help new people learning crypto, so they don't make the same mistakes.

1. Don't keep your crypto online all the time (hot wallet), get your hardware wallet. I personally got my Ledger and now I feel safer.
2. Don't save passwords in chrome. If they get access to your computer, now they have access to all your online accounts.
3. Don't share too much personal information online. We share a lot of information online, specially in social networks. For the sim swap, hacker will need your personal information. 
4. If you want to keep crypto online, don't keep all your crypto in a single account. 
5. Be careful when picking the sources to learn about crypto. Now I follow better sources of information, and mostly only official twitter accounts, and youtube channels. I highly recommend: 
1. Digital Asset News. The channels I was following before never mentioned the scams going on. This channel is fighting the scams every day. Now every time I see a Scam I also report to google. 
2. Ivan on tech. 
3. BitBoy Crypto.
4. Coin Bureau.
5. Chico Crypto.
6. Altcoin Daily.