Today for the 4th time I explained to my colleague that just because the front end app can perform validation doesn't mean the backend shouldn't. Every fucking time for all of them.

the actual need to explain that would be soul damaging to me...
bless you

Show them how you can bypass front end validation. Then they will understand.

@smb26 right?

you know when you store timestamps for every users last login? I had an api guy once told me that I need to call an api method after logging in to set that up, instead of the actual login method doing that itself.

Actually, validation IS a backend job. Front-end only validates to make the life of the user easier.

Just tell him that just even when he knows the guys in his favourite gay bar, he still should insist that they use condoms.

Oof

Imaging working for a lottery and being the „frontend“(More complicated but simplifying here) and the backend accepting a lot of shit.

Backend devs be like: We expected you to only send valid requests, we can‘t handle the errors, sorry. We will maybe handle those things in one of the next sprints if it has a high priority.

@rutee07 I even validate at internal interfaces between separate components because if something goes wrong, that makes debugging so much easier.