Edit: so im done with my preliminary research into this codebase.
Our corporate SSO provider is changing, so I've been updating our tools to take advantage of the new badges. I found this in a web application that I started on today. The original developer is long gone, and according to our PaaS, this app has been running for just under 3 years without an update.
There is no CI/CD, blue-green deployment, or back ups. The database is an H2 db with ddl-auto set to create-drop on startup, meaning that this database will delete itself if the app is restaged but thanks to this guys code, it won't populate itself. 🤷
Heh. That looks like it has decent odds of being a "company ending event" incident, to be specific.
But at least there's lots of comments. And maybe someone already put a safety net in somewhere else and just forgot to update the 20 comments. It could happen.
Under different circumstances, sure. As it is, worst they could expect is a fine from our regulators for data retention hits. We could recreate the info easily enough if our suppliers played nicely.