19 bad programming practices (many of which I committed myself)

I just realized I have been building software for a living for 19 years now. To celebrate that, here are 19 bad programming practices I have witnessed and sometimes even practiced myself at some point during my career, in no particular order.

1. Naming: abbreviations, naming after type instead of role, inconsistent names, failure to use business terminology
2. Error handling: swallowing exceptions, using return values to signal errors, failing to protect against error conditions, over-checking for impossible conditions
3. Failure to sanitize user-provided data (serialization, query injection, XSS)
4. Responsiveness: invoking long-running code in a blocking way - worse if failing to provide progress updates to user
5. Domain modeling: devoting too much attention to technology and failing to understand and address the business domain, failure to properly model the business domain in the code
6. Lack of proper separation of concerns (coupling independent business concerns, or coupling business and technology concerns)
7. Configuration in code, user credentials in code
8. Reliance on an IDE to produce builds
9. Premature optimization
10. Comments: describe the code but not the intent, lack of comments, too many comments
11. Keeping code around for features that are no longer or have never been needed
12. Testing: failing to create good test coverage for non-trivial code, checking in a new test case that has never failed, having a test case call other test cases for data setup, writing to stdout instead of producing an actual test failure, getting used to having a test case that is known to fail once in a while
13. Over-aggressive locking or not protecting data enough against concurrent access
14. Attempting to fix a bug without reproducing it reliably first
15. Committing changes meant to address multiple issues/features as a single change set, failure to provide a commit message that explains the rationale behind the change, mixing reformatting (including choice of line terminator or indentation character) with actual code changes
16. Failing to isolate dependency on specific technical solutions (a database product, or a data storage paradigm) so it spreads throughout the codebase
17. Creating own solutions for problems that already have solutions that are widely available (NIH, obliviousness)
18. Failure to honor existing/prevailing style in the codebase
19. Copying code from an open-source project off the internet and sticking it into a commercial codebase

Any others that you have seen but I missed?

By the way, we can help boost your team's throughput by building entire tools, backend modules or micro-services for your product. If you are interested, please send a note to [email protected].