The key insight is that most games are released largely once, and then only minor work is done after that. If it's really successful it may get additional ports or content expansions. It does not make sense to pour so much time into making code reusable and clean if it is not going to be built on continuously for long periods of time. Additionally, games do not have to deal with security issues as much; most code is running on trusted data sans networking features. Bad code is 100% counter to security - it's those edge cases where assumptions fail and you lose big time.
As a counterpoint for example, code running on servers should totally be built for the long haul: it's gotta evolve continuously with requirements, it has to cope with edge conditions and especially it has to be secure. You can't get away with the same type of spaghetti in your ACL checking that you can in the code that handles player physics in a platformer.
That does not mean video game devs are bad coders. They are just optimizing for different scenarios.
As a counterpoint for example, code running on servers should totally be built for the long haul: it's gotta evolve continuously with requirements, it has to cope with edge conditions and especially it has to be secure. You can't get away with the same type of spaghetti in your ACL checking that you can in the code that handles player physics in a platformer.
That does not mean video game devs are bad coders. They are just optimizing for different scenarios.