Triggered by a Fork
The Tanstack supply chain attack bypassed npm's trusted publishing in six minutes. I recognized the mistake immediately, because I almost made the same one years ago reviewing a CI pipeline.
Read more →The Tanstack supply chain attack bypassed npm's trusted publishing in six minutes. I recognized the mistake immediately, because I almost made the same one years ago reviewing a CI pipeline.
Read more →AI discourse wants you to pick a side. Two decades in software taught me one thing: shipping beats arguing every time. The builders define the next decade.
Read more →AI's breakthroughs are real. What comes next is not better models. It is the systems, standards, and infrastructure that turn a spark into something that lasts.
Read more →Engineers are trained to wait for tickets. The fastest way to break that habit is to fork a tool you already use and fix the first gap you find.
Read more →Open source spam has evolved. AI now generates the low-effort pull requests that maintainers dread. Here is how to contribute without adding to the noise.
Read more →Systems thinking separates builders from architects. As AI writes more code, understanding how services fail under load is a skill only experience teaches.
Read more →Bun's Zig fork promised 4x speedups but missed the real bottleneck. AI can help us move fast, but only careful engineering keeps us safe.
Read more →We over-engineer before we understand the problem. Solve the actual need first, then let the architecture grow naturally.
Read more →The AI era pushes developers to chase every new tool and trend. I have watched colleagues burn out from this race. There is a quieter path.
Read more →GitHub promised 99.9% uptime. The real number is closer to 87%. What happens when the platform every developer depends on ships AI features faster than reliability.
Read more →Disclaimer: All content reflects my personal views only and does not represent the positions, strategies, or opinions of any entity I am or have been associated with.