Latest writing
Dependency cooldowns considered harmful: a first-principles analysis
Dependency cooldowns promise supply-chain safety by hiding releases for N days, but the math shows they guarantee extended CVE exposure while catching only a narrow band of attacks that lockfiles and staging already cover. The time buffer belongs in staging, not the resolver.
Read the post →More posts
-
First Principles: Distributed Systems (Most of Yours Should Not Exist)
Distributed systems thinking is drowning in inherited wisdom — microservices by default, horizontal scaling as a reflex, eventual consistency as a catchphrase. Strip it down to six irreducible truths and most of that...
-
First Principles: Data Engineering and ETLs
ETL is not a law of nature, it is a convention born from constraints that no longer exist. Strip data engineering down to its irreducible truths and rebuild it from scratch. What emerges is a discipline centered on...
-
First Principles: DevOps
Strip away the Kubernetes hype, the “DevOps Engineer” job titles, and the cargo-culted CI/CD pipelines. What’s actually true about DevOps when you reason from first principles? Five irreducible truths, six design...
-
First Principles: Software Design
Strip away the design patterns, the SOLID principles, and the architecture astronautics. What’s actually true about software design when you reason from fundamentals? Five irreducible truths, three reconstruction...
-
First Principles: Software Observability
Everyone knows observability means logs, metrics, and traces. But what if you strip away the vendor marketing, the inherited conventions, and the cargo-culted dashboards? What’s actually true? A first-principles...
-
Taming Your Dev Chaos with direnv, .env, and .envrc (Plus a Sneak Peek at mise-en-place)
Stop manually juggling env vars like a clown — learn how direnv auto-magically handles your dev environments with .env and .envrc files. Includes a sick custom layout uv function for Python projects and a teaser on...
-
Git usage guidelines for team collaboration
Suggestions on how to use a code repository with git for teams.
-
Remove big files from a git repository
Remove large blobs from your git repository history
-
Access Google Spreadsheets using gspread and OAuth2Client
How to access Google spreadsheets using the Python module gspread and the OAuth2Client authorization system.