engineering
Application-layer tenant isolation works until somebody forgets a WHERE clause. Row-level security moves the enforcement to the database, where it cannot be bypassed by accident. The patterns that make it work and the costs that come with it.
history
Modern cities depend on a quiet network of pipes that almost nobody thinks about. The history of those pipes is older than most countries and includes some of the more consequential public health innovations in human history.
engineering
A test mode that customers do not trust is worse than no test mode at all. The patterns that produce a sandbox developers actually use, and the anti-patterns that produce one they tolerate while wishing they could skip.
engineering
Postgres autovacuum defaults are tuned for tables with predictable update rates and modest sizes. Production tables almost never match those assumptions. The parameters that matter and how to tune them per-table.
engineering
HTTP/2 and HTTP/3 are deployed everywhere but most teams treat them as transparent infrastructure. They are not. The configuration choices that matter and the assumptions from the HTTP/1.1 era that break.
security
Disk-level encryption protects data at rest from physical theft. TLS protects it in transit. Neither protects sensitive fields from the queries you accidentally write or from compromised application code. Field-level encryption fills the gap, with patterns and costs that matter.
engineering
A cache works perfectly until the moment it does not, and the moment of failure is rarely graceful. When a popular cache entry expires under load, thousands of requests can hit the origin simultaneously. The patterns that prevent the outage.
engineering
Window functions were added to standard SQL in 2003 and to most production databases by 2010, yet many engineers still write running totals and ranked-by-group queries as nested subqueries. The patterns that should be in every backend developer's toolbox.
engineering
The default pagination response in most API design guides includes a total count. This seems obviously useful and is almost always wrong: counting is expensive, the count is stale before the client sees it, and the UX it enables is one most products do not want. The patterns that survive at sca
engineering
Most teams have a staging environment that nobody trusts. The reasons are predictable: stale data, divergent configuration, and a workflow that treats staging as someone else's problem. The three-tier pattern of dev, preview, and staging, with explicit responsibilities for each, makes staging a
engineering
Error responses are the part of an API customers see when things go wrong, which means they bear disproportionate weight in determining whether customers trust the system. The patterns that survive contact with real integrations and the ones that produce angry support tickets.
engineering
Every public API eventually has to evolve in ways that break clients. The three common strategies — URL path, custom header, and date-based — each solve part of the problem and create different long-term costs. The honest comparison after running production APIs through multiple breaking changes.