AI coding agents love wrapping everything into god-objects. Layered architecture fights that instinct at the structural level. Your code gets smaller files, better tests, and agents that follow the pattern instead of inventing their own.

FastAPI and Flask make it dangerously easy to put everything in one place. Database calls in route handlers, business logic scattered across a hundred files, no clear boundary between what receives a request and what decides what to do with it. Here is how to fix that with proper layering.

Yesterday I wrote about prompting an AI to create a Git branch. Today I want to revisit the sheer absurdity of what that request actually costs in compute, energy, and money. The numbers are sobering and tragically funny.

I caught myself prompting an AI agent to create a Git branch. The prompt had more keystrokes than the command. That moment revealed something uncomfortable about how we're starting to confuse two very different tools.

Adding Giscus comments to a static Astro blog on Firebase is a breeze, but a tiny CORS detail can catch you off guard. Here is why I chose it, how it works, and how to successfully apply a custom theme.

OTel gives you seven metric types, and picking the wrong one costs you. A practical breakdown of Counters, Gauges, Histograms, and the rest, with a short intro on how the whole system fits together.

A deep dive into a powerful local privilege escalation exploit that abuses Linux's cryptographic sockets and the page cache. We explore how it works, why it gives passwordless root access, and how container runtimes stop it.

A field guide to the many flags and options behind `set`, with a reference table and the combinations you'll actually use in real shell scripts.

Most takes on vibe coders are negative, and well deserved. Then I watched a 30-second video that reframed the whole thing, and a second one that pulled me right back. A post that bounces between the two, ends pessimistic, and still finds a reason for hope.

How I built an AST-powered word wrapper to keep my 80-character Vim workflow without breaking the project's unwrapped Markdown standards.

Building a secure sandbox for an AI coding agent is a fascinating game of cat and mouse. From shell injection to OS-level sandboxing, here is why blocking tools isn't enough, and why treating agent output as untrusted code is the only way forward.

AI agents produce code fast, but they also make architectural decisions that slip past review. When things break, you're reverse-engineering an alien system. The fix might be surprisingly low-tech: a weekly meeting with your agent.

Writing precise specs so AI agents don't drift feels oddly familiar. It looks a lot like the structured engineering of the 1970s and 80s, the very thing Agile promised to replace. Maybe we're feeling the hangover of decades of loose planning, and the cure is to start engineering again.

A metal concert in Berlin, AI-generated music nobody can play, vibe-coded software nobody can maintain, and the question that ties them all together.

A tool that watches directories and auto-commits changes to git, fully unattended. How it works, the design decisions behind it, and what I learned building it with systemd templated units.

Templated units, drop-in overrides, user vs system scope, and a debugging workflow for when things go wrong. Everything I learned while building a tool that needed many instances of the same service.

Running systemd inside a container is considered bad practice. I did it anyway, on purpose, for end-to-end testing. Here's why blindly following best practices can be worse than thoughtfully breaking them.

The dominant narrative says AI will eliminate programming jobs. A more interesting perspective, borrowed from a recent O'Reilly article, argues the opposite: AI makes the craft more technical, not less, and the "two computers" problem is just getting started.

How AI coding agents lower the effort barrier for doing things right, making clean code, tests, and proper architecture non-negotiable from day one.

How to set up a Tor hidden service to SSH into a remote machine without opening ports, configuring NAT, or exposing your server to the internet.

Building an intelligent copy button that extracts only the commands from shell snippets, handling prompts, continuations, heredocs, and output.

Infrastructure as code for a static blog: bootstrapping a GCP project, provisioning Firebase Hosting with Terraform, and wiring up DNS at Spaceship.

How I set up a terminal-themed tech blog with Astro: from choosing the stack to stripping it down for production.