We're all learning how to ship more side projects. If you're "in the bubble" it can feel like everyone is repo-maxxing. Shipping weekly. Spinning up agents to scaffold full apps overnight. New OSS dropped every Friday. The reality I see with most developers is much more normal: They have six or seven repos sitting in various states of half-attention. A side project from last year that still gets a
Hey dev.to community! I just launched CodeLens AI — an AI-powered code review tool that automatically reviews every pull request. Connect your GitHub repo Open a PR AI automatically reviews the code Detailed review comment posted on PR Bugs and logic errors SQL injection and security vulnerabilities Performance issues Code quality improvements Next.js + TypeScript NextAuth + GitHub OAuth Supabase
We Cut Compliance Costs by 40% Using Pulumi 3.140 and Chef 18 for Multi-Cloud AWS and GCP Modern multi-cloud environments offer unmatched flexibility, but they also introduce complex compliance challenges. For our team managing hybrid infrastructure across AWS and GCP, manual policy enforcement and fragmented tooling were driving up compliance costs by 22% year-over-year. By integrating Pulumi 3
Why We Open-Sourced Our AI Safety Layer When we built the AI safety layer for As You Wish (AYW), we faced a choice: keep it proprietary or open-source it to help the community. Here's why we chose the latter (and why it made our platform stronger). If you're building AI-assisted development tools, you need: Input validation (sanitizing prompts, preventing injection) Output filtering (catching u
If you want to Automate GitHub PRs, the real goal is not just adding another bot comment to a pull request. The goal is to give reviewers the context they usually have to gather manually: who owns the service, whether it is deployed, whether basic repository standards are in place, and whether the change looks safe to merge. A useful AI pull request workflow can do exactly that. When a PR opens, i
How I Used GitHub Actions to Auto-Publish to AMO on Every Release Manually uploading extension files to AMO (Mozilla's Add-On Observatory) is tedious. After the fifth time forgetting to increment the version number, I automated it with GitHub Actions. Here's exactly how I set up the pipeline for the Weather & Clock Dashboard extension. Trigger on new GitHub release Validate the manifest version
In Q3 2024, our 12-person platform engineering team reduced confirmed security incidents by 41.7% (from 72 to 42 per quarter) after rolling out Trivy 0.50 for pre-deployment scanning and Falco 0.40 for runtime detection across 142 production microservices. We didn’t rewrite our CI/CD pipeline, we didn’t hire a dedicated security team, and we didn’t spend a dime on enterprise security tools. Here’s
Your generic linter doesn't know the difference between a Server Component and a Client Component. MergeWell does. We've all been there. You open a pull request at 4 PM on a Friday. Your teammate glances at the diff, sees it's a Next.js change, and approves it — because honestly, who has the bandwidth to reason through every App Router edge case under deadline pressure? So you merge. And Saturday