The Autonomous Paradox In 2026, we’ve moved past simple chatbots. We are building Production-Grade RAG pipelines and autonomous agents that can plan, execute, and iterate. But as an architect, I’ve noticed a glaring hole in our "Agentic" future: Identity Sprawl. We are giving agents non-human identities (NHI) with "Full Admin" permissions just to ensure the RAG works smoothly. We are effectively
TL;DR You can integrate Azure DevOps with GitHub to get the best of both worlds in Power Platform development. ADO stays as the backbone: work items, sprint planning, test plans, and deploy pipelines all remain on Azure DevOps. Code moves to GitHub: Power App Code Apps or Power Pages SPA live in GitHub repos, unlocking native GitHub Copilot integration and the Copilot Cloud Agent. The two platfo
What if your Kubernetes cluster simply refused to run unsigned images? I spent some time experimenting with enforcing image provenance in a small Kubernetes setup using MicroK8s. The idea was simple: Only container images with valid cryptographic signatures are allowed to run in the cluster. For this I used: GitLab CI/CD (build + signing pipeline) Cosign / Sigstore (image signing) Kyverno (admissi
Building a Full-Stack Habit Tracker with Claude Code - Part 2: Polish, Testing & Deployment Taking the habit tracker from MVP to production-ready with categories, analytics, comprehensive testing, and Vercel deployment In [Part 1], we built a fully functional habit tracker MVP in about 6-8 hours using Claude Code as our AI pair programmer. We had: ✅ Basic CRUD operations for habits ✅ Date-based
Testing Firefox Extensions with Playwright: End-to-End Testing Guide Extension testing is one of those things everyone knows they should do but few actually do. I've been using Playwright for end-to-end tests on the Weather & Clock Dashboard extension and it's changed how I think about extension quality. Unit tests don't cover the biggest failure modes: Does the extension actually load in Firefo
The most basic concept in test doubles is the dummy. When testing a function, there are usually two kinds of input: Meaningful input Data that affects the result of the function. Dummy input Data that is required by the function, but does not affect the behavior we are testing. Below is an example of meaningful data vs dummy data. This is a calculateShipping function: function calculateShip
Your application fetches a URL. The user supplied it. Your server makes the request, follows the redirect, and returns the content. The URL pointed to http://169.254.169.254/latest/metadata/iam/security-credentials/production-role. Your application just handed the attacker your cloud credentials. SSRF lets an attacker trick your server into making requests on their behalf — to internal services, c
How to Test Firefox Extensions Without Publishing: Local Development Tips Publishing to AMO every time you want to test a change is slow and painful. Here's the full toolkit for local development. The fastest way to load your extension: Open Firefox and go to about:debugging Click This Firefox in the left sidebar Click Load Temporary Add-on... Navigate to your extension folder and select manif