Just wrapped up the core setup for my e-commerce API (Impextech): Auth, Products, and Users. Everything is running on Node.js, Express, and TypeScript. Instead of just getting it to work, I spent this week focusing on security, keeping the code clean, and fixing some annoyances in my dev environment. Here’s a breakdown of what I built and a few "gotchas" I learned along the way. I split everythin
I have recently been frustrated by one thing: there is practically no library for caching singleton values. The thing is most caches are designed to keep a lot of things in one caching container. What if I did not need the key-value generic map? So I have decided to create one myself. This was not very painful, but I feel strange that practically no-one has done this before. Sincerely, I am writi
A common problem with a familiar shape: a process can dial outbound to the internet, but nothing on the internet can dial it back. Your dev server on a laptop. A service in a private VPC. A homelab app behind your router. A container in a pod with no ingress. Same shape every time — outbound works, inbound doesn't. rift is a small Go binary I built to solve that. Run it as a server on a VPS you ow
A LinkedIn recruiter pitched me a remote "Software Engineer at a DEX" project this week. Reasonable comp range, tech stack squarely in my wheelhouse. After a couple of friendly exchanges, she asked me to "review the codebase before the technical interview" and sent me a GitHub repo link plus a Calendly invite for the call. The repo was malware. It didn't get me, but it's something developers shoul
Multi-tenancy is the economic engine of SaaS. Sharing infrastructure across customers reduces cost and simplifies operations. But it introduces a risk that can end your business overnight: tenant data leakage. When one customer can see another customer's data — even accidentally — the consequences are severe. Regulatory fines, contract termination, public disclosure requirements, and irreparable t
TL;DR: I built ChessDada — a free multiplayer chess platform inspired by old Yahoo Chess. No signup, no download, just instant browser-based chess. Built with Node.js, Socket.IO, and chess.js. Modern chess sites are bloated. Chess.com forces you through signup. Lichess defaults to account creation. The "5-second click and play" experience that made Yahoo Chess legendary in the 2000s is essentially
From Prompt to Production: AYW Workflow Case Study How we built a production-ready customer support chatbot in 6 hours (with full understanding, security review, and audit trails). Build a customer support bot that can: Handle 500+ concurrent users Integrate with Zendesk ticketing Support English + Spanish Maintain audit logs for SOC2 compliance Deploy on AWS with auto-scaling Traditional estim
TL;DR. golang.org/x/net/idna.Lookup.ToASCII runs UTS-46 NFKC mapping 0-9. A pre-IDNA net.ParseIP check rejects the NO_PROXY lists, TLS-SNI routers, and cookie-domain validators that TrimRight + ParseAddr golang.org/x/net/http/httpproxy, the canonical safe pattern, and two I ran into this one while writing a Go HTTP client for a private project. I idna.Lookup.ToASCII canonicalising the host The sha