The cost incident that started this Three weeks after we put our chatbot into production, I opened the OpenAI billing dashboard on a Monday morning and stopped breathing for a second. One session — not one user, one session — had burned through roughly four times the daily budget for the entire app. Over a single afternoon. The session wasn't malicious. It was a test account someone forgot to lo
Just wrapped up the core setup for my e-commerce API (Impextech): Auth, Products, and Users. Everything is running on Node.js, Express, and TypeScript. Instead of just getting it to work, I spent this week focusing on security, keeping the code clean, and fixing some annoyances in my dev environment. Here’s a breakdown of what I built and a few "gotchas" I learned along the way. I split everythin
A LinkedIn recruiter pitched me a remote "Software Engineer at a DEX" project this week. Reasonable comp range, tech stack squarely in my wheelhouse. After a couple of friendly exchanges, she asked me to "review the codebase before the technical interview" and sent me a GitHub repo link plus a Calendly invite for the call. The repo was malware. It didn't get me, but it's something developers shoul
Multi-tenancy is the economic engine of SaaS. Sharing infrastructure across customers reduces cost and simplifies operations. But it introduces a risk that can end your business overnight: tenant data leakage. When one customer can see another customer's data — even accidentally — the consequences are severe. Regulatory fines, contract termination, public disclosure requirements, and irreparable t
MongoDB is a document database that stores data as flexible JSON-like documents instead of fixed rows and columns. It is commonly used for web applications, REST APIs, content management systems, and real-time analytics where the data model changes frequently. This tutorial walks through installing MongoDB Community Edition on Ubuntu 24.04, enabling authentication, creating an admin user, creating
TL;DR: I built ChessDada — a free multiplayer chess platform inspired by old Yahoo Chess. No signup, no download, just instant browser-based chess. Built with Node.js, Socket.IO, and chess.js. Modern chess sites are bloated. Chess.com forces you through signup. Lichess defaults to account creation. The "5-second click and play" experience that made Yahoo Chess legendary in the 2000s is essentially
From Prompt to Production: AYW Workflow Case Study How we built a production-ready customer support chatbot in 6 hours (with full understanding, security review, and audit trails). Build a customer support bot that can: Handle 500+ concurrent users Integrate with Zendesk ticketing Support English + Spanish Maintain audit logs for SOC2 compliance Deploy on AWS with auto-scaling Traditional estim
Hey everyone, I shared this earlier as a CLI to analyse npm packages before installing. Since then, I’ve added something I think is even more useful: 👉 You can now scan GitHub repos before cloning or running them npx guard-install --repo https://github.com/user/repo There’s a growing pattern (especially in crypto interviews / side projects): “Clone this repo and run it locally” Some of these rep