Skip to main content

Notes from shipping code

Deep-dives on the problems I've debugged, the patterns I've extracted, and the decisions I'd make differently next time.

Posts

A browser window loading a cached page shell served by a service worker

Why a service worker serves stale chunks after a deploy

A correct fix looked broken across four rebuilds. The service worker served stale HTML pinning old chunk URLs. Network-first for HTML fixes it.

2 min read
Two dark rounded UI badges side by side on a soft neutral surface, the left a clean deep red and the right a muddier maroon gradient

Test the tokens you demo, not just the ones you ship

A jest test guarded WCAG contrast on my shipped theme. Storybook rendered a second stylesheet it never parsed, and the demo had drifted to 4.53:1.

3 min read
A grid of color swatches, each labeled with its WCAG contrast ratio, several flagged as failing

Unit-testing design tokens for WCAG contrast

Manual review flagged three contrast issues. A jest test that parses the theme CSS found nine, including a 2.54:1 that had shipped.

3 min read
Industrial pipeline valves and pressure gauges in a control room

Operating LLM Pipelines in Production

Versioned prompts in cache keys, shadow runs before flipping, async LLM tasks as rows that fail. The unglamorous parts of production AI.

5 min read
Three stacked wooden blocks on a light surface

Three tiers of Claude Code in CI

Read-only review, constrained auto-fix, and interactive @claude. Each tier has its own trigger, scope, and loop guard.

3 min read
Industrial pipes and valves in a mechanical room

Pooling Playwright browsers across FastAPI scans

A persistent Chromium instance with idle-timeout shutdown eliminates per-scan browser launch while isolating cookies via fresh contexts.

2 min read
A row of stamped-red boarding passes lined up on a counter

Eight Failed Deploys to Ship FastAPI + Playwright on Railway

Eight red deploys in a row shipping a Python audit service to Railway: uv grabbing Python 3.14, /root perms, Playwright browser paths, and a glob that broke.

4 min read
Two pairs of almost-identical shoes resting side by side on a bench

The Parity Harness That Caught a Silently Broken Service

I wrote a parity harness to de-risk a Node to Python scan service port. It caught the existing Node service silently returning perf=0 on every URL.

3 min read
Stage curtains half-drawn over an empty rehearsal space

asyncio.gather Is Not Enough for a Sync Client

A job poller stuck at 48 seconds. asyncio.gather did nothing. Batching plus asyncio.to_thread cut it to 8 seconds without a new library.

3 min read
A steel padlock on a weathered green door

Hardening an Admin Login: IPs, Timing, and a JWT Cookie

Spoofed x-forwarded-for, timing-leaky password checks, and a password gate per dashboard. Four small fixes that turn a toy login into a real one.

4 min read
Two different tools resting on the same workbench

Running a uv Python Workspace Inside an Nx Monorepo

Adding a FastAPI service to a pnpm-based Nx monorepo without teaching Nx to understand Python: uv workspace, Docker from root, dedicated CI job.

3 min read
A clean architectural doorway dividing two rooms

A (public) Route Group So Admin Pages Render Bare

Lifting Nav and Footer into a Next.js route group so every /tools/admin route inherits none of the public chrome, and the one broken 404 that followed.

3 min read