Notes & thinking

Writing.

When Your Message Broker Has No Idea What You're Sending

RabbitMQ, SQS, and Kafka will deliver a malformed payload just as faithfully as a valid one. Here is why message contracts belong in the application layer and how I built a package to enforce them in Laravel.

LaravelPHPMicroservicesMessaging
Laravel Package Doctor: Composer Tells You What Changed, Not What It Means

Before a Laravel upgrade you need to know which dependencies are safe, which are abandoned, which are blocked by your constraints, and which will break on the new version. composer outdated tells you none of that. Here is why I built Laravel Package Doctor and how to use it.

LaravelPHPComposerDependency Management
Privacy-First Development: Lessons from Building Tuniri for Children

Building for children changes the privacy conversation. For Tuniri, the strongest privacy feature was not a setting or policy page, but the decision to avoid collecting data in the first place.

PrivacyFlutterMobile
Four Tools That Keep Every Laravel Project Clean

Style fixes, automated refactors, static analysis, and tests that read like specifications. Pint, Rector, Larastan, and Pest are the four tools I install before writing the first feature, and they pay for themselves on every commit.

LaravelPHPCode QualityTestingDeveloper Tools
AI Impact on Developers: Work With It, Not Against It

AI is changing the shape of software work, but the useful response is not panic or blind trust. Developers still own judgment, architecture, debugging, testing, and product decisions.

AI ToolingDeveloper WorkflowSoftware Craft
Prompt Engineering for Software Developers

Prompt engineering for developers is not about clever phrases. A useful prompt works like a small technical brief: role, task, context, issue, constraints, examples, output format, and done criteria.

Prompt EngineeringAI ToolingDeveloper Workflow
Claude Code for Development: The Basics

Claude Code is most useful when treated as a development partner inside the repo. Start with setup, repo exploration, plans before edits, tests, diffs, settings, and reusable skills.

Claude CodeAI ToolingDeveloper Workflow
When to Split a Laravel Monolith

A monolith is not a mistake by default. Split a Laravel application when boundaries, data ownership, scaling pressure, and failure isolation are clear enough to survive the cost of distributed systems.

LaravelArchitectureMicroservices
Workplace Security Starts with Boring Habits

Most workplace security failures do not start with a sophisticated breach. They start with an unlocked device, a convincing message, a shared password, or software installed from the wrong place.

SecurityWorkplaceDeveloper Workflow
GDPR for Product Teams: What Actually Changes How You Build

GDPR is not just a privacy policy problem. It changes what data you collect, which defaults you ship, which vendors you trust, and how deletion, exports, and notices work in the product.

PrivacyGDPRCompliance
COPPA for App Teams: The Product Decisions That Create Risk

COPPA is not just a policy problem for obvious kids' apps. It changes how child-directed and mixed-audience products handle age, parental consent, third-party SDKs, retention, and basic product scope.

PrivacyCOPPACompliance
Structuring Laravel API Responses at Scale

Every Laravel project reinvents the same JSON envelope. Here is why that happens, what a consistent response layer looks like, and how to stop making the decision twice.

LaravelPHPAPI Design
Offline-First Architecture in Flutter

Most apps treat offline as an edge case. For Tuniri, offline was the architecture. What that means in practice — data layer, encryption, sync avoidance, and what I learned shipping it.

FlutterMobileArchitecture
Why I Reach for Astro on Static Sites

After years of reaching for React or Next.js by default, Astro changed the calculation for static sites. What it does differently, where it still has rough edges, and when I'd use something else.

AstroFrontendStatic Sites