Loading Secrets at Runtime Without Leaking Them: config(), the Keystore, and runJun 12, 2026·7 min read·18
PinnedHow AWS Nitro Enclaves Prove You’re Running Secure Code: Remote Attestation ExplainedDeveloper’s look at how AWS KMS, Nitro Enclaves, and OpenSSL CMS work together to bring “runtime trust” to encryption & why your data deserves better.Oct 9, 2025·6 min read·72
Retries Are Not a Fix. They Are a Liability.Most retry mechanisms in background jobs are unsafe by default. This is a quick way to find out if yours is one of them.Apr 18, 2026·4 min read·14
Your Background Jobs Are Not Failing. They Are Lying.You won’t see errors. You won’t get alerts. But your system is already losing data.Apr 16, 2026·3 min read·52
Stop Putting Secrets in process.env: Encrypt Env Vars with AWS KMSAfter a CVSS 10.0 RCE (CVE-2025-66478), we stopped trusting process.env. Here’s what I built insteadFeb 21, 2026·10 min read·16
Scaling the Boring Stuff: Sending 10 Million Notifications with a Simple Node.js Job WorkerQueues, backpressure, idempotency, and rate limits explained the way production systems actually behaveFeb 4, 2026·5 min read·63
Handling BigInt in JavaScript: What Happens When You Don’tA practical guide to understanding JavaScript’s numeric limits, how BigInt solves them, and what happens when you miss the fine print.Nov 19, 2025·4 min read·59
Your Node.js AWS SDK v3 App Will Crash in Production Without This maxSockets FixEverything was fine until it wasn’t. Our Node.js app, powered by AWS SDK v3, started freezing during peak traffic. Requests to S3 and DynamoDB hung indefinitely, ECS tasks began restarting, and the logs were a blur of ETIMEDOUT and Socket hang up err...Nov 7, 2025·5 min read·176
