24 stories
Django ORM Mastery: Mastering Efficient Database Queries with select_related and prefetch_related
1. Introduction Django's ORM is one of its greatest strengths. It abstracts away raw SQL, lets you express database operations in clean Python, and gets you productive fast. But that convenience comes with a hidden cost: if you're not deliberate about how you fetch related objects, you'll silently g
Escaping Containers Now Threaten Cloud Security Like Agent Workloads
The scary part of an agent-driven container escape is not the container escape. That sounds wrong, so let me be precise. The primitives in Sysdig's latest threat research are not new magic. A mounted Docker socket has been a bad idea for years. Over-permissioned Kubernetes service accounts have been
Twio Picks Vertex AI Search Over pgvector for High-Stakes Production Workload
When we first built RAG at Twio, pgvector was the obvious pick. Our business data was already in PostgreSQL, and dropping embeddings into the same database was the fastest path to a working product. For the first version, that was right. As we scaled, the problem stopped being "how do we store vecto
Dockerfile Builder: a small tool that solves a specific problem
Dockerfiles that pass a casual build check can still fail silently in production when they lack proper layer caching, run as root, or omit health checks. For teams without a dedicated container specialist, arriving at an optimized, secure configuration often means multiple rounds of scanning, tweaki
The Matrix of Real-Time: Building WebSocket Apps for Chat, Notifications, and Live Updates
The Quest Begins (The "Why") Honestly, I was stuck in a loop that felt like rewinding the same scene over and over. I’d just finished a simple chat widget for a side‑project, and every time a user typed a message I’d fire off an AJAX poll every second to see if anything new had arrived. The UI felt
AiFeed24Cloud Monitoring Elevated with GoAccess - Streamlining Server Logs Seamlessly
Part 1: Self-hosting on Jetson Orin Nano Cool! Now that the mini web server is up and running, how can I see web traffic easily? I discovered GoAccess recently, which is a free and open source tool for checking out server logs in real time. There are two way to view it. At first I was happy to just
Indian Engineers Unveil 64-Tool Arsenal for Smarter AI Decision-Making
Built NetIntel: 64 network-intelligence + data tools for AI agents. DNS, SSL, WHOIS, email security, OSINT, structured data extraction — all pay-per-call via x402 on Base. No API keys, no signup. Agents just pay a fraction of a cent and go. Live now 👇 @CoinbaseDev @x402
Automating SSH Key Permission Management to Address Overly Open Access
Almost every user new to SSH hits this wall: WARNING: UNPROTECTED PRIVATE KEY FILE! Permissions 0644 for '/Users/.../id_rsa.pem' are too open. This private key will be ignored. They placed the key in ~/.ssh/, entered the path into the SSH settings, and clicked Connect — only to see this. The fix is
FFmpegKit is retired — here's how to fix your Android build (NDK r26c patch)
What happened On April 1, 2025, FFmpegKit was officially retired and all Could not find com.arthenica:ffmpeg-kit-full:6.0-2 ...you're not alone. Thousands of Android projects broke After digging through build logs, I found a second issue error: implicit truncation from 'int' to a one-bit wide The or
I built an agent health checker, then it flunked itself — here's the audit
What you get: The AOS v0.2 post named four ways production agents fail quietly—and patterns to stop them. This follow-up ships a CLI that scores agents 0–100 on four axes, then shows the real stdout when that scanner failed its own directory. No slide-deck scores; numbers from a live run. I've lost
Indian Web Firms Embrace Secure Cloud Hosting as Default Setup
If you build and maintain sites for clients, you are on the hook for security on properties you may not log into for weeks. A header gets dropped in a redesign, a certificate lapses, a staging subdomain is left exposed. The client will not catch it. You are expected to. Here is a simple, repeatable
AStarGrid2D in Godot 4: the gotchas, and an interactive sandbox
Godot's AStarGrid2D is a ten-minute read and a month of gotchas. The API page is small, you skim it, and then your path comes back empty, your units cut through wall corners, or your weighted swamp gets ignored. None of it is a bug. It's the gap between knowing the method names and knowing which han
Laravel Cloud Apps Get a Boost with Customised Error Control Systems
When you're building a Laravel application, it's tempting to reach for abort() whenever something goes wrong, let's take a flight booking app. trying to check a user in to a flight: abort(422, 'Passenger has already checked in.'); abort(403, 'Boarding has closed for this flight.'); abort(404, 'Booki
Bash: Brace expansion
Somewhere in my storage I keep PDF files with random content just for fun, for about six years now. The funny thing was, I was revising its owner/group/user permissions and some of them were with a different permission than the usual. A simple chmod command like the following would do the trick: chm
Cloud Model SuSiE Bares Soul: 95% Confidence Threshold Explored
Benchmarking the Honesty of Fine-Mapping Credible Sets Fine-mapping has a promise built into its output, and almost nobody checks whether the promise is kept. When you run SuSiE on a GWAS locus, it hands you a credible set: a small group of variants that, at a stated confidence level like 95%, shoul
NOONFALL: An Enchanting Solstice Game Set in an Eternal Twilight City
This is a submission for the June Solstice Game Jam (https://dev.to/devteam/join-the-june-solstice-game-jam-1000-in-prizes-3jla?bb=263597) We built NOONFALL, a short 2D story-action game inspired by the June solstice. The game follows a courier carrying the last fragment of night through a city wher
Most AI Agents Aren't in Production. Here's What Works.
One widely-shared survey says 42 percent of companies already run AI agents in production. The most rigorous source in the field, Stanford's 2026 AI Index, says real autonomous-agent deployment still sits in single digits across nearly every business function. Both numbers were published this year,
Migrating from NextAuth to Better Auth in Next.js (and What the Boring Parts Actually Are)
If you've shipped a Next.js app on NextAuth (now Auth.js), you know it works. The reason people move to Better Auth usually isn't that NextAuth is bad — it's that Better Auth gives you typed, first-class access to sessions, organizations, and database-backed concepts without bolting adapters and cal
Turning a Base M4 Mac Mini Into an Always-On Automation Box
Originally published on danholloran.me For the last year, most of my personal automation has lived on my MacBook Air. Blog cross-posting, content ingest, SEO, accessibility audits and more, all of it running as scheduled Claude skills. It worked great until I traveled. Close the lid and everything s
Why Statistics is the Real Backbone of Data Science
The explosive rise of data science has made one thing clear: everyone wants to build the next groundbreaking machine learning model or deploy an AI that feels like magic. We obsess over coding languages, massive cloud servers, and complex neural networks. But beneath all that sleek, high-tech infras
Inside the CVE List: How Vulnerabilities Get Their ID Cards
Thousands of software bugs are discovered every day around the world. But turning these bugs into an official, globally recognized CVE code (such as CVE-2026-1234) is a rigorous and coordinated process. Who Maintains the CVE List? What are CVE Numbering Authorities (CNAs)? Who are the CNAs? Conclusi
Unlocking Scalability: Inside Cloud's Most Elusive Load Balancing Secrets
The Quest Begins (The "Why") Honestly, I was just trying to keep my tiny side‑project from melting down during a launch‑day traffic spike. I’d thrown together a simple round‑robin proxy, watched the logs fill with 502s, and felt like Neo staring at a wall of green code—confused and a little overwhel
Why I Migrated From GPT-4o to DeepSeek — A Backend Engineer's Notes
Why I Migrated From GPT-4o to DeepSeek — A Backend Engineer's Notes Six months ago, my monthly OpenAI bill crossed four figures and I finally snapped. Not because the cost was unbearable in absolute terms, but because I had a sneaking suspicion I was overpaying for marginal quality gains. So I did w
Cloud Security Alert: Severity-Based CVE Risk Management Takes Center Stage
In large networks, security teams receive hundreds of CVE notifications every day. It is resource-intensive to patch all vulnerabilities at once and immediately. CVE Severity is based on the CVSS (Common Vulnerability Scoring System) system, which measures the risk of vulnerabilities from 0.0 to 10.