Learn how to build a secure AI PR reviewer with Claude, JavaScript, GitHub Actions, Zod, and Octokit. This guide shows how to review GitHub Pull Request diffs safely, block prompt injection, validate LLM JSON output, and post automated review comments on PRs.
Blog
Long-form writing and practical notes from real product and teaching work.
In the age of AI, the Model Context Protocol (MCP) has emerged as a highly lucrative career path for developers. Instead of just writing standard code, developers can now build universal plugins that connect powerful AI models directly to external data sources.
Refactor legacy JavaScript and Node.js code with OpenAI Codex using a safe workflow: map undocumented logic, lock behavior with tests, then modernize CommonJS, callbacks, and outdated patterns step by step. Learn a practical AI-assisted refactoring process that improves maintainability without risky full rewrites.
Benchmark Cloudflare Tunnel vs ngrok vs VS Code port forwarding with a repeatable test plan for HTTP latency, WebSocket stability, and auth overhead. Learn when to use each tool and lock in the fastest, safest localhost-sharing workflow for modern full-stack development.
Fix hidden request waterfalls in Next.js App Router to reduce TTFB and improve real-world performance. This step-by-step guide shows how to detect sequential fetches, use Promise.all, stream with Suspense, avoid nested layout awaits, and apply smart caching for faster production responses.
A practical, story-driven guide to moving UI-driven mutations from /api/* routes to Next.js Server Actions using <form action>, FormData, pending UI with useFormStatus, and server validation—plus the clear boundary for when Route Handlers are still the right tool (webhooks, public APIs, streaming, custom headers).