engineering
3 posts
Article
Your npm install Just Ran Someone Else's Code
Supply chain security is not a dependency problem. It is a trust delegation problem. And the system was never designed to handle the weight.
Article
Why Nobody Reads Your Documentation
Documentation stopped being true and the system had no mechanism to detect the loss. This is not a story about documentation. Not really.
Article
The Database Is the Product
The application was never the product. It was the collection mechanism. The database underneath it was the thing everyone was actually building.