eric/kestrelsnest-blog
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix Production Safety Checklist callout formatting

Browse Source 
Added bullet points to preserve line breaks in the Production Safety Checklist callout for better readability.

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
Eric Wagoner
2025-09-22 20:19:19 -04:00
parent 0e760584f9
commit b8b663d64b
1 changed files with 49 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

77
content/posts/2025-09-22-lessons-from-the-solo-developer-trenches.md
View File

@@ -26,7 +26,9 @@ slug: locallygrown-lessons
_Advanced Developer Tools, Real Tradeoffs_ _Advanced Developer Tools, Real Tradeoffs_
> **Note:** This isn't about the "AI" that generates blog spam or copies artists' styles. This is about a new generation of developer tools that understand code structure, maintain consistency, and amplify human expertise rather than replacing it. {{< callout type="info" title="Important Context" >}}
This isn't about the "AI" that generates blog spam or copies artists' styles. This is about a new generation of developer tools that understand code structure, maintain consistency, and amplify human expertise rather than replacing it.
{{< /callout >}}
--- ---
@@ -195,8 +197,12 @@ Me (next day): "Another DB call in a route. Are you even reading CLAUDE.md?"
Claude: "I apologize, I should have used the UserService..." Claude: "I apologize, I should have used the UserService..."
``` ```
{{< callout type="warning" title="Pattern Recognition Limitation" >}}
If Claude were a human intern, I'd have fired them for repeatedly ignoring the CLAUDE.md rules: DB calls in routes, inconsistent naming, bypassed service layers. But as a research assistant, test generator, and documentation writer? The value far outweighed the frustration of constantly correcting architectural violations. If Claude were a human intern, I'd have fired them for repeatedly ignoring the CLAUDE.md rules: DB calls in routes, inconsistent naming, bypassed service layers. But as a research assistant, test generator, and documentation writer? The value far outweighed the frustration of constantly correcting architectural violations.
**Key Lesson**: These tools excel at specific tasks but struggle with consistent architectural patterns. Use them for their strengths, but maintain strict human oversight for system design.
{{< /callout >}}
By the end of week 3, we had: By the end of week 3, we had:
- **27 TypeScript services** matching Rails models - **27 TypeScript services** matching Rails models
@@ -262,7 +268,9 @@ Me: "Perfect! And we'll set a deadline 6 months out for forced reset
This wasn't a real discussion. Claude doesn't truly understand the human impact of forcing password resets on farmers at 5 AM trying to print harvest sheets. But the rubber ducking process (and yes, rubber ducking with actual rubber ducks works for a reason) helped me think through an elegant solution. This wasn't a real discussion. Claude doesn't truly understand the human impact of forcing password resets on farmers at 5 AM trying to print harvest sheets. But the rubber ducking process (and yes, rubber ducking with actual rubber ducks works for a reason) helped me think through an elegant solution.
The result: **Zero support tickets** about passwords during migration. Users never knew their security was being upgraded behind the scenes. {{< callout type="success" title="Migration Success" >}}
**Zero support tickets** about passwords during migration. Users never knew their security was being upgraded behind the scenes. The seamless password upgrade system silently migrated thousands of users from MD5/bcrypt to modern Argon2 without a single forced reset.
{{< /callout >}}
### Month 2: The Methodical Page-by-Page Clone ### Month 2: The Methodical Page-by-Page Clone
@@ -560,8 +568,12 @@ Carver: "Designing subscription architecture:
### Why Human Names Matter ### Why Human Names Matter
{{< callout type="quote" title="Philosophy" >}}
Most guides recommend technical names for sub-agents like "css-design-agent" or "auth-flow-agent." I deliberately chose to name mine after real people, and this decision shaped the entire development experience. Most guides recommend technical names for sub-agents like "css-design-agent" or "auth-flow-agent." I deliberately chose to name mine after real people, and this decision shaped the entire development experience.
Every time I worked with Ray, I remembered Ray Eames and the design revolution she helped create. When Agatha found security holes, I thought of Agatha Christie's meticulous attention to detail. These names kept me grounded, aware that I stand in a long line of innovators and problem-solvers.
{{< /callout >}}
First, it was my way of acknowledging gratitude. Every time I worked with Ray, I remembered Ray Eames and the design revolution she helped create. When Agatha found security holes, I thought of Agatha Christie's meticulous attention to detail. These names kept me grounded, aware that I stand in a long line of innovators and problem-solvers. First, it was my way of acknowledging gratitude. Every time I worked with Ray, I remembered Ray Eames and the design revolution she helped create. When Agatha found security holes, I thought of Agatha Christie's meticulous attention to detail. These names kept me grounded, aware that I stand in a long line of innovators and problem-solvers.
More importantly, human names constantly reminded me who this platform serves. This isn't a faceless SaaS product. It's a community platform. My market managers are people with names and stories. The farmers wake up at 4 AM to harvest vegetables. The customers are neighbors feeding their families. I am a person, building tools for people. More importantly, human names constantly reminded me who this platform serves. This isn't a faceless SaaS product. It's a community platform. My market managers are people with names and stories. The farmers wake up at 4 AM to harvest vegetables. The customers are neighbors feeding their families. I am a person, building tools for people.
@@ -699,6 +711,7 @@ Almost every bug in the frantic two weeks after launch traced back to this paral
### No Regrets ### No Regrets
{{< callout type="success" title="Parallel UI Success Metrics" >}}
Despite the complexity and the post-launch firefighting, this parallel approach proved essential: Despite the complexity and the post-launch firefighting, this parallel approach proved essential:
- 15 markets opted into modern UI within first week - 15 markets opted into modern UI within first week
@@ -706,6 +719,14 @@ Despite the complexity and the post-launch firefighting, this parallel approach
- Markets reported some customer confusion, but it was minimal - Markets reported some customer confusion, but it was minimal
- Gradual migration path preserved trust - Gradual migration path preserved trust
The modern front-end fixed LocallyGrown's biggest weakness while respecting its greatest strength: each market's unique identity.
{{< /callout >}}
- 15 markets opted into modern UI within first week
- Mobile usage noticeably increased in first month
- Markets reported some customer confusion, but it was minimal
- Gradual migration path preserved trust
The modern front-end fixed LocallyGrown's biggest weakness while respecting its greatest strength: each market's unique identity. Without the agent orchestra giving me confidence to attempt this parallel universe approach, we'd still be forcing markets to choose between mobile usability and their customizations. The modern front-end fixed LocallyGrown's biggest weakness while respecting its greatest strength: each market's unique identity. Without the agent orchestra giving me confidence to attempt this parallel universe approach, we'd still be forcing markets to choose between mobile usability and their customizations.
--- ---
@@ -930,25 +951,15 @@ Can launch with monitoring for remaining issues.
### Day 7: Cutting Scope to Ensure Stability ### Day 7: Cutting Scope to Ensure Stability
``` {{< callout type="example" title="Real Launch Decision" >}}
Me: "Agents are flagging Paraglide build warnings. Review needed." **Situation**: Agents flagging Paraglide/inlang build warnings
**Problem**: Internationalization library creating compilation noise
**Decision**: Remove entire i18n system 7 days before launch
**Rationale**: "Better to launch with solid English-only than risk instability from unused future features"
**Result**: GO recommendation - Reduced scope = reduced risk
Claude: "Build warnings from internationalization library: This exemplifies a critical launch principle: be ruthless about cutting non-essential features when approaching deadlines. Multi-language support could wait; stability couldn't.
- Paraglide/inlang throwing compilation errors {{< /callout >}}
- Not breaking builds but creating noise
- Library for future multi-language support"
Me: "We're 7 days from launch. This is for future features.
Ripping it out completely. Multi-language can wait."
[Removes entire i18n library and dependencies]
Me: "Better to launch with solid English-only than risk
instability from unused future features."
Recommendation: GO
Reduced scope = reduced risk. Focus on what matters now.
```
### Day 3: Final Systems Check ### Day 3: Final Systems Check
@@ -1008,13 +1019,17 @@ Claude Code doesn't understand business requirements, can't make product decisio
### How to Keep ML Tools Safe in Production ### How to Keep ML Tools Safe in Production
**Write specs first**: Markdown in-repo. Tools get the what; you keep the why. {{< callout type="tip" title="Production Safety Checklist" >}}
**Enforce architecture with lint rules + CI**: e.g., "no DB calls in routes" - **Write specs first**: Markdown in-repo. Tools get the what; you keep the why.
**Require tests for every business logic change**: No exceptions - **Enforce architecture with lint rules + CI**: e.g., "no DB calls in routes"
**Security agent + human review** for auth, payments, data exports - **Require tests for every business logic change**: No exceptions
**Treat generated code like a junior dev's PR**: Review, annotate, refine - **Security agent + human review** for auth, payments, data exports
**Maintain a "red file"** of irreversible actions (deletes, refunds) with extra checks - **Treat generated code like a junior dev's PR**: Review, annotate, refine
**Monitor metrics**: If an endpoint is 10x slower, investigate - **Maintain a "red file"** of irreversible actions (deletes, refunds) with extra checks
-**Monitor metrics**: If an endpoint is 10x slower, investigate
Remember: The human is always the architect, product manager, and quality gatekeeper.
{{< /callout >}}
### 2. Trust but Verify ### 2. Trust but Verify
@@ -1080,9 +1095,15 @@ Explaining problems clearly to Claude forced me to think more clearly. Reviewing
## A Critical Warning: The "Vibe Coding" Disaster Waiting to Happen ## A Critical Warning: The "Vibe Coding" Disaster Waiting to Happen
{{< callout type="danger" title="Critical Security Warning" >}}
I need to address something that terrifies me: YouTube videos of non-technical entrepreneurs using these tools to "build a SaaS in 10 minutes" and then immediately deploying to production. I need to address something that terrifies me: YouTube videos of non-technical entrepreneurs using these tools to "build a SaaS in 10 minutes" and then immediately deploying to production.
Yes, it's amazing that someone with no coding experience can prompt their way to a working demo. But watching them charge customers for these applications fills me with horror. Here's what those videos don't show: Yes, it's amazing that someone with no coding experience can prompt their way to a working demo. But watching them charge customers for these applications fills me with horror.
**These tools can generate convincing-looking disasters** - code that appears professional but contains fatal security flaws, data loss bugs, and liability nightmares.
{{< /callout >}}
Here's what those videos don't show:
### What "Working" Actually Means ### What "Working" Actually Means