JUANCHI
HomeCVBlogLabContact
·
Skip to content
JUANCHI
HomeCVBlogLabContact
·
AllExperimentsHistoryOpinionReflectionsTechnologyTutorials

Tag: node-js

3 articles
npm Dependencies: How to Evaluate a Library Before Shipping It to Production
TutorialsTypeScriptpnpm

npm Dependencies: How to Evaluate a Library Before Shipping It to Production

Adding an npm dependency isn't just installing code — it's taking on its maintenance, its attack surface, and its transitive deps. Here's the checklist I run before adding any package to a serious TypeScript project.

9 min140
pnpm workspaces in a monorepo: the setup that survived CI on Railway and the problems the docs don't warn you about
TutorialsTypeScriptpnpm

pnpm workspaces in a monorepo: the setup that survived CI on Railway and the problems the docs don't warn you about

pnpm workspaces is the best option for TypeScript monorepos in 2026. But the happy path in the docs hides three traps that only show up in CI with real deployments: phantom dependencies, broken hoisting on Railway, and script filtering that doesn't filter what you think it does.

9 min168
Rate limiting in web apps: what to protect before picking a library
TutorialsNext.jsTypeScript

Rate limiting in web apps: what to protect before picking a library

Before you install any rate limiting middleware in Next.js, you need to define what asset you're protecting, what abuse you're expecting, and what a false positive actually costs you. The library is the last decision. The policy is the first.

8 min332

Series

Open Data and Creativity
A series of experiments turning Argentine public data into sensory experiences. How to think like an architect when the ideal data doesn't exist — and when it does.
2
Awesome Curated: The Tools
Deep dives into the tools that pass our automated curation system's filter. Each post breaks down a specific tool: why it made the list, when to use it, when not to.
8
Awesome Curated
Building a self-regulating curation system for awesome lists. Weekly GitHub harvesting, cross-source deduplication, Claude-powered classification, and human verdict. Engineering diary.
1
Ver todas →

Clusters

Software architecture

Categories

Experiments93History6Opinion42Reflections18Technology8Tutorials60

Tags

#TypeScript#arquitectura#seguridad#railway#produccion#devops#nextjs#LLM#arquitectura de software#backend#java#agentes-ia#spring-boot#postgresql#infraestructura#claude code#Performance#open source#docker#linux#Claude#ia#java-21#arquitectura-software#observabilidad#productividad#node.js#React#debugging#anthropic#javascript#benchmark#prisma#machine learning#rust#app-router#developer tools#python#spring-security#privacidad#jvm#hacker news#desarrollo#security#orm#ollama#inteligencia-artificial#ci-cd#MCP#git#frontend#producción#npm#server-components#identidad-digital#desarrollo de software#autenticacion#benchmarks#JWT#actuator#pnpm#server-actions#Next.js#monorepo#dependencias#middleware#desarrollo web#supply-chain#devtools#hikaricp#code review#kernel#spring-boot-3#web-performance#AI agents#criptografia#github-actions#concurrencia#deep learning#IA local#react-19#Rate Limiting#optimizacion#openrouter#caching#Inferencia Local#OpenAI#edge-runtime#jakarta-ee#sistemas#Full Stack#contenedores#next-js#flujo de trabajo#logs#tokens#functional programming#sistemas distribuidos#automatizacion#workflow#homelab#vibe-coding#owasp#migration#workspaces#supply chain attack#decision tecnica#database#graalvm#CrabTrap#runtime#aot#pades#jdbc#eidas#Node.js#opentelemetry#docker-compose#Google#Gemma#agentes#autorizacion#jaeger#cloudflare#fp ts#WebGPU#resiliencia#herramientas de desarrollo#Model Context Protocol#query-logging#hardware#xades#rendimiento#cades#dss#buenas-practicas#costos-ia#firma-digital#validacion#AI#mutex#Tutorial#Experimentos#yarn#bun#tooling#historia programador argentino#web-development#Programación#lighthouse#ai tools#WebAssembly#coding-agents#seguridad web#TLS#Browser#github#vscode#accesibilidad#multi-agente#certificados#pki#LLMs#networking#ai-coding#vendor lock-in#sql#zed-editor#Gemini#modelos locales#migracion#automatización#aws#deadlock#dns#video#vulnerabilidades#herramientas IA#datos#costos#developer-experience#prompt engineering#prompts#configuracion#vercel#system-prompt#notion#CLI#API#deuda-tecnica#developer-independiente#latencia#prompt injection#infra#compilador#guardrails#microsoft#costos-api#postgres#backup#pgbackrest#barman#tsgo#toolchain#memory-safety#pytorch#pypi#ubuntu#auditoría#redis#async-rust#tokio#ssr#web-crypto-api#análisis técnico#connection-pool#distributed-tracing#k6#retry#circuit-breaker#micrometer#native-image#n+1#useeffect#suspense#revalidate#java-records#jpa#lombok#healthcheck#oauth#Go#nextjs-16#jakarta-security#zod#result-type#neural networks#Trenes Argentinos#música generativa#containers#beginners#licencias#investigacion#ia-herramientas#race conditions#historia de commits#pgit#FFI#linux kernel#IA institucional#hardware artístico#display neumático#proyectos DIY#análisis de datos#arte y tecnología#válvulas solenoides#Arduino#maker#billing#APIs#overengineering#multi-stage-build#sbom#ebpf#opensnitch#evaluación de modelos#desarrollo local#firewall#AI infraestructura#diseño de lenguajes#ecosistema#adopción tecnológica#sintaxis#datos abiertos#transporte#GTFS#Buenos Aires#creatividad#APIs públicas#SUBE#datos públicos#cryptography#full precision training#multi platform#encryption#llama.cpp#inferencia#pipelines#secrets#compliance#engineering-culture#tokens LLM#cursor#gas town#API anthropic#privacidad IA#costos LLM#legal#formal methods#LLM on-device#iPhone#Gemma 4#mobile AI#MediaPipe#iOS#on-device inference#llm-local#qwen3#claude-opus#modelos-open-weight#llama-cpp#benchmark-real#arquitectura-moe#MegaTrain#codeburn#SPICE#electrónica#osciloscopio#simulación de circuitos#ngspice#PyVISA#inferencia edge#workers ai#durable objects#verificacion formal#modelos-frontier#estrategia#code generation#model export#multi language#TLA+#diseño-de-producto#GPU#entrenamiento de modelos#compiladores#pair programming#aprendizaje#ast#lexer#lenguajes de programación alternativos#brunost#programación en español#nynorsk#Alloy#idioma y código#testing#falsos positivos#TDD#generación de código#confiabilidad#node-forge#diseño institucional#sre#optimización#compresión#Defluffer#emacs#calidad de software#trust#gary bernhardt#threat modeling#ecosistema js#x509#model-spec#captcha#ssl#bots#ai-local#saas#developers#dev-platform#AI Policy#kubernetes#entrevistas técnicas#publicidad#prompt relevance#ChatGPT#ad tech#protocolo#pro plan#pricing#coding assistant#terminal#2025#LLM content ban programación comunidad#reddit programming moderacion#contenido generado ia#autoria original tecnica#comunidades programacion ia#r/programming ban#pensamiento original developers#windows-9x#compatibilidad#sistemas-operativos#wsl#nostalgia-tecnica#google-tpu-v8#vertex-ai#checklist#agentic-era#google-cloud#c++#scion#proxy#cve#parallel agents#async AI agents#correlation IDs#code-analysis#google-deepmind#quality-issues#bitwarden#checkmarx#cargo audit#secrets-management#agent-vault#credential-proxy#llm-tools#calidad-ia#deterioro-modelo#GPT-5.5#OpenAI API#GPT-4o#LLM producción#markdown#plain-text#notas-tecnicas#obsidian#TypeScript 7.0#type inference#isolatedDeclarations#unsafe#production#orquestacion#boot#asahi-linux#apple-silicon#arm64#m2#domain-hijacking#godaddy#infrastructure#dnssec#traces#azure#endpoints#noticias-tech#visualization#pipe#scope-creep#wal-g#integraciones#pg_dump#recuperacion-datos#seguridad datos contratistas IA robo#Mercor breach#seguridad IA#datos entrenamiento#tokens API#wcag#auditoría de seguridad#propiedad intelectual código generado IA#git blame#accountability código IA#copyright IA#LocalSend#AirDrop#transferencia de archivos#Mac#redes#Flutter#amazon-bedrock#iam#typescript-7#aria#typescript 7 beta benchmark#mínimo-privilegio#typescript 6#type-fest#ts-pattern#axe#compiler performance#Ghostty#platform dependency#Forgejo#rfc-6819#clipboard#ux#browser-apis#bugs#phantom-dependencies#alignment#censura-llm#hoisting#pytorch-lightning#ml#huggingface#mantenimiento#jailbreak#guardarraíles#MLOps#spotify#ai-authorship#software-architecture#content-provenance#ddos#canonical#indie-dev#kimi-k2-6#benchmark-llm#coding-ai#gpt-5#herramientas-dev#comparativa-modelos#disaster-recovery#YAML#specsmaxxing#AI psychosis#DeepClaude#DeepSeek#coding#agentic-coding#tar#macOS#deployment#GNU tar#BSD tar#pipeline#Google Chrome#Gemini Nano#IA on-device#AI model install#without consent#browser AI#train LLM from scratch 2025#transformers#costo de IA#RunPod#fine-tuning#deploy-autonomo#DVC#data versioning#lode#diagnostico#tokio-console#node#agentes autonomos#permisos#ml-security#clipboard-api#ios-safari#Go CLI#lsp#haproxy#strace#lakaut#bajo-nivel#transactional#dynamic-linking#elf#ADT#themis#identity#lakaut-id#cifrado#repomix#jakarta-ee-11#análisis de código#package managers#Shadcn/ui#Radix UI#2026#codebase visualization#Edge#desarrollo-software#hardening#post-quantum cryptography#turbopack#quarkus#cold-start#virtual-threads#cache#criptografía#quantum computing#spring-data-jpa#materiales#hidrógeno verde#corrosión#electrólisis#acero inoxidable#ingeniería#discriminated unions#criterio de arquitectura#bambu lab#bambunetwork#impresoras 3d#firmware#lan mode#mqtt#iot#hardware conectado#tool-calling#modelos-pequeños#destilacion#Option type#spring-boot-actuator#sandboxes#testcontainers#freestyle#Either#edge inferencia#grafana-tempo#hibernate#spel#WebLLM#java21#method-security#resilience#TypeScript patterns#arquitectura-web#backoff#jitter#editorial#bulkhead#n-plus-one#pipeline editorial con IA#resilience4j#inferencia en browser#CodeScopeBrief#cds#reflexión técnica#startup-time#IA generativa#logs-vs-traces#Architecture#appcds#nativo digital#juanchi.dev#hooks#api-security#railway deploy#autobiografía tech#memoria#hbm#chips ia#vivado#fpga#yosys#xilinx#drizzle orm#web-security#stack tecnologico 2025#observability#rbac#oidc#onnx#spring-data#Payara#GlassFish#gradient boosting#Patrones de diseño#postmortem#tailwind#package manager#Herramientas#data science#openid-connect#records#sealed-classes#pattern-matching#fp#tsconfig#strict-mode#noUncheckedIndexedAccess#exactOptionalPropertyTypes#use-hook#data-fetching#error-boundary#monitoring#prisma6#WebDev#certificado digital#profiling#async-profiler#jcmd#jfr#cline#vs-code#coding-agent#oauth2#spring-authorization-server#scopes#auditoria#dto#jackson#operaciones#cdi#apis-rest#HyperFrames#HTML#arquitectura-frontend#modelo-mental#rsc#subtlecrypto#tools#isr#pg-stat-statements#Portfolio#schema#sse#bearer-token#servidor#certificados digitales#programacion#software engineering#paseto#gobierno#windows#argentina#version control#session-tokens#jujutsu#YC S25#Twill.ai#PRs#agentes de ia#contribuciones#control de versiones#secretos#cookies#storage#swe-bench#evaluacion#robustez#research-driven-agents#fuse#filesystem#modelos de lenguaje#surelock#bci#als#brainwaves#interfaz cerebro computadora#openbci#eeg#reverse engineering#neurociencia#detección IA#merge de modelos#edge computing#registry-mirror#single-point-of-failure#email#deliverability#gmail#spf#dkim#dmarc#newsletter#apple#watermark IA#on-device#SynthID#m3#apple-intelligence#llama#ai-engineering#video tutorial#beginner friendly#Carrera#Web Vitals#tensorflow#Historia#cpp#Stack#Opinión#mobile#Best Practices#Reflexiones

Popular

  • 01

    pnpm vs npm vs yarn vs bun: The Real Comparison Nobody Gives You in 2025

    1.4K views
  • 02

    TypeScript: The Patterns I Actually Use Every Single Day

    1.1K views
  • 03

    Next.js App Router: The Guide I Wish I Had When I Migrated from Pages Router

    1.1K views
  • 04

    Docker for Node.js Developers: From Zero to Production Without Losing Your Mind

    1.0K views
  • 05

    Your Digital Signing Cryptography Has an Expiration Date: What NIST Published and How to Migrate Your HSM

    1.0K views

Newsletter

One email a week. What I'm learning, building, and breaking.

Digital Native · since 1994

Real code. Unfiltered takes.

32 years in the dev trenches. Here I write what I learned, what I broke, and what nobody tells you in the tutorials.

204posts published
32years of experience
5×posts per week

No spam. Unsubscribe anytime.