Ignacio López

20 things that make your VIBE CODED app a SINKING SHIP : 1/ no rate limiting on API routes > anyone can spam your backend into a $500 bill overnight 2/ auth tokens stored in localStorage > one XSS attack = every single user account compromised 3/ no input sanitisation on forms > SQL injection still works in 2026. your AI didnt tell you that. 4/ hardcoded API keys in the frontend > someone WILL find them within 48 hours of launch 5/ stripe webhooks with no signature verification > anyone can fake a successful payment event 6/ no database indexing on queried fields > works fine at 100 users. completely dies at 1,000. 7/ no error boundaries in the UI > one crash = white screen = user never comes back 8/ sessions that never expire > stolen token = permanent access to that account. forever. 9/ no pagination on database queries > one fetch loads your entire database into memory 10/ password reset links that dont expire > old email in someones inbox = instant account takeover 11/ no environment variable validation at startup > app silently breaks in production with zero error message 12/ images uploaded directly to your server > no CDN = 8 second load times + massive hosting bill 13/ no CORS policy > any website on the internet can make requests to your API 14/ emails sent synchronously in request handlers > one slow SMTP server = your entire app hangs 15/ no database connection pooling > first traffic spike = database crashes 16/ admin routes with no role checks > any logged in user can access your admin panel 17/ no health check endpoint > your app goes down silently. you find out from a client. 18/ no logging in production > when something breaks you have zero idea where or why 19/ no backup strategy on your database > one bad migration = all your user data. gone. 20/ no TypeScript on AI generated code > AI writes confident, wrong, untyped code and you ship it anyway

@lucaslain @ThePrimeagen Jajajajaja! Lei por ahi que ninguno de los dos puede compilar un hello world 😛

@ThePrimeagen @TrueNacho debe ser peor que nuestro port de shared source CLI

so i read through the Anthropic Build A C Compiler article. i must say, the marketing video they released is one of the most dishonest things i have ever seen. truly terrible behavior. Yet these guys are going to be the same ones that will tell you what you can and cannot do with a model.

The company hired me to lead their "Agile Transformation." I don't know what Agile means. Nobody does. That's why it works. I make $425,000 a year. To move sticky notes. From left to right. On a board. The board is digital now. The sticky notes cost $80,000 in Jira licenses. Progress. Day one, I said "we need to break down silos." Everyone nodded. Silos are bad. I don't know why. But destroying them is a career. My career. I introduced "squads." Squads are teams. But disrupted. We disrupted the teams into teams. Different names. Same people. Same problems. But Agile problems now. Agile problems are strategic. A senior engineer asked what we're actually changing. I said, "The mindset." He asked what that means. I said, "It's a journey." He asked where we're going. I said, "Toward agility." He asked what agility means. I pointed at the sticky notes. They were moving left to right. That's velocity. We have velocity now. The VP of Engineering said two-week sprints don't fit their work. I said, "That's waterfall thinking." Waterfall is bad. Like silos. I don't know what waterfall is. But I know it's bad. She stopped talking. Waterfall accusations end conversations. We had a retrospective. In the retro, we discussed what went wrong. Everything went wrong. We put it on sticky notes. Then we moved the sticky notes. Into a column called "Parking Lot." The Parking Lot is where problems go to die. It's full. We don't look at it. That's agile. Velocity is up 40%. I defined velocity. I also defined the points. I also defined the stories. We're crushing it. At the things I made up. To measure. Ourselves. The CEO asked for ROI. I showed a chart. The chart went up. Charts should go up. This one did. I didn't label the Y-axis. Nobody asked. Leadership is confidence. We do standups now. Every day. We stand. For 45 minutes. Standing is agile. Sitting is waterfall. My legs hurt. But we're transforming. The transformation is now "Phase 3." Phase 1 was assessment. Phase 2 was implementation. Phase 3 is "continuous improvement." Continuous means forever. Forever means job security. I'm very secure. My contract was extended. Three more years. For "cultural impact." The culture is confused. But impacted. Agile transformation isn't about being agile. It's about transforming. Continuously. Toward more transformation. The destination is the journey. The journey is billable.

Junior SWE: “Let’s just build one backend and one DB for everything” Mid-level SWE: “We should move this into microservices with separate databases” Senior SWE: “We need sharding, Kafka, CQRS, Redis, S3, and a global cache” Principal SWE: “Can this just be a single service with a read replica” What is the difference? -> Junior chooses a simple setup because: They just want it to work. One codebase, one DB, one deploy. -> Mid-level pushes microservices because: They just learned about scalability, patterns, queues, and want to use everything. -> Senior pushes complex infra because: They are anticipating scale, failures, and traffic patterns that may or may not come. -> Principal comes back to simple because: They have seen how much complexity costs in on-call pain, bugs, incidents, and slow teams. The evolution in your system design thinking is not about tools. It is about your sense of constraints. If you are still learning system design, here is the direction I would give: Note: This is not from an interview point of view, but general learning. 1. Start with the simplest thing that can actually work – Single service, single database, clear API boundaries. – Make sure you can monitor it, debug it, and deploy it safely. 2. Learn how systems fail before you learn how they scale – Read postmortems. – Study outages of big companies. – Ask seniors why incidents happened and what they would do differently. – You will understand why people are scared of unnecessary complexity. 3. Stop collecting tools, start collecting tradeoffs – Do not just "learn Kafka". – Learn when Kafka is useful and when it is overkill. – Same for Redis, queues, microservices, event sourcing. 4. Always design with 3 time horizons in mind – Today: Can we ship something reliable quickly – 1 year: Can we change this system without rewriting everything – 3 years: If this becomes 10x bigger, can we evolve it instead of replacing it Your goal is not to design the fanciest system. Your goal is to design the smallest system that solves a problem and can grow when it actually needs to. ---------------- Check out my Java+Springboot+Microservices+Design Patterns+System design ebook curated for interviews from here matamgi.com/java-interview…

¿Qué sirve más para aprender: escribir a mano o tipear en la compu? La ciencia confirma que al tipear, tu cerebro entra en "modo automático": estás transcribiendo, no aprendiendo. Cuando escribís a mano, la gran ventaja es justamente que sos más lento. Como no llegás a anotar todo, tu cerebro se ve obligado a filtrar, resumir y procesar la información en tiempo real. Esa fricción es lo que genera nuevas conexiones neuronales. Pero ojo: Si tu objetivo ya no es aprender, sino demostrar o aplicar lo que sabés —como en un examen—, la computadora gana por mucho. Los estudios muestran que al tipear, la nota sube hasta un 17% más, porque eliminás la carga cognitiva de dibujar letras y te enfocás puramente en la estructura y la velocidad de tus argumentos. Pensalo así: escribir a mano es ir al gimnasio y levantar fierros; cuesta, pero construye el músculo. Tipear en el examen es correr una carrera: cuanto menos peso, mejor. Entrená pesado. Competí liviano. Fuente: pmc.ncbi.nlm.nih.gov/articles/PMC10…

The more time students spend on screens, the less they learn. Ed tech does not belong in schools (until it is thoroughly tested & proven to help). Excerpt from Jared Cooney Horvath's excellent new book, The Digital Delusion, in @TheFP thefp.com/p/we-gave-stud…

You split your monolith into 47 microservices. Now you have: - 47 deployment pipelines to maintain - 47 different ways to handle logging - Distributed tracing you don't understand - Network calls that used to be function calls - A debugging nightmare when anything breaks Your "scalability problem"? It was a single slow SQL query. You spent 6 months building a distributed system to avoid adding an index. This is what happens when architects read Medium articles instead of profiling code.

How small is a transistor on a modern processors?

It's time to remove laptops from classrooms. 24 experiments: Students learn more and get better grades after taking notes by hand than typing. It's not just because they're less distracted—writing enables deeper processing and more images. The pen is mightier than the keyboard.

i'm so jealous of the people that get to see oasis in argentina, the crowd is literally INSANE

@liamgallagher @adele_liam Took my 7-yo son, we sang our asses off! Kids love Oasis too! He said it was focking biblical!

@adele_liam Every crowd has been BIBLICAL we do not discriminate there’s not been a bad crowd but Argentina is something SPECIAL it’s a fact

Why some people complain crowd was dead last night? I spent the night awake until 4 am only to see the most biblical crowd in the world and Liam Gallagher confirmed last night too so don’t be silly billy c’mon 🫶 Argentina Argentina 💪🇦🇷🇦🇷

Argentina crowd is on another level

🇦🇷 #oasislive25

Titular ✅ Suiting up for 2026 🇦🇷 #F1

ASML has the best technical marketing team. This video explains in layman's terms how source mask optimization (SMO) works. It's the engineering sorcery behind printing the most advanced chips.

POR FAVOR DIFUNDAN ESTE NOTICIÓN

Something fun we discovered: you can use #Genie3 to step into and explore your favorite paintings. Here's a short visit to Edward Hopper's "Nighthawks".

@freddier Todos los que programamos hace mucho llegamos a la misma conclusión 😎

Mi humilde opinión de años haciendo software: Servir HTML normal, con los datos normales cargados desde el backend usando SQL, sin Javascript, ni lazy loading, ni "backend for frontend", ni server-side render tricks, es: Mejor, Más rápido, Más seguro, Más fácil de mantener.