The Daily
A note a day on APIs and the realities of shipping web applications. Stuff I've actually learned across 25 years of doing the work.
Sentry: Error Monitoring That Doesn't Cost More Than Your Hosting
Sentry is the first error monitoring tool I've kept running on every project. Here's how I use it and what to watch out for before your bill surprises you.
I've tried a lot of error monitoring tools over the years, and most of them fall into one of two camps: too cheap to be useful, or priced like they're monitoring a Fortune 100 trading platform. Sentry sits in a genuinely useful middle ground — but only if you configure it correctly from day one, because the defaults…
Read the daily →Row-Level Security Is the Audit Log Feature You're Not Using
PostgreSQL's RLS can enforce HIPAA audit requirements at the database layer — where they can't be bypassed by a bug in your app code.
The thing that keeps me up at night on healthcare projects isn't a breach — it's an audit that reveals someone quietly read records they had no business reading, and my application logs are silent about it. Row-level security in PostgreSQL solves a chunk of that problem in a way that application-layer code simply…
Read the daily →ImageKit Is the Cloudinary Alternative I Should Have Found Sooner
After years of quietly absorbing Cloudinary's bills for image-heavy clients, I switched. Here's what I found.
Cloudinary is great. It's also expensive in a way that sneaks up on you. I had a real estate client whose Cloudinary bill crossed $400/month because of listing photo volume, and when I sat down to actually audit what we were using, I realized we were paying enterprise prices for a feature set we were only…
Read the daily →Postgres JSON Columns: When They're a Lifesaver and When They're a Trap
I've shipped both approaches in production. Here's when JSON columns save you and when they quietly wreck you.
I've reached for Postgres JSON columns at least a dozen times in the last five years and been grateful for it maybe half of those times. The other half I was cursing myself six months later when the "flexible" column had become an unmapped wasteland of inconsistent keys and missing data. The choice isn't complicated…
Read the daily →Knock Handles Notification Plumbing So I Don't Have To
I wired up Knock for a client's in-app notification center and stopped dreading the words 'can we add email alerts too?'
Every serious web app eventually needs notifications. Not the "we'll send one welcome email" kind — the real kind, where users need to know when something happened, across whatever channel they prefer, with preferences they can actually control. I've built that system from scratch three times and patched it twice. I…
Read the daily →