Dev.to·Wednesday, December 17, 2025

Dev.to - Wednesday, December 17, 2025

10 stories~15 min

Listen to this episode

Hear all 10 stories summarized and read aloud.

▶Play on Tera.fm

Stories Covered

How to Prepare for Q1 Performance Reviews Right Now

The year is almost over. You've shipped code, solved problems, and made an impact. Now comes the hard part: remembering what you actually accomplished. This is the critical window. Right now, while 2025 is still fresh, your memories are clear and your context is available. In three weeks when everyone returns from the holidays, motivation vanishes and memory fades fast. The achievements you took for granted in December will feel like ancient history by March. If you wait until Q1 performance rev

Read original →

Fixing Prometheus namespace monitoring

The Setup I’m running a Kubernetes cluster with Prometheus Operator and a pretty standard discovery pattern: ServiceMonitor objects Namespace-based scrape selection Grafana dashboards and Alertmanager rules downstream The key piece is that Prometheus only scrapes namespaces with a specific label. Here’s a simplified version of the ServiceMonitor: apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: name: app-servicemonitor spec: selector: matchLabels: app: payments

Read original →

I built a QR Code API and here's what I learned

Last month I needed to generate QR codes server-side for a client project. I tried a few existing APIs and... wasn't thrilled. One charged $49/mo for basic features. Another had a 100-request limit before demanding a credit card. Most had SDKs that felt like they were written in 2012. So I built my own. And then productized it. Dead simple. One endpoint: curl "https://api.qrcodeapi.io/generate?data=https://dev.to&size=300"Returns a QR code. That's it. Options: format - png, svg, or base64 size -

Read original →

How We Built Mathematically Provable Smart Contract Security with Lean4

A deep dive into formal verification of 33 multi-chain smart contracts across Ethereum, Solana, and TON using Lean4 theorem prover How We Built Mathematically Provable Smart Contract Security with Lean4 TL;DR: We formally verified 33 smart contracts across 3 blockchains using Lean4, proving 100+ theorems covering consensus safety, solvency invariants, and quantum resistance. Here's how we did it and why it matters. In 2022 alone, over $3.8 billion was lost to smart contract exploits. The Ronin B

Read original →

What I Learned Building and Maintaining a Free Tools Website as a Developer

It was a free tools website. No logins. No subscriptions. No flashy UI. Just a collection of small utilities meant to solve everyday problems quickly. Building and maintaining it taught me more about product thinking, user behavior, and practical engineering than many larger projects ever did. When I started, the temptation was to build something “impressive.” Advanced features, multi-purpose tools, lots of options. That instinct didn’t last long. What worked better was focusing on single-purpos

Read original →

Cobra in Go: How to Create Easy-to-Use Command-Line Tools

Ever wondered how all the popular CLI tools work? They are all designed in a way that makes them easy and convenient to use. In this article, I will show you the Cobra library in Go, used for building CLI systems with ease! Cobra is basically a Go library to build command-line interfaces, for example, docker run -d nginx. Cobra gives you the following: Commands & subcommands Flags (--name, -n) Help text Shell completion Cleaner structure You can think of the CLI interface like the tree below: cl

Read original →

Testing AI Systems: Handling the Test Oracle Problem

AI systems are typically a blend of AI components, such as machine learning models, and non-AI components, like APIs, databases, or UI layers. Testing the non-AI parts of these systems is similar to testing traditional software. Standard techniques like boundary testing, equivalence partitioning, and automation can be applied effectively. However, the AI components present a different set of challenges. Their complexity, unpredictability, and data-driven nature require a specialized approach to

Read original →

Turning Small Python Scripts into Real, Usable Tools

Hey everyone 👋 Something I’ve realised recently is that a lot of useful ideas never go anywhere because they stay as “just scripts”. They work… but only for the person who wrote them. So lately I’ve been focusing on a simple question: How do you turn a Python script into something anyone can actually use? 🧠 What I’m Exploring Right Now Turning Python scripts into standalone Windows executables Automating repetitive tasks and workflows Making small tools that don’t require users to install Pyth

Read original →

From Chaos to Perfect Flow: My Experience Automating a Massive Real GitLab Migration (4,000 Repos)

Migrating thousands of repositories can feel like one of those nightmares that wake engineers up in the middle of the night. But for me, it became one of the most transformative experiences of my journey with DevOps and automation. Why This Migration Needed to Happen GitLab Community Edition works well in the beginning. But as teams grow, repositories multiply, and CI/CD volume explodes, clear limitations appear: lack of governance inconsistent configurations heterogeneous runners unstable pipel

Read original →

🛡️ Building a CASB‑Like Threat Monitoring Lab in AWS (Beginner Friendly)

⭐ Why I Built This Project (Project 3 of 6 — CASB‑Like Monitoring with GuardDuty + CloudTrail) Instead of studying cloud security concepts in isolation, I’m using real job descriptions as a roadmap and building hands‑on projects that map directly to what employers expect in cloud security, cloud operations, and security engineering roles. This 6‑part series focuses on practical skills such as: Identity hardening and MFA enforcement IAM governance and access reviews Continuous monitoring of c

Read original →