While React Query handles server state, I use Context API for client-side UI state like theme, sidebar visibility, or current user. Each context lives in its own file with a custom hook for consuming it. The context provider wraps the app at a high le

For internal admin endpoints, I often add a network allowlist in addition to auth. The tricky part is deciding which IP to trust: if you’re behind a proxy, you might need X-Forwarded-For, but only if the proxy is controlled by you. The middleware belo

Database best practices ensure reliability and performance. I follow normalization principles—minimize redundancy. Use appropriate indexes—not too many, not too few. Implement constraints for data integrity. Choose correct data types for efficiency. R

Push notifications re-engage users with timely content. I use the UserNotifications framework to request authorization and handle notification delivery. The app must register for remote notifications and send the device token to the backend. When noti

I often need a fast read path for small datasets (like a list of active plans or an allowlist) that updates periodically. Instead of locking on every read, I store a pointer to an immutable snapshot in atomic.Pointer. Reads are lock-free and safe; ref

Typing indicators can be done without a complex protocol. I broadcast a small turbo stream replace to a typing_indicator target when a user starts typing, and another replace to clear it after a timeout. On the client, a Stimulus controller sends “typ

Dry-rb provides functional programming tools for Ruby. dry-validation creates complex validation schemas with type checking. dry-types defines strict types—coercion, constraints, sum types. I use dry-struct for immutable data structures with typed att

Avoid loading whole records when you only need to know if something exists. exists? is good; for complex joins, a scoped select(1).limit(1) can be clearer and keeps the DB workload low.

Jobs should accept simple primitives (IDs, strings), not full objects. It avoids serialization surprises and makes jobs resilient across deploys. This also reduces job payload size.

When latency matters, I benchmark the smallest interesting unit and watch allocations. In Go, a surprising number of regressions come from accidental heap churn: converting []byte to string, building lots of temporary maps, or using fmt.Sprintf in loo

GraphQL makes it very easy to accidentally create N+1 query explosions. DataLoader batches requests for the same resource during a single tick and gives you per-request caching. The trick is scoping: loaders must be per-request, not global singletons,

SaaS applications serving multiple customers (tenants) need data isolation to prevent cross-tenant data leaks. The apartment gem provides schema-based multi-tenancy for PostgreSQL where each tenant gets a separate schema, ensuring complete database-le