A short incident story that looked “minor” until it wasn’t A SaaS team noticed unusual API traffic late on a Tuesday. Nothing dramatic, just repeated calls from a valid integration key that should have been inactive. They revoked that key,…
Author: Ankur Sharma
-
The Query Plan Drift Incident: How We Cut a PostgreSQL P95 from 1.8s to 140ms Without Guessing
A practical PostgreSQL runbook to detect query plan drift with pg_stat_statements, auto_explain, and HypoPG, then fix p95 latency safely with evidence.
-
The Compliance Toggle Incident: A DevOps Automation Blueprint for Policy-Safe Releases in 2026
A true-to-life outage that started with one checkbox At 6:40 p.m. on a Thursday, a payments team enabled a regional compliance flag before a launch. It was a normal step, one they had done in staging all week. Production deploy…
-
The Hydration Mismatch You Only See in Production: A React 19 + Next.js 15 Debugging Playbook
React hydration mismatch debugging for Next.js apps: diagnose production-only errors, fix server/client drift, and choose safe SSR tradeoffs with confidence.
-
The Identity Boundary Mistake: A 2026 Cloud Architecture Playbook for Privacy-Preserving Access Control
A short incident story from a “compliant” platform A consumer app team shipped a new compliance feature in a hurry. They needed age-gated access for one region and implemented it by piping identity checks through their main auth provider, then…
-
The Tunnel-Switch Bug: A Mobile Development Playbook for ETag-Based Sync, Idempotency Keys, and Conflict-Safe Drafts
Make mobile sync reliable under flaky networks using ETag preconditions, idempotency keys, and conflict-safe drafts, with Kotlin and Node patterns that hold up.
-
The Phantom Tap Problem: Frontend Performance Engineering for Trustworthy Interaction in 2026
A launch-day moment every frontend team dreads At 10:12 a.m., a growth team pushed a polished checkout redesign. Visual QA passed, A/B flags were set, and synthetic performance checks looked acceptable. By noon, support tickets started: “I tapped Pay twice…
-
When HTTPS Lies to PHP: A 2026 Runbook for Secure Session Cookies Behind Nginx and Cloudflare
Practical PHP session cookie security behind Nginx and Cloudflare: secure flags, SameSite choices, session_regenerate_id timing, and proxy trust checks.
-
The Timeout Budget Collapse: A 2026 Backend Reliability Playbook for Deadline Propagation and Safe Degradation
A real incident that started with one slow dependency A travel platform had a rough Friday evening. Search traffic was normal, infrastructure looked fine, and none of the core services were down. Still, users started seeing “Something went wrong” on…
-
The Launch-Day API Throttle: An ASP.NET Core 9 Runbook for Partitioned Rate Limiting, Retry-After, and Real Backpressure
ASP.NET Core 9 rate limiting runbook with partitioned policies, Retry-After handling, and practical backpressure patterns to protect API fairness at scale.
-
The Demo That Looked Brilliant but Failed in Production: An AI/ML Engineering Playbook for Outcome-Driven Systems in 2026
A launch story that fooled everyone for 48 hours A mid-sized health-tech company rolled out an AI assistant for clinical admin notes. In demos, it felt magical. It summarized long visits, suggested billing codes, and cut draft time by half….
-
The 9-Minute Deployment That Never Went Healthy: An ECS/Fargate Runbook for Circuit Breakers, ALB Timing, and Zero-Guess Rollbacks
ECS deployment circuit breaker runbook for Fargate: align ALB health checks, grace periods, and rollback triggers so failed releases recover quickly and safely.