Engineering Notes
Essays, field notes & technical reflections
A collection of essays, field notes and technical reflections on building durable software systems, reducing knowledge silos, improving engineering governance, and making complex technology understandable and maintainable.
These texts reflect long-term interests: resilient teams, shared technical knowledge, Open-Source maintainership, platform engineering, security, privacy, and the pragmatic use of AI-assisted development. They are deliberately curated and lightly maintained — every essay carries an originally published date, an updated date when revised, and a status (current, revised, archived, historical) so the reader can tell at a glance which pieces still represent my current thinking.
Drei TYPO3-Extensions, ein Stack: nr-vault verschlüsselt Geheimnisse, nr-llm abstrahiert Provider, t3x-cowriter ist das sichtbare Feature im CKEditor. Warum man so etwas von unten baut – und nicht vom Editor-Button aus.
Long Claude Code sessions get expensive not because individual tool calls are costly, but because large tool outputs stay in context and re-pay cache-read on every subsequent turn — growing quadratically. Three concrete measures (statusline, PreToolUse hook, memory rule) make the cost visible and shift the default toward subagents.
Coding agents prioritize rather than execute fixed checklists, so a single review pass leaves blind spots. Repeated, focused review cycles — at least three passes with different risk lenses — are a cheap, effective mitigation that turns probabilistic generation into reliable engineering.
Wann sich PHP FFI lohnt – am Beispiel eines XLIFF-Imports, der von ORM (~1.400/s) über DBAL Bulk (~5–7k/s) auf eine All-in-Rust-Variante via FFI (~35.320/s) skaliert wird.
Analyse des Shai-Hulud-Wurms im npm-Ökosystem – des ersten bekannten sich selbst replizierenden Supply-Chain-Angriffs in JavaScript – und warum kontrollierte Automatisierung, Container-Isolation und gelebte Compliance die richtige Antwort darauf sind, nicht das Bremsen von Updates.
Praxisnahes Cheat Sheet zum Playwright MCP Server: Was MCP wirklich bedeutet, wie das offizielle Docker-Image funktioniert, wann manuelles Mounting nötig ist und wie sich der Server in Agenten-Editoren und CI/CD-Pipelines einbinden lässt.
A long-arc decision narrative: from self-hosted XMPP/Prosody (2011) through Skype and Slack to a federated [matrix] platform (2019), and why a small-but-growing engineering organisation ended up choosing an open, federated protocol over SaaS chat.
A 2019 internal write-up on adopting HashiCorp Vault as a central secrets store — the problems it solved (scattered network shares, KeePass databases, plain-text docs), the requirements that drove the decision, and the first integrations with Concourse CI and Ansible.
A 2019 principles note on why internal IT exists to enable teams to help themselves — the seed idea behind the later 'Enable, Connect & Innovate' leadership theme.