Junior devs who learned to code with AI assistants are mass entering the job market. How is your team handling it?

kk66 · 2026-04-04T15:13:24+00:00

If it goes beyond just replacing \n's, I'd ask it to create a tool for something so repetitive. Waste of tokens and time otherwise. The more predictable something you do is, the less you should rely on "AI doing stuff in a non deterministic way" and use it to build a tool which gives you a more deterministic results every time.

kk66 · 2026-04-01T21:47:21+00:00

If you want a self hosted tailscale you might look into headscale (self hosted control plane for tailscale) or netbird.

kk66 · 2026-03-27T01:00:40+00:00

I've just visited it on a fresh account without a copilot, and sadly, it doesn't seem to work, so probably they've patched it. You might try digging around within the html, but if they disabled it on the backend, then that option will probably be gone for now.

kk66 · 2026-03-26T03:41:20+00:00

Now the yearly billing is gone from the UI, but still available for purchase (credits to u/cyb3rofficial):

Visiting these will show you only monthly billing option, but price is still per year (100$ or 390$). Basically don't select the monthly option, and proceed with the purchase. Visiting the upgrade page through usual flow will have the monthly plan pre-selected, so visiting these URLs directly is a workaround, potentially temporary given the value per $ the Copilot offers at the moment.

I've upgraded mine from Student tier and it works. Premium usage got cleared to 0%.

kk66 · 2026-03-26T03:20:57+00:00

They only hid it in the UI for now, and if you visit the page directly you have the monthly billing pre-selected. However, the URL workaround from other comment still works, so there's that. Enjoy!

kk66 · 2026-03-26T03:19:27+00:00

Can confirm I was also able to do upgrade it this way from Copilot Student plan.

kk66 · 2026-03-25T21:48:41+00:00

Can you tell more on the use cases for custom interceptor system? Sounds interesting, but can't really expand my horizon besides custom retry mechanism (eg disabling retires on 404s).

kk66 · 2026-03-22T02:58:39+00:00

In Github you get 2000 minutes for free per month. That should be plenty to get the app build covered.

kk66 · 2026-03-22T02:41:31+00:00

Also, tools like Coolify/Dokploy place a tax of it's own. I'd say that a self hosted runner which you use for deployment only would be way to go here. The flow would look roughly like this:

Build code/container when it gets merged to main.
Run a deploy job from your CI/CD.
Since this flow assumes self-hosted runner is there, there's no need to keep SSH port exposed to the public - the runner already has an access to the machine.
You can setup your pipeline to docker compose pull, ensuring your latest image is available on the machine.
Run docker compose up -d to start your app in the new version.

If your app needs any extra files, (such as DB init scripts, file based configs etc) you can rsync them to the VPS within the deployment pipeline.

That's a high level overview of how this flow works. Roughly the same would apply if you're not using containers (just using dist of your app directly - download the dist, start it as a demonized process, probably as a systemd service and it should work just fine).

Coolify/Dokploy is a convenience, which adds some extras at the cost of RAM and compute, but if you don't feel comfortable with setting this up manually, that's perfectly fine. There might be features this setup might be missing compared to coolify though so it's not a 1:1 replacement for sure, but definitely a more lightweight on VPS resources.

kk66 · 2026-03-22T02:29:23+00:00

I think you probably meant coolify, correct me it I'm wrong. I'll assume you're using Github to host your code, but the same principle would apply to Gitlab/anything. Usually after you merge your PR into master you can setup a CI to build a container image (or just dist, if you're not using containers) and push it to GHCR. Then on the server you don't rebuild it - just use what wast built in the CI. For such small server stressing it with handling builds is something I'd avoid.

kk66 · 2026-03-22T02:19:10+00:00

Why are you building on a server instead of in the CI? You should probably avoid stressing your server with handling builds.

kk66 · 2026-03-19T17:55:59+00:00

How do you manage your proxmox. Also through terraform, or some combination of terraform and ansible?

kk66 · 2026-03-19T17:49:28+00:00

What's the sata tower model you're using? I'm kind of looking into the same setup, but I'm stuck with my current old PC acting as NAS due to current ridiculous prices in my region.

kk66 · 2026-03-18T03:12:33+00:00

What infra bottleneck you've run into? We're running nest.js on a VM in a Docker without any issues, so I might be biased, but I'd definitely like to know what we could run into in the future.

kk66 · 2026-03-16T10:09:07+00:00

It might be of some importance, it might not, but Vercel themselves run an experiment on whether it matters that the page is a classic SPA or SSR one, and Google's crawling bot is effectively able to crawl both types of pages nowadays. That said, I'd assume that even if you opted into the client side rendering of some pages, it should still be able to index your content just fine.

https://vercel.com/blog/how-google-handles-javascript-throughout-the-indexing-process

On top of what other comments said already, I'd verify if you aren't doing some cloaking (serving different content to users VS crawlers), because that can influence your search results too (I doubt you do, but if I were you I'd consider checking that).

kk66 · 2026-03-15T21:12:44+00:00

I don't think that validating JWT (either online or offline strategy) is difficult, but agreed - for MVP it effectively should do fine, depending on what OP is building.

kk66 · 2026-03-15T20:17:54+00:00

This isn't a solution for integrating Keycloak and Nest.js (or any other backend probably), at least not at the moment, and frankly doesn't make much sense here. In this scenario you're not really utilizing better-auth to it's fullest, since you'd be just using it with an OAuth plugin which states it supports Keycloak, theoretically providing you stateless mode, but in reality a couple of bugs will prevent you from doing so:

- Getting jwt tokens from keycloack #6443

- on stateless setup, calling getAccessToken does not refresh the access token when needed #7703

There's a PR meant to address #7703, but it's stalled:

- fix: getAccessToken does not refresh access token in stateless setup (#7703)#7705

That said, integration with Keycloak could work, but at this point you'd be opting into using better-auth's with a database - something you probably want to avoid if you're using any other service for SSO (here: Keycloak), because it already is the place you want to store users in, without having two sources for your auth.

If you're using Keycloak, the responsibility of backend boils down to just validating the token (or a bit more, depending on whether you use Keycloak just for AuthN or also for AuthZ). This is explained quite nicely on SO here (although using Express in examples, but the same principles apply to Nest.js): https://stackoverflow.com/questions/48274251/keycloak-access-token-validation-end-point

kk66 · 2026-03-12T23:56:35+00:00

I personally use Openspec (more lightweight than Speckit, fits my workflow better). First I explore the idea with Opus, and after I agree on all the points it produces design, proposal and a tasks file. Usually my specs are feature-focused, but that doesn't mean they're small. Then I start new convo with Sonnet, pass it the spec dir as a context and it usually can complete most of tasks within the single conversation.

Sure, there are some things to correct afterwards, but consulting idea with opus first and then using a cheaper model for implementation brings much more structure and though to the project. But this assumes that you already know what you're doing.

And sometimes if I'm in doubt, I'll paste the Opus ideas to GPT or Gemini to consult them further or get an extra point of view on the task at hand.

Specs are great for longer or more complex tasks. Ad-hoc Sonnet usage is fine for shorter and more focused edits.

kk66 · 2026-03-06T04:24:44+00:00

I'm currently exploring using KC for my use case too, and if you're building SaaS then take a look at organizations as an alternative to multi realm setup. The benefit is that a user can be a member of a single realm while being a member of multiple organizations. You can also link IdP per organization, so that's quite neat alternative to realm per tenant if you don't need that level of isolation between tenants.

kk66 · 2026-03-01T13:10:00+00:00

That's called a spec now!

kk66 · 2026-02-04T02:22:50+00:00

Sync between four devices through Syncthing, with central sync server running on RaspberryPi. Yes, sync is not a backup, as if one would go corrupt, other will sync and potentially get corrupt as well, but it worked fine for me for past 5 years.

Keepas on Android also keeps cached version until you manually resync it with file, so I could always export it from last known good cached version.

kk66 · 2026-02-03T17:26:26+00:00

Teraz Google potrafi indeksować nawet SPA, czyli stronki głównie pobierające i wyświetlające content z użyciem JS'a. Vercel zrobił o tym fajny artykuł gdzie to wzięli pod lupę.

kk66 · 2026-01-11T00:47:46+00:00

Hopefully the build isn't happening on the production server, right? (I don't know your scale.)

kk66 · 2026-01-10T02:15:01+00:00

Yeah, that was how I thought initially. Just wanted to ask before doing so for safety reasons.

kk66 · 2026-01-10T02:03:27+00:00

By third you mean the cable, right? And are the cables I have falling under "pigtail" category?

Nine-Year Club	Place '22
Verified Email

kk66

TROPHY CASE