Apr 19, 2026·9 minStop Lying to Your Audit TrailWhy entity timestamps fail compliance, security investigations, and sensitive data access auditing.If your system only records created_at and updated_at, you cannot answer the most important question in a breach investigation: who accessed the data? This article explains why audit trails must be action-based, immutable, and separate from entity timestamps.Software ArchitectureBackend EngineeringSecurity Engineering
Apr 5, 2026·9 minWhat AI Misses: Entity Relationships (Spring Boot 4)Schema isn’t structure. It’s ownership, lifecycle, and transaction boundariesAI can generate perfect JPA mappings, but not the right data model. This post explores how over-normalization and flattening break systems, and why ownership and access patterns must drive your schema.Spring BootData ModelingDatabase Design
Apr 5, 2026·10 minStop Lying to Your Async OperationsAsync makes systems look fast, until unbounded concurrency takes them downAsync code is easy to scaffold, but unsafe by default. This post shows how unbounded concurrency silently exhausts resources and how to design async with backpressure and control.Spring BootConcurrency ParallelismSystem Design
Apr 4, 2026·7 minStop Lying to Your Pagination (Spring Boot 4)When pagination looks correct but breaks contracts, and how to make it consistentSpring Data pagination looks simple, until your API returns results without metadata and your frontend silently breaks. This post shows why Page<T> lies and how to fix the contract properly.Spring BootSystem DesignApi Design
Apr 4, 2026·5 minStop Lying to your Bulk Load (Spring Boot 4)Loading 1M records? It’s a system problem, not a loop.Loading 1M records isn’t a coding problem, it’s an architectural one. This post shows how event-driven batching, async processing, and concurrency control turn fragile startup jobs into resilient systems.Spring BootSystem DesignData Processing
Mar 25, 2026·7 minStop Lying to Your SchedulersStop treating schedulers as job platforms: what real background processing requiresA scheduler is not a job platform. This post breaks down what actually matters when introducing JobRunr into a Spring Boot system—schema ownership, operator boundaries, and why infrastructure should be separated from workflow migration.System DesignSpring Boot Job SchedulingBackground Processing
Mar 22, 2026·8 minStop Lying to Your Auth LayerWhy auth that “looks correct” fails in real OIDC flows across servicesAuth code can compile, type-check, and still fail in real OIDC flows. This article breaks down the hidden integration bugs between React and Spring Authorization Server that only appear in a real browser.Authentication AuthorizationSecurity Engineering
Mar 22, 2026·6 minBackend Patterns for Evolving External Payloads in Spring SystemsTreating external payloads as evolving contracts, not flat dataOne of the most common failure modes in integration-heavy Spring applications is not performance, not scaling, and not even reliability. It is model drift. This article is about a backend pattern for handling that drift in a Spring application without letting the codebase degrade into flat entities and ad hoc mapping logic.Spring BootBackend ArchitectureSystem Design
Mar 17, 2026·3 minEngineering Production-Grade API Clients in Spring Boot> Part 1: Seeting up the API CLientMost backend systems eventually need to integrate with external APIs, such as Payment gateways. Tax validation services. Identity providers. CRM systems, and more.
Mar 13, 2026·14 minStop Lying to Your CI PipelinePR Verification CI Workflow with Github ActionHow to set up and review PR verification pipelines for Spring Boot services, and the patterns that mature teams follow after they learn these lessons the hard way.SpringbootGithub ActionsCi Cd