https://blog.abhipraya.dev/ppl/part-a/Recent content in Part A: Cognitive Blogs on Daffa AbhiprayaHugoen-us© Daffa AbhiprayaSat, 11 Apr 2026 00:00:00 +0700https://blog.abhipraya.dev/ppl/part-a/monitoring/Sat, 11 Apr 2026 00:00:00 +0700https://blog.abhipraya.dev/ppl/part-a/monitoring/<p>Error monitoring is one of those things that feels optional until the first production bug slips through unnoticed. A user reports &ldquo;the page is broken,&rdquo; you check the server, everything looks fine, and three hours later you discover a background task has been silently failing since the last deploy. This blog covers how we built monitoring that catches those failures before users do.</p> <blockquote> <p><strong>Note:</strong> Our project is hosted on an internal GitLab instance, so we use the term <strong>MR (Merge Request)</strong> throughout this blog. If you&rsquo;re coming from GitHub, MRs are the equivalent of <strong>Pull Requests (PRs)</strong>.</p>https://blog.abhipraya.dev/ppl/part-a/qa/Thu, 09 Apr 2026 00:00:00 +0700https://blog.abhipraya.dev/ppl/part-a/qa/<p>Quality tools are useless if they are not enforced. Our project had SonarQube analyzing every commit, schema fuzzing running against our API, and load tests measuring latency, but every single one of them was set to <code>allow_failure: true</code>. Violations were silently ignored, real bugs slipped through, and nobody noticed because the pipeline was always green. This blog covers how we turned those advisory checks into blocking gates, built automated CI reporting so reviewers could actually see the results, and watched the tools catch a JWT vulnerability, a production crash, and 31 code quality violations that had been accumulating for weeks.</p>https://blog.abhipraya.dev/ppl/part-a/solid/Thu, 09 Apr 2026 00:00:00 +0700https://blog.abhipraya.dev/ppl/part-a/solid/<p>SIRA (Smart Invoice Reminder AI) is a system that automates invoice collection reminders. It monitors payment status, scores client risk using a weighted formula, and sends personalized reminders by email or messaging. The backend is built with FastAPI, Supabase (Postgres via REST), Celery for background jobs, and Redis as the message broker.</p> <p>This blog walks through how SOLID principles shaped the architecture at three levels: the overall layer structure, service-level design patterns, and individual function design. The goal is not to explain what SOLID stands for (there are plenty of articles for that), but to show what it looks like in production code and why certain design choices were made over simpler alternatives.</p>https://blog.abhipraya.dev/ppl/part-a/tdd/Thu, 09 Apr 2026 00:00:00 +0700https://blog.abhipraya.dev/ppl/part-a/tdd/<p>We had 91% line coverage and felt good about it. Then we ran mutation testing and scored 0%. Every line of our service layer was executed by tests, but almost nothing was actually verified. This is the story of how we discovered the gap between &ldquo;code was run&rdquo; and &ldquo;code was checked,&rdquo; and what we changed to close it.</p> <blockquote> <p><strong>Note:</strong> Our project is hosted on an internal GitLab instance, so we use the term <strong>MR (Merge Request)</strong> throughout this blog. If you&rsquo;re coming from GitHub, MRs are the equivalent of <strong>Pull Requests (PRs)</strong>.</p>https://blog.abhipraya.dev/ppl/part-a/tdd-and-qa/Sun, 15 Mar 2026 00:00:00 +0700https://blog.abhipraya.dev/ppl/part-a/tdd-and-qa/<p>We had 91% line coverage and felt good about it. Then we ran mutation testing and scored 0%. Every line of our service layer was executed by tests; almost nothing was actually verified. This is the story of how six advanced testing tools exposed the gap between &ldquo;code was run&rdquo; and &ldquo;code was checked,&rdquo; and what that means for any team relying on coverage as a quality signal.</p> <blockquote> <p><strong>Note:</strong> Our project is hosted on an internal GitLab instance, so we use the term <strong>MR (Merge Request)</strong> throughout this blog. If you&rsquo;re coming from GitHub, MRs are the equivalent of <strong>Pull Requests (PRs)</strong>.</p>https://blog.abhipraya.dev/ppl/part-a/data-seeding/Thu, 12 Mar 2026 00:00:00 +0700https://blog.abhipraya.dev/ppl/part-a/data-seeding/<h2 id="why-database-migrations-need-safety-nets"> <a class="anchor" href="#why-database-migrations-need-safety-nets" data-anchor="why-database-migrations-need-safety-nets" aria-hidden="true">#</a> Why Database Migrations Need Safety Nets </h2> <p>Imagine this scenario: a developer adds a new column to the invoices table, pushes to <code>main</code>, and the CI/CD pipeline deploys it to production. Everything looks fine until the next morning, when the team discovers that the migration also dropped a constraint that was silently relied on by another service. Rolling back means manually writing SQL against the production database at 2 AM.</p>https://blog.abhipraya.dev/ppl/part-a/teamwork-tools/Thu, 12 Mar 2026 00:00:00 +0700https://blog.abhipraya.dev/ppl/part-a/teamwork-tools/<h2 id="why-tooling-is-a-team-problem-not-a-devops-problem"> <a class="anchor" href="#why-tooling-is-a-team-problem-not-a-devops-problem" data-anchor="why-tooling-is-a-team-problem-not-a-devops-problem" aria-hidden="true">#</a> Why Tooling Is a Team Problem, Not a DevOps Problem </h2> <p>Most university software engineering courses teach you <em>which</em> tools to use (Git for version control, Jira for tickets, Docker for deployment). What they rarely teach is <strong>how tools interact with each other</strong>, and what happens when they don&rsquo;t.</p> <p>In a professional environment, a single commit can trigger a cascade: CI runs tests, a Slack bot notifies the team, a coverage report lands in SonarQube, and the ticket moves to &ldquo;In Review&rdquo; on the project board. This doesn&rsquo;t happen by accident. Someone has to build that integration layer, and in a university team, that someone is usually whoever cares enough about developer experience to do it.</p>