Tag

Notes tagged “dissecting-systems”

Every note filed under dissecting-systems, newest first.

A filtered view of the notes.

2026

  1. The Header That Can't Be Cached

    Cache-Control from first principles — and why a page carrying a CSP nonce must be told never to be stored, not merely "don't cache."

  2. Trust No Script

    Why a strict Content Security Policy is one of the hardest headers to deploy — and how to read a real one with Google's CSP Evaluator.

  3. Can I Use This Library?

    A strict CSP quietly turns every dependency into a security decision. Here is the tree I walk to make it — per library, and across a whole app.

  4. The URL Is the Hash

    Content-addressing on the wire — how the web quietly became a content-addressed store, where fingerprinted URLs and Subresource Integrity are real Merkle edges and the cache that looks most like one isn't.

  5. You Don't Want Separate Repos

    A repository is a database; splitting a subproject out trades a content hash for a version string — and there's only one case where that trade is actually forced.

  6. node_modules Is the Heaviest Object in the Universe

    The same "the hash is the identity" idea that powers a build cache also explains why pnpm stores on disk what npm copies a hundred times over.

  7. There Are No Phases

    Buck2's DICE engine collapses load, analysis, and execution into a single graph — and the decision to rebuild rather than adopt.

  8. The Widest Box Is the Bug

    A flamegraph turns thousands of stack samples into one picture where the slow code is, almost literally, the biggest thing on the screen.

  9. The Build That Restarts Itself

    Inside Skyframe, Bazel's incremental engine — and the strange trick at its heart.

  10. With the Grain

    The original turned a big integer into bytes one byte at a time, fighting the machine. The rewrite went with its grain — whole machine words, packed in C. That structural choice is why it's still ~15× faster fifteen years on, even as CPython sped up underneath it.

  11. Utils Is Where Modularity Goes to Die

    Module boundaries should follow the dependency graph, not your folder intuitions — and "optimal" can be defined precisely.

  12. The Grain of the Machine

    A processor isn't a featureless calculator — it has a shape: words, cache lines, vector lanes. Code that moves with that grain runs many times faster than code that fights it, on the very same data. Here's the shape, and a measured case where the same arithmetic runs 22× slower against it.

  13. The Hash Is the Identity

    Content-addressing in the build cache — content-addressed storage and Merkle trees turn a build cache into a shared resource, so your build is proportional to anyone's change.

  14. A Language That Can't Loop Forever

    Bazel's Starlark forbids unbounded loops and recursion on purpose, and gets analyzability, caching, and parallelism in return. Buck2 quietly allows recursion back — and the split shows which restriction is load-bearing.

  15. A Little Uncertainty Buys a Lot of Space

    Bloom filters trade a small chance of being wrong for an enormous saving in memory — a bargain storage engines take and build systems, so far, refuse.

  16. The Build Is Proportional to the Change

    What every build system is really doing — and the one decision that separates the ones that scale.

  17. Designing an API That Outlives You

    I wrote watchdog in 2010. Fifteen years and three maintainers later it still ships the same public API I designed — here's what made it last.

2025

  1. Everything Is an Action

    The architecture of Firebase Genkit rests on one primitive — a self-describing, observable, callable function — and the whole SDK is layers of specializations of it.

  2. Reading a Codebase

    A method for taking real software apart at the source level — find the one type everything hangs from, extract the algebra, and learn what the designers refused to allow.

Type to search · ↑↓ to move · ↵ to open · Esc to close