https://www.advancingengineering.dev/posts/Recent content in Posts on Advancing EngineeringHugoenTue, 12 May 2026 13:38:59 +0100https://www.advancingengineering.dev/posts/2026-01-sast/Thu, 15 Jan 2026 00:00:00 +0000https://www.advancingengineering.dev/posts/2026-01-sast/<p>SAST tools analyse source code to surface security vulnerabilities before deployment. This empirical analysis shows it decreases CVEs by 8.2%.</p>https://www.advancingengineering.dev/posts/2026-05-justfiles-are-a-joy-to-use/Tue, 12 May 2026 13:08:46 +0100https://www.advancingengineering.dev/posts/2026-05-justfiles-are-a-joy-to-use/<p>Every project eventually grows its own mythology. &ldquo;How do you run the tests?&rdquo; becomes a question answered with a message, a README with outdated instructions, or — if you&rsquo;re truly cursed — a tribal elder who just left the company.</p> <p><code>just</code> ends this. It&rsquo;s a command runner that stores your project&rsquo;s commands in a <code>justfile</code>, right next to your code, where they belong.</p>https://www.advancingengineering.dev/posts/2026-05-anti-patterns-one-language-inside-another/Fri, 08 May 2026 10:54:36 +0100https://www.advancingengineering.dev/posts/2026-05-anti-patterns-one-language-inside-another/<p>Placing one language inside another is one of those anti-patterns that seems harmless until you&rsquo;re trying to lint it, test it, or ask an LLM to reason about it. The moment you embed a language inside a string in another language, its entire toolchain disappears.</p> <blockquote> <p>We <strong>contain multitudes</strong>. Our code should be singular, not polyglot.</p> </blockquote>https://www.advancingengineering.dev/posts/2026-05-standards-skill/Fri, 01 May 2026 00:00:00 +0000https://www.advancingengineering.dev/posts/2026-05-standards-skill/<p>Encoding engineering standards as an AI skill means they get applied consistently, automatically, and can be measured against.</p>https://www.advancingengineering.dev/posts/2026-04-pre-commit-hooks/Wed, 01 Apr 2026 00:00:00 +0000https://www.advancingengineering.dev/posts/2026-04-pre-commit-hooks/<p>Pre-commit hooks catch issues before they reach CI — shifting quality checks as far left as possible.</p> <p>In an AI-assisted workflow this matters more than ever. LLM-generated commits are faster and more numerous; human review bandwidth is the same. Pre-commit hooks are how you define &ldquo;done&rdquo; in a form the machine can check — and the LLM can iterate on.</p>https://www.advancingengineering.dev/posts/2026-03-llm-wiki/Tue, 10 Mar 2026 00:00:00 +0000https://www.advancingengineering.dev/posts/2026-03-llm-wiki/<p>Of course you&rsquo;ve got document stores. But be honest, how much ongoing love do they all have? Is every one of your onboarding guides on point, and how many of the &ldquo;current architecture&rdquo; diagrams show databases that were deprecated before you joined?</p>https://www.advancingengineering.dev/posts/2026-02-permissions/Tue, 10 Feb 2026 00:00:00 +0000https://www.advancingengineering.dev/posts/2026-02-permissions/<p>93% of LLM permission requests are approved. That number should make you uncomfortable. Not because approving is wrong — most of those approvals are fine — but because a 93% approval rate is a signal that you haven&rsquo;t designed your permission model. You&rsquo;ve just been clicking through dialogs.</p> <p>There&rsquo;s also the opposite problem: leaving an agent to work autonomously, then coming back to find it paused, waiting for you to confirm that yes, it can <code>grep</code> a file it&rsquo;s been reading all session. Both failures have the same root cause: permissions set by default, not design.</p> <p>The question worth sitting with is whether you can move faster <em>and</em> sleep better. The answer is yes, but it requires deliberate thought about what your LLM actually needs to do its job.</p>