Linkfest #10

Every couple of weeks I send you a curated stack of Internet reading that stayed with me. Culture, technology, science, software. Things that made me pause and think.

This round is heavy on engineering reality. AI is speeding up code and also breaking things. SQLite is faster than it has any right to be. Terminals can still feel instant if you treat them with care. HTML can beat React in the real world. Agents might replace pipelines, but not without tradeoffs. We also get a fight about commit messages, a love letter to systemd timers, a case study in bot detection, a sharp take on how senior developers talk past the business, and a thoughtful look at disappointment as a signal rather than a flaw.

Enjoy! -- Christoph (CTO @ Basilicom)

Ten Takeaways from the AI Engineering Report 2026: The Acceleration Whiplash

https://www.faros.ai/blog/ai-acceleration-whiplash-takeaways

This report analyzes two years of telemetry from 22,000 developers. The headline: AI now writes most of the code in many teams. Throughput is up. Epics and pull requests are up. But so are bugs, incidents, review time, and code churn. Incidents per merged PR have more than tripled in high-adoption teams. Senior engineers spend far more time reviewing plausible but fragile AI output. Strong engineering foundations do not seem to protect teams from this effect. The report calls this acceleration whiplash.

I like that this is based on telemetry, not surveys. The picture is not anti AI. It is about tradeoffs. Output is real. Risk is real. If you are cutting headcount because Copilot looks fast, you should read this carefully. Speed without guardrails moves problems downstream.

How Building an HTML-First Site Doubled Our Users Overnight

https://mohkohn.co.uk/writing/html-first/

A utility company replaced a broken React form with an HTML-first implementation using Astro. Each step was a real page with server-side validation and progressive enhancement. The form worked without JavaScript, stored data on the backend at every step, and met accessibility standards. After launch, completed applications doubled. Analytics had not even seen the users who previously bounced due to JavaScript failures.

This is a strong case for boring technology in high-stakes environments. Public services should work on bad phones and slow networks. Shipping less JavaScript is not nostalgia. It is risk management and respect for users.

Build Agents, Not Pipelines

https://www.seangoedecke.com/build-agents-not-pipelines/

Sean Goedecke compares two ways of using LLMs: pipelines, where you control the flow, and agents, where the model decides which tools to call and when to stop. Pipelines are predictable and easier to budget. Agents are more flexible and can handle harder tasks by looping and gathering more context. He argues that when in doubt, build agents, especially for complex problems like coding.

The framing is helpful. In practice, most real systems will mix both patterns. The cost and latency tradeoffs are real. But the direction of travel is clear: models are being optimized for agency.

Bot Detection Is Dead, Long Live Bot Detection

https://www.kernel.sh/blog/detection

This post walks through reverse engineering Kasada, a commercial bot detection system, in a single afternoon. The author inspects browser challenges, fingerprints, and request flows, and shows how AI-driven browser infrastructure can evade many current defenses. The broader point is that bot detection has become an arms race between increasingly capable automation and increasingly complex detection stacks.

If you run anything public on the web, this should make you uneasy. The cost of pretending bots are solved is high. At the same time, escalating detection adds friction for real users. There is no stable equilibrium here.

100000 TPS Over a Billion Rows: The Unreasonable Effectiveness of SQLite

https://andersmurphy.com/2025/12/02/100000-tps-over-a-billion-rows-the-unreasonable-effectiveness-of-sqlite.html

Anders Murphy benchmarks SQLite against Postgres for interactive transactions. With a billion rows and a power-law workload, SQLite on a single machine hits over 100k transactions per second using batching and savepoints. Postgres performs well locally, but network latency and serializable isolation crush throughput. The lesson is not that Postgres is bad. It is that the network is often the real bottleneck.

This is a good reminder to question default architecture choices. A single well-sized machine with an embedded database can outperform distributed setups for many workloads. Complexity is not free.

Life is Too Short for a Slow Terminal

https://mijndertstuij.nl/posts/life-is-too-short-for-a-slow-terminal/

Mijndert Stuij explains how his zsh starts in about 30 milliseconds. No big framework. No plugin manager. Just three plugins, cached completions, lazy loading for heavy tools like nvm, and an async prompt. He also shows how to measure startup time properly with hyperfine and zprof, and where common delays hide.

This is the kind of craftsmanship that compounds. If you open a shell dozens of times a day, shaving 300 milliseconds matters. More important, it is a reminder that minimal setups age better than layered abstractions you barely use.

How to Deal with Disappointment

https://theconversation.com/how-to-deal-with-disappointment-by-an-expert-in-this-misunderstood-emotion-283508

This piece treats disappointment as a signal, not a weakness. Research shows it often reflects a gap between expectation and reality. In workplaces, unrealistic targets create systemic disappointment that individuals internalize as failure. Naming the emotion and adjusting expectations can make teams more resilient and creative.

In tech, we talk a lot about failure and iteration. We talk less about disappointment. That is a mistake. If you ship software, you will disappoint users and yourself. Learning to read that signal matters.

Why Senior Developers Fail to Communicate Their Expertise

https://www.nair.sh/guides-and-opinions/communicating-your-expertise/why-senior-developers-fail-to-communicate-their-expertise

This essay splits a company into two loops. One loop chases speed to reduce uncertainty in the market. The other protects stability for paying customers. Senior developers focus on managing complexity, but the rest of the business focuses on reducing uncertainty. The communication gap comes from talking about different monsters. The author suggests reframing objections as faster experiments, and proposes separating a Speed system from a Scale system in the age of AI.

The two-loop model is simple but useful. Many technical debates are really about which risk you are optimizing for. Naming that explicitly can reduce friction. Especially now, when AI makes it easy to add code and harder to keep it understandable.

You Don't Love systemd Timers Enough

https://blog.tjll.net/you-dont-love-systemd-timers-enough/

This is a detailed case for replacing cron with systemd timers. Timers integrate with services, have clearer logging, support calendar expressions and relative time spans, and include features like persistent execution, randomized delays, and wake-from-suspend. The author walks through practical examples and useful commands like systemctl list-timers.

If you run Linux servers and still rely on cron out of habit, this is worth a read. Better observability alone is a strong argument. Modern primitives exist for a reason.

Stop Using Conventional Commits

https://sumnerevans.com/posts/software-engineering/stop-using-conventional-commits/

Sumner Evans argues that Conventional Commits focus on the wrong thing. The type of change is placed first, while scope is optional. For developers reading history, scope matters more than whether something is a feat or a fix. He also questions automated changelog generation and semantic version bumps driven by commit prefixes.

I do not agree with everything here, but the critique is sharp. Commit messages are for humans first. If your format optimizes for tooling and harms readability, it is worth revisiting.