Get live statistics and analysis of aditya's profile on X / Twitter

.@boltdotnew x @expo cooking both software and hoodies

found it annoying to keep changing the json for my local MCPs so i made a @raycastapp extension to manage them code below ⬇︎

TIL no. 23: @resend x @convex_dev i was working on the waitlist + email confirmation for @readwaveapp and got it up and running within a solid 10 minutes, its incredible to see how these once complex technologies are so easy to work with now. using the convex component, generating a template on new[dot]email, and integrating it into a @nextjs app has made shipping so fast. abstractions enable enough cognitive load to move quickly but i definitely want to dive deeper to have a more ground-up understanding when building scalably

made an site that gives you ideas from arXiv papers built in ~10 min with @ValDotTown's Townie

TIL no. 9: principles of building ai agents the goat @calcsam wrote a book on core concepts and how to build ai agents with descriptions, reasons, explanations, and best of all - code. i’ll do a deeper dive into some of the sections but this is just a high level TIL. the main parts are prompting a LLM (so choosing a model provider, writing great prompts), building an agent (so agents 101, model routing and structured output, tool calling, agent memory), graph based workflows (so workflows 101, branching chaining merging and conditions, suspend & resume, streaming, tracing), retrieval augment generation aka RAG (so RAG 101, choosing a vector db, RAG pipeline), setting up multi agent pipelines (so what multi agents are, agent supervisor, control flow, workflows as tools, combining various patterns), evals (so what evals are, textual evals, other types of evals), development and deployment (so local development, serverless, observability) and everything else like integrations, tool use and MCP, web use, increasing context windows, and inter agent communication. the book is a super quick and great beginner read into ai agent engineering. a great starting point to branch off of and dive deeper. today’s TIL wasn’t anything particular sorry :/ but i pretty much spent 1 min setting up @mastra_ai in my monorepo and hit the ground running building out my agents. legit it was unfair how easy it was - separate TIL post on that (and what i’m building 👀) later. definitely have much more thoughts and learnings to share!

saw someone walk by with a @calcom shirt infinite aura radiated

bolt.new just set a new standard for ai driven development @stackblitz popping off

you can just @magicpatterns things

UI mockup coming together quite nicely 👀 courtesy of and inspiration from @v0 & @magicpatterns

built this in 10 minutes pokereels.vercel.app scroll through to discover various pokémon and their stats. made entirely with @v0

TIL no. 44: authN gotchas been building with @convex_dev, @clerk, and @nextjs recently and just discovered a really great read on some auth best practices to be aware of tldr: authN in convex apps needs to happen at three distinct layers, and missing any of them opens security holes ⋅ server-side auth - nextjs middleware catches requests before they hit your pages. this is your first line of defense but doesn't protect convex directly ⋅client-side auth - react hooks like useConvexAuth() for ui state management. but here's the thing - this is async and can create race conditions where queries fire before auth fully resolves ⋅database auth - convex functions must validate auth internally because convex is essentially a public api. every single query/mutation needs explicit auth checks the race condition problem useConvexAuth() returns a promise, but other react hooks (including convex queries) can execute before auth fully resolves. this means unauthenticated requests can slip through to address this, skip queries until auth is confirmed using convex's "skip" pattern why convex is different unlike traditional setups where your db sits behind your api server, convex is your backend. it's a public api by default, so you can't rely on server-side auth alone to protect database access this means: ⋅nextjs middleware ≠ convex protection ⋅client auth checks ≠ actual security ⋅every convex function needs explicit auth validation instead of copy-pasting auth checks everywhere, wrap your convex functions with custom authenticated versions that automatically handle the auth validation create authenticated react hooks that automatically skip queries when user isn't authenticated use internal functions for sensitive operations. convex supports internal functions that can only be called by other convex functions, not clients. this keeps your attack surface minimal. use these for: ⋅payment processing ⋅admin operations ⋅sensitive data mutations server components vs client components server components can use fetchQuery directly after middleware auth - much simpler auth flow but client components need the full auth checks with hooks and skip patterns some key takeaways: ⋅ auth is a three-layer problem in convex apps ⋅ race conditions are real and will bite you in production ⋅ convex functions are public apis - treat them as such ⋅ invest in good auth utilities early ⋅ use internal functions for sensitive operations ⋅ test your auth flows thoroughly the article by @codingwithjamal goes deep on custom hooks and utilities from convex-helpers too. really solid patterns for making auth both secure and developer-friendly

curious if there are .cursor/rules i can just copy paste into my codebase for @mastra_ai? the mcp seems great but doesn't get picked up/used the way i'd like it to cc @calcsam @smthomas3

stuff in my brain: - @AnthropicAI's Claude Code as a Primitive - human in the loop -> human orchestrating the loop

UI mockup coming together quite nicely 👀 courtesy of and inspiration from @v0 & @magicpatterns

TIL no. 44: authN gotchas been building with @convex_dev, @clerk, and @nextjs recently and just discovered a really great read on some auth best practices to be aware of tldr: authN in convex apps needs to happen at three distinct layers, and missing any of them opens security holes ⋅ server-side auth - nextjs middleware catches requests before they hit your pages. this is your first line of defense but doesn't protect convex directly ⋅client-side auth - react hooks like useConvexAuth() for ui state management. but here's the thing - this is async and can create race conditions where queries fire before auth fully resolves ⋅database auth - convex functions must validate auth internally because convex is essentially a public api. every single query/mutation needs explicit auth checks the race condition problem useConvexAuth() returns a promise, but other react hooks (including convex queries) can execute before auth fully resolves. this means unauthenticated requests can slip through to address this, skip queries until auth is confirmed using convex's "skip" pattern why convex is different unlike traditional setups where your db sits behind your api server, convex is your backend. it's a public api by default, so you can't rely on server-side auth alone to protect database access this means: ⋅nextjs middleware ≠ convex protection ⋅client auth checks ≠ actual security ⋅every convex function needs explicit auth validation instead of copy-pasting auth checks everywhere, wrap your convex functions with custom authenticated versions that automatically handle the auth validation create authenticated react hooks that automatically skip queries when user isn't authenticated use internal functions for sensitive operations. convex supports internal functions that can only be called by other convex functions, not clients. this keeps your attack surface minimal. use these for: ⋅payment processing ⋅admin operations ⋅sensitive data mutations server components vs client components server components can use fetchQuery directly after middleware auth - much simpler auth flow but client components need the full auth checks with hooks and skip patterns some key takeaways: ⋅ auth is a three-layer problem in convex apps ⋅ race conditions are real and will bite you in production ⋅ convex functions are public apis - treat them as such ⋅ invest in good auth utilities early ⋅ use internal functions for sensitive operations ⋅ test your auth flows thoroughly the article by @codingwithjamal goes deep on custom hooks and utilities from convex-helpers too. really solid patterns for making auth both secure and developer-friendly

built this in 10 minutes pokereels.vercel.app scroll through to discover various pokémon and their stats. made entirely with @v0

found it annoying to keep changing the json for my local MCPs so i made a @raycastapp extension to manage them code below ⬇︎

.@boltdotnew x @expo cooking both software and hoodies

TIL no. 9: principles of building ai agents the goat @calcsam wrote a book on core concepts and how to build ai agents with descriptions, reasons, explanations, and best of all - code. i’ll do a deeper dive into some of the sections but this is just a high level TIL. the main parts are prompting a LLM (so choosing a model provider, writing great prompts), building an agent (so agents 101, model routing and structured output, tool calling, agent memory), graph based workflows (so workflows 101, branching chaining merging and conditions, suspend & resume, streaming, tracing), retrieval augment generation aka RAG (so RAG 101, choosing a vector db, RAG pipeline), setting up multi agent pipelines (so what multi agents are, agent supervisor, control flow, workflows as tools, combining various patterns), evals (so what evals are, textual evals, other types of evals), development and deployment (so local development, serverless, observability) and everything else like integrations, tool use and MCP, web use, increasing context windows, and inter agent communication. the book is a super quick and great beginner read into ai agent engineering. a great starting point to branch off of and dive deeper. today’s TIL wasn’t anything particular sorry :/ but i pretty much spent 1 min setting up @mastra_ai in my monorepo and hit the ground running building out my agents. legit it was unfair how easy it was - separate TIL post on that (and what i’m building 👀) later. definitely have much more thoughts and learnings to share!

TIL no. 20: monorepos are a double edged sword working on @readwaveapp and setting everything up via a monorepo to iterate and move fast but dependency management is a borderline nightmare. it shouldn’t be this hard to manage react dependencies (ex in a @nextjs app and a @expo app) - however, i might be setting it up wrong and need to dig into it deeper @turborepo does have great docs and there’s a ton of great content out there from expo but there should be a boilerplate template that includes @biomejs or @geteslint/@PrettierCode extensibly such that it can be easily embedded into a new app or package. with generators it’s easy to create packages but with “npx create(insert tech)” cli commands, itd be nice if things automatically detect these common packages like @typescript configs and extend them cleanly all according to best practices and standard conventions maybe an opportunity to build out too!

TIL no. 37: make apps feel 10x better recently came across a video by @raroque where he outlines 5 tips to make your app feel better: 1. interactions and animations - animate switching page to page - spend time on meaningful smaller animations - smaller intentional animations add up to meaningful ux - vibe code via structure and step by step 2. custom illustrations - have a mascot or simple visuals for empty or loading states - get an artist for base illustrations or use an ai with reference images - animate for more dimension 3. haptic feedback - include vibration (varying levels from light to heavy) depending on a user's action - think about how you can enhance user feedback 4. good icons - pick a good icon pack that represents the vibe/brand/aesthetic you're going for - use thin vs filled vs colored meaningfully 5. elevate your design taste - expose yourself to good design on @x or @mobbin - see how others think about design and production apps use meaningful patterns, pallets, and flows lot of great tidbits to implement into your app to create meaningful user experiences! definitely taking the first animation tip to heart

made an site that gives you ideas from arXiv papers built in ~10 min with @ValDotTown's Townie

you can just @magicpatterns things

curious if there are .cursor/rules i can just copy paste into my codebase for @mastra_ai? the mcp seems great but doesn't get picked up/used the way i'd like it to cc @calcsam @smthomas3