惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

T
Threatpost
The Hacker News
The Hacker News
AWS News Blog
AWS News Blog
Spread Privacy
Spread Privacy
T
Tenable Blog
C
CERT Recently Published Vulnerability Notes
Cisco Talos Blog
Cisco Talos Blog
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
S
Securelist
P
Privacy & Cybersecurity Law Blog
Know Your Adversary
Know Your Adversary
T
The Exploit Database - CXSecurity.com
Latest news
Latest news
D
Darknet – Hacking Tools, Hacker News & Cyber Security
I
Intezer
F
Fortinet All Blogs
Engineering at Meta
Engineering at Meta
Simon Willison's Weblog
Simon Willison's Weblog
The Register - Security
The Register - Security
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
L
Lohrmann on Cybersecurity
C
Cyber Attacks, Cyber Crime and Cyber Security
Microsoft Azure Blog
Microsoft Azure Blog
P
Proofpoint News Feed
H
Help Net Security
T
Threat Research - Cisco Blogs
D
DataBreaches.Net
S
Schneier on Security
Cyberwarzone
Cyberwarzone
Google DeepMind News
Google DeepMind News
P
Privacy International News Feed
S
Secure Thoughts
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
Recorded Future
Recorded Future
C
Cybersecurity and Infrastructure Security Agency CISA
MyScale Blog
MyScale Blog
M
MIT News - Artificial intelligence
Stack Overflow Blog
Stack Overflow Blog
IT之家
IT之家
人人都是产品经理
人人都是产品经理
NISL@THU
NISL@THU
博客园 - Franky
T
Tor Project blog
G
GRAHAM CLULEY
博客园 - 【当耐特】
Jina AI
Jina AI
Security Archives - TechRepublic
Security Archives - TechRepublic
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
A
About on SuperTechFans
Hacker News - Newest:
Hacker News - Newest: "LLM"

DEV Community

Authentication Security Deep Dive: From Brute Force to Salted Hashing (With Java Examples) Why AI Systems Don’t Fail — They Drift Spilling beans for how i learn for exam😁"Reinforcement Learning Cheat Sheet" I Replaced Chrome with Safari for AI Browser Automation. Here's What Broke (and What Finally Worked) How Python Borrows Other People's Work The $40 Architecture: Processing 1 Billion API Requests with 99.99% Uptime Vibe Coding: A Workflow Guide (From Zero to SaaS) Most webhook security guides protect the wrong side. The scary part is delivery. Headless CMS for TanStack Start: Build a Blog with Cosmic EU Age Verification App "Hacked in 2 Minutes" — What Actually Happened Comfy Cloud’s delete function does not actually remove files Running AI Models on GPU Cloud Servers: A Beginner Guide Event-driven media intelligence with AWS Step Functions and Bedrock I scored 500 AI prompts across 8 quality dimensions — here's what broke How to Call Google Gemini API from Next.js (Free Tier, No Backend Needed) The Portal Protocol: Reclaiming Human Connection in the Age of AI How to Fix Your Team's Scattered Knowledge Problem With a Self-Hosted Forum Intro to tc Cloud Functors: A Graph-First Mental Model for the Modern Cloud Designing Multi-Tenant Backends With Both Ownership and Team Access I Built a Neumorphic CSS Library with 77+ Components — Here's What I Learned PostgreSQL Performance Optimization: Why Connection Pooling Is Critical at Scale Cómo construí un SaaS multi-rubro para gestionar expensas en Argentina con FastAPI + Vue 3 🚀 I Built an Ethical Hacking Scanner Tool – Open Source Project I Replaced /usage and /context in Claude Code With a Single Statusline A Pythonic Way to Handle Emails (IMAP/SMTP) with Auto-Discovery and AI-Ready Design I Collected 8.9 Million Polymarket Price Points — Here's What I Found About How Markets Really Move EcoTrack AI — Carbon Footprint Tracker & Dashboard Everyone's Using AI. No One Agrees How. 5 self-hosted ebook managers worth trying in 2026 Building Your First AI Agent with LangChain: From Chatbot to Autonomous Assistant Common SOC 2 Failures (Real World) Stop Vibe-Checking Your AI App: A Practical Guide to Evals How to Use SonarQube and SonarScanner Locally to Level Up Your Code Quality Your Next To-Do App Is Dead — I Replaced Mine with an OpenClaw AI Sign a Nostr event in 60 lines of Python using coincurve — no nostr-sdk, no nbxplorer, no rust toolchain ITGC Audit Explained Like You’re in Big 4 Patch Tuesday abril 2026: Microsoft parcha 163 vulnerabilidades y un zero-day en SharePoint Stop scraping everything: a better way to track competitor price changes Listing on MCPize + the Official MCP Registry while routing payments OUTSIDE the marketplace — how I kept 100% of my x402 revenue Building an AI-Powered Risk Intelligence System Using Serverless Architecture Why We Ripped Function Overloading Out of Our AI Toolchain Testing AI-Generated Code: How to Actually Know If It Works SaaS Churn Is Killing Your Business. Here Is What to Do About It (Without a Support Team) The Speed of AI Is No Longer Linear - And Self-Improving Models Are Why How to Implement RBAC for MCP Tools: A Practical Guide for Engineering Teams From Standard Quote to Persuasive Proposal: AI Automation for Arborists I built a CLI that scaffolds complete multi-tenant SaaS apps Axios CVE-2025–62718: The Silent SSRF Bug That Could Be Hiding in Your Node.js App Right Now The dashboard that ended our friendship Data Pipelines Explained Simply (and How to Build Them with Python) The Hidden Cost of AI Systems Nobody Talks About. undefined vs undeclared, and how typeof behaves Switching from file-based jobs to NATS/Kafka in Rust without changing code io_uring Adventures: Rust Servers That Love Syscalls Why Agentic AI is Killing the Traditional Database The POUR principles of web accessibility for developers and designers Quantum Neural Network 3D — A Deep Dive into Interactive WebGL Visualization How To Install Caveman In Codex On macOS And Windows Automation Pipeline Reliability: Why Your Workflow Breaks When Nobody Is Watching I Built an 'Open World' AI Coding Agent — It Works From ANY Folder From Freelancing to Product: A Tech Service Company's SaaS Transformation China's AI Giants: Adding Tencent Hunyuan & ByteDance Doubao to AI University (74 Providers) On the Vibe Coders and Their Lies clerk: Auto-Summarize Your Claude Code Sessions AI Weekly — 2026/04/10–04/17 | The Model Lockdown Is Here, but the Toolchain Is the Real Battleground AI 週報 — 2026/04/10–2026/04/17 模型封鎖潮來了,但工具鏈才是真戰場 Maybe this is how Open-Source apps are born... 🚀 Fine-Tune LLMs with LoRA and QLoRA: 2026 Guide tRPC v11 + Next.js App Router: End-to-End Type Safety Without the Boilerplate ShadCN UI in 2026: Why I Stopped Installing Component Libraries and Started Owning My Components SaaS Billing in React Server Components: Stripe + Supabase Without a Single `useEffect` Join our DEV Weekend Challenge — $1,000 in Prizes Across TEN winners! Submissions Due April 20 at 6:59 AM UTC. Implementing FSRS Spaced Repetition in Flutter + Supabase — Adding Memory Science to an AI Learning App "I Texted My Localhost From the Train — Claude Code Fixed the Bug Before I Got Home" I Built a Sales Prep AI and It Went Deeper Than Expected Design to Code #2: One JSON, Eleven Outputs Solving the 100M-Row Problem: A Summary Table Pattern for High-Volume Push Notification Logs Flutter Web With Wasm: What Actually Changes For Developers I Built 50 Royalty-Free Soundtracks for My Side Project in a Weekend Using AI Music Generation The Vibe Coding Security Checklist: 7 Things to Check Before You Ship Stop Letting Googlebot Guess Fix Your React App's SEO Right Desconstruindo o Streaming do LinkedIn: Como Criar um Engine de Extração de Vídeo de Alta Performance com HLS e FFmpeg (EDA Part-1) EDA (Exploratory Data Analysis) Explained With Real Life — Why Looking at Your Data Is the Most Important Step in Machine Learning Brand Relationship Management at Scale: Our 4-Touch Outreach System for 200+ Brands Why String.fromEnvironment() Might Return an Empty String in Dart JGuardrails 1.0.0 — Hardening Java LLM Apps Against Jailbreaks, Toxicity, and Prompt Injection Plan and Schedule a Full Week of Threads Content From One Claude Conversation Coding Cat Oran Ep3, Five Tables Changed Everything Updated: BFF Pattern I'm done watching freelancers get buried by 200 proposals. So I'm building the alternative. This is my first post BFS Algorithm in Java Step by Step Tutorial with Examples Tracking LLM Pricing Monthly: An Open Dataset for 22 AI Models How We Measure Content ROI on a Comparison Site: Revenue Attribution Without Perfect Data Introducing Nova AI Ops: The AI-Native Operating System for SRE Teams I built a free desktop video downloader for Windows — Grabbit How Talkie OCR Helps Vision-Impaired & Dyslexic Users Read the World Around Them VRCFaceTracking安装和iPhone面捕配置教程,有bug Even CrowdStrike Can't See Your Agents The Automation Gold Rush: What n8n Workflows and Claude Are Opening Up for Developers Right Now
CLAUDE.md is not a prompt: starting a Django side project with an agentic AI workflow
Sandro Hu · 2026-05-09 · via DEV Community

I recently started a side project, and I want to do something I've never done before: build it in public. Not with the daily "Day N" theatrics, but milestone by milestone, with honest write-ups of how it actually went. This is post number one.

What's worth writing about isn't the app — it's how I started it. The default move with a capable AI assistant is to ask it to do the work: "set up a Django project with PostgreSQL and Docker." Three months later you're staring at a folder structure you can't justify, a license you didn't think about, and a branching strategy you didn't pick. I wanted to flip the dynamic — the agent surfaces options and documents decisions; I make them. Along the way I picked up a couple of patterns — CLAUDE.md and compound engineering — that I think deserve more attention than they get.

This is the first post in a series I'm calling Building We Remember. One long-form article per milestone here on dev.to, shorter updates on X as issues get closed.

Meet We Remember

We Remember is a calendar and reminders app I'm building with Django. The eventual goal is a personal productivity tool with a plugin-based architecture, so it can integrate with external services over time — but that's roadmap, not today.

I'm building it because I want a calendar app I actually own and can grow as I learn. I'm starting small on purpose: a cheap VPS, a single domain, and a minimalist 0.1.0 milestone — "Foundation — minimal Django app with healthcheck endpoint, Docker Compose setup, linting, testing and first production deploy with CI/CD pipeline." No plugins yet, no integrations, no premature architecture.

The stack is intentionally boring: Django on Python 3.12 with uv, ruff, pytest, Docker Compose, GitHub Actions, deployed to a Hetzner VPS behind Cloudflare. Full details in the next post.

The project is licensed under AGPL v3 — copyleft that extends to network use, same model as Nextcloud, Grafana, and Cal.com. The repo is public from day one. I'm not committing to a commercial path; I'm not ruling one out either. AGPL keeps the door open both ways: as long as I'm the sole copyright holder, dual-licensing remains a future option.

That's the app. The rest of this post is about how the foundation was laid.

What this looks like in practice

Before any code was written, I went through a series of micro-decisions out loud with the agent. A few examples:

  • License. MIT vs Apache 2.0 vs GPL v3 vs AGPL v3 — the agent laid out the trade-offs, I picked AGPL v3 for copyleft that extends to network use.
  • Project structure. Default Django layout, src/, or apps/ for grouping Django apps? apps/ won — middle ground between flat default and over-engineered src/.
  • First milestone scope. I almost over-scoped 0.1.0. The agent pushed back: "if the goal is foundation, drop the plugin system and external integrations from this milestone." Right call. The plugin system, the integrations, the actual product — that all comes later.

None of these decisions are special on their own. What's special is that I made them, with the agent acting as a structured devil's advocate.

Where CLAUDE.md comes in

If you stop here, the next session starts from zero. The agent doesn't remember the license discussion, the dependency management decision, or why you chose apps/ over src/. You'd have to re-explain everything, every time. That's where CLAUDE.md comes in.

CLAUDE.md is a markdown file you commit to the root of the repo. It's not a prompt. It's not instructions in the imperative mood. It's a context contract — a short document that captures the conventions, decisions, and shape of the project, so that any future session (yours, the agent's, or a contributor's) starts already grounded.

A simplified version of mine looks like this:

# CLAUDE.md

## Project overview
Calendar events and reminders management app built with Django,
with a plugin-based architecture for external service integrations.

## Tech stack
- Python 3.12, managed with uv
- Django (latest stable)
- ruff in strict mode for linting and formatting
- pytest with pytest-django
- django-environ for environment variables

## Project structure
- `apps/` contains Django applications
- `config/` contains the Django project (settings, urls, wsgi)

## Conventions
- Conventional Commits (feat, fix, chore, docs, refactor, test)
- Branches: `<type>/<issue-number>-<short-description>`
  - Types: feature, bugfix, chore, hotfix
- Simplified Git Flow: master, develop, plus typed branches off develop
- One issue per branch, merged via PR

Enter fullscreen mode Exit fullscreen mode

The point isn't to constrain the agent. It's to make sure the agent doesn't waste your time re-litigating settled decisions, and that any code it suggests aligns with the conventions you've already chosen.

The compound loop

There's one more piece I'm experimenting with: compound engineering, a philosophy described by Kieran Klaassen and the team at Every in their guide. The core idea is that every unit of engineering work should make subsequent work easier, not harder. Most codebases get worse over time because each feature negotiates with the old ones; compound engineering flips this — features and fixes teach the system new capabilities, and the codebase compounds instead of decaying.

Their main loop has four steps: Plan → Work → Review → Compound. The first three are familiar. The fourth is the one most people skip, and it's where the gains live: capturing what worked — documenting solutions, updating CLAUDE.md, encoding new patterns so the next session starts smarter than the last.

On Claude Code, Every ships this whole workflow as a plugin. I've installed it and folded it into my workflow. The non-obvious operational question for me has been when to invoke the Compound step. On the feature branch, before merging? Premature — the code is still in motion. On develop, after the PR is merged? Stable, reviewed, tested code. Much higher signal. I'm going with the second.

So in practice my loop looks like this:

  1. Pick the next issue from the milestone.
  2. Plan the implementation in dialogue with the agent.
  3. Implement, test, open PR, review, merge into develop.
  4. Run the Compound step on develop — capture what worked, update CLAUDE.md if a new pattern emerged, file new GitHub issues for any refactors that surface.
  5. Move to the next issue without breaking flow.

Step 4 is the key. Insights don't interrupt current work and don't get acted on impulsively — they become artifacts: notes in CLAUDE.md, issues in the backlog, prioritized like everything else.

Why boring, in an era that isn't

Compound engineering, taken to its logical conclusion, points toward a place where you describe an outcome, the agent plans, builds, reviews itself, and hands you a PR. Vibe coding. Idea to merge with minimal contact with the actual code. For a senior engineer building production software at speed, that's a real productivity unlock — and it's where I want to end up too, eventually.

Where I am, where I'm going

But "eventually" is the operative word. I'm a computer engineering student, working toward becoming an engineer — not just for a well-paid job, but because I want to understand the systems I build.

So in this phase I'm following the boring loop on purpose. I plan with the agent, I implement, I read every diff, I review my own PRs. The compounding I care about right now isn't only in the codebase; it's in me. A student who vibe-codes too early ends up with a working app and an empty head. I'm choosing not to be that student.

This changes over time, deliberately. As the mental compounding accumulates, I'll hand more over to the agent. The point isn't to refuse the future of engineering; it's to walk into it with a foundation, not a façade.

A note on writing in public

That's also the real reason I'm writing this in public. Not because I expect the first article to find an audience — most don't, and that's fine. The project is a vehicle for my own growth, and these posts are the trace of that trajectory. If they help someone else thinking through the same trade-offs, even better. If they don't, they still help me.

What's next

The next post will cover Milestone 0.1.0 end to end: the actual Django setup with uv, ruff, pytest, the healthcheck endpoint, Docker Compose, and the production deploy on Hetzner with Cloudflare in front. Code, configs, and the things that didn't work the first time.

If you want to follow along, the repo is public — github.com/OranguEngineer/we-remember — licensed under AGPL v3.


This is part 1 of the **Building We Remember* series — milestone-by-milestone notes on building a Django side project with an agentic AI workflow. Repo: github.com/OranguEngineer/we-remember · AGPL v3.*