惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

H
Heimdal Security Blog
P
Privacy International News Feed
S
Schneier on Security
P
Proofpoint News Feed
L
Lohrmann on Cybersecurity
Spread Privacy
Spread Privacy
P
Privacy & Cybersecurity Law Blog
D
Darknet – Hacking Tools, Hacker News & Cyber Security
Scott Helme
Scott Helme
K
Kaspersky official blog
大猫的无限游戏
大猫的无限游戏
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
aimingoo的专栏
aimingoo的专栏
Simon Willison's Weblog
Simon Willison's Weblog
S
Securelist
Help Net Security
Help Net Security
B
Blog
H
Hackread – Cybersecurity News, Data Breaches, AI and More
Security Archives - TechRepublic
Security Archives - TechRepublic
云风的 BLOG
云风的 BLOG
The GitHub Blog
The GitHub Blog
N
News and Events Feed by Topic
Hacker News: Ask HN
Hacker News: Ask HN
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
M
MIT News - Artificial intelligence
雷峰网
雷峰网
博客园 - 司徒正美
V
V2EX
AWS News Blog
AWS News Blog
Know Your Adversary
Know Your Adversary
N
News | PayPal Newsroom
T
Tor Project blog
Cisco Talos Blog
Cisco Talos Blog
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
PCI Perspectives
PCI Perspectives
Google DeepMind News
Google DeepMind News
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
U
Unit 42
C
Cybersecurity and Infrastructure Security Agency CISA
P
Palo Alto Networks Blog
G
Google Developers Blog
T
Threat Research - Cisco Blogs
博客园 - Franky
I
InfoQ
D
DataBreaches.Net
爱范儿
爱范儿
Y
Y Combinator Blog
博客园 - 叶小钗
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报

DEV Community

Authentication Security Deep Dive: From Brute Force to Salted Hashing (With Java Examples) Why AI Systems Don’t Fail — They Drift Spilling beans for how i learn for exam😁"Reinforcement Learning Cheat Sheet" I Replaced Chrome with Safari for AI Browser Automation. Here's What Broke (and What Finally Worked) How Python Borrows Other People's Work The $40 Architecture: Processing 1 Billion API Requests with 99.99% Uptime Vibe Coding: A Workflow Guide (From Zero to SaaS) Most webhook security guides protect the wrong side. The scary part is delivery. Headless CMS for TanStack Start: Build a Blog with Cosmic EU Age Verification App "Hacked in 2 Minutes" — What Actually Happened Comfy Cloud’s delete function does not actually remove files Running AI Models on GPU Cloud Servers: A Beginner Guide Event-driven media intelligence with AWS Step Functions and Bedrock I scored 500 AI prompts across 8 quality dimensions — here's what broke How to Call Google Gemini API from Next.js (Free Tier, No Backend Needed) The Portal Protocol: Reclaiming Human Connection in the Age of AI How to Fix Your Team's Scattered Knowledge Problem With a Self-Hosted Forum Intro to tc Cloud Functors: A Graph-First Mental Model for the Modern Cloud Designing Multi-Tenant Backends With Both Ownership and Team Access I Built a Neumorphic CSS Library with 77+ Components — Here's What I Learned PostgreSQL Performance Optimization: Why Connection Pooling Is Critical at Scale Cómo construí un SaaS multi-rubro para gestionar expensas en Argentina con FastAPI + Vue 3 🚀 I Built an Ethical Hacking Scanner Tool – Open Source Project I Replaced /usage and /context in Claude Code With a Single Statusline A Pythonic Way to Handle Emails (IMAP/SMTP) with Auto-Discovery and AI-Ready Design I Collected 8.9 Million Polymarket Price Points — Here's What I Found About How Markets Really Move EcoTrack AI — Carbon Footprint Tracker & Dashboard Everyone's Using AI. No One Agrees How. 5 self-hosted ebook managers worth trying in 2026 Building Your First AI Agent with LangChain: From Chatbot to Autonomous Assistant Common SOC 2 Failures (Real World) Stop Vibe-Checking Your AI App: A Practical Guide to Evals How to Use SonarQube and SonarScanner Locally to Level Up Your Code Quality Your Next To-Do App Is Dead — I Replaced Mine with an OpenClaw AI Sign a Nostr event in 60 lines of Python using coincurve — no nostr-sdk, no nbxplorer, no rust toolchain ITGC Audit Explained Like You’re in Big 4 Patch Tuesday abril 2026: Microsoft parcha 163 vulnerabilidades y un zero-day en SharePoint Stop scraping everything: a better way to track competitor price changes Listing on MCPize + the Official MCP Registry while routing payments OUTSIDE the marketplace — how I kept 100% of my x402 revenue Building an AI-Powered Risk Intelligence System Using Serverless Architecture Why We Ripped Function Overloading Out of Our AI Toolchain Testing AI-Generated Code: How to Actually Know If It Works SaaS Churn Is Killing Your Business. Here Is What to Do About It (Without a Support Team) The Speed of AI Is No Longer Linear - And Self-Improving Models Are Why How to Implement RBAC for MCP Tools: A Practical Guide for Engineering Teams From Standard Quote to Persuasive Proposal: AI Automation for Arborists I built a CLI that scaffolds complete multi-tenant SaaS apps Axios CVE-2025–62718: The Silent SSRF Bug That Could Be Hiding in Your Node.js App Right Now The dashboard that ended our friendship Data Pipelines Explained Simply (and How to Build Them with Python) The Hidden Cost of AI Systems Nobody Talks About. undefined vs undeclared, and how typeof behaves Switching from file-based jobs to NATS/Kafka in Rust without changing code io_uring Adventures: Rust Servers That Love Syscalls Why Agentic AI is Killing the Traditional Database The POUR principles of web accessibility for developers and designers Quantum Neural Network 3D — A Deep Dive into Interactive WebGL Visualization How To Install Caveman In Codex On macOS And Windows Automation Pipeline Reliability: Why Your Workflow Breaks When Nobody Is Watching I Built an 'Open World' AI Coding Agent — It Works From ANY Folder From Freelancing to Product: A Tech Service Company's SaaS Transformation China's AI Giants: Adding Tencent Hunyuan & ByteDance Doubao to AI University (74 Providers) On the Vibe Coders and Their Lies clerk: Auto-Summarize Your Claude Code Sessions AI Weekly — 2026/04/10–04/17 | The Model Lockdown Is Here, but the Toolchain Is the Real Battleground AI 週報 — 2026/04/10–2026/04/17 模型封鎖潮來了,但工具鏈才是真戰場 Maybe this is how Open-Source apps are born... 🚀 Fine-Tune LLMs with LoRA and QLoRA: 2026 Guide tRPC v11 + Next.js App Router: End-to-End Type Safety Without the Boilerplate ShadCN UI in 2026: Why I Stopped Installing Component Libraries and Started Owning My Components SaaS Billing in React Server Components: Stripe + Supabase Without a Single `useEffect` Join our DEV Weekend Challenge — $1,000 in Prizes Across TEN winners! Submissions Due April 20 at 6:59 AM UTC. Implementing FSRS Spaced Repetition in Flutter + Supabase — Adding Memory Science to an AI Learning App "I Texted My Localhost From the Train — Claude Code Fixed the Bug Before I Got Home" I Built a Sales Prep AI and It Went Deeper Than Expected Design to Code #2: One JSON, Eleven Outputs Solving the 100M-Row Problem: A Summary Table Pattern for High-Volume Push Notification Logs Flutter Web With Wasm: What Actually Changes For Developers I Built 50 Royalty-Free Soundtracks for My Side Project in a Weekend Using AI Music Generation The Vibe Coding Security Checklist: 7 Things to Check Before You Ship Stop Letting Googlebot Guess Fix Your React App's SEO Right Desconstruindo o Streaming do LinkedIn: Como Criar um Engine de Extração de Vídeo de Alta Performance com HLS e FFmpeg (EDA Part-1) EDA (Exploratory Data Analysis) Explained With Real Life — Why Looking at Your Data Is the Most Important Step in Machine Learning Brand Relationship Management at Scale: Our 4-Touch Outreach System for 200+ Brands Why String.fromEnvironment() Might Return an Empty String in Dart JGuardrails 1.0.0 — Hardening Java LLM Apps Against Jailbreaks, Toxicity, and Prompt Injection Plan and Schedule a Full Week of Threads Content From One Claude Conversation Coding Cat Oran Ep3, Five Tables Changed Everything Updated: BFF Pattern I'm done watching freelancers get buried by 200 proposals. So I'm building the alternative. This is my first post BFS Algorithm in Java Step by Step Tutorial with Examples Tracking LLM Pricing Monthly: An Open Dataset for 22 AI Models How We Measure Content ROI on a Comparison Site: Revenue Attribution Without Perfect Data Introducing Nova AI Ops: The AI-Native Operating System for SRE Teams I built a free desktop video downloader for Windows — Grabbit How Talkie OCR Helps Vision-Impaired & Dyslexic Users Read the World Around Them VRCFaceTracking安装和iPhone面捕配置教程,有bug Even CrowdStrike Can't See Your Agents The Automation Gold Rush: What n8n Workflows and Claude Are Opening Up for Developers Right Now
Day 100 of #100DaysOfCode — What I Built, What I Learned, and What's Next
M Saad Ahmad · 2026-05-15 · via DEV Community

Final Update #100DaysOfCode is officially complete!

Not perfectly. Not everything works. Not everything got finished. But 100 days of showing up, writing code, debugging it, shipping some of it, and learning from all of it, that part is done. And that was the point.


Check out how I started:


Why I Did This

Before day 1, I was stuck. Not stuck in the way where you don't know what to learn, stuck in the way where you know exactly what you want to learn, but you can never make yourself actually sit down and do it. I was on React. Had been on React for a long time. Not because React was hard, but because I was moving by mood and vibe. When I felt like coding, I'd code. When I didn't, I wouldn't. Weeks would pass. The learning stopped while the intention stayed exactly the same.

100 days of code was a system I imposed on myself to fix that. The rule was simple: write code every day, write a blog post about it every day. The blog post part mattered as much as the code part. When someone might read about what you did today, "nothing" stops being an acceptable answer.

The other reason was exposure. I had a vague sense that full-stack development involved a lot of moving parts: frontend frameworks, backend frameworks, databases, authentication, APIs, and deployment, but I had never touched most of them. I genuinely believed that if I wanted to build anything real, I needed years of learning before I'd know enough. The 100 days proved that belief wrong. Not because the learning was shallow, but because the velocity of learning-by-building is faster than I had given it credit for.


The Journey: 100 Days in Brief

Days 1–60: The JavaScript stack

Started with React, moved to TypeScript in React, then Node.js and Express for backend, MongoDB and Mongoose for the database, and finished with Next.js. Sixty days covering the entire JavaScript full-stack. By the end of this stretch, I had built a task management app with Next.js and MongoDB, a tour listing app in React with TypeScript, and a full authentication system with React, Express, and MongoDB, registration, login, JWT-based sessions, and a dashboard showing registered users.

Days 61–72: Python

Came into this stretch overconfident. I'd used Python in university and thought a quick refresher was all I needed. Sat down to write a class and couldn't do it. Spent three days actually learning Python properly, functions, OOP, modules, exception handling, before touching Django at all. The humility check was necessary.

Days 73–85: Django and Flask

Built DevBoard, a job board application in Django, during the building phase of the Django learning. Then spent eight days learning Flask, routes, templates, SQLAlchemy, WTForms, and authentication with Flask-Login, and built a small expense tracker as the Flask capstone.

Days 86–100: DevCollab

The capstone project. Fourteen days building a full-stack developer collaboration platform from scratch, Django REST Framework backend, Next.js frontend, PostgreSQL database, deployed on Railway and Vercel.


Projects Built

Not all of these are finished. Not all of them work perfectly. That's the honest truth, and I'm not going to hide it.

Task Management App — (Link)
Built with Next.js and MongoDB. Users can create, update, and delete tasks. No authentication. Functional for what it is — a clean CRUD app that demonstrated the Next.js and MongoDB stack working together.

Tour Listing App
Built with React and TypeScript. Displays a list of tours with their details. A smaller project, but it was my first real TypeScript project, and the type safety caught several bugs during development that plain JavaScript would have let slip through.

Authentication System — (Link)
Built with React, Express.js, and MongoDB. Users can register and log in, and the dashboard shows the list of registered users. JWT-based authentication. This was the first project where a real backend connected to a real frontend — the moment things started feeling like full-stack development rather than just front-end.

Flask Expense Tracker — (Link)
Built with Flask, Flask-SQLAlchemy, Flask-WTForms, and Flask-Login. Users can log expenses with amounts, categories, descriptions, and dates. See a filtered list and running total. A small but complete application that covers the full Flask stack.

DevBoard: Django Job Board
Built with Django during the project-building phase of the Django learning section. Employers can sign up and post jobs. Candidates can sign up and apply to posted jobs. The concept is clean, and the employer side works. The candidate side has issues with the apply flow, the job listings page, and some of the routing logic isn't working correctly. There are bugs I'm actively debugging and working on. This one isn't live yet, and I'm not going to pretend it is.

DevCollab: Developer Collaboration Platform (Link)
The capstone. Details below.


DevCollab: The Capstone Project

Click to see the Full Tech Stack
  • Frontend: Next.js, Tailwind CSS
  • Backend: Django REST Framework
  • Database: PostgreSQL
  • Auth: JWT (SimpleJWT)

DevCollab is a platform where developers with project ideas can find collaborators, and developers looking to work on interesting projects can find them. You post a project with a description, the tech stack, and the roles you need. Other developers browse, find something they want to contribute to, and send a collaboration request with a message. The project owner reviews requests and accepts or rejects them. Everyone has a public profile showing their skills, bio, and active projects.

Architecture

Two completely separate applications:

  • Backend: Django + Django REST Framework, PostgreSQL database, deployed on Railway
  • Frontend: Next.js (App Router), Tailwind CSS, deployed on Vercel

They communicate exclusively over HTTP. The Next.js frontend makes API calls to the Django backend using Axios with JWT interceptors. The interceptor attaches the access token to every authenticated request automatically, and when the token expires, it silently refreshes it using the refresh token and retries the original request.

Authentication is JWT-based using djangorestframework-simplejwt. Access tokens expire in 30 minutes, refresh tokens in 7 days. Token rotation is enabled; every refresh generates a new refresh token and blacklists the old one.

The Django backend exposes a REST API with these main resource groups: auth endpoints (register, login, logout, token refresh), user profile endpoints (get and update your own profile, view any public profile by username), project endpoints (full CRUD with search and filter by tech stack and role), and collaboration request endpoints (send, list, accept/reject, view your own sent requests). Custom permission classes enforce ownership; only project owners can edit or delete their projects, only project owners can accept or reject requests, and only the requester can view their own sent requests.

The Next.js frontend has nine main pages: a landing page, browse projects with search and filter, project detail with a four-state action button (login prompt for guests, edit/delete for owners, status badge for existing requesters, apply button for new requesters), create project, edit project, apply to a project, a dashboard for managing your projects and incoming requests, a public profile page, and an edit profile page.

What features made it in and why

The collaboration request lifecycle: send, accept, reject, and track status, is the core of the app, and it works. The project CRUD is complete. Authentication is solid. Public profiles work. Search and filter on the browse page work.

Current status: live but work in progress

DevCollab is deployed and accessible. The core flows work. But there are bugs. The frontend has rough edges, some loading states are incomplete, some error messages are raw API text that didn't get replaced before deployment, and there are edge cases in the collaboration request flow that behave unexpectedly. The backend API is solid but hasn't been fully load-tested, and there are likely edge cases in the permission logic that haven't been hit yet.

This is the honest state of it. It works well enough to demonstrate the concept and the architecture. It is not polished enough to put in front of real users and walk away. That work is ongoing.


Honest Lessons

Building takes longer than you think. Every time.

I came into this challenge with a mental model where building was the easy part: you learn the tools, you have an idea, you know what to build, you just build it. What I discovered is that this model is wrong in a specific and humbling way. Writing code is fast. Making code work is slow. The gap between "I have written the code" and "this actually does what I intended in all cases" is where the real time goes.

DevBoard isn't live because the routing logic broke in ways I didn't anticipate. DevCollab has bugs that survived testing because I tested the happy path, but not the edge cases. Neither of these is a skill failure; they're a failure to budget realistic time for debugging and testing. AI can give you the code. Making it work, debugging it, and testing it properly is work that cannot be shortcut, AI or no AI.

Overconfidence is the enemy of learning.

The Python refresher situation on day 62 is the clearest example. I thought I knew Python. I didn't know Python. I wasted two days before admitting that to myself and starting properly. The same thing happened with Django's URL routing, and it's Django's migration system. I assumed I understood them and paid for it in debugging time when I was wrong. The pattern is always the same: overestimate your understanding, skip the fundamentals, then spend three times as long fixing the consequences.


The blog posts were as valuable as the code.

I learned that writing the blog post is just as important as writing the code for long-term retention.

Writing about what I built every day forced me to actually understand what I was doing rather than just copying it. You can copy code without understanding it. You cannot write a coherent explanation of code without understanding it. The posts were the accountability mechanism and the comprehension check at the same time.

Knowing tools is not the same as knowing how to use them.

By day 100, I had touched React, TypeScript, Next.js, Express, MongoDB, Django, Flask, PostgreSQL, DRF, JWT authentication, and deployment on Railway and Vercel. I know what all of these are, how they fit together, what problems they solve, and how to build with them at a basic to intermediate level. But none of that is the same as being able to build a polished, production-quality application with them. That comes from more projects, more debugging, more edge cases, and more time.


What's Next

A few months ago, I didn't know what to build. I had ideas, but didn't know how to build them and wasn't familiar with the necessary tools to execute them. I always thought that my lack of knowledge and understanding of how to use tools was holding me back. Now I have the tools. What I have instead of the old problem is a pile of unfinished business.

DevBoard needs to be fixed and deployed. DevCollab needs its rough edges smoothed, its bugs resolved, and its missing features completed. These aren't new projects; they're commitments I made during this challenge that aren't fully honoured yet.

That's the immediate focus. Finish what was started. Both applications are live, working, and presentable.

After that, the plan is job hunting, offering freelance services, and continuing to build. The 100 days didn't make me a senior developer. They made me someone who knows enough to be dangerous, someone who can pick up a task, figure out what's needed, build something that mostly works, debug what doesn't, and ship it. That's enough to start.

The 100 days are done. The work? Far from done.


If you enjoyed this, follow me here:

I've been posting mostly in

#100daysofcode

The 100 Days of Code is a coding challenge created by Alexander Kallaway to encourage people to learn new coding skills.

and

#webdev

Because the internet...

You can also connect with me on LinkedIn as well. This is where I am active the most.


Thanks for reading. Really appreciate anyone who was following the journey along.