Git-Mastery:
MarkBind:
Open:
RepoSense:
TEAMMATES:
CodeRabbit is an AI-powered code review tool that integrates directly into developers' GitHub Pull Requests (PRs). For team project, it acts as an automated "gatekeeper" that catches common mistakes before a human mentor reviews the code.
Learning Points:
Resources:
Claude Agent Skills is a specialized feature within the Claude ecosystem that allows developers to define and package complex, reusable behaviors as "skills" that the AI can invoke when needed.
Learning Points:
Common Usage:
We will create AGENTS.md file. It will contain high-level overview of the repository. Moreover, .claude folder will also be created, it will contains different skill.md files, which contain a more detailed information about the specific component of the repository.
Ideally, when we give a task to AI Agent, it will read through AGENTS.md file to identify the skills needed to perform the task. Thus, it only need to read the relevant skill.md.
Resources:
Git Worktree is a native Git feature that allows developers to manage multiple working directories (worktrees) attached to a single repository.
Learning Points:
.git directory and object database, making them much faster and lighter than a full git clone.Common Usage:
Suppose we are working on a repo named worktree. We can create a new worktree using
git worktree add ../worktree-testing
which create a directory named worktree-testing at the same level as worktree. A new branch worktree-testing, which is the same as directory name, will be created. If we want to specify the branch name, we can use
git worktree add ../worktree-testing -b hotfix
Note that no two worktrees can work on the same branch. Now, we can open worktree-testing separately and make changes accordingly.
If we want to see the full list of worktrees, we can use
git worktree list
Once we are comfortable with the changes, we can just merge or rebase the branch, which is similar to our usual workflow.
git merge hotfix
git rebase hotfix
To delete the worktree, we can remove the worktree-testing directory, and it will be marked as prunable. Then, we can run
git worktree prune
Besides, we can remove clean worktrees (no untracked files and no modification in tracked files) by running
git worktree remove ../worktree-testing
Resources:
GitHub Copilot is a sophisticated AI-powered developer tool that functions as an intelligent pair programmer, helping developers write code with greater efficiency and less manual effort. Unlike traditional autocomplete, it uses advanced large language models to understand the deep context of the project to suggest everything from single lines of code to entire functional blocks. By automating routine tasks and providing real-time technical guidance, it allows developers to focus more on high-level problem solving and architectural design.
Learning Points:
Resources:
ChatGPT Codex App is an AI coding assistant that helps developers go from idea to working code faster. Instead of only suggesting the next line, it can help with planning, implementation, debugging, and documentation, so it feels more like a practical coding partner in day-to-day work.
Learning Points:
Resources:
GitHub Actions is a CI/CD automation platform built into GitHub that lets us run workflows directly from our repository. It helps automate repetitive engineering tasks like testing, linting, building, and deployment whenever events such as push, pull request, or manual dispatch happen.
Learning Points:
.github/workflows to automatically run checks and scripts, which reduces manual work and human error.push, pull_request, release) so automation happens at the right stage of the development cycle.Common Usage:
Create a workflow file at .github/workflows/ci.yml and define jobs for testing/building.
An Action is a packaged automation step we can use in a workflow. There are lots of prebuilt Actions made by Github or third parties. We can find these reusable Actions from Marketplace
name: CI
on:
pull_request:
push:
branches: [ main ]
jobs:
test:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Setup Node
uses: actions/setup-node@v4
with:
node-version: 20
- run: npm ci
- run: npm test
Jobs run in parallel unless needs is added. Each job has its own steps, and is run in separated virtual environment. Steps inside one job run in order.
${{}} is Github Actions expression syntax. ${{ secrets.USERNAME }} reads an encrypted secret at runtime, and their values are masked in logs. Secrets can be passed through with: or env:.
jobs:
test:
runs-on: ${{ matrix.os }}
strategy:
matrix:
os: [ubuntu-latest, macos-latest, windows-latest]
steps:
- uses: actions/setup-node@v4
with:
username: ${{ secrets.USERNAME }}
password: ${{ secrets.password }}
- run: echo test
deploy:
needs: test
runs-on: ubuntu-latest
steps:
- run: echo deploy
Resources:
Git hooks are scripts that Git can run automatically at specific lifecycle events such as pre-commit and pre-push. They help teams enforce quality checks before code is committed or pushed. However, raw Git hooks are stored in .git/hooks (local-only), which makes them hard to version, share, and keep consistent across all contributors.
Lefthook is a fast Git hooks manager that solves this distribution and consistency problem. Instead of manually copying scripts per machine, teams define hooks once in a versioned lefthook.yml, and everyone runs the same checks. This is especially useful for AI-assisted development workflows.
Learning Points:
lefthook.yml), fast on large projects, easy to install in CI/local environments, and reduces "works on my machine" differences in pre-commit behavior.Common Usage:
# Example for a Node.js project
npm install --save-dev lefthook
# Example for macOS via Homebrew
brew install lefthook
lefthook.yml in repo root (version-controlled):pre-commit:
parallel: true
commands:
ruff-lint:
glob: "*.py"
run: uv run ruff check --fix {staged_files}
stage_fixed: true
ruff-format:
glob: "*.py"
run: uv run ruff format {staged_files}
stage_fixed: true
mypy:
glob: "*.py"
run: uv run mypy .
lefthook install
How it works: lefthook install writes hook launcher scripts into .git/hooks (for events like pre-commit and pre-push). Those launchers then read your versioned lefthook.yml. Each launcher is a small script that calls lefthook run {hook-name} when executed. Usually, we only rerun lefthook install when hook scripts in .git/hooks need regeneration (for example after reinstall, cleanup, or hook wiring changes). Simple command changes in lefthook.yml typically do not require reinstall.
lefthook.yml so all teammates and CI environments share the same hook rules.Initialize Git Hook Using Git Only:
If we choose not to use Lefthook, we can create native hooks manually.
.git/hooks and make it executable.cat > .git/hooks/pre-commit << 'EOF'
#!/bin/sh
echo "Running pre-commit checks..."
npm run lint || exit 1
EOF
chmod +x .git/hooks/pre-commit
This works, but the hook is local-only by default and not shared automatically through Git history unless you add extra tooling around it.
Resources:
uv is an extremely fast Python package and project manager. It can replace tools like pip, pip-tools, pipx, poetry, pyenv, virtualenv, and twine in many workflows. It helps with dependency management, virtual environments, Python version management, running scripts, and installing command-line tools.
Learning Points:
Common Usage:
# macOS and Linux
curl -LsSf https://astral.sh/uv/install.sh | sh
# Windows
winget install --id=astral-sh.uv -e
# New project
uv init example
# Existing project
cd example
uv init
uv add ruff
uv add --dev pytest
uv run ruff check
uv run python main.py
uv lock
uv sync
uv python install 3.12
uv python pin 3.12
Common Workflow:
For a typical Python project, we usually install uv, run uv init for a new project, add packages with uv add, and use uv run to execute scripts or tools without manually activating a virtual environment.
Resources:
GitFlow and Trunk-Based Development are two popular Git branching strategies, but they optimize for different team needs.
GitFlow uses multiple long-lived branches (main and develop) plus supporting branches (feature/*, release/*, and hotfix/*). It gives clear release structure and strict separation between ongoing development and production-ready code.
Trunk-Based Development keeps one primary branch (often main) and encourages very short-lived branches or direct commits to trunk, with frequent integration and continuous delivery practices.
Quick Comparison:
| Aspect | GitFlow | Trunk-Based Development |
|---|---|---|
| Branch model | Multiple long-lived branches like main, develop, release/*, and hotfix/* | One main branch, usually main, with very short-lived branches |
| Release style | Scheduled, staged releases | Continuous delivery or very frequent releases |
| Change size | Larger batches of work | Small, incremental changes |
| Risk control | Release branches and stabilization phases | Strong CI, frequent merges, and feature flags |
| Merge overhead | Higher | Lower |
| Best fit | Enterprise teams, release-managed products, compliance-heavy workflows | SaaS teams, fast-moving product teams, mature CI/CD setups |
| Main trade-off | More process control but more complexity | Faster flow but requires discipline and automation |
Common Usage:
GitFlow Workflow (release-oriented):
develop branch is created from main.release branch is created from develop.Feature branches are created from develop.develop branch.release branch is done it is merged into develop and main.main is detected, a hotfix branch is created from main.hotfix is complete it is merged to both develop and main.Trunk-Based Workflow (continuous integration):
main).main frequently with passing CI.When to Choose Which:
Resources:
Semantic versioned releases are a standard way to decide whether a new release should be a major, minor, or patch update. In practice, GitHub does not decide this by itself. A release tool or workflow looks at commits, pull request labels, or version changes, then decides whether a new release should be created.
The most common and practical setup is to use automation on push to main, then let a release tool infer the version bump from commit messages or PR labels.
Learning Points:
major means breaking changes, minor means new backward-compatible features, and patch means backward-compatible bug fixes.Common Usage:
| Strategy | Signal | Common labels / messages |
|---|---|---|
| Commit-based | Conventional commits | feat:, fix:, feat!: |
| PR label-based | Pull request labels | bump:major, bump:minor, bump:patch |
main with consistent commit messages.git commit -m "feat: add user search"
git commit -m "fix: handle empty response"
git commit -m "feat!: remove legacy endpoint"
bump:major # breaking change
bump:minor # backward-compatible feature
bump:patch # backward-compatible fix
name: Release
on:
push:
branches: [main]
jobs:
release:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- run: npm ci
- run: npm test
- run: npm run build
- run: npx semantic-release
| Commit or label pattern | Result |
|---|---|
feat:/bump:minor label | minor release |
fix:/bump:patch label | patch release |
feat!: or breaking change label/bump:major label | major release |
When to Choose This:
GitHub Actions is a workflow automation SaaS which enables the development of CI/CD pipeline through simple YAML code. It was utilized in Git-Mastery to develop our stable and beta release suites, handling building, testing, and publishing.
Furthermore, it is used to run E2E tests to prevent regressions during development.
Key learning points:
In the development of the beta publishing workflow, I had to learn how to publish packages to different package managers across different operating systems. In doing so, I learnt:
Each of these aspects varied widely across different OSes. In total, I developed the systems for 4 separate operating systems:
Learning the requirements for each system required extensive study, with the documentation being somewhat lacking at times.
Whilst attempting to implement a beta publishing pipeline, I came across multiple different philosophies which our pipeline could follow. As such, I implemented both of these branching models as GitHub workflows. These models are GitFlow and Trunk Based Development. The GitFlow implementation was scrapped in favour of Trunk Based Development.
The central repo holds two primary branches:
The central repo only hosts a single branch called the "trunk" (known in Git as the main/master branch).
List the aspects you learned, and the resources you used to learn them, and a brief summary of each resource.
Resources: Introducing Codex · Codex App · Codex Now GA
Codex is OpenAI's agentic coding system (powered by GPT-5.3-Codex) that can receive a task description, write code, run it in a sandboxed cloud environment, debug errors, and open a pull request for review.
Access & Interfaces:
Key Features:
Resources: Claude Code Overview · Claude Code Releases
Claude Code is Anthropic's agentic coding CLI that understands your entire codebase and can work across multiple files and tools to complete tasks end-to-end.
Access & Interfaces:
Key Features:
Resources: githooks.com · Lefthook GitHub · pre-commit vs lefthook comparison · Using Lefthook across a team
Git hooks are scripts that run automatically at specific points in the Git workflow. They are stored in .git/hooks/ but are not tracked by version control — hook managers solve this by committing the config to the repo.
Hook Lifecycle:
| Hook | When | Common Uses |
|---|---|---|
pre-commit | Before commit is created | Lint, format, secret detection |
commit-msg | After commit message is written | Enforce Conventional Commits |
pre-push | Before push to remote | Run tests, check branch policy |
post-commit | After commit | Notifications, doc generation |
Tool Comparison — Lefthook vs pre-commit:
| Lefthook | pre-commit | |
|---|---|---|
| Language | Go | Python |
| Execution | Parallel (faster) | Sequential |
| Config | lefthook.yml | .pre-commit-config.yaml |
| Hook sources | Local scripts | Community hook registry |
| Best for | Polyglot/any project | Python-heavy projects |
Lefthook is preferred in the Git-Mastery project for its performance and language-agnosticism. Configuration example:
# lefthook.yml
pre-commit:
parallel: true
commands:
lint:
glob: "*.py"
run: ruff check {staged_files}
format:
glob: "*.py"
run: ruff format {staged_files}
Install with lefthook install after placing lefthook.yml at the repo root.
Git-Mastery implementation: Lefthook was adopted across the exercises repository (#265) and the app repository (#76).
Resources: Atlassian Guide · DORA Capabilities · trunkbaseddevelopment.com · Harness Complete Guide
A source control branching model where all developers integrate into a single branch (main/trunk), keeping it always releasable and avoiding long-lived branches and merge hell.
Core Principles:
main must be in a deployable state — enforce this via CI gateWhy it works:
Minimum Viable CI/CD pipeline:
Feature Flags (vs long-lived branches):
Resources: GitHub CodeQL docs
CodeQL is GitHub's semantic code analysis engine. It treats code as data and runs queries to find security vulnerabilities automatically.
How it works:
Key points:
github/codeql-action)Git-Mastery implementation: CodeQL was set up alongside main branch hardening (#116).
GitHub Copilot is an AI-powered coding assistant built by GitHub and OpenAI that helps programmers write code faster and with less effort.
Learning points:
Resources:
Claude Code is an AI coding assistant by Anthropic that helps with code generation, refactoring, debugging, and repository-level understanding through natural language instructions.
Learning points:
/review) to get focused outputs for different goals such as code review, planning, or implementation.Resources:
Devin AI is an autonomous AI software engineer by Cognition that can browse the web, write code, and perform multi-step engineering tasks with minimal human intervention.
Learning points:
Resources:
A context manager in Python is a structured way to handle resources so setup and cleanup are done safely and automatically, usually through the with statement. Instead of manually opening and closing files or connections, a context manager guarantees that cleanup logic still runs even if an exception occurs inside the block, which reduces bugs and resource leaks. Under the hood, this works through the context manager protocol (__enter__ and __exit__), where __enter__ prepares the resource and __exit__ handles teardown. This pattern makes code cleaner, easier to read, and more reliable because resource handling is localized to one clear block. Common examples include file I/O, database transactions, thread locks, and temporary state changes, and a good rule is to use with whenever something must always be released or restored.
resources:
OpenAI Codex is an AI coding agent, a large language model specialized for software tasks, combined with tools that let it work inside a real project. It can be very useful to read and understand files across a repository, run terminal commands, propose and apply code edits, generate test cases etc.
Agent.md is a project-specific instruction file that tells an AI coding assistant how to behave inside a codebase: what the project does, how the folders are organized, coding conventions, testing commands, and things to avoid. It improves AI performance by informing the LLM exactly how the project’s structure or style from scattered files look like, so it makes more accurate edits, follows the right conventions, avoids breaking assumptions, and produces code that fits the repository better.
Features of a good Agent.md includes:
Ideally, Agent.md should be very specific on the task that this particular AI Agent should carry out, like writing test cases, debug, refactoring, instead of being very generic.
resources
Prompt engineering is the practice of designing clear, specific instructions so an AI can produce more accurate, useful, and consistent outputs.
A good prompt should:
If the task is complicated, it is always recommended to break it into smaller tasks, and prompt the AI to complete a sequence of smaller tasks.
resources:
GitHub Actions is a CI/CD automation tool built into GitHub that lets developers automate tasks directly from a repository. It is commonly used to run tests, build applications, check code quality, and deploy projects whenever certain events happen, such as pushing code or opening a pull request. By defining workflows in YAML files, teams can make their development process more consistent, repeatable, and easier to maintain. Some of the key points as follows:
Workflow automation
GitHub Actions works by defining workflows that are triggered by specific events. For example, a workflow can run whenever someone pushes code, opens a pull request, creates an issue, or on a scheduled time. This reduces the need for developers to manually run repeated commands, because checks and tasks can happen automatically when repository activity occurs. GitHub’s documentation states that workflows can be configured to run on GitHub events, scheduled times, or external events.
CI/CD support
One of the main uses of GitHub Actions is continuous integration and continuous delivery. In continuous integration, code changes are automatically tested before they are merged, helping teams catch bugs earlier. In continuous delivery or deployment, the project can be automatically built and released after the workflow passes. GitHub’s overview specifically mentions using workflows to build and test pull requests, or deploy merged pull requests to production.
YAML-based configuration
Workflows are written as YAML files and are usually stored inside the .github/workflows/ directory of a repository. This means the automation setup is kept together with the project code, making it easier for team members to view, review, and modify the workflow through normal Git version control. GitHub’s workflow syntax documentation explains that a workflow is a configurable automated process defined using a YAML file.
resources:
AI Agent Orchestration refers to the coordination of multiple specialized AI agents so that they can work together on complex, multi-step tasks. Instead of relying on one general-purpose AI agent to understand everything, plan everything, write all the code, and check all edge cases, orchestration separates responsibilities across different agents. For example, one agent may act as the orchestrator, another as the planner, another as the coder, and another as the designer. This makes the workflow more structured because each agent focuses on a clearer role while the orchestrator manages task delegation and communication.
Why orchestration is useful
A single AI agent can struggle when the task becomes large, especially in software projects involving backend logic, frontend design, architecture decisions, testing, and documentation. The agent may lose track of context, make inconsistent design choices, or overlook edge cases. By dividing the work among specialized agents, the system can handle complexity more systematically. AWS describes multi-agent orchestration as a way to route tasks or queries to specialized domains while maintaining context across interactions.
Orchestrator agent
The orchestrator is like the coordinator of the whole system. Its role is not necessarily to write code directly, but to understand the user’s high-level request, break it into smaller tasks, and assign those tasks to the correct specialist agents. For example, it may ask a planner to design the implementation approach, then ask a coder to implement the backend, and finally ask a designer to improve the frontend. In your notes, this is described as the orchestrator telling other agents what outcome is needed, rather than telling them exactly how to do their work.
Specialized agents
Different agents can be assigned different responsibilities. A planner agent may inspect the project structure, identify existing patterns, and produce an implementation plan without writing code. A coder agent may focus on writing backend logic, fixing bugs, and implementing functionality. A designer agent may focus on UI/UX, styling, accessibility, and visual consistency. Microsoft’s AutoGen documentation describes agents as self-contained units that can be developed, tested, reused, and combined into more complex systems, which supports this modular approach.
Communication between agents
A key part of orchestration is communication. Agents should not work in isolation, because the planner’s assumptions, the coder’s implementation choices, and the designer’s UI decisions need to stay aligned. Some orchestration patterns use a main agent that coordinates subagents, while others allow agents to hand off control to each other. LangChain’s multi-agent documentation describes both patterns: one where a main agent coordinates subagents as tools, and another where agents transfer control through handoffs.
Planning and validation
Agent orchestration is not only about generating code faster. It can also improve the development process by adding planning and validation stages. For example, the planner can identify edge cases before implementation, while the coder can check whether the implementation follows the plan. This reduces the risk of rushing directly into code without understanding the project structure. LangGraph’s documentation also distinguishes between workflows with predetermined steps and agents that dynamically decide their own process and tool usage, which is useful when designing more controlled agentic systems.
Benefits and limitations
The main advantage of AI orchestration is that it can produce more structured and potentially higher-quality outputs for complex tasks, especially when the agents are given clear roles. However, it also adds complexity. The orchestration setup needs careful prompting, clear agent responsibilities, and good communication rules. It may also increase total token usage because multiple agents are involved, even if each individual agent has a smaller context window. Your notes correctly frame these benefits as something to be further tested rather than as a guaranteed result.
Use Cases:
AI Orchestration should be considered for:
Should not be used when:
resources:
GitHub Copilot is a code completion and programming AI-assistant that assist users in their IDE. It uses LLMs can assist with code generation, debugging or refactoring through either real-time suggestions or language prompts
Key Learning Points:
Context is King! Providing all relevant files immediately leads to faster, more accurate fixes. The AI performs best when it "sees" the full scope of the bug.
Don't stop at the first working fix. Specifically, we can try asking the AI to improve code quality and clarity after the initial generation helps eliminate "AI-style" clutter and technical debt.
Initial AI suggestions often prioritize the simplest fix. It still requires manually prompts & investigation for edge cases to ensure the solution is robust.
We should treat AI as a collaborator, and not an automated system. Reviewing proposed changes and selectively implementing only what fits the project context prevents the introduction of unnecessary or incorrect logic.
Agent Skills are folders of instructions, scripts, and resources that agents can discover and use to do things more accurately and efficiently. These skills are designed to be automatically founded and used by AI agents, providing them user-specific context they can load on demand hence extending their capabilities based on the task they’re working on.
Key Learning Points:
Moving instructions from a giant system prompt into a SKILL.md file allows for "progressive disclosure," where the agent only loads the knowledge it needs for the specific task at hand.
Provide a strict directory layout (Instructions in SKILL.md, automation in scripts/, and context in references/) to ensure the agent can reliably find and execute tools.
Include specific trigger phrases & tags, as well as clear and well defined steps. This prevents the agent from guessing, thus ensuring it follows the exact logic required for the most effective application.
One of the major milestone for Markbind this semester was typescript migration and the subsequent CJS to ESM migration. While I only contributed to parts of the process, the opportunity allowed me learn about the details of dependency resolution and the structural differences between module systems, and how the migration to ESM will uture-proof the codebase by enabling better tree-shaking, improved performance, and compatibility with the modern JavaScript ecosystem.
Key Learning Point: Transitioning the CLI and Core packages to TypeScript highlighted the importance of robust type definitions. It transformed the migration from a find-and-replace task into a meaningful refactoring process which in turn helped significantly improve my knowledge of the flow across the codebase.
My major contribution to Markbind this semester was contributing to the initial support for full textual search across the site with the use Pagefind.
Before the current Pagefind search, Markbind only supported full textual search across its site by using Algolia's Doc Search plugin which requires an external API key. Otherwise, users would have to the built-in "Heading-Level" search. Hence this feature aims to (eventually) replace the existing built-in search, while providing a full textual search alternative to Algolia's Doc Search plugin
While still far from fully complete, significant progress was made on the feature, most notable of which includes
Flexible filtering options, allowing users to declare their additional specific elements which they would like to exclude from being searchable. This feature is especially helpful for users looking to migrate from Algolia's Doc Search as they can simply declare any existing CSS class used by Algolia.
Integrating page exclusion: Pagefind's indexing now respects the searchable page option declared within site.json.As the goal is to integrate pagefind as the default search within Markbind (eventually replacing the built-in search), this feature will support a seamless onboarding/migration process for user's currently using the default built-in search.
In-House vue component: When initially worked on, Pagefind's supported UI was restrictive and hard to build upon. Hence a major work needed to be redone to overhaul this. Beyond just building a new custom vue component, this task also required custom utility files to help the processing of the pagefind results. While Pagefind has released a new component library improving upon their initial UI, having an In-House vue-component still provides us more customizability as relying on theirs would mean being suseptible to UI changes that we may be less receptive towards.
I thoroughly enjoyed working on the implementation of this feature as it allowed me to tackle the complexities of integrating a third-party indexing tool into a static site generator architecture, while navigating the various additional support to ensure a frictionless experience for users looking to make the switch from existing searches. All in all, it provided me the opportunity to dive deep into codebase of Markbind providing me a better understanding of how various components worked with one-another (especially on the process of site generation).
Key learning point: Full textual search is essential for modern documentation and information retrieval because it bridges the gap between what a user remembers and how a site is structured. While heading-level search relies on the assumption that a page’s title or section headers perfectly encapsulate its entire content, it often excludes the nuanced details, specific code snippets, or technical explanations buried within paragraphs.
Along my journey of finding a topic for my upcoming teachback, I stumbled upon a SDUI. As markbind is on web development (, all be it a static site generator), the concept of a SDUI approach towards web development certainly peaked my interest. SDUI is an architectural approach where the backend dictates the user interface's structure, layout, and behavior, rather than hardcoding it in the across different platforms (mobile, web etc).
Key learning points:
{"type": "banner", "image": "..."}).The topic I eventually decided on for my upcoming teachback was GSD! I chose to do so as (, and putting poop emojis on my presentation was definitely a plus). Additionally, according to its Github repo, its "Trusted by engineers at Amazon, Google, Shopify, and Webflow.", but they don't provide any
The GSD lifecycle can broken down into 3 stages. First begins the initialization stage where you discuss with the agent about what application you aim to build. This helps the agent's research process and its understanding of the various requirements needed by the product. After which it generates a roadmap which structures various phases of implementation. Next comes the iterative process of implementing each phase. In short the user further refining their requirements of the features being implemented for the phase, hence providing greater context for GSD to accurately build initial product discussed.
My experience working with GSD was a surprising positive one (given my friend's previous bad experience working with other AI SDD frameworks). It managed to capture most of what I wanted from the application, providing me with a satisfiable MVP. Having AI build the entire project thus far has certainly been an experience. However, looking back at the project developed, I've come to realise the joy and ownership it takes away from development out of the process.
Key Learning Point:
Resources: GH repo
BMAD is a structured, multi-agent agile development framework and was often brought up during my research and implementation of GSD. BMAD is perhaps the most opinionated and methodology-heavy implementation of AI-driven development framework.
It is an AI-driven SDLC framework that orchestrates a team of specialized agent personas—such as Product Managers, Architects, and Scrum Masters—through a rigorous, multi-phase pipeline. BMAD aims to enforces a strict sequence from requirements elicitation (PRDs) and technical architecture (ADRs) to implementation, ensuring that AI-generated code is grounded in high-level design rather than isolated prompts.
Key Learning Point:
Resources:
Another agentic skills development framework that was often brought up during my research on GSD was Superpowers. It was by far the most popular of the frameworks with over 150k github stars. Notably, it is the only framework in this category officially listed as a plugin on Anthropic’s Claude plugin marketplace which perhaps can be viewed as a form of credibility.
So what is it? Superpowers is a development-centric agentic framework that prioritizes reliability through rigorous automation. It operates by breaking down complex features into granular, testable units, leveraging a loop of automated testing and code refinement.
Key Learning Point:
Resources:
Perhaps the closest sibling to GSD I found whilst researching and implementing GSD. Indeed PAUL was developed on improving the GSD workflow, so much so that they provide documentation on what differentiates it from GSD.
GSD pioneered the concept of treating plans as executable prompts. PAUL takes this further by recognizing that execution without reconciliation creates drift — and drift compounds across sessions.
Where GSD focuses on getting work done, PAUL focuses on getting work done correctly, consistently, and with full traceability.
All in all, PAUL's claims are certainly impressive given my positive experience with GSD thus far. From the videos and forums I've read above PAUL it certainly seems like a promising and ever favourable alternative to GSD. That said, documentation explicitly covering the performance between the 2 are few are far between which somewhat affects its credibility. In comparsion, the current github repo has less than a thousand stars, while GSD has over 50k. I will certainly give it a try over the summer break and look forward to comparing it with GSD for myself.
Key Learning Points:
Resources:
So far, I've experimented with many AI coding tools, incorporating them into my workflow and trying them out.
I've tried opencode, Mistral Vibe, Proxy AI, Github Copilot, Cline.
They can be divided into roughly two categories; AI tools that live in the CLI and those that integrate directly into IDEs. While their usage may be similar (many of them can inject context using slash/@ commands, in addition to other common features), their value can be quite different.
I've found that tools that integrated directly into IDEs felt superior for engineering, provided that one does not enable settings such as "YOLO" mode (editing without permission). This way, you may review the AI's work file-by-file, and guiding it if its approach needs changing.
While I've found human-in-the-loop workflows to feel better as a developer (more supervision over work), less hands-on approaches also can be useful for iterating quickly. However, I've also found that the success of these methods are highly contingent on model quality.
On top of that, leveraging plan/act modes, skills, and keeping context focused can improve model performance.
Resources: Cline documentation
I also explored SDD tools to create a medium-small vibe-coded application. These tools work in a very similar way - they inject skills or workflows (in the form of markdown files) to provide a structured step-by-step approach in conceptualizing and building a whole application based on specification, not code. My experimentations led me to testing out 3 different frameworks: spec-kit, spec-kitty, and BMAD. There is a lot more.
Their target audiences are somewhat different, but the overarching goal is the same: through solely prompting frontier-level models with specification info, create a whole well-coded application. My expectations which would perform better were completely subverted; spec-kit, despite maintained by an industry giant (Microsoft), was not much better than prompting without frameworks. BMAD, highly regarded from my searching and at about 45k stars at time of writing, was by far the most inefficient and poorly-performing. And spec-kitty, an underdog by all rights (1k stars at time of writing), turned out to fit my needs the best and created the best application in a reasonable amount of time.
I don't think these tools are at a level to replace developers wholesale in greenfield projects (they're not really intended for brownfield). But the industry seems to be moving frighteningly fast, and who knows what happens even 1 year from now. But they are indeed useful for creating proof-of-concepts, and can actually be better over framework-less prompting alone.
Overall, here's my learning points:
So far, I've been working on much of the CLI components of MarkBind. I've done much research on it due to working on PRs such as TypeScript migration and Migrating TypeScript output from CJS to ESM. I would say currently I'm more well-versed in it than an average developer due to my deep involvement in these migration works where I've had to update tooling, workflows, and developer experience regarding TypeScript.
Key Learning Points
package.json and package-lock.json to keep dependency trees updated and consistent across deployment environments (or just developer PCs). I performed a short presentation on why these exists, how they can get broken, and how to recover when it happens.Resources: CJS vs ESM (Better Stack)
Throughout the semester, I worked across most sections of the MarkBind codebase. I mostly worked on Core and CLI, though in the latter end of the semester I looked at and did some development on the pagefind component in vue-components.
I've learnt how to debug MarkBind when things go wrong, which was useful on February 25th when a change in a transitive dependency (minimatch) silently caused a knock-on effect on MarkBind, resulting in pages not being able to be built and served. Through tedious but well-intentioned tracing, I was able to identify the problematic dependency and temporarily fix it on my end by pinning the dependency's version.
I've also touched on the markbind-action repository, when needing to upgrade node.
Lastly, I learned how to make a new release for MarkBind!
I learnt and used Langchain to create an AI workflow for the CSV classifier task.
Resources: Langchain documentation
Worked with the team to explore adding repo-specific AI coding skills for common harnesses such as Claude, OpenCode and GitHub Copilot.
Learned about good practices for developing AI skills. Generally, the follow the guidelines provided by claude and study this skill meant to teach AI agents to create skills.
Some notable points include:
Key Principles for AI Skills
SKILL.md concise. Treat it like an index/table of
contents, and refer to the other markdown files for detailed instructions and examples.Most Important
Most importantly: test the skill if they work, and pick up quirks/issues introduced by the skills and tweak your files to improve them. Make sure you run your AI coding tool's debug mode to see if the skills are being picked up.
Meta: Skills in action
This knowledge page and the progress page were formatted using MarkBind skills v0.1.0 with OpenCode using the minimax m2.5 model.
Why AI skills are useful, they should be treated like code, i.e. it has to be maintained. Otherwise, as project evolves, the code architecture or feature set may change, and the skills would simply confuse the AI agents and make them do wrong things, wasting token and time.
when the skills are not part of your own repo, i.e. meant to be shared with developers outside of your team, you can publish them to a public registry such as a github repository. There are a few ways for user to do this, the most common one being
npx skills install <organization>/<repo>
provided by vercel-lab/skills
Created subagents to handle specific tasks such as writing unit tests, generating documentation, and refactoring code.
Useful Tips
My current favourite. Open source and supports multiple provider, has strong ecosystem and plugin support. Works well with Neovim with opencode.nvim (the dev is super cool too)
Also works well, especially with Claude's own model. However, the UI is worse than OpenCode and UX is really bad.
Works well and has great VSCode integration. However, rate-limiting became really bad.
Learned about Vue 3's reactivity system, including ref, reactive, and computed properties.
Used reactive and computed to implement dynamic data tag count in CardStack Component.
Learned about Vue's template syntax and slot system for component composition. Useful for creating reusable components with flexible content, especially in the context of MarkBind's custom components.
tscLearned to use the TypeScript compiler (tsc) to check for type errors and compile TypeScript code to JavaScript.
Useful tsc configs/flags
outDir: specifies the output directory for compiled JavaScript files.For pure ESM packages:
For dual CJS/ESM packages:
Sometimes it is necessary to create a tsconfig.json for your LSP to work properly.
For those who wants to try it out: https://github.com/yihao03/markbind/tree/feature/export-pdf
When making my own course notes with MarkBind, I realised a need to export the entire site to pdf file so that
it could be printed and brought to exams, and distribute easily in general. That's why I started exploring the idea
of creating a @/packages/core-pdf module that achieves this goal.
Considering MarkBind already creates a static site with proper formatting, with appropriate CSS for media print, I decided to leverage on that and use a headless browser (Puppeteer) to render the site and print it to pdf.
I just found out that there's a <mark> component in HTML
In implementing dark mode, I had to inject a script into page.njk which serves
as the template for every page rendered in markbind. To do that, I added a
<script> section to read system's theme preference and add a
data-bs-theme="dark" attribute to the element where applicable.
When adding dark mode styles inside <style scoped> Vue components, CSS scoping
transforms selectors and breaks global attribute selectors like [data-bs-theme="dark"].
Solutions
:global([data-bs-theme="dark"]) or ::deep() for global ancestor selectors<style> blockdata-bs-theme="dark" on <html> for themingTo implement dark mode, I replaced hardcoded color values with bootstrap CSS
variables (e.g., var(--bs-body-bg)) that automatically adapt to the theme,
ensuring consistent theming across components and maintenability.
Dark Mode Context Overrides
To preserve some custom styles, I had to override some variables in the dark mode context (e.g.,
[data-bs-theme="dark"]) to ensure the colors look good in dark mode.
Implementing dark mode support introduced a lot of complexity, considering the amount of existing content and styles in MarkBind, especially user defined components and diagrams. Therefore, significant thought has to be put into the design and implementations of the dark mode to ensure minimal friction required for users to adopt it, while also ensuring the implementation is maintainable and does not introduce too much technical debt.
Security: Template Value Injection into JS
Nunjucks template variables embedded directly into JS strings (e.g., const theme = '')
can break the script or introduce injection if the value contains quotes or </script>.
Must serialize/escape as JSON before injecting template values into JS.
@inquirer/prompts provides interactive command-line prompts for CLI tools, useful for
setup flows and user identification of harnesses.
Skills pulled from external repos (e.g., MarkBind/skills) can be version-tracked via a
.markbind-skills.json file in .agents/skills, similar to package-lock.json.
The version is compared against package.json's aiSkillsVersion to prompt users to update.
OpenCode is a CLI program for agentic coding. It allow users to use the same application with different LLM models, supporting many different providers.
Gemini Code Assist for GitHub is able to review PRs. It was able to find multiple issues in the PRs which i use it in.
A declarative language for designing user interfaces, which can be used through PySide to create GUI applications in python.
A framework for developing desktop applications using web technologies.
Learnt about the internal workings of Git, including how Git stores data, how it manages branches, etc.
Learnt how to develop desktop applications using Electron. In particular, although I had prior experience with Electron, the tech stack was a bit different from what I had used before. For example, I used electron forge before, but this time I used electron builder, which is supposed to be more powerful and flexible. I also had to learn how to set up the project structure and configure the build process for the electron app.
Used React with Typescript for the frontend of the electron app. Learnt core concepts like using hooks for state management and side effects, as well as how to structure a React application. I also had to learn how to integrate React with Electron.
Learnt how to use Tailwind CSS for styling the electron app.
Learnt how to use Redux for state management in the electron app.
Learnt how to use Markbind for creating documentation and websites. In particular, I learnt how to setup the markbind project, since I wasn't the one doing that in my CS2103T team.
Learnt more about Github workflow and CI/CD by setting up Github Actions for my projects. I set up actions for checking linting, building and deploying the pages, building and testing the electron app, etc. The most notable thing I learnt was testing the electron app on mac os environment, which was very useful since I don't have a mac os device to test on.
Practiced context and prompt engineering by comparing self proposed solution with AI generated solution and analyzing the differences. By comparing different prompts and contexts, I learnt how to craft better prompts and optimise context to get better results from AI models.
Found out about Github Copilot Code Review and used it to review my code and get suggestions for improvements.
Collaborative Context Management: Understand how to provide good context for Copilot Agent to work with, such as providing relevant files or documentation snippets (.github/copilot-instructions.md) to helps the agent generate more accurate suggestions.
Verification and Human-in-the-Loop: Understand to treat Copilot’s output as a "first draft" that requires additional prompting and extensive testing regarding logic flow and existing architectural constraints.
AI-Assisted Code Reviews: Use Copilot directly in GitHub to analyze PRs by asking it to explain complex logic, identify potential edge-case bugs, or ensure adherence to project standards. It can also be called directly to a review on its own.
Resources used:
Agentic Workflows: Experimented with using autonomous subagents capable of executing multi-step tasks like major refactoring. (Breaking down into Planning + Model Making + Writing Tests + Executing with TDD)
Efficient Branch Management (Worktrees): Leveraging Git worktrees with Claude Code to perform mutliple concurrent experimental changes in isolated environments, preventing interference with main development tasks.
Resources used:
renovate BotAutomated Dependency Updates: renovate is a bot that automatically creates pull requests to update project dependencies. It scans dependencies on a configurable schedule, detects available updates, and creates PRs with version bumps—reducing manual effort and keeping projects up-to-date.
Group-Based Dependency Configuration: Configured renovate with grouping strategies to batch related dependency updates into single PRs rather than creating one PR per package. This approach reduces notification noise and allows teams to test grouped updates together, improving safety and reducing merge overhead for projects with many dependencies.
Resources used:
Understand what is MCP, which is a protocol enabling AI agents to securely access custom tools and resources by acting as an API between AI models and external services.
Setting Up Custom MCP Servers: Define tools with schemas, add instructions for AI guidance, implement handlers, and connect via HTTP. Tailor tools and instructions for your specific use cases.
Resources used:
This module exposed me to multiple AI coding tools that are popular in the market, such as GitHub Copilot, Codex by OpenAI, and Claude Code.
My first major use of Claude Code for RepoSense PRs was to implement a YAML configuration wizard, which revealed both the promise and the limits of AI-assisted development.
The broader takeaway is that working with AI on an existing codebase still demands that the developer be deeply familiar with it. Claude is a powerful collaborator, but it cannot be expected to independently scour a codebase and always arrive at the most contextually appropriate solution. That judgment still has to come from you.
While working on my YAML config wizard, I spent some time researching about terminal UIs, when deciding wheher to implement a TUI or GUI for the wizard.
So after the research detour, I went with a GUI.
A YAML file is a human readable, plain-text file used mainly for configuration. DevOps, and data serialization. It uses indentation-based, hierarchical structures rather than curly braces or bracckets for data storage. Such a key-value pair structure makes it more readable and human friendly compared to JSON or XML. Key aspects:
: separating keys and values.# symbol.Worked with YAML files when exploring the development of a GUI .yaml config filee generation wizard.
GitHub Actions is GitHub's built-in CI/CD platform that automates workflows in response to repository events like pushes and pull requests.
.github/workflows/ and consist of jobs that run on GitHub-hosted virtual machines (runners).actions/checkout, actions/setup-java).Across my contributions to RepoSense, I gained significant practical experience with how GitHub Actions CI interacts with the development workflow.
RepoSense's integration.yml runs a build matrix across six OS variants (Ubuntu, macOS, Windows) and includes separate jobs for backend tests (Gradle checkstyleAll, test, systemTest) and Cypress frontend tests.
One of my earliest lessons came from the temp repo directory PR (#2537), where I refactored repository cloning to use temporary directories. The change worked locally but broke system tests on CI because the test environment assumed cloned repos persisted across test runs for snapshot reuse. I had to add a SystemUtil.isTestEnvironment() guard to skip cleanup in tests, teaching me that CI runners have different lifecycle assumptions than local development.
deleteReposAddressDirectory() cleanup function had to be updated to match the new naming convention, showing me how Gradle build scripts and CI are tightly coupled.The title.md to intro.md rename PR (#2516) and its follow-up removal of backward compatibility (#2566) taught me about the CI pipeline's
breadth. Changes that touched build.gradle, Vue frontend components, Cypress test support files, and documentation all had to pass linting, checkstyle, unit tests, system tests, and frontend tests across the full OS matrix.
The config wizard work gave me the deepest CI experience.
testFrontend task, which uses the ExecFork plugin to start Vite dev servers as background processes before running tests. When I added wizard-specific Cypress tests, they initially failed in CI because the global support.js beforeEach hook visits localhost:9000 before every spec — interfering with wizard tests on port 9002.support.js and using Cypress.env('configWizardBaseUrl') with absolute URLs in intercepts, adding the serveConfigWizard Gradle task with proper dependsOn/mustRunAfter ordering, and then rewriting the tests from scratch.I also encountered multiple rounds of linter failures in CI — Pug lint errors and Java checkstyle violations. That passed locally but were caught by the CI pipeline's stricter enforcement, reinforcing the importance of running the full lint suite locally before pushing.
This activity showed me how to move from using an LLM interactively to embedding it inside a real Python workflow.
I learned how to use AI to call an OpenAI model from code using the SDK, pass structured prompts and dataset rows into the model, and capture the output in a machine-usable form for downstream processing. Here, that meant using an LLM to validate keyword labels in a CSV instead of relying only on manual checking.
I also learned that calling LLMs in programs requires more than just sending prompts. In practice, we had to handle environment setup, API keys, Python package installation, and compatibility issues between models and SDK parameters.
The activity also surfaced operational concerns that matter in scripts: rate limits, batching requests, retries, progress logging, and writing outputs to files like validation_report.csv. I learnt that when LLMs are used programmatically, the surrounding engineering is just as important as the prompt itself.
A major takeaway was that LLMs work well in scripts as one component in a larger pipeline. I used deterministic rules for initial labeling, then layered LLM validation on top as a semantic checker. We can combine traditional code for consistency and speed with LLMs for judgment and language understanding.
Worktrees are a Git feature that allow you to have multiple branches checked out simultaneously on your system, through multiple working directories all associated with a single local repository. This allows users to work on multiple features/branches without constantly switching between them and stashing changes.
git stash when switching tasks, as each has their own dedicated workspace.
Operations like git fetch or creating a new branch are immediately reflected in all linked worktrees.Commands
git worktree listgit worktree add <path> [<branch>]git worktree remove <path>git worktree pruneResources used:
java.io API.java.nio.file package, I explored how to perform common file operations: reading, writing, copying, and deleting, in a more expressive and reliable way.I presented a teachback on Google Stitch, a Google Labs tool that generates high-fidelity UI designs from plain text prompts, and found it impressive for early-stage prototyping.
DESIGN.md file that captures your color tokens, typography scales, and layout rules in a format Claude Code understands natively, so instead of copying and pasting design specs between apps, your agent connects directly and reads them in real time.claude mcp add stitch --transport http https://stitch.googleapis.com/mcp --header "X-Goog-Api-Key: YOUR-API-KEY" -s user, and once that's in you can verify it's live by running /mcp inside Claude Code and checking the server list.create_project, generate_screen_from_text, get_screen_code, and build_site, which means you can describe a screen in natural language, have Stitch generate it, and have Claude Code pull the HTML/CSS and scaffold it into React components, all without ever leaving the terminal.Through building the RepoSense Configuration Wizard, I gained hands-on experience with Vue.js and the Pug templating language.
Vue.js is a progressive JavaScript framework for building user interfaces. It uses a component-based architecture where each .vue file encapsulates a template, script, and style block.
Pug is an indentation-based HTML templating language that eliminates closing tags and angle brackets, producing cleaner and more concise markup. Vue supports Pug natively via <template lang="pug">, allowing developers to write Pug syntax while still using Vue directives like v-model, v-for, and @click.
v-model, v-for, @click, :class), and the importance of running a Pug linter (puglint) to catch formatting issues.I wrote a comprehensive Cypress end-to-end test suite for the config wizard.
Cypress is a JavaScript end-to-end testing framework for modern web applications. Unlike Selenium-based tools that run outside the browser, Cypress executes directly in the browser alongside the application, giving it native access to the DOM, network requests, and browser APIs. It provides a chainable command API (e.g., cy.get().type().blur()) for interacting with elements, cy.intercept() for stubbing and spying on network requests, and cy.wait() for synchronizing on asynchronous operations.
cy.intercept() to stub backend API calls, which allowed the frontend tests to run independently of the Java backend server.setupIntercepts() helper functions that accept overrides, making it easy to test both success and error scenarios. For example, passing { validate: { valid: false, error: 'Repository not found' } } to simulate an invalid repo URL.window:alert with cy.stub().as('alert') to assert on alert messages, using cy.wait('@alias') to synchronize on intercepted network requests, and configuring a custom baseUrl via Cypress.env('configWizardBaseUrl') so the wizard tests can target a different dev server than the main RepoSense app.resources Used:
I familiarised myself with key claude commands that enable me to manage the context window of a conversation and learnt to plug local LLMs into Claude Code.
/compact — manually compress at ~80–90%; run at logical task breakpoints/clear — full wipe; use when switching to an entirely new task/resume and /rewind/resume — returns to a previous session via an interactive picker; or use claude --resume / claude -c from the terminal/rewind — rolls back to any prior turn; choose to revert conversation only, code only, or both. Trigger with /rewind or double-tap Esc/modelSwitch models mid-session without restarting. Use Option+P / Alt+P as a shortcut while composing.
/model opus — most capable, slowest/model sonnet — balanced default/model haiku — fast and lightweightTo use Gemma 4 locally, connect Claude Code to Ollama's Anthropic-compatible API. Gemma 4 (26B MoE, 3.8B active) supports 256K context with zero API cost.
@ File References@<filepath> to inject a file's content directly into context. Claude Code autocompletes the path — faster than describing the file or waiting for Claude to find it.AES-GCM vs AES-ECB: AES-GCM is an authenticated encryption mode providing both confidentiality and integrity in one primitive, whereas AES-ECB is deterministic and unauthenticated — the same plaintext always produces the same ciphertext, making it vulnerable to pattern analysis.
Non-deterministic encryption: AES-GCM uses a random IV per encryption call, so the same plaintext produces a different ciphertext each time. This breaks any code that compares ciphertexts directly and requires a decrypt-then-compare approach instead.
SHA-1 vs SHA-256: SHA-1 is considered cryptographically weak by modern standards. Upgrading to SHA-256 provides stronger collision resistance and a larger 256-bit output.
Key separation: Using the same key for both AES encryption and HMAC is bad practice as cross-algorithm interactions can theoretically leak key material. Separate independently generated keys should be used for each purpose.
update is unreviewable and untraceable.validate — switch from update to validate so Hibernate verifies the schema matches entities on startup instead of silently patching it. Makes schema drift visible immediately rather than masking missing migrations.liquibase-hibernate as referenceUrl — reads the desired schema directly from entity annotations, eliminating the need to spin up a server on a reference branch just to materialise its schema for diffing.Learning points:
Additional learning points (updated at Week 13):
.md file. This allows us to implement each sub-goal in a new conversation by referring the agent to this plan file, minimizing token usage.Resources used:
These are some points I learnt when setting up my own GCP project to deploy TEAMMATES to a staging server.
OIDC is built on top of the OAuth2 protocol. It is a way for an application (called a relying party / RP) to verify the identity of a user. Before doing so, we need to set up a secret key associated with our client ID and the identity provider. Let's use Google as an example in the following workflow.
sub, indicating the subject, which is the user's ID within the identity provider's system, and iss, which is the URL representing the identity provider. This token is signed with the identity provider's private key, which we can verify using their public key.Note:
.yaml file to configure parameters such as when the action should be triggered, the name of the action, whether this is a recurring action, and the steps taken. Each action can comprise several steps such as downloading dependencies, compiling the code, and running tests on the code..yaml file or using CLI tools like grep, sed, or echo might not be as readable as a JavaScript file.@JsonTypeInfo annotation to tell Jackson that a particular field in the serialized entity contains information about the subtype of that entity. The @JsonSubtypes annotation can then be used to map the value of the field specified through @JsonTypeInfo to the subtype information.This illustrates a mistake I made in testing, which, according to one of my mentors, is a common pitfall.
The point of performing a test on a component (function / method / class) is to confirm that the component is doing what it is supposed to do. This ensures that any future modifications to this component do not break the contract of the component's behaviour. If any such modification is inadvertently made, the test will fail, which means the tests serve their purpose of alerting the developer that something wrong has been done.
In view of this purpose of testing, we should not be too concerned about white-box testing the code to ensure that the code behaves exactly as it is implemented currently. Doing so may distract us from actually ensuring that the requirement / contract is not broken. Also, this requires us to be careful with how we construct the test.
There was this method that I'm testing. Basically, I'm simply testing whether this method would update the internal state of the class properly, given an input. I got too distracted in verifying the actual behaviour of the code (which may not be important in this case), that is, I tried to verify that this method simply sets the internal state using a reference to an object instead of copying the object. This led me to use toBe (which verifies referential equality), which is perfect for this case. However, in this case, I failed to actually test that the component behaves this way. Should someone in the future inadvertently modify the input object in some unexpected way (assuming that this method is simply a setter), the test would still pass since we are comparing the same object!
Simplified Illustration
// Method to be tested
set(o) {
this.o = o;
}
// Test code
const expectedObject = {};
component.set(expectedObject);
expect(component.get()).toBe(expectedObject);
// Test will pass even if setter is modified (accidentally) to:
set(o) {
this.o = o;
o.someProperty = null;
}
The correct way in this case would be to deep-copy the object we provide as input to the component, and then assert that the object we get is still equal by value to the deep-copied object. This way, when someone accidentally changes something in the input object that is not supposed to be done, the test will fail, and it will save the day for everyone!
If we do not deep-copy the object and provide the expected object as the input, even if we compare with toEqual, inadvertent modification to the object will still cause the test to pass, since we are again comparing the same object. We are just checking that all the values from the actual result (the object we get from getting it) are equal to what we provide as input, and both are the same object in memory.
Another practice worth considering is not comparing all properties of the objects when they may not be necessary for the behaviour we are testing. For example, if a method is only concerned with parsing data into a user-friendly form and storing it in a field, we should not test the equality of other fields within the objects in our assertions.
There are a few reasons against doing otherwise.
When a new field is added in the future, the expected objects would have to be updated for the test to work properly, and this would be costly if we have many expected objects for the purpose of test assertions.
When an assertion fails, the output would show all the fields of the objects being asserted as well as all the fields of the actual object, resulting in poor debugging and developer experience. Instead of a failure message stating expected <1> but found <2>, we see something like
expected <{field1: a, field2: b, ...}>
but found <{field1: a, field2: c, ...}>
In addition, it also adds noise in the code itself, in that a test that tests one specific behaviour should not concern itself with irrelevant fields.
End-to-end (E2E) testing validates the full user journey through a real browser, and the Page Object Model (POM) is the standard design pattern for keeping such tests maintainable and readable.
Learning points:
waitForElementPresence, button clicks, form fills) into dedicated Page Object classes, decoupling test logic from raw Selenium API calls and making tests easier to maintain.testng-e2e-sql.xml configuration files and integrated them into the Gradle build pipeline for consistent CI execution.UpdateFeedbackSessionAction, an overwrite bug in setLogsFromDateTime) as a direct result of writing and running E2E tests.Resources:
Large-scale database migrations involve transitioning data models, persistence logic, and test infrastructure from a legacy system to a relational SQL backend without disrupting existing functionality.
Learning points:
email_templates table) using Liquibase migration scripts, ensuring version-controlled and repeatable schema evolution.Attributes-based Datastore entities to JPA-annotated SQL entities, understanding how annotations like @Entity, @Id, and @Column map Java classes to relational tables.EmailTemplatesDb) to abstract CRUD operations from business logic, keeping the persistence layer cleanly separated and testable.Resources:
Gradle is a flexible build automation tool used in Java projects for compiling, testing, and packaging code, with support for custom task definitions to extend the build pipeline.
Learning points:
axeSqlTests) to run specific test suites, learning how to configure source sets, dependencies, and task lifecycle hooks within build.gradle.testng-axe-sql.xml) into Gradle tasks, enabling targeted execution of accessibility, E2E, and unit test groups independently from the main test run../gradlew compileTestJava as a fast pre-push check to catch compilation errors early without running the full test suite, improving iteration speed during development.Resources:
Gemini Code Assist is an AI-powered collaborator integrated directly into the IDE to help developers write, understand, and troubleshoot code.
Learning points:
Resources:
Throughout this module, I expanded my workflow to include multiple AI coding assistants, utilizing each agent's specific strengths to optimize the development and review process.
Learning points:
Resources:
Effective for understanding a large codebase using #codebase, helping me to identify relevant directories and files for E2E test migrations
Useful for generating repetitive or boilerplate files (e.g. SQL-specific E2E test JSON) when similar examples already exist
Less effective at identifying logical errors, often fixing symptoms (modifying test data) instead of root causes (updating test logic)
Struggles with browser-based E2E tests due to lack of awareness of actual UI state and rendered content
May ignore constraints in prompts and go off-tangent, requiring careful supervision and iteration
Different modes can serve different purposes: Ask/Plan for exploration, Edit/Agent for code generation
Undo functionality is useful for restarting cleanly.
Output quality can be inconsistent even with similar prompts, requiring manual verification (especially for strict JSON formats).
Example dependency chain: DeleteInstructorActionTest → InstructorLogic → Logic → InstructorsDb.
Top-down approach (front to back): Starts from endpoints of dependency
Bottom-up approach (back to front): Starts from database or low-level components.
The choice of approach should be made based on the scope, risk, and complexity of the migration task.
Treating CI/CD auth as an afterthought is a real risk as deployment credentials have broad cloud access, never expire by default, and are hard to rotate
Short-lived tokens (via Workload Identity Federation) eliminate an entire class of risk. If a token leaks, it's expired within the hour
Workload Identity Federation: Rather than storing a credential, the pipeline proves its identity
IAM makes least privilege concrete: grant a specific role, to a specific identity, on a specific resource. A compromised deploy pipeline should only be able to deploy
Scoping trust by repo and branch goes further because even a fork of the same codebase can't trigger a deploy.
Relying on external search engines like Solr increases operational complexity, introduces additional points of failure, and can slow down deployments due to extra configuration and maintenance.
Migrating search to PostgreSQL leverages existing infrastructure, reduces maintenance overhead, and streamlines deployment—no more managing a standalone Solr cluster.
PostgreSQL full-text search uses functions like to_tsvector and @@ to match and rank results, enabling fast, relevant search directly within the database layer.
Adding proper indexes (such as GIN) is essential as this significantly improves performance and ensures user experience doesn’t regress after migration.
Direct SQL-based search lets you fine-tune result ranking and relevance with native SQL expressions, making future tweaks easier for developers.
With search consolidated in the database, access control and audit trails are centralized, reducing risk compared to cross-system integrations.
Old configuration variables, secrets, and maintenance scripts for Solr can be removed for a safer, leaner environment (shrinks the project’s attack surface area).
Learned how to use Cursor as an AI-assisted development environment for code generation, refactoring, debugging, and understanding unfamiliar codebases.
Resources used:
Learned how to define project-specific agent instructions using agents.md to improve consistency, task delegation, and adherence to coding conventions.
Resources used:
Learned how to integrate the OpenAI API into software applications to build LLM-powered features and automate language-based tasks, such as csv pasing for form submissions.
Resources used:
Learned how to design effective prompts for technical tasks such as code generation, debugging, summarization, and implementation planning.
Resources used:
Learned how to use AI tools to analyse bugs, explain code behaviour, and support incremental refactoring in existing systems.
Resources used:
Learned how to quickly prototype AI-enabled product ideas by combining LLM APIs with frontend or backend applications.
Resources used:
Learned the fundamentals of RAG pipeline design, especially how retrieval quality, chunking strategy, and context construction affect the usefulness of AI-assisted workflows built on top of existing systems.
Resources used:
Learned more about OAuth and OIDC integration, including how authentication and identity claims should be modeled in a provider-agnostic way instead of tightly coupling application logic to one login provider.
Resources used:
Learned how to approach schema evolution and data migration more safely, especially when refactoring entities, preserving compatibility, and rolling out changes incrementally across a large codebase.
Resources used:
Learned more about build and CI tooling by debugging Gradle and GitHub Actions issues, and by improving automation scripts so they are easier to maintain and extend over time.
Resources used:
Learned the importance of making tests and supporting infrastructure resilient, especially around transaction cleanup, time-sensitive fixtures, and reducing environment-specific assumptions that can cause flaky failures.
Resources used:
https://login.microsoft.com/{tenant-id}https://login.microsoft.com/common@BeforeTest and @BeforeMethod differences: @BeforeTest runs before the entire test class, @BeforeMethod runs before every @Test in the same class, same applies to @AfterTest and @AfterMethod. Source/[] defines a set of characters to match within the []./g is a global flag to match every instance instead of the first one only.\), the regex treats the symbol that comes after it literally.\* would be literally the * character instead of * that represents ‘all’.\ literally, it must be written as a double \\.\b is to match a position between a word character and non-word character.\\bcat\\b matches cat exactly and not scatter or catholic.--fail-fast flag when running gradlew jobs to force stop it when something fails.Closes #<issue-number> or Fixes #<issue-number> to automatically close an issue when a PR is merged, but this doesn’t work in issues (an issue cannot close another issue).git switch -c <branch-name> to create and switch to the new branch, which was introduced solely for checking out branches, while ‘git checkout’ can be used for branches, commits, and files.git switch -c <branch-name> <upstream-name>/<upstream-branch-name>.
chore/new-branch from the upstream repo and work on it locally, simply create a new branch of any name (preferably similar to better distinguish) and make it track that upstream repo branch.git switch -c chore/new-branch upstream/chore/new-branch.git rebase -i <target-branch>.
ng test --u to update snapshots.@UpdateTimestamp annotated attributes.@CreationTimestamp and @UpdateTimestamp are initialized automatically with the same initial value, then @UpdateTimestamp will update itself when the entry is updated. Source-e to generate report, -o <empty folder path> to indicate report output folder).-g) and used to test the project locally.snyk testsnyk test --all-projectssnyk test --file={file_name}