Building robust, scalable applications on the JVM. Here I share technical insights into software architecture and the integration of AI into modern systems.
Konstantin Pavlov
Software Engineer
Featured
Contract-first vs. code-first development: why API contracts matter from day one
Discover why starting with API contracts first—not code—leads to clearer, more maintainable microservices. Learn the differences between contract-first and …
Code review best practices
Code review is a crucial practice in software development. One can design and write great software, but we are humans after all. And all humans make mistakes, …
Secure Java logging with Logback
Deploying application into secure environment adds some restrictions on logging and log management. OWASP community gives some useful recommendations.
Recent
Higher-Order Attacks on AI Code Agents
Direct prompt injection is just the beginning. Higher-order attacks manipulate agents into producing malicious code, propagating intent across systems, and …
When Your AI Code Agent Becomes an RCE Engine
If your AI code agent treats repository content as instructions, any contributor can execute commands. This article maps the direct injection attack surface and …
Javable: generate Java-friendly wrappers for Kotlin with KSP
Javable is a KSP2 processor that generates Java-friendly wrappers for Kotlin classes, turning suspend functions into CompletableFuture, Flow into Stream, and …
kotlinx-schema: Three Ways to Generate JSON Schemas from Kotlin Code
Every time you rename a Kotlin function parameter, the hand-written JSON schema your LLM reads is wrong — and it fails silently. kotlinx-schema derives the …
Mokksy: a mock server that actually streams — and why your AI app needs integration tests
Why unit tests alone won’t save your LLM application in production, and how Mokksy — a Kotlin mock server with true SSE and streaming support — fills the …