Blog
Thoughts on Angular, TypeScript, WebGPU, and building things on the web.
Why Your SignalStore Spy Never Fires (and a 150-Line Fix)
Why vi.spyOn silently misses method calls inside signal-store effects, and a small tooling layer that fixes it by auto-wrapping every method at test time.
Behind the Background: How This Site's Shader System Works
Every visit to this site runs a different animated shader in the background. Here's how the system works: WebGL and WebGPU support, Web Worker offloading, dark mode as a uniform, and a tour of the shaders themselves.
WebGPU in the Browser: A Practical Guide
WebGPU is the successor to WebGL, bringing compute shaders and modern GPU APIs to the web. Here's how to set one up from scratch — no game engine required.
Catching Up With Angular Signals
Never touched signals? Been away for a while? This guide walks you through everything from the basics to model(), linkedSignal, and signal queries, with before-and-after comparisons throughout.
RxJS Subscriptions in Angular: Stop Leaking, Start Thinking Reactively
From async pipe to takeUntilDestroyed: a practical guide to every subscription pattern in modern Angular, with the pitfalls nobody warns you about.
Web Security for Angular Developers, Part 4: Cookie Security
Cookie flags and prefixes are a small surface area with a big impact on session security. Here's what HttpOnly, Secure, SameSite, and cookie prefixes actually enforce.
Web Security for Angular Developers, Part 3: HTTP Security Headers
A handful of HTTP response headers dramatically reduce your attack surface. Here's what HSTS, COOP, COEP, Referrer-Policy, and Permissions-Policy actually do and why each one matters.
Web Security for Angular Developers, Part 2: CSP & Trusted Types
Content Security Policy tells the browser what it's allowed to load and execute. Trusted Types close the DOM XSS gap entirely. Here's how both work and how Angular integrates with them.
Web Security for Angular Developers, Part 1: XSS
XSS is still the most common web vulnerability. Here's how it works, what Angular protects you from automatically, and where you still need to think for yourself.