How Do I Develop Software?#

As someone who has around 3 years of experience in the software and FinTech industry, I typically use some of the tools and knowledge about software architecture that I learned there as a guiding light, while making adjustments based on the specific project at hand. For example, I recently created Perfect 20 from scratch using MVC, Defense in Depth, Test Driven Development (TDD), and Idempotency as guiding principles, where I used an agentic harness framework to help with speed and implementation.

I spent the first eight to ten hours or so planning out the project, the patterns, and the business logic for the entire application, which covered controller patterns, database design, and test design for the entire project. I carefully reviewed all material, configured .claude/CLAUDE.md, and added project specific skills to help reduce hallucinations. I set up .claude/RESUME_NEXT_SESSION.md and .claude/settings.json to deny certain folders or files and help with token usage. After I reviewed everything, I let Claude Code work on its own for a bit, using subagent driven development and paying close attention to any features or aspects of the software that I found crucial. After it was done with each big task, I typically did an initial read through of the code to make sure everything was going according to plan.

And as mentioned, the entirety of the software is developed through TDD and is on a CI/CD pipeline, where unit, integration, and e2e Playwright tests are run before the code can ever be deployed. GitHub is set up to only allow code that has been reviewed through a PR and has a linear history to make it to certain branches. I also use Dependabot and Gitleaks to help with dependency and secret management, respectively.

As for bugs, I traditionally would research the bug first, then have AI help, but as someone who has a modeling background, I have begun to first allow Claude to attempt to solve a bug while simultaneously researching it if needed. However, many times I have a good idea of what is going on with it, so I will typically lead Claude in the direction of what I think is happening, which usually includes reading through code and pointing to specific files, etc.

I develop all software using Defense in Depth, which means ensuring there are layers of protection for any given point of failure. For an MVP, I focus primarily on issues mentioned in OWASP and follow STRIDE guidelines.