The Pragmatic Engineer

Brought to You By:
• Statsig — ⁠ The unified platform for flags, analytics, experiments, and more.
• Sonar – The makers of SonarQube, the industry standard for automated code review
• WorkOS – Everything you need to make your app enterprise ready.
—
Peter Steinberger ships more code than I’ve seen a single person do: in January, he was at more than 6,600 commits alone. As he puts it: “From the commits, it might appear like it's a company. But it’s not. This is one dude sitting at home having fun."
How does he do it?
Peter Steinberger is the creator of Clawdbot (as of yesterday: renamed to Moltbot) and founder of PSPDFKit. Moltbot – a work-in-progress AI agent that shows what the future of Siri could be like – is currently the hottest AI project in the tech industry, with more searches on Google than Claude Code or Codex. I sat down with Peter in London to talk about what building software looks like when you go all-in with AI tools like Claude and Codex.
Peter’s background is fascinating. He built and scaled PSPDFKit into a global developer tools business. Then, after a three-year break, he returned to building. This time, LLMs and AI agents sit at the center of his workflow. We discuss what changes when one person can operate like a team and why closing the loop between code, tests, and feedback becomes a prerequisite for working effectively with AI.
We also go into how engineering judgment shifts with AI, how testing and planning evolve when agents are involved, and which skills and habits are needed to work effectively. This is a grounded conversation about real workflows and real tradeoffs, and about designing systems that can test and improve themselves.
—
Timestamps
(00:00) Intro
(01:07) How Peter got into tech 
(08:27) PSPDFKit
(19:14) PSPDFKit’s tech stack and culture
(22:33) Enterprise pricing
(29:42) Burnout 
(34:54) Peter finding his spark again
(43:02) Peter’s workflow 
(49:10) Managing agents 
(54:08) Agentic engineering
(59:01) Testing and debugging 
(1:03:49) Why devs struggle with LLM coding
(1:07:20) How PSPDFkit would look if built today 
(1:11:10) How planning has changed with AI 
(1:21:14) Building Clawdbot (now: Moltbot)
(1:34:22) AI’s impact on large companies
(1:38:38) “I don’t care about CI”
(1:40:01) Peter’s process for new features 
(1:44:48) Advice for new grads
(1:50:18) Rapid fire round
—
The Pragmatic Engineer deepdives relevant for this episode:
• Inside a five-year-old startup’s rapid AI makeover
• When AI writes almost all code, what happens to software engineering?
• Why it’s so dramatic that “writing code by hand is dead”
• AI Engineering in the real world
• The AI Engineering stack
—
Production and marketing by ⁠⁠⁠⁠⁠⁠⁠⁠https://penname.co/⁠⁠⁠⁠⁠⁠⁠⁠. For inquiries about sponsoring the podcast, email [email protected].


Get full access to The Pragmatic Engineer at newsletter.pragmaticengineer.com/subscribe

Brought to You By:
• Statsig — ⁠ The unified platform for flags, analytics, experiments, and more.
• Sonar – The makers of SonarQube, the industry standard for automated code review
• WorkOS – Everything you need to make your app enterprise ready.
—
Amazon S3 is one of the largest distributed systems ever built, storing and serving data for a significant portion of the internet. Behind its simple interfaces hides an enormous amount of engineering work, careful tradeoffs, and long-term thinking.
In this episode, I sit down with Mai-Lan Tomsen Bukovec, VP of Data and Analytics at AWS, who has been running Amazon S3 for more than a decade. Mai-Lan shares how S3 operates at extreme scale, what it takes to design for durability and availability across millions of servers, and why building for failure is a core principle.
We also go deep into how AWS approaches correctness using formal methods, how storage tiers and limits shape system design, and why simplicity remains one of the hardest and most important goals at S3’s scale.
—
Timestamps
(00:00) Intro
(01:03) S3’s scale 
(03:58) How S3 started 
(07:25) Parquet, Iceberg, and S3 tables
(09:46) S3 for developers 
(13:37) Why AWS keeps S3 prices low 
(17:10) AWS pricing tiers
(19:38) Availability and durability 
(26:21) The cost of S3's consistency
(31:22) Automated reasoning and proof of correctness 
(35:14) Durability at AWS scale
(39:58) Correlated failure and crash consistency 
(43:22) Failure allowances 
(46:04) Two opposing principles in S3 design
(49:09) S3’s evolution 
(52:21) S3 Vectors 
(1:01:16) The 50 TB limit on AWS
(1:07:54) The simplicity principle
(1:10:10) Types of engineers working on S3
(1:14:15) Closing recommendations 
—
The Pragmatic Engineer deepdives relevant for this episode:
• Inside Amazon’s engineering culture
• How AWS deals with a major outage
• A Day in the Life of a Senior Manager at Amazon
• What is a Principal Engineer at Amazon? – with Steve Huynh
• Working at Amazon as a software engineer – with Dave Anderson
Amazon papers recommended by Mai-Lan:
• Using lightweight formal methods to validate a key-value storage node in Amazon S3
• Formally verified cloud-scale authorization
• Analyzing metastable failures
• Amazon’s engineering tenets
—
Production and marketing by ⁠⁠⁠⁠⁠⁠⁠⁠https://penname.co/⁠⁠⁠⁠⁠⁠⁠⁠. For inquiries about sponsoring the podcast, email [email protected].


Get full access to The Pragmatic Engineer at newsletter.pragmaticengineer.com/subscribe

Brought to You By:
•⁠ Statsig ⁠ — ⁠ The unified platform for flags, analytics, experiments, and more.
•⁠ Linear ⁠ — ⁠ The system for modern product development.
—
How have servers and the cloud evolved in the last 30 years, and what might be next? Bryan Cantrill was a distinguished engineer at Sun Microsystems during both the Dotcom Boom and the Dotcom Bust. Today, he is the co-founder and CTO of Oxide Computer, where he works on modern server infrastructure.
In this episode of The Pragmatic Engineer, Bryan joins me to break down how modern computing infrastructure evolved. We discuss why the Dotcom Bust produced deeper innovation than the Boom, how constraints shape better systems, and what the rise of the cloud changed and did not change about building reliable infrastructure.
Our conversation covers early web infrastructure at Sun, the emergence of AWS, Kubernetes and cloud neutrality, and the tradeoffs between renting cloud space and building your own. We also touch on the complexity of server-side software updates, experimenting with AI, the limits of large language models, and how engineering organizations scale without losing their values.
If you want a systems-level perspective on computing that connects past cycles to today’s engineering decisions, this episode offers a rare long-range view.
—
Timestamps
(00:00) Intro
(01:26) Computer science in the 1990s
(03:01) Sun and Cisco’s web dominance
(05:41) The Dotcom Boom
(10:26) From Boom to Bust 
(15:32) The innovations of the Bust
(17:50) The open source shift
(22:00) Oracle moves into Sun’s orbit
(24:54) AWS dominance (2010–2014)
(28:15) How Kubernetes and cloud neutrality
(30:58) Custom infrastructure 
(36:10) Renting the cloud vs. buying hardware
(45:28) Designing a computer from first principles 
(50:02) Why everyone is paid the same salary at Oxide
(54:14) Oxide’s software stack 
(58:33) The evolution of software updates
(1:02:55) How Oxide uses AI 
(1:06:05) The limitations of LLMs
(1:11:44) AI use and experimentation at Oxide 
(1:17:45) Oxide’s diverse teams
(1:22:44) Remote work at Oxide
(1:24:11) Scaling company values
(1:27:36) AI’s impact on the future of engineering 
(1:31:04) Bryan’s advice for junior engineers
(1:34:01) Book recommendations
—
The Pragmatic Engineer deepdives relevant for this episode:
• Startups on hard mode: Oxide. Part 1: Hardware
• Startups on hard mode: Oxide, Part 2: Software & Culture
• Three cloud providers, three outages: three different responses
• Inside Uber’s move to the Cloud
• Inside Agoda’s private Cloud
—
Production and marketing by ⁠⁠⁠⁠⁠⁠⁠⁠https://penname.co/⁠⁠⁠⁠⁠⁠⁠⁠. For inquiries about sponsoring the podcast, email [email protected].


Get full access to The Pragmatic Engineer at newsletter.pragmaticengineer.com/subscribe

Brought to You By:
•⁠ Statsig ⁠ — ⁠ The unified platform for flags, analytics, experiments, and more.
•⁠ Linear ⁠ — ⁠ The system for modern product development.
—
Michelle Lim joined Warp as engineer number one and is now building her own startup, Flint. She brings a strong product-first mindset shaped by her time at Facebook, Slack, Robinhood, and Warp. Michelle shares why she chose Warp over safer offers, how she evaluates early-stage opportunities, and what she believes distinguishes great founding engineers.
Together, we cover how product-first engineers create value, why negotiating equity at early-stage startups requires a different approach, and why asking founders for references is a smart move. Michelle also shares lessons from building consumer and infrastructure products, how she thinks about tech stack choices, and how engineers can increase their impact by taking on work outside their job descriptions.
If you want to understand what founders look for in early engineers or how to grow into a founding-engineer role, this episode is full of practical advice backed by real examples
—
Timestamps
(00:00) Intro
(01:32) How Michelle got into software engineering 
(03:30) Michelle’s internships 
(06:19) Learnings from Slack 
(08:48) Product learnings at Robinhood
(12:47) Joining Warp as engineer #1
(22:01) Negotiating equity
(26:04) Asking founders for references
(27:36) The top reference questions to ask
(32:53) The evolution of Warp’s tech stack 
(35:38) Product-first engineering vs. code-first
(38:27) Hiring product-first engineers 
(41:49) Different types of founding engineers 
(44:42) How Flint uses AI tools 
(45:31) Avoiding getting burned in founder exits
(49:26) Hiring top talent
(50:15) An overview of Flint
(56:08) Advice for aspiring founding engineers
(1:01:05) Rapid fire round
—
The Pragmatic Engineer deepdives relevant for this episode:
• Thriving as a founding engineer: lessons from the trenches
• From software engineer to AI engineer
• AI Engineering in the real world
• The AI Engineering stack
—
Production and marketing by ⁠⁠⁠⁠⁠⁠⁠⁠https://penname.co/⁠⁠⁠⁠⁠⁠⁠⁠. For inquiries about sponsoring the podcast, email [email protected].


Get full access to The Pragmatic Engineer at newsletter.pragmaticengineer.com/subscribe

Brought to You By:
•⁠ Statsig ⁠ — ⁠ The unified platform for flags, analytics, experiments, and more. Statsig are helping make the first-ever Pragmatic Summit a reality. Join me and 400 other top engineers and leaders on 11 February, in San Francisco for a special one-day event. Reserve your spot here.
•⁠ Linear ⁠ — ⁠ The system for modern product development. Engineering teams today move much faster, thanks to AI. Because of this, coordination increasingly becomes a problem. This is where Linear helps fast-moving teams stay focused. Check out Linear.
—
As software engineers, what should we know about writing secure code?
Johannes Dahse is the VP of Code Security at Sonar and a security expert with 20 years of industry experience. In today’s episode of The Pragmatic Engineer, he joins me to talk about what security teams actually do, what developers should own, and where real-world risk enters modern codebases.
We cover dependency risk, software composition analysis, CVEs, dynamic testing, and how everyday development practices affect security outcomes. Johannes also explains where AI meaningfully helps, where it introduces new failure modes, and why understanding the code you write and ship remains the most reliable defense.
If you build and ship software, this episode is a practical guide to thinking about code security under real-world engineering constraints.
—
Timestamps
(00:00) Intro
(02:31) What is penetration testing?
(06:23) Who owns code security: devs or security teams?
(14:42) What is code security? 
(17:10) Code security basics for devs
(21:35) Advanced security challenges
(24:36) SCA testing 
(25:26) The CVE Program 
(29:39) The State of Code Security report 
(32:02) Code quality vs security
(35:20) Dev machines as a security vulnerability
(37:29) Common security tools
(42:50) Dynamic security tools
(45:01) AI security reviews: what are the limits?
(47:51) AI-generated code risks
(49:21) More code: more vulnerabilities
(51:44) AI’s impact on code security
(58:32) Common misconceptions of the security industry
(1:03:05) When is security “good enough?”
(1:05:40) Johannes’s favorite programming language
—
The Pragmatic Engineer deepdives relevant for this episode:
• What is Security Engineering?
•⁠ Mishandled security vulnerability in Next.js
•⁠ Okta Schooled on Its Security Practices
—
Production and marketing by ⁠⁠⁠⁠⁠⁠⁠⁠https://penname.co/⁠⁠⁠⁠⁠⁠⁠⁠. For inquiries about sponsoring the podcast, email [email protected].


Get full access to The Pragmatic Engineer at newsletter.pragmaticengineer.com/subscribe