skip to content
kursataknc

backend

TypeScript · modular architecture · math-grounded system design

Backend CV

thesis

Layered simplicity: a module must declare its guarantees before exposing its implementation. When boundaries shift, only the relevant contract should break. This discipline governs how code is organized, how tests are written, and how deployments are structured.

The mathematics foundation from pure math — probability, graph theory, combinatorics — shapes how I read dependency graphs, reason about state transitions, and evaluate architectural trade-offs. It is not background color; it is the analytical lens the engineering runs through.

The lab is the public laboratory for this practice — a record of what happens when layering discipline is applied deliberately from the start, where each architectural decision is written down as a trade-off, not asserted as obvious.

core principles

Interface over Implementation. Boundaries are fixed by interface contracts, not by convention. A module's public surface is enforced by the compiler at the callsite. If you need to read the implementation to understand its behavior, the boundary has leaked.

Explicit over Magic. No ambient globals, no hidden framework-injected behaviors. The dependency graph must be observable at import time without running the code.

Trade-off Logs. Architecture ages. Every significant decision is documented with its trade-offs — what was weighed, what was rejected, and why the chosen path looked better at the time. Recording the reasoning is more critical than recording the conclusion.

Discipline over Pyramid. TDD for pure logic: boundary contracts, reducers, command handlers. Verification-based testing for integration paths. The focus is on what each test is actually checking, not on chasing coverage metrics.

the slice you can see today

Typed Content Pipeline. content/*.ts defines typed data validated at build time via Zod schemas. The rendering layer strictly consumes these enforced contracts — a malformed record fails the build before a page is ever generated.

Pure Logic vs. Integration. Terminal state is managed by a pure reducer. The command registry operates independently of the DOM. Keyboard events and focus management are isolated at the component boundary, tested without mounting a component.

Self-Hosted and Auditable Deployment. Multi-stage Docker builds outputting Next.js standalone. The runtime stage contains no build tooling. Caddy and docker-compose configurations are co-located in deploy/ for end-to-end ownership.

where this goes

Two directions are actively in progress.

Admin/editor boundary. A small edit interface for content/timeline.ts with a Zod schema and an auth boundary — closing the gap between content authoring and the typed layer the UI already consumes, without introducing a CMS dependency.

A public template. The typed-role, MDX-routing, per-route OG, sitemap, test pattern is repeatable. Extracting it into a standalone starter-kit is the next step — a public record others can fork.

The security-engineering reading of the same discipline lives on the cyber-security page: where the backend page asks "what does this module guarantee about its behavior?", the security page asks "what does this boundary guarantee about its threat surface?"