From the team.

Every Suga deploy has four steps: clone, build, push, roll out. The build dominates the deploy time. It has the most operational surface, and it's the part we want to own the least. The decision split into two questions: what will run the build, and how does user source get built automatically. The first question has off-the-shelf answers. The second is where most of the interesting work happened. Whatever ran the build had to: Keep a warm layer cache across builds and across tenants, so the second deploy of a service that only changed one line took seconds instead of...

Before writing the first line of code for Suga, we knew we eventually wanted multiplayer interactions, so that teams could collaborate on projects. However, with a long feature wishlist already, we figured we could defer it until later as "nice to have". So instead, the first canvas implementation was built with basic last-write-wins conflict resolution. Unfortunately, Jye and I figured out the hard way that our assumption about conflict resolution was pretty naive. Using an early build of Suga, we started working in a shared project at the same time without realizing. I was adding a service, along with its...

A deploy fails, and a few minutes later the chat message lands: "deploy's broken, just says 'Something went wrong', screenshot attached." The screenshot is a red banner that says, correctly, that something went wrong. We have a screenshot, a rough timestamp, and zero information about what. <SupportPing /Under our old setup, answering the question meant opening two tabs and reading a lot. The first tab was Vercel's log viewer, where we could filter to a window around the user's timestamp and scroll for the route hit. The user ID was on one line, the org on another, the environment ID...

Automated scanners hit every IP on the internet in minutes. The question isn't whether you get scanned, it's how much damage a breach can do. Origin discovery is typically the first step in any reconnaissance workflow. GreyNoise's 2025 Mass Internet Exploitation Report found that attackers scan the entire internet because it's quick and cheap to do, then immediately go after whatever's exposed. Tools like masscan can hit every IP address on the internet for a specific open port at ten million packets per second. That's the entire IPv4 address space covered in under six minutes from a single machine. Once...