Kolar😎

Many developers learn: npx prisma migrate dev and use it everywhere. But "migrate dev" is for development. Its job is to create migrations and help you iterate quickly while building. Production is different. That's where: npx prisma migrate deploy comes in. It doesn't create new migrations. It simply applies the migration files that already exist. A simple way to remember it: "migrate dev" → Create migrations "migrate deploy" → Apply migrations Development optimizes for speed. Production optimizes for safety. Prisma's migration commands are designed with that difference in mind.

Have you ever tried logging in too many times and suddenly seen "Too many requests. Please try again later."😒 At that moment, it feels annoying. But that message is actually protecting the system. Imagine I ask you a question once. No problem. Then I ask it 10 times. Still okay. Then 100 times. Then 1,000 times. Then 10,000 times. At some point, you're going to wonder: "Why is this person asking the same thing over and over again?" 😭 That's basically how servers feel. This is why apps use something called rate limiting. A simple idea with a big impact: Limit how many times something can happen within a certain period. For example: - 5 login attempts per minute - 10 password reset requests per hour - 100 API requests per minute The exact numbers vary. But the goal stays the same: Stop abuse before it becomes a problem. Without rate limiting, attackers can do things like: 🔴 Try thousands of password combinations 🔴 Spam your APIs 🔴 Flood your servers with requests 🔴 Continuously trigger expensive operations And sometimes they don't even need to "hack" anything. They just overwhelm the system. What's interesting is that rate limiting also protects against accidents. Not every threat is malicious. Sometimes: - a bug in an app - a misconfigured script - an infinite loop can send thousands of requests without anyone realizing. And suddenly your servers are working overtime 😭 One thing I learned is that security isn't always about blocking bad people. Sometimes it's about protecting your system from being used in ways it was never designed to handle. That's exactly what rate limiting does. It puts boundaries around your resources. Because if a single user can consume everything, there's nothing left for everyone else.