<?xml version="1.0" encoding="UTF-8"?>
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:dc="http://purl.org/dc/elements/1.1/">
  <channel>
    <title>DEV Community: Muhammad Hamid Raza</title>
    <description>The latest articles on DEV Community by Muhammad Hamid Raza (@hamidrazadev).</description>
    <link>https://dev.to/hamidrazadev</link>
    <image>
      <url>https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F3131979%2F8333e423-4d9b-4851-ab42-f268ef4993c4.png</url>
      <title>DEV Community: Muhammad Hamid Raza</title>
      <link>https://dev.to/hamidrazadev</link>
    </image>
    <atom:link rel="self" type="application/rss+xml" href="https://dev.to/feed/hamidrazadev"/>
    <language>en</language>
    <item>
      <title>VS Code 1.128 Is Here: Multi-Chat Agent Sessions, Copilot Vision, and OS-Level Shortcuts 🚀</title>
      <dc:creator>Muhammad Hamid Raza</dc:creator>
      <pubDate>Wed, 08 Jul 2026 16:38:05 +0000</pubDate>
      <link>https://dev.to/hamidrazadev/vs-code-1128-is-here-multi-chat-agent-sessions-copilot-vision-and-os-level-shortcuts-1ed0</link>
      <guid>https://dev.to/hamidrazadev/vs-code-1128-is-here-multi-chat-agent-sessions-copilot-vision-and-os-level-shortcuts-1ed0</guid>
      <description>&lt;p&gt;Ever had five different conversations going with an AI assistant, all about the same project, but scattered across five separate tabs? You lose track of which chat had the good idea. You forget which one was just testing something weird. It gets messy fast.&lt;/p&gt;

&lt;p&gt;VS Code 1.128 (released July 8, 2026) tackles exactly that problem, along with a few other genuinely useful upgrades. Let's walk through what's new, in plain language. 😊&lt;/p&gt;

&lt;h2&gt;
  
  
  What Is VS Code 1.128?
&lt;/h2&gt;

&lt;p&gt;VS Code 1.128 is simply the latest update to Visual Studio Code, the free code editor made by Microsoft that millions of developers use every day.&lt;/p&gt;

&lt;p&gt;Think of it like a phone getting a software update. Your phone still works the same way, but suddenly you have new camera features or better battery controls. VS Code updates work the same way: same editor you know, but with new tools added on top.&lt;/p&gt;

&lt;p&gt;This release focuses heavily on &lt;strong&gt;Chat and Agents&lt;/strong&gt;, the part of VS Code where you talk to an AI to help you write code, debug, or answer questions.&lt;/p&gt;

&lt;h2&gt;
  
  
  Why This Release Matters
&lt;/h2&gt;

&lt;p&gt;If you use AI chat inside your editor, you already know the small annoyances: switching between chats, losing context, or not being able to attach an image when you need to show a bug visually.&lt;/p&gt;

&lt;p&gt;This update directly fixes those friction points. It also adds a shortcut feature that goes beyond the editor itself, and gives teams more control over how AI usage is tracked. In short: less busywork, more focus on actual coding.&lt;/p&gt;

&lt;h2&gt;
  
  
  Benefits with Real-Life Examples
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Multiple chats in one Claude session&lt;/strong&gt; 💬&lt;br&gt;
Instead of opening a brand-new session every time you want to try a different approach, you can now keep related chats grouped together. Example: one chat adds a &lt;code&gt;/health&lt;/code&gt; endpoint to your Express app, while a peer chat writes tests for it at the same time, and a forked chat tries an alternative way to build the same feature. All three stay organized under one session instead of cluttering your session list.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Quick chats without opening a workspace&lt;/strong&gt; ⚡&lt;br&gt;
Sometimes you just want to ask a quick question, not open an entire project folder. Now you can start a chat in the Agents window without picking a workspace first. It's like asking a coworker a quick question in the hallway instead of walking them to your desk.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Copilot Vision, now generally available&lt;/strong&gt; 👀&lt;br&gt;
You can paste, drag, or drop images and PDFs straight into Chat. Say you have a screenshot of a broken UI layout — you can hand that directly to the agent instead of typing out a long description of what's wrong.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Read-only subagent chats (Preview)&lt;/strong&gt;&lt;br&gt;
When an agent delegates work to helper subagents, you can now watch their progress in a read-only view without accidentally interrupting them. Useful when you want visibility without micromanaging.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Configurable browser tab placement&lt;/strong&gt; 🔧&lt;br&gt;
You can choose whether integrated browser tabs open in your active editor group, a dedicated side group, or their own window. Small thing, but it keeps your workspace from feeling cluttered.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;OS-level keyboard shortcuts&lt;/strong&gt;&lt;br&gt;
You can now set up shortcuts that trigger VS Code commands even when VS Code isn't the focused window. For example, a &lt;code&gt;cmd+shift+a&lt;/code&gt; shortcut on macOS that opens the Agents window instantly, no matter what app you're currently in.&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;h2&gt;
  
  
  Beginner Approach vs Better Approach: Managing Multiple AI Conversations
&lt;/h2&gt;

&lt;p&gt;&lt;strong&gt;Beginner approach:&lt;/strong&gt; Open a new top-level session every time you want to try a different idea. Result: ten sessions, no idea which one has the code you actually want to keep.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Better approach (as of 1.128):&lt;/strong&gt; Use multiple chats inside one Claude session. Add a chat, fork from an earlier turn, or run chats in parallel — all while keeping everything grouped under one session that's easy to find later.&lt;/p&gt;

&lt;p&gt;This isn't about one method being "wrong." It's just that as your AI usage grows, organized sessions save real time.&lt;/p&gt;

&lt;h2&gt;
  
  
  Best Tips for Using These New Features
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;✅ &lt;strong&gt;Try forking a chat&lt;/strong&gt; before starting a totally new session. If an idea works, you keep it. If it doesn't, you didn't lose your original conversation.&lt;/li&gt;
&lt;li&gt;✅ &lt;strong&gt;Use quick chats for one-off questions.&lt;/strong&gt; Don't open a whole workspace just to ask something simple.&lt;/li&gt;
&lt;li&gt;✅ &lt;strong&gt;Turn on OS-level shortcuts sparingly.&lt;/strong&gt; They're powerful, but pick a key combo that doesn't clash with shortcuts your other apps already use.&lt;/li&gt;
&lt;li&gt;✅ &lt;strong&gt;If you're on a team,&lt;/strong&gt; check with your admin about the new OpenTelemetry settings for Copilot — managed settings will always override your personal ones.&lt;/li&gt;
&lt;li&gt;⚠️ &lt;strong&gt;Remember:&lt;/strong&gt; chats without a workspace only work when the agent host is enabled through the &lt;code&gt;chat.agentHost.enabled&lt;/code&gt; setting.&lt;/li&gt;
&lt;/ul&gt;

&lt;h2&gt;
  
  
  Common Mistakes People Make
&lt;/h2&gt;

&lt;ol&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Assuming every chat needs its own session.&lt;/strong&gt; This gets overwhelming fast. The new multi-chat model exists specifically so you don't have to do this anymore.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Forgetting that BYOK (Bring Your Own Key) models don't use utility models by default.&lt;/strong&gt; If you're using your own key as the main agent and notice chat titles or commit messages aren't generating, it's because &lt;code&gt;chat.byokUtilityModelDefault&lt;/code&gt; needs to be set. It's not a bug, it's a default behavior worth knowing about.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Not checking the &lt;code&gt;modelOptions&lt;/code&gt; settings when using Custom Endpoint models.&lt;/strong&gt; If your provider has strict parameter requirements, setting &lt;code&gt;temperature&lt;/code&gt; or &lt;code&gt;top_p&lt;/code&gt; incorrectly (or forgetting to set them to &lt;code&gt;null&lt;/code&gt; when needed) can cause request failures.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Ignoring the difference between &lt;code&gt;sideGroup&lt;/code&gt; and &lt;code&gt;window&lt;/code&gt; for browser tabs.&lt;/strong&gt; People often pick one, get annoyed, and don't realize there's a setting to change it.&lt;/p&gt;&lt;/li&gt;
&lt;/ol&gt;

&lt;h2&gt;
  
  
  Wrapping Up
&lt;/h2&gt;

&lt;p&gt;VS Code 1.128 is a solid, practical update. Multi-chat agent sessions make working with Claude in VS Code more organized. Copilot Vision going GA means images and PDFs are now a natural part of your chat workflow. And OS-level shortcuts mean VS Code can be one keypress away, even when it's not in focus.&lt;/p&gt;

&lt;p&gt;None of this reinvents the editor. It just removes small annoyances that add up over a normal coding day, which honestly is what good updates should do. 💡&lt;/p&gt;

&lt;p&gt;If you found this useful, feel free to share it with a fellow developer who's still juggling ten browser tabs of AI chats. And if you want more practical, no-fluff dev content like this, check out more posts at &lt;a href="https://hamidrazadev.com" rel="noopener noreferrer"&gt;hamidrazadev.com&lt;/a&gt;.&lt;/p&gt;

&lt;p&gt;Got a favorite feature from this release? Drop a comment below and let's talk about it! 👇&lt;/p&gt;

</description>
      <category>vscode</category>
      <category>webdev</category>
      <category>ai</category>
      <category>productivity</category>
    </item>
    <item>
      <title>The New HTTP QUERY Method: Why GET and POST Weren't Enough</title>
      <dc:creator>Muhammad Hamid Raza</dc:creator>
      <pubDate>Sun, 05 Jul 2026 10:19:28 +0000</pubDate>
      <link>https://dev.to/hamidrazadev/the-new-http-query-method-why-get-and-post-werent-enough-1lc5</link>
      <guid>https://dev.to/hamidrazadev/the-new-http-query-method-why-get-and-post-werent-enough-1lc5</guid>
      <description>&lt;p&gt;Have you ever built a search feature and hit a wall because your filters were too long for a URL? 😅 Yeah, me too. You start with a clean &lt;code&gt;GET /search?q=...&lt;/code&gt; request, everything's happy, and then someone adds ten more filters and suddenly your URL looks like a ransom note.&lt;/p&gt;

&lt;p&gt;Most of us just switch to &lt;code&gt;POST&lt;/code&gt; at that point and move on with our lives. It works, sure. But it always felt a little... off. POST is meant for creating or changing things, not for asking a question.&lt;/p&gt;

&lt;p&gt;Turns out the IETF felt the same way. In June 2026, they published &lt;strong&gt;RFC 10008&lt;/strong&gt;, which defines a brand-new HTTP method called &lt;strong&gt;QUERY&lt;/strong&gt;. It's built specifically to fix this exact headache. Let's break down what it is, why it matters, and how you'd actually use it. 🚀&lt;/p&gt;

&lt;h2&gt;
  
  
  What Is the HTTP QUERY Method?
&lt;/h2&gt;

&lt;p&gt;Think of HTTP methods like different types of requests you can make to a waiter at a restaurant.&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;GET&lt;/strong&gt; is like pointing at a menu item. Simple, safe, repeatable — you can point at it a hundred times and nothing changes.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;POST&lt;/strong&gt; is like telling the waiter "surprise me, and also charge my card." It might change something, and doing it twice could mean two charges.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;QUERY&lt;/strong&gt; is the new one: it's like handing the waiter a detailed written note describing exactly what you want, but with a promise attached — "this is just a question, not an order, so ask it as many times as you need."&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;In technical terms, QUERY lets you send a request with a body (just like POST), but it's explicitly marked as &lt;strong&gt;safe&lt;/strong&gt; and &lt;strong&gt;idempotent&lt;/strong&gt; — meaning it won't change server state, and repeating it is completely fine.&lt;/p&gt;

&lt;p&gt;Here's what it looks like in practice:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight http"&gt;&lt;code&gt;&lt;span class="nf"&gt;QUERY&lt;/span&gt; &lt;span class="nn"&gt;/feed&lt;/span&gt; &lt;span class="k"&gt;HTTP&lt;/span&gt;&lt;span class="o"&gt;/&lt;/span&gt;&lt;span class="m"&gt;1.1&lt;/span&gt;
&lt;span class="na"&gt;Host&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="s"&gt;example.org&lt;/span&gt;
&lt;span class="na"&gt;Content-Type&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="s"&gt;application/x-www-form-urlencoded&lt;/span&gt;

q=foo&amp;amp;limit=10&amp;amp;sort=-published
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;Compare that to the old GET-with-a-giant-URL approach:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight http"&gt;&lt;code&gt;&lt;span class="nf"&gt;GET&lt;/span&gt; &lt;span class="nn"&gt;/feed?q=foo&amp;amp;limit=10&amp;amp;sort=-published&lt;/span&gt; &lt;span class="k"&gt;HTTP&lt;/span&gt;&lt;span class="o"&gt;/&lt;/span&gt;&lt;span class="m"&gt;1.1&lt;/span&gt;
&lt;span class="na"&gt;Host&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="s"&gt;example.org&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;Same intent, but QUERY moves the data into the body, where it belongs when things get complex.&lt;/p&gt;

&lt;h2&gt;
  
  
  Why This Topic Matters
&lt;/h2&gt;

&lt;p&gt;You might be thinking, "okay, cool, but why should I care about one new HTTP verb?" Fair question. Here's the real-world pain it solves:&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;1. URL length limits are real.&lt;/strong&gt; The spec itself points out that request URIs often need to stay under roughly 8000 characters. If your search has a dozen filters, a full-text query, and some tags, you can blow past that fast.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;2. URLs get logged everywhere.&lt;/strong&gt; Proxies, browser history, server logs, analytics tools — they all love to record URLs. If your "query" contains anything sensitive, that's a problem. A request body is far less likely to get logged the same way.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;3. POST breaks caching and safe retries.&lt;/strong&gt; If your query is actually a POST, browsers and caches can't safely retry it after a dropped connection, because POST might have side effects. QUERY tells everyone in the chain: "relax, this is just a read."&lt;/p&gt;

&lt;p&gt;If you've ever debugged a flaky search endpoint or worried about sensitive data leaking into a URL, this method was made for you.&lt;/p&gt;

&lt;h2&gt;
  
  
  Benefits with Real-Life Examples
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Cleaner architecture for complex searches.&lt;/strong&gt; Imagine an e-commerce filter with brand, price range, size, color, and rating. With QUERY, all of that lives in a structured request body instead of a mile-long URL string. Way easier to read and maintain.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Safe automatic retries.&lt;/strong&gt; Since QUERY is idempotent, your HTTP client (or a proxy) can safely resend the request if the connection drops — no risk of accidentally triggering something twice, unlike a risky POST retry.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Built-in caching support.&lt;/strong&gt; RFC 10008 explains that responses to QUERY requests are cacheable, similar to GET. So a cache can store the result and serve it again for an identical query, saving your server some work.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Content negotiation like a champ.&lt;/strong&gt; The &lt;code&gt;Accept-Query&lt;/code&gt; header lets a server advertise which query formats it understands — say, &lt;code&gt;application/sql&lt;/code&gt; or &lt;code&gt;application/jsonpath&lt;/code&gt; — so clients know exactly what to send before they even try.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Optional shareable URLs.&lt;/strong&gt; A server can still hand back a &lt;code&gt;Location&lt;/code&gt; header pointing to a URI that represents the same query, so you &lt;em&gt;can&lt;/em&gt; bookmark or share a query result if you want to — you're just not forced to cram everything into the URL upfront.&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;h2&gt;
  
  
  GET vs POST vs QUERY: Quick Comparison
&lt;/h2&gt;

&lt;div class="table-wrapper-paragraph"&gt;&lt;table&gt;
&lt;thead&gt;
&lt;tr&gt;
&lt;th&gt;&lt;/th&gt;
&lt;th&gt;GET&lt;/th&gt;
&lt;th&gt;QUERY&lt;/th&gt;
&lt;th&gt;POST&lt;/th&gt;
&lt;/tr&gt;
&lt;/thead&gt;
&lt;tbody&gt;
&lt;tr&gt;
&lt;td&gt;Safe (no side effects)&lt;/td&gt;
&lt;td&gt;Yes&lt;/td&gt;
&lt;td&gt;Yes&lt;/td&gt;
&lt;td&gt;Maybe not&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;Idempotent (safe to repeat)&lt;/td&gt;
&lt;td&gt;Yes&lt;/td&gt;
&lt;td&gt;Yes&lt;/td&gt;
&lt;td&gt;Maybe not&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;Has a request body&lt;/td&gt;
&lt;td&gt;No defined meaning&lt;/td&gt;
&lt;td&gt;Yes, expected&lt;/td&gt;
&lt;td&gt;Yes, expected&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;Cacheable&lt;/td&gt;
&lt;td&gt;Yes&lt;/td&gt;
&lt;td&gt;Yes&lt;/td&gt;
&lt;td&gt;Only in special cases&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;Good for long/complex queries&lt;/td&gt;
&lt;td&gt;No&lt;/td&gt;
&lt;td&gt;Yes&lt;/td&gt;
&lt;td&gt;Sort of, but semantics are unclear&lt;/td&gt;
&lt;/tr&gt;
&lt;/tbody&gt;
&lt;/table&gt;&lt;/div&gt;

&lt;p&gt;The short version: QUERY gives you POST's flexibility (a body for your data) with GET's safety guarantees (safe, idempotent, cacheable). It really is the best of both worlds for read-only operations.&lt;/p&gt;

&lt;h2&gt;
  
  
  Best Tips for Using QUERY
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;Always set a &lt;code&gt;Content-Type&lt;/code&gt; header.&lt;/strong&gt; The spec is strict here — if it's missing or doesn't match your actual body content, the server is expected to reject the request with a 4xx error.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Check for support first.&lt;/strong&gt; You can send an &lt;code&gt;OPTIONS&lt;/code&gt; request and look at the &lt;code&gt;Allow&lt;/code&gt; header, or check for an &lt;code&gt;Accept-Query&lt;/code&gt; header, to see if a server actually supports QUERY before relying on it.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Use it for reads only.&lt;/strong&gt; If your request changes data on the server, that's not a QUERY — stick with POST, PUT, or PATCH for that.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Take advantage of conditional requests.&lt;/strong&gt; Just like GET, QUERY supports things like &lt;code&gt;If-Modified-Since&lt;/code&gt;, so you can avoid re-downloading a query result that hasn't changed.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Don't put sensitive data in a &lt;code&gt;Location&lt;/code&gt; URI.&lt;/strong&gt; If your query result gets a temporary URL, make sure that URL itself doesn't leak sensitive query details.&lt;/li&gt;
&lt;/ul&gt;

&lt;h2&gt;
  
  
  Common Mistakes People Make
&lt;/h2&gt;

&lt;p&gt;&lt;strong&gt;Mistake 1: Treating QUERY like a normal POST.&lt;/strong&gt;&lt;br&gt;
It's tempting to just swap the method name and call it done. But since QUERY promises to be safe and idempotent, any implementation that changes server state under the hood is technically breaking the contract — even if nothing crashes right away.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Mistake 2: Forgetting that QUERY needs CORS preflight.&lt;/strong&gt;&lt;br&gt;
If you're calling this from a browser across origins, QUERY isn't in the CORS-safelisted method list, so your browser will send a preflight &lt;code&gt;OPTIONS&lt;/code&gt; request first. Skipping this consideration can lead to confusing failures in production.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Mistake 3: Assuming every server supports it already.&lt;/strong&gt;&lt;br&gt;
QUERY is brand new as of this RFC. Many servers, frameworks, and even browsers won't support it out of the box yet. Always check for support instead of assuming.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Mistake 4: Ignoring the &lt;code&gt;Accept-Query&lt;/code&gt; header.&lt;/strong&gt;&lt;br&gt;
If a server tells you exactly which formats it accepts, use that information instead of guessing and getting a &lt;code&gt;415 Unsupported Media Type&lt;/code&gt; response.&lt;/p&gt;

&lt;h2&gt;
  
  
  Wrapping Up
&lt;/h2&gt;

&lt;p&gt;The HTTP QUERY method fills a real gap that a lot of developers have quietly worked around for years — usually by misusing POST or fighting with URL length limits. Now there's an official, standardized way to send a safe, idempotent request with a full body, and get proper caching and retry behavior for free.&lt;/p&gt;

&lt;p&gt;It's not going to replace GET or POST. It's simply the right tool for a very specific job: asking a detailed question without changing anything. If you build APIs with search, filtering, or reporting features, this is worth keeping on your radar as tooling and framework support catches up.&lt;/p&gt;

&lt;p&gt;If this cleared things up for you, I'd love for you to share it with a fellow developer who's fighting with a 3,000-character search URL right now. 😄 You can find more practical, beginner-friendly dev content over at &lt;a href="https://hamidrazadev.com" rel="noopener noreferrer"&gt;hamidrazadev.com&lt;/a&gt; — drop a comment if you have questions or your own QUERY use case!&lt;/p&gt;

</description>
      <category>http</category>
      <category>webdev</category>
      <category>api</category>
      <category>beginners</category>
    </item>
    <item>
      <title>Visual Studio Code 1.127: Everything New in the July 2026 Update</title>
      <dc:creator>Muhammad Hamid Raza</dc:creator>
      <pubDate>Wed, 01 Jul 2026 10:11:14 +0000</pubDate>
      <link>https://dev.to/hamidrazadev/visual-studio-code-1127-everything-new-in-the-july-2026-update-538f</link>
      <guid>https://dev.to/hamidrazadev/visual-studio-code-1127-everything-new-in-the-july-2026-update-538f</guid>
      <description>&lt;p&gt;If you open &lt;strong&gt;Visual Studio Code&lt;/strong&gt; every day, you know the feeling. A new update appears, you skim the release notes, promise yourself you'll read them later... and then get back to debugging that one mysterious error that somehow disappeared after adding a &lt;code&gt;console.log()&lt;/code&gt; 👀.&lt;/p&gt;

&lt;p&gt;The &lt;strong&gt;Visual Studio Code 1.127&lt;/strong&gt; release brings several meaningful improvements, especially if you use AI-powered development, build web applications, or simply want a smoother coding experience. So what's actually worth your attention? Let's break it down. 🚀&lt;/p&gt;




&lt;h2&gt;
  
  
  What Is Visual Studio Code 1.127?
&lt;/h2&gt;

&lt;p&gt;&lt;strong&gt;Visual Studio Code 1.127&lt;/strong&gt; is the July 2026 update of Microsoft's popular code editor.&lt;/p&gt;

&lt;p&gt;Like most VS Code releases, this update focuses on improving developer productivity instead of introducing flashy changes. Many improvements make existing workflows smoother, especially around AI agents, browser integration, and session management.&lt;/p&gt;

&lt;p&gt;Whether you're a student learning programming or an experienced developer working on large projects, these updates aim to reduce friction while writing and testing code.&lt;/p&gt;




&lt;h2&gt;
  
  
  Why This Update Matters
&lt;/h2&gt;

&lt;p&gt;Small improvements add up.&lt;/p&gt;

&lt;p&gt;Imagine spending a few seconds less every time you organize AI sessions, review changes, or test your web app. Those seconds become minutes, and those minutes become hours over weeks of development.&lt;/p&gt;

&lt;p&gt;This release helps developers:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;spend less time switching between tools&lt;/li&gt;
&lt;li&gt;organize AI workflows more easily&lt;/li&gt;
&lt;li&gt;test browser-based applications inside VS Code&lt;/li&gt;
&lt;li&gt;understand AI usage more clearly&lt;/li&gt;
&lt;li&gt;work with fewer interruptions&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;None of these features magically write perfect software. They simply make the development process a little smoother.&lt;/p&gt;




&lt;h2&gt;
  
  
  What's New in Visual Studio Code 1.127
&lt;/h2&gt;

&lt;h3&gt;
  
  
  🌐 Browser Tools for AI Agents Are Now Generally Available
&lt;/h3&gt;

&lt;p&gt;One of the biggest highlights is that browser tools for AI agents are now generally available.&lt;/p&gt;

&lt;p&gt;Agents can now:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Open web pages&lt;/li&gt;
&lt;li&gt;Read page content&lt;/li&gt;
&lt;li&gt;Take screenshots&lt;/li&gt;
&lt;li&gt;Click buttons&lt;/li&gt;
&lt;li&gt;Navigate websites&lt;/li&gt;
&lt;li&gt;Help validate web applications&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;For frontend developers, this reduces the need to constantly switch between VS Code and an external browser during certain AI-assisted workflows.&lt;/p&gt;




&lt;h3&gt;
  
  
  🔒 Per-Site Browser Permissions
&lt;/h3&gt;

&lt;p&gt;The integrated browser now supports individual permissions for each website.&lt;/p&gt;

&lt;p&gt;Supported permissions include:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Camera&lt;/li&gt;
&lt;li&gt;Microphone&lt;/li&gt;
&lt;li&gt;Geolocation&lt;/li&gt;
&lt;li&gt;Clipboard&lt;/li&gt;
&lt;li&gt;Bluetooth&lt;/li&gt;
&lt;li&gt;USB devices&lt;/li&gt;
&lt;li&gt;Sensors&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;Instead of allowing everything globally, VS Code asks for permission per site, similar to modern web browsers.&lt;/p&gt;

&lt;p&gt;This gives developers better control while testing browser features.&lt;/p&gt;




&lt;h3&gt;
  
  
  📂 Better Agent Session Organization
&lt;/h3&gt;

&lt;p&gt;If you've ever had several AI sessions open at once, you know how quickly things become messy.&lt;/p&gt;

&lt;p&gt;VS Code 1.127 introduces:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Custom session groups&lt;/li&gt;
&lt;li&gt;Drag-and-drop organization&lt;/li&gt;
&lt;li&gt;Pinning sessions&lt;/li&gt;
&lt;li&gt;Moving multiple sessions together&lt;/li&gt;
&lt;li&gt;Collapsible groups&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;Think of it like organizing folders on your desktop instead of leaving everything scattered everywhere.&lt;/p&gt;




&lt;h3&gt;
  
  
  💬 Chat Input Banners
&lt;/h3&gt;

&lt;p&gt;The Agents window can now display helpful banners above the chat input.&lt;/p&gt;

&lt;p&gt;Examples include:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Failed CI checks&lt;/li&gt;
&lt;li&gt;New pull request comments&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;Instead of hunting through different windows, you can respond directly inside your current workflow.&lt;/p&gt;




&lt;h3&gt;
  
  
  💰 Subagent Credit Visibility
&lt;/h3&gt;

&lt;p&gt;When AI delegates work to subagents, you can now hover over them to see how many AI credits were used.&lt;/p&gt;

&lt;p&gt;This adds more transparency and helps developers better understand resource usage.&lt;/p&gt;




&lt;h3&gt;
  
  
  ✨ Improved Multi-Chat Sessions
&lt;/h3&gt;

&lt;p&gt;Multi-chat sessions continue to improve with several useful additions:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Create multiple chats inside one session&lt;/li&gt;
&lt;li&gt;Close and reopen chats&lt;/li&gt;
&lt;li&gt;Permanently delete chats&lt;/li&gt;
&lt;li&gt;Fork conversations into peer chats&lt;/li&gt;
&lt;li&gt;Better progress tracking across chats&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;This makes complex AI-assisted development easier to organize.&lt;/p&gt;




&lt;h3&gt;
  
  
  ⚡ Better Session Layout
&lt;/h3&gt;

&lt;p&gt;Several interface improvements make sessions easier to work with:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Consistent header buttons&lt;/li&gt;
&lt;li&gt;Cleaner workspace indicators&lt;/li&gt;
&lt;li&gt;Combined file change summaries&lt;/li&gt;
&lt;li&gt;Automatic focus on the chat input when switching sessions&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;These aren't dramatic changes, but they remove small annoyances that developers experience every day.&lt;/p&gt;




&lt;h2&gt;
  
  
  🛠️ /troubleshoot for AI Sessions
&lt;/h2&gt;

&lt;p&gt;If an AI session behaves unexpectedly, you can now use:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;/troubleshoot
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;The command analyzes session logs and helps explain issues such as:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;ignored custom instructions&lt;/li&gt;
&lt;li&gt;slow responses&lt;/li&gt;
&lt;li&gt;unexpected behavior&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;Instead of guessing what happened, you get more useful diagnostic information.&lt;/p&gt;




&lt;h2&gt;
  
  
  🧪 Terminal Sandboxing
&lt;/h2&gt;

&lt;p&gt;On macOS and Linux, many agent-invoked terminal commands now run inside a sandbox by default.&lt;/p&gt;

&lt;p&gt;This means:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;restricted filesystem access&lt;/li&gt;
&lt;li&gt;blocked network access&lt;/li&gt;
&lt;li&gt;fewer approval prompts for safer commands&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;Commands requiring broader access still request permission.&lt;/p&gt;




&lt;h2&gt;
  
  
  🤖 Built-in Ollama Provider Deprecation
&lt;/h2&gt;

&lt;p&gt;The built-in Ollama provider has been deprecated.&lt;/p&gt;

&lt;p&gt;If you use Ollama inside VS Code, the recommended approach is now the official Ollama extension.&lt;/p&gt;

&lt;p&gt;This change helps model providers ship updates faster without waiting for VS Code releases.&lt;/p&gt;




&lt;h2&gt;
  
  
  Benefits with Real-Life Examples
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;p&gt;✅ &lt;strong&gt;Cleaner AI workflows&lt;/strong&gt;&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Instead of scrolling through dozens of sessions, you can organize them into logical groups.&lt;/li&gt;
&lt;/ul&gt;
&lt;/li&gt;
&lt;li&gt;
&lt;p&gt;✅ &lt;strong&gt;Safer browser testing&lt;/strong&gt;&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;When testing a web app that requests camera access, permissions are granted per site instead of globally.&lt;/li&gt;
&lt;/ul&gt;
&lt;/li&gt;
&lt;li&gt;
&lt;p&gt;✅ &lt;strong&gt;Less context switching&lt;/strong&gt;&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Pull request comments and CI failures appear directly where you're already working.&lt;/li&gt;
&lt;/ul&gt;
&lt;/li&gt;
&lt;li&gt;
&lt;p&gt;✅ &lt;strong&gt;Better transparency&lt;/strong&gt;&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Credit usage helps teams understand how AI resources are being consumed.&lt;/li&gt;
&lt;/ul&gt;
&lt;/li&gt;
&lt;li&gt;
&lt;p&gt;✅ &lt;strong&gt;Improved debugging&lt;/strong&gt;&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;The &lt;code&gt;/troubleshoot&lt;/code&gt; command provides insights instead of leaving you guessing.&lt;/li&gt;
&lt;/ul&gt;
&lt;/li&gt;
&lt;/ul&gt;




&lt;h2&gt;
  
  
  Visual Studio Code 1.127 vs Earlier Versions
&lt;/h2&gt;

&lt;div class="table-wrapper-paragraph"&gt;&lt;table&gt;
&lt;thead&gt;
&lt;tr&gt;
&lt;th&gt;Earlier Versions&lt;/th&gt;
&lt;th&gt;VS Code 1.127&lt;/th&gt;
&lt;/tr&gt;
&lt;/thead&gt;
&lt;tbody&gt;
&lt;tr&gt;
&lt;td&gt;Basic AI session management&lt;/td&gt;
&lt;td&gt;Better grouping and drag-and-drop organization&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;Browser tools in preview&lt;/td&gt;
&lt;td&gt;Browser tools generally available&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;Limited browser permissions&lt;/td&gt;
&lt;td&gt;Per-site permission model&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;Less visibility into AI usage&lt;/td&gt;
&lt;td&gt;Subagent credit information&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;Simpler multi-chat experience&lt;/td&gt;
&lt;td&gt;Improved multi-chat management&lt;/td&gt;
&lt;/tr&gt;
&lt;/tbody&gt;
&lt;/table&gt;&lt;/div&gt;




&lt;h2&gt;
  
  
  Best Tips
&lt;/h2&gt;

&lt;h3&gt;
  
  
  ✅ Do
&lt;/h3&gt;

&lt;ul&gt;
&lt;li&gt;Keep your AI sessions organized with groups.&lt;/li&gt;
&lt;li&gt;Use browser tools when validating web applications.&lt;/li&gt;
&lt;li&gt;Review permission prompts before granting access.&lt;/li&gt;
&lt;li&gt;Try &lt;code&gt;/troubleshoot&lt;/code&gt; if AI responses seem unusual.&lt;/li&gt;
&lt;li&gt;Update extensions alongside VS Code for the best compatibility.&lt;/li&gt;
&lt;/ul&gt;

&lt;h3&gt;
  
  
  ❌ Don't
&lt;/h3&gt;

&lt;ul&gt;
&lt;li&gt;Ignore permission requests without reading them.&lt;/li&gt;
&lt;li&gt;Leave dozens of sessions open if they are no longer needed.&lt;/li&gt;
&lt;li&gt;Assume AI-generated changes are always correct. Review them carefully.&lt;/li&gt;
&lt;li&gt;Forget to migrate if you're still using the deprecated built-in Ollama provider.&lt;/li&gt;
&lt;/ul&gt;




&lt;h2&gt;
  
  
  Common Mistakes Developers Make
&lt;/h2&gt;

&lt;h3&gt;
  
  
  Ignoring release notes
&lt;/h3&gt;

&lt;p&gt;Many developers install updates without checking what's new.&lt;/p&gt;

&lt;p&gt;Even spending five minutes reading the highlights can reveal features that save time every day.&lt;/p&gt;




&lt;h3&gt;
  
  
  Treating AI like autopilot
&lt;/h3&gt;

&lt;p&gt;AI tools are helpful, but they still need human review.&lt;/p&gt;

&lt;p&gt;Always verify generated code before committing it.&lt;/p&gt;




&lt;h3&gt;
  
  
  Keeping messy sessions
&lt;/h3&gt;

&lt;p&gt;Leaving every conversation open makes it harder to find the work that actually matters.&lt;/p&gt;

&lt;p&gt;Grouping sessions keeps projects much easier to navigate.&lt;/p&gt;




&lt;h3&gt;
  
  
  Forgetting extension updates
&lt;/h3&gt;

&lt;p&gt;Some new VS Code capabilities work best when related extensions are also up to date.&lt;/p&gt;

&lt;p&gt;Keeping both current helps avoid compatibility issues.&lt;/p&gt;




&lt;h2&gt;
  
  
  Final Thoughts
&lt;/h2&gt;

&lt;p&gt;&lt;strong&gt;Visual Studio Code 1.127&lt;/strong&gt; isn't about huge visual changes. Instead, it focuses on refining everyday development.&lt;/p&gt;

&lt;p&gt;The improvements to AI agents, browser tools, permissions, session management, and diagnostics are practical additions that can make daily coding feel a little more organized and efficient.&lt;/p&gt;

&lt;p&gt;If you spend hours inside VS Code each week, even small workflow improvements are worth exploring.&lt;/p&gt;

&lt;p&gt;If you found this article helpful, consider sharing it with other developers who might benefit from it. You can also discover more practical developer tutorials, guides, and articles at &lt;strong&gt;&lt;a href="https://hamidrazadev.com" rel="noopener noreferrer"&gt;https://hamidrazadev.com&lt;/a&gt;&lt;/strong&gt;. Happy coding! 🚀&lt;/p&gt;

</description>
      <category>webdev</category>
      <category>vscode</category>
      <category>programming</category>
      <category>productivity</category>
    </item>
    <item>
      <title>DX Matters Too: Why Developer Experience Deserves the Same Love as UX</title>
      <dc:creator>Muhammad Hamid Raza</dc:creator>
      <pubDate>Sun, 28 Jun 2026 11:06:52 +0000</pubDate>
      <link>https://dev.to/hamidrazadev/dx-matters-too-why-developer-experience-deserves-the-same-love-as-ux-d11</link>
      <guid>https://dev.to/hamidrazadev/dx-matters-too-why-developer-experience-deserves-the-same-love-as-ux-d11</guid>
      <description>&lt;p&gt;Everyone talks about UX. But who's talking about the people &lt;em&gt;building&lt;/em&gt; the product? 🤔&lt;/p&gt;




&lt;h2&gt;
  
  
  Introduction
&lt;/h2&gt;

&lt;p&gt;You've heard it a thousand times: "Make it a great experience for the user." And yes, that matters. Nobody wants a confusing app.&lt;/p&gt;

&lt;p&gt;But here's something we don't say out loud enough — &lt;strong&gt;what about the developer sitting at 11 PM, fighting a broken CLI, cryptic error messages, and documentation that reads like a legal contract?&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;Developer Experience, or DX, is the UX for the people who &lt;em&gt;build&lt;/em&gt; things. And for a long time, it's been treated like an afterthought.&lt;/p&gt;

&lt;p&gt;If you've ever rage-quit a library because the docs were useless, spent hours just getting a "Hello World" running, or stared at an error message that told you absolutely nothing — you've experienced bad DX firsthand.&lt;/p&gt;

&lt;p&gt;So let's talk about it. Because DX deserves the spotlight. 🚀&lt;/p&gt;




&lt;h2&gt;
  
  
  What Is Developer Experience (DX)?
&lt;/h2&gt;

&lt;p&gt;Developer Experience is how a developer &lt;em&gt;feels&lt;/em&gt; and &lt;em&gt;works&lt;/em&gt; when using a tool, API, framework, SDK, or platform.&lt;/p&gt;

&lt;p&gt;Think of it like this: &lt;strong&gt;UX is how your users feel using your app. DX is how developers feel building it.&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;If a user gets confused by a button, that's a UX problem.&lt;br&gt;&lt;br&gt;
If a developer gets confused by your package setup, broken error messages, or missing documentation — that's a DX problem.&lt;/p&gt;

&lt;p&gt;DX covers things like:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;How easy is it to install and get started?&lt;/li&gt;
&lt;li&gt;Are error messages actually helpful?&lt;/li&gt;
&lt;li&gt;Is the documentation clear and complete?&lt;/li&gt;
&lt;li&gt;Does the API feel intuitive and consistent?&lt;/li&gt;
&lt;li&gt;How fast is the local development feedback loop?&lt;/li&gt;
&lt;li&gt;Are there good examples to follow?&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;It's not just about "developer happiness" (though that matters too). Good DX directly affects &lt;strong&gt;how fast teams ship&lt;/strong&gt;, &lt;strong&gt;how many bugs slip through&lt;/strong&gt;, and &lt;strong&gt;whether people adopt your tool at all&lt;/strong&gt;.&lt;/p&gt;




&lt;h2&gt;
  
  
  Why Developer Experience Actually Matters
&lt;/h2&gt;

&lt;p&gt;Here's a truth most product managers and business owners overlook:&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Developers are users too.&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;When a developer struggles to use your API, SDK, or platform, they don't push through it out of loyalty. They Google the competition, find something easier, and move on.&lt;/p&gt;

&lt;p&gt;And beyond adoption — bad DX slows everything down internally too.&lt;/p&gt;

&lt;p&gt;When your team's own development workflow is painful, onboarding new engineers takes weeks instead of days. Simple tasks become complicated. Simple bugs become mysterious. Time that could go into building features goes into fighting the environment.&lt;/p&gt;

&lt;p&gt;Good DX is a &lt;em&gt;multiplier&lt;/em&gt;. When your dev tooling, APIs, and internal systems are clean and intuitive:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Developers ship faster&lt;/li&gt;
&lt;li&gt;Bugs get caught earlier&lt;/li&gt;
&lt;li&gt;Onboarding becomes smooth&lt;/li&gt;
&lt;li&gt;Code stays consistent&lt;/li&gt;
&lt;li&gt;Teams stay motivated&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;And that directly improves the final product — which means, ironically, &lt;strong&gt;good DX leads to better UX&lt;/strong&gt; in the end.&lt;/p&gt;




&lt;h2&gt;
  
  
  Real Benefits of Prioritizing DX (With Examples)
&lt;/h2&gt;

&lt;p&gt;&lt;strong&gt;✅ Faster onboarding&lt;/strong&gt;&lt;br&gt;&lt;br&gt;
When your README is clear, your CLI has a guided setup, and your examples actually work — a new team member can be productive in hours instead of weeks. Think of how Vercel's &lt;code&gt;npx create-next-app&lt;/code&gt; gets you running in under two minutes. That's intentional DX at work.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;✅ Better error messages mean fewer lost hours&lt;/strong&gt;&lt;br&gt;&lt;br&gt;
A good error message tells you what went wrong, where, and ideally how to fix it. A bad one says &lt;code&gt;Error: undefined&lt;/code&gt;. Rust's compiler is famous for giving helpful, readable error messages. Developers genuinely appreciate that.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;✅ Clear docs reduce the "wall of shame"&lt;/strong&gt;&lt;br&gt;&lt;br&gt;
The "wall of shame" is that moment where you close the docs tab and paste into ChatGPT instead. Stripe's API documentation is a gold standard — clear, well-organized, and full of real examples. When docs are good, developers trust the product.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;✅ Intuitive APIs reduce cognitive load&lt;/strong&gt;&lt;br&gt;&lt;br&gt;
When an API behaves consistently and predictably, developers spend less mental energy remembering edge cases. React's hook design, for example, follows consistent rules that feel natural once learned.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;✅ Fast feedback loops keep developers in flow&lt;/strong&gt;&lt;br&gt;&lt;br&gt;
Hot reloading, instant previews, fast build times — these aren't luxuries. They're productivity tools. When you break a developer's flow with a 30-second rebuild every save, you're draining energy and focus.&lt;/p&gt;




&lt;h2&gt;
  
  
  UX vs DX: Two Sides of the Same Coin
&lt;/h2&gt;

&lt;p&gt;People sometimes treat UX and DX as competing priorities. They're not. They're complementary.&lt;/p&gt;

&lt;div class="table-wrapper-paragraph"&gt;&lt;table&gt;
&lt;thead&gt;
&lt;tr&gt;
&lt;th&gt;Area&lt;/th&gt;
&lt;th&gt;UX Focus&lt;/th&gt;
&lt;th&gt;DX Focus&lt;/th&gt;
&lt;/tr&gt;
&lt;/thead&gt;
&lt;tbody&gt;
&lt;tr&gt;
&lt;td&gt;Who is the user?&lt;/td&gt;
&lt;td&gt;End users (customers, visitors)&lt;/td&gt;
&lt;td&gt;Developers (builders, integrators)&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;Key concern&lt;/td&gt;
&lt;td&gt;Is the interface easy and pleasant?&lt;/td&gt;
&lt;td&gt;Is the tooling easy and productive?&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;Measured by&lt;/td&gt;
&lt;td&gt;Task success, satisfaction, retention&lt;/td&gt;
&lt;td&gt;Onboarding time, error rate, adoption&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;Common pain points&lt;/td&gt;
&lt;td&gt;Confusing UI, slow load, broken flows&lt;/td&gt;
&lt;td&gt;Bad docs, cryptic errors, fragile setup&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;Tools that help&lt;/td&gt;
&lt;td&gt;Figma, user testing, analytics&lt;/td&gt;
&lt;td&gt;CLI tools, SDKs, sandboxes, good docs&lt;/td&gt;
&lt;/tr&gt;
&lt;/tbody&gt;
&lt;/table&gt;&lt;/div&gt;

&lt;p&gt;The best products invest in &lt;strong&gt;both&lt;/strong&gt;. A beautiful app built on a nightmare codebase will slow down every future improvement. Great DX makes it possible to maintain great UX over time.&lt;/p&gt;




&lt;h2&gt;
  
  
  Best Practices: How to Improve DX
&lt;/h2&gt;

&lt;p&gt;&lt;strong&gt;💡 Write documentation like you're teaching a friend&lt;/strong&gt;&lt;br&gt;&lt;br&gt;
Don't assume knowledge. Explain what something does, why it exists, and show a working example. Add comments inside code samples. One good example beats three paragraphs of explanation.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;💡 Make error messages human-readable&lt;/strong&gt;&lt;br&gt;&lt;br&gt;
Every error should answer: what went wrong, where did it happen, and what should I do next? If your error message is just a stack trace with no context, it's not helpful.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;💡 Build a great getting-started experience&lt;/strong&gt;&lt;br&gt;&lt;br&gt;
The first five minutes are everything. If a developer can't see results fast, they'll leave. Offer a working starter template, a one-command setup, or a sandbox playground.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;💡 Be consistent across your API or codebase&lt;/strong&gt;&lt;br&gt;&lt;br&gt;
If you name one thing &lt;code&gt;getUserById&lt;/code&gt;, don't name the next one &lt;code&gt;fetchUserData&lt;/code&gt;. Consistency lets developers predict how things work. Inconsistency forces them to check docs for every single call.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;💡 Listen to developer feedback&lt;/strong&gt;&lt;br&gt;&lt;br&gt;
If multiple developers ask the same question, that's a DX problem — not a developer problem. Update your docs, improve the error, or simplify the flow.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;💡 Test your own DX&lt;/strong&gt;&lt;br&gt;&lt;br&gt;
Hand your tool to a new developer and watch them use it without help. Where do they get stuck? That's where your DX needs work.&lt;/p&gt;




&lt;h2&gt;
  
  
  Common Mistakes That Kill Developer Experience
&lt;/h2&gt;

&lt;p&gt;&lt;strong&gt;❌ Assuming developers will "figure it out"&lt;/strong&gt;&lt;br&gt;&lt;br&gt;
No, they won't. They'll Google it. If they find a better alternative, they'll use that instead. Good DX is never accidental — it's designed.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;❌ Writing docs after the fact&lt;/strong&gt;&lt;br&gt;&lt;br&gt;
Documentation written as an afterthought shows. It's usually incomplete, outdated, or just confusing. Treat docs as part of the product, not a checkbox you tick before launch.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;❌ Returning vague errors&lt;/strong&gt;&lt;br&gt;&lt;br&gt;
&lt;code&gt;Something went wrong&lt;/code&gt; is not an error message. It's an apology that doesn't help. Every error state should give the developer something to act on.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;❌ Neglecting the local development experience&lt;/strong&gt;&lt;br&gt;&lt;br&gt;
If your app needs 12 steps to run locally — environment variables, Docker containers, manual seed data, two separate config files — that's a DX issue. Simplify wherever you can.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;❌ Breaking changes without clear migration paths&lt;/strong&gt;&lt;br&gt;&lt;br&gt;
Introducing a breaking change and just saying "update your code" is painful. Provide changelogs, migration guides, and deprecation warnings. Developers respect that.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;❌ Ignoring the onboarding experience for your own internal systems&lt;/strong&gt;&lt;br&gt;&lt;br&gt;
DX isn't just for public-facing tools. If your internal codebase, CI/CD setup, or component library is confusing, new team members suffer. Internal DX matters just as much.&lt;/p&gt;




&lt;h2&gt;
  
  
  Conclusion
&lt;/h2&gt;

&lt;p&gt;Here's the bottom line: &lt;strong&gt;UX and DX are both about respect.&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;UX is about respecting your users' time and attention. DX is about respecting your developers' time and energy.&lt;/p&gt;

&lt;p&gt;When you invest in Developer Experience, you're not just making life easier for engineers. You're building a foundation that lets great products get shipped faster, maintained better, and improved continuously.&lt;/p&gt;

&lt;p&gt;The next time someone says "let's focus on the user experience," add this to the conversation: &lt;em&gt;"And let's also take care of the people building it."&lt;/em&gt;&lt;/p&gt;

&lt;p&gt;Because when developers feel good about the tools they use and the environment they work in, the things they build are better. And that? That's good for everyone. 😊&lt;/p&gt;




&lt;p&gt;If this gave you a new way to think about development, I'd love for you to check out more articles at &lt;a href="https://hamidrazadev.com" rel="noopener noreferrer"&gt;hamidrazadev.com&lt;/a&gt;. There's a lot more on frontend development, tooling, and building things the right way.&lt;/p&gt;

&lt;p&gt;If it was useful — share it with a developer friend who deserves better DX. They'll appreciate it. 🙌&lt;/p&gt;

</description>
      <category>webdev</category>
      <category>devex</category>
      <category>programming</category>
      <category>productivity</category>
    </item>
    <item>
      <title>All npm Dependency Types Explained: dependencies, devDependencies, peerDependencies, and More</title>
      <dc:creator>Muhammad Hamid Raza</dc:creator>
      <pubDate>Sat, 27 Jun 2026 04:45:22 +0000</pubDate>
      <link>https://dev.to/hamidrazadev/all-npm-dependency-types-explained-dependencies-devdependencies-peerdependencies-and-more-2of7</link>
      <guid>https://dev.to/hamidrazadev/all-npm-dependency-types-explained-dependencies-devdependencies-peerdependencies-and-more-2of7</guid>
      <description>&lt;p&gt;Ever stared at a &lt;code&gt;package.json&lt;/code&gt; file and wondered why some packages live under &lt;code&gt;dependencies&lt;/code&gt; and others under &lt;code&gt;devDependencies&lt;/code&gt;? 🤔 And then you spotted &lt;code&gt;peerDependencies&lt;/code&gt; hiding at the bottom like a ghost you didn't know existed?&lt;/p&gt;

&lt;p&gt;You are not alone. This trips up beginners and even mid-level developers who never stopped to think about it deeply.&lt;/p&gt;

&lt;p&gt;Here is the truth: putting a package in the wrong dependency type does not just feel wrong — it can bloat your production build, break someone else's project, or cause weird version conflicts that are painful to debug.&lt;/p&gt;

&lt;p&gt;So let's fix that today. By the end of this post, you will know exactly where every package belongs and why it matters.&lt;/p&gt;




&lt;h2&gt;
  
  
  What Is a Dependency in npm?
&lt;/h2&gt;

&lt;p&gt;A &lt;strong&gt;dependency&lt;/strong&gt; is any external package your project needs to do its job.&lt;/p&gt;

&lt;p&gt;Think of it like ingredients in a recipe. Some ingredients go into the final dish (the user eats them). Some are just tools you used while cooking — like a mixer or a timer — that the guest never sees.&lt;/p&gt;

&lt;p&gt;npm uses your &lt;code&gt;package.json&lt;/code&gt; file to track all of these ingredients in different labeled boxes, depending on when and where they are needed.&lt;/p&gt;




&lt;h2&gt;
  
  
  All Dependency Types in npm
&lt;/h2&gt;

&lt;p&gt;Here is the full picture — every field that can appear in your &lt;code&gt;package.json&lt;/code&gt;:&lt;/p&gt;

&lt;div class="table-wrapper-paragraph"&gt;&lt;table&gt;
&lt;thead&gt;
&lt;tr&gt;
&lt;th&gt;Type&lt;/th&gt;
&lt;th&gt;Key in package.json&lt;/th&gt;
&lt;th&gt;When It Is Used&lt;/th&gt;
&lt;/tr&gt;
&lt;/thead&gt;
&lt;tbody&gt;
&lt;tr&gt;
&lt;td&gt;Runtime dependency&lt;/td&gt;
&lt;td&gt;&lt;code&gt;dependencies&lt;/code&gt;&lt;/td&gt;
&lt;td&gt;In production, always&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;Dev-only dependency&lt;/td&gt;
&lt;td&gt;&lt;code&gt;devDependencies&lt;/code&gt;&lt;/td&gt;
&lt;td&gt;Only during development&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;Peer dependency&lt;/td&gt;
&lt;td&gt;&lt;code&gt;peerDependencies&lt;/code&gt;&lt;/td&gt;
&lt;td&gt;Shared with the host project&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;Peer metadata&lt;/td&gt;
&lt;td&gt;&lt;code&gt;peerDependenciesMeta&lt;/code&gt;&lt;/td&gt;
&lt;td&gt;Marks a peer dep as optional&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;Optional dependency&lt;/td&gt;
&lt;td&gt;&lt;code&gt;optionalDependencies&lt;/code&gt;&lt;/td&gt;
&lt;td&gt;Nice to have, not required&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;Bundled dependency&lt;/td&gt;
&lt;td&gt;&lt;code&gt;bundledDependencies&lt;/code&gt;&lt;/td&gt;
&lt;td&gt;Shipped inside your package&lt;/td&gt;
&lt;/tr&gt;
&lt;/tbody&gt;
&lt;/table&gt;&lt;/div&gt;

&lt;p&gt;And separately, npm gives you &lt;strong&gt;install-time save flags&lt;/strong&gt; that control which category a package lands in. We will cover those too.&lt;/p&gt;

&lt;p&gt;Let's break each one down properly.&lt;/p&gt;




&lt;h2&gt;
  
  
  1. &lt;code&gt;dependencies&lt;/code&gt; — The Production Essentials
&lt;/h2&gt;

&lt;p&gt;These are packages your app &lt;strong&gt;needs to run&lt;/strong&gt; in production. Without them, your app breaks.&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight json"&gt;&lt;code&gt;&lt;span class="nl"&gt;"dependencies"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="p"&gt;{&lt;/span&gt;&lt;span class="w"&gt;
  &lt;/span&gt;&lt;span class="nl"&gt;"express"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"^4.18.2"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
  &lt;/span&gt;&lt;span class="nl"&gt;"axios"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"^1.6.0"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
  &lt;/span&gt;&lt;span class="nl"&gt;"react"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"^18.2.0"&lt;/span&gt;&lt;span class="w"&gt;
&lt;/span&gt;&lt;span class="p"&gt;}&lt;/span&gt;&lt;span class="w"&gt;
&lt;/span&gt;&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;&lt;strong&gt;Real example:&lt;/strong&gt; If you are building a React app, React itself goes here. If you are building an API with Express, Express goes here. Your users and servers need these packages to exist at runtime.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Install command:&lt;/strong&gt;&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;npm &lt;span class="nb"&gt;install &lt;/span&gt;express
&lt;span class="c"&gt;# or&lt;/span&gt;
npm &lt;span class="nb"&gt;install&lt;/span&gt; &lt;span class="nt"&gt;--save&lt;/span&gt; express
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;blockquote&gt;
&lt;p&gt;✅ Rule: If removing this package makes your app crash or fail in production, it belongs in &lt;code&gt;dependencies&lt;/code&gt;.&lt;/p&gt;
&lt;/blockquote&gt;




&lt;h2&gt;
  
  
  2. &lt;code&gt;devDependencies&lt;/code&gt; — The Dev-Time Helpers
&lt;/h2&gt;

&lt;p&gt;These are packages you only need &lt;strong&gt;while building, testing, or writing code&lt;/strong&gt;. They never go to production.&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight json"&gt;&lt;code&gt;&lt;span class="nl"&gt;"devDependencies"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="p"&gt;{&lt;/span&gt;&lt;span class="w"&gt;
  &lt;/span&gt;&lt;span class="nl"&gt;"eslint"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"^8.57.0"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
  &lt;/span&gt;&lt;span class="nl"&gt;"typescript"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"^5.4.2"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
  &lt;/span&gt;&lt;span class="nl"&gt;"jest"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"^29.7.0"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
  &lt;/span&gt;&lt;span class="nl"&gt;"vite"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"^5.2.0"&lt;/span&gt;&lt;span class="w"&gt;
&lt;/span&gt;&lt;span class="p"&gt;}&lt;/span&gt;&lt;span class="w"&gt;
&lt;/span&gt;&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;&lt;strong&gt;Real example:&lt;/strong&gt; ESLint checks your code style. Jest runs your tests. Vite builds your project. None of these run when a user opens your app in the browser. They are just tools you use at your desk.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Install command:&lt;/strong&gt;&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;npm &lt;span class="nb"&gt;install&lt;/span&gt; &lt;span class="nt"&gt;--save-dev&lt;/span&gt; eslint
&lt;span class="c"&gt;# or&lt;/span&gt;
npm &lt;span class="nb"&gt;install&lt;/span&gt; &lt;span class="nt"&gt;-D&lt;/span&gt; eslint
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;blockquote&gt;
&lt;p&gt;✅ Rule: If the package is only used for linting, testing, compiling, or bundling — it belongs in &lt;code&gt;devDependencies&lt;/code&gt;.&lt;/p&gt;
&lt;/blockquote&gt;

&lt;p&gt;&lt;strong&gt;Why does this matter?&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;When someone deploys your app using &lt;code&gt;npm install --production&lt;/code&gt; (or sets &lt;code&gt;NODE_ENV=production&lt;/code&gt;), npm skips &lt;code&gt;devDependencies&lt;/code&gt;. This keeps your production environment lean and fast. Shipping test runners to production is a waste of space and a security risk.&lt;/p&gt;




&lt;h2&gt;
  
  
  3. &lt;code&gt;peerDependencies&lt;/code&gt; — The Sharing Agreement
&lt;/h2&gt;

&lt;p&gt;This one is mostly for &lt;strong&gt;library and plugin authors&lt;/strong&gt;, not app developers.&lt;/p&gt;

&lt;p&gt;When you build a library (say, a custom React component library), you expect the project using your library to already have React installed. You do not want to bundle your own copy of React — that would cause version conflicts and bloat.&lt;/p&gt;

&lt;p&gt;So instead of adding React to your &lt;code&gt;dependencies&lt;/code&gt;, you declare it as a peer dependency.&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight json"&gt;&lt;code&gt;&lt;span class="nl"&gt;"peerDependencies"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="p"&gt;{&lt;/span&gt;&lt;span class="w"&gt;
  &lt;/span&gt;&lt;span class="nl"&gt;"react"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"&amp;gt;=17.0.0"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
  &lt;/span&gt;&lt;span class="nl"&gt;"react-dom"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"&amp;gt;=17.0.0"&lt;/span&gt;&lt;span class="w"&gt;
&lt;/span&gt;&lt;span class="p"&gt;}&lt;/span&gt;&lt;span class="w"&gt;
&lt;/span&gt;&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;&lt;strong&gt;Real example:&lt;/strong&gt; A package like &lt;code&gt;react-query&lt;/code&gt; does not install its own React. It says: "Hey, I expect you to already have React. Make sure the version is compatible."&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Install command:&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;Peer dependencies are NOT automatically installed by npm (in npm v7+, npm will warn you if they are missing but tries to install them). In older versions, you had to install them yourself.&lt;/p&gt;

&lt;blockquote&gt;
&lt;p&gt;✅ Rule: If you are writing a package or plugin that relies on the host project having a dependency, use &lt;code&gt;peerDependencies&lt;/code&gt;.&lt;/p&gt;
&lt;/blockquote&gt;




&lt;h2&gt;
  
  
  4. &lt;code&gt;peerDependenciesMeta&lt;/code&gt; — The Peer Dependency Modifier
&lt;/h2&gt;

&lt;p&gt;This one is small but important. It does not stand alone — it works alongside &lt;code&gt;peerDependencies&lt;/code&gt; to mark specific peer deps as &lt;strong&gt;optional&lt;/strong&gt;.&lt;/p&gt;

&lt;p&gt;By default, if a peer dependency is missing, npm throws a warning (or error). But sometimes you want to say "React Native is a peer dep, but only if the user is building a React Native project." That is where &lt;code&gt;peerDependenciesMeta&lt;/code&gt; comes in.&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight json"&gt;&lt;code&gt;&lt;span class="nl"&gt;"peerDependencies"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="p"&gt;{&lt;/span&gt;&lt;span class="w"&gt;
  &lt;/span&gt;&lt;span class="nl"&gt;"react"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"&amp;gt;=17.0.0"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
  &lt;/span&gt;&lt;span class="nl"&gt;"react-native"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"&amp;gt;=0.70.0"&lt;/span&gt;&lt;span class="w"&gt;
&lt;/span&gt;&lt;span class="p"&gt;}&lt;/span&gt;&lt;span class="err"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
&lt;/span&gt;&lt;span class="nl"&gt;"peerDependenciesMeta"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="p"&gt;{&lt;/span&gt;&lt;span class="w"&gt;
  &lt;/span&gt;&lt;span class="nl"&gt;"react-native"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="p"&gt;{&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"optional"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="kc"&gt;true&lt;/span&gt;&lt;span class="w"&gt;
  &lt;/span&gt;&lt;span class="p"&gt;}&lt;/span&gt;&lt;span class="w"&gt;
&lt;/span&gt;&lt;span class="p"&gt;}&lt;/span&gt;&lt;span class="w"&gt;
&lt;/span&gt;&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;&lt;strong&gt;Real example:&lt;/strong&gt; A UI library that supports both web and React Native can list &lt;code&gt;react-native&lt;/code&gt; as an optional peer dependency. Web-only users won't get a warning about a missing package they don't need.&lt;/p&gt;

&lt;blockquote&gt;
&lt;p&gt;✅ Rule: Use &lt;code&gt;peerDependenciesMeta&lt;/code&gt; when you have peer dependencies that are only relevant in certain environments. It silences unnecessary warnings for users who don't need them.&lt;/p&gt;
&lt;/blockquote&gt;




&lt;h2&gt;
  
  
  5. &lt;code&gt;optionalDependencies&lt;/code&gt; — The Nice-to-Have
&lt;/h2&gt;

&lt;p&gt;These are packages your project can &lt;strong&gt;use if available&lt;/strong&gt;, but your app will not crash if they fail to install.&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight json"&gt;&lt;code&gt;&lt;span class="nl"&gt;"optionalDependencies"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="p"&gt;{&lt;/span&gt;&lt;span class="w"&gt;
  &lt;/span&gt;&lt;span class="nl"&gt;"fsevents"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"^2.3.3"&lt;/span&gt;&lt;span class="w"&gt;
&lt;/span&gt;&lt;span class="p"&gt;}&lt;/span&gt;&lt;span class="w"&gt;
&lt;/span&gt;&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;&lt;strong&gt;Real example:&lt;/strong&gt; &lt;code&gt;fsevents&lt;/code&gt; is a native file-watching module that only works on macOS. Some packages list it as optional because it improves performance on Mac, but the package still works fine on Windows and Linux without it.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Install command:&lt;/strong&gt;&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;npm &lt;span class="nb"&gt;install&lt;/span&gt; &lt;span class="nt"&gt;--save-optional&lt;/span&gt; fsevents
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;blockquote&gt;
&lt;p&gt;✅ Rule: If the package is a performance boost or platform-specific extra — not a core requirement — use &lt;code&gt;optionalDependencies&lt;/code&gt;. But make sure your code handles the case where it is absent.&lt;/p&gt;
&lt;/blockquote&gt;




&lt;h2&gt;
  
  
  6. &lt;code&gt;bundledDependencies&lt;/code&gt; — The Package-in-a-Package
&lt;/h2&gt;

&lt;p&gt;This one is rare. Also written as &lt;code&gt;bundleDependencies&lt;/code&gt; (both work).&lt;/p&gt;

&lt;p&gt;It is a list of package names that will be &lt;strong&gt;physically bundled inside your npm package&lt;/strong&gt; when you publish it with &lt;code&gt;npm pack&lt;/code&gt; or &lt;code&gt;npm publish&lt;/code&gt;. Instead of letting the user's npm fetch them from the registry, they come bundled with your package.&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight json"&gt;&lt;code&gt;&lt;span class="nl"&gt;"bundledDependencies"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="p"&gt;[&lt;/span&gt;&lt;span class="w"&gt;
  &lt;/span&gt;&lt;span class="s2"&gt;"some-internal-util"&lt;/span&gt;&lt;span class="w"&gt;
&lt;/span&gt;&lt;span class="p"&gt;]&lt;/span&gt;&lt;span class="w"&gt;
&lt;/span&gt;&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;&lt;strong&gt;Real example:&lt;/strong&gt; If you have a private internal package or a fork of a package you modified, you can bundle it directly so users always get the exact version you tested with — without depending on the registry.&lt;/p&gt;

&lt;blockquote&gt;
&lt;p&gt;✅ Rule: Use &lt;code&gt;bundledDependencies&lt;/code&gt; only when you need to ship specific packages alongside your own — like private utilities or heavily patched forks. Most developers never need this.&lt;/p&gt;
&lt;/blockquote&gt;




&lt;h2&gt;
  
  
  7. npm Install Save Flags — How Each Type Gets Added
&lt;/h2&gt;

&lt;p&gt;Every dependency type has a matching &lt;code&gt;npm install&lt;/code&gt; flag that controls where the package lands in &lt;code&gt;package.json&lt;/code&gt;. This is the part most tutorials skip.&lt;/p&gt;

&lt;p&gt;Here is the complete reference:&lt;/p&gt;

&lt;div class="table-wrapper-paragraph"&gt;&lt;table&gt;
&lt;thead&gt;
&lt;tr&gt;
&lt;th&gt;Flag&lt;/th&gt;
&lt;th&gt;Shorthand&lt;/th&gt;
&lt;th&gt;Where It Saves&lt;/th&gt;
&lt;th&gt;Example&lt;/th&gt;
&lt;/tr&gt;
&lt;/thead&gt;
&lt;tbody&gt;
&lt;tr&gt;
&lt;td&gt;&lt;code&gt;--save&lt;/code&gt;&lt;/td&gt;
&lt;td&gt;&lt;code&gt;-S&lt;/code&gt;&lt;/td&gt;
&lt;td&gt;&lt;code&gt;dependencies&lt;/code&gt;&lt;/td&gt;
&lt;td&gt;&lt;code&gt;npm install axios --save&lt;/code&gt;&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;&lt;code&gt;--save-dev&lt;/code&gt;&lt;/td&gt;
&lt;td&gt;&lt;code&gt;-D&lt;/code&gt;&lt;/td&gt;
&lt;td&gt;&lt;code&gt;devDependencies&lt;/code&gt;&lt;/td&gt;
&lt;td&gt;&lt;code&gt;npm install jest -D&lt;/code&gt;&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;&lt;code&gt;--save-optional&lt;/code&gt;&lt;/td&gt;
&lt;td&gt;&lt;code&gt;-O&lt;/code&gt;&lt;/td&gt;
&lt;td&gt;&lt;code&gt;optionalDependencies&lt;/code&gt;&lt;/td&gt;
&lt;td&gt;&lt;code&gt;npm install fsevents -O&lt;/code&gt;&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;&lt;code&gt;--save-peer&lt;/code&gt;&lt;/td&gt;
&lt;td&gt;&lt;em&gt;(none)&lt;/em&gt;&lt;/td&gt;
&lt;td&gt;&lt;code&gt;peerDependencies&lt;/code&gt;&lt;/td&gt;
&lt;td&gt;&lt;code&gt;npm install react --save-peer&lt;/code&gt;&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;&lt;code&gt;--save-bundle&lt;/code&gt;&lt;/td&gt;
&lt;td&gt;&lt;code&gt;-B&lt;/code&gt;&lt;/td&gt;
&lt;td&gt;&lt;code&gt;bundledDependencies&lt;/code&gt;&lt;/td&gt;
&lt;td&gt;&lt;code&gt;npm install util -B&lt;/code&gt;&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;&lt;code&gt;--save-exact&lt;/code&gt;&lt;/td&gt;
&lt;td&gt;&lt;code&gt;-E&lt;/code&gt;&lt;/td&gt;
&lt;td&gt;Saves exact version (modifier)&lt;/td&gt;
&lt;td&gt;&lt;code&gt;npm install lodash -E&lt;/code&gt;&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;&lt;code&gt;--no-save&lt;/code&gt;&lt;/td&gt;
&lt;td&gt;&lt;em&gt;(none)&lt;/em&gt;&lt;/td&gt;
&lt;td&gt;Does not save to package.json&lt;/td&gt;
&lt;td&gt;&lt;code&gt;npm install chalk --no-save&lt;/code&gt;&lt;/td&gt;
&lt;/tr&gt;
&lt;/tbody&gt;
&lt;/table&gt;&lt;/div&gt;

&lt;p&gt;Let's talk about each one briefly.&lt;/p&gt;

&lt;h3&gt;
  
  
  &lt;code&gt;--save&lt;/code&gt; or &lt;code&gt;-S&lt;/code&gt; (Default since npm v5)
&lt;/h3&gt;

&lt;p&gt;This saves the package to &lt;code&gt;dependencies&lt;/code&gt;. Before npm version 5, you had to write &lt;code&gt;--save&lt;/code&gt; explicitly or the package would install but not appear in &lt;code&gt;package.json&lt;/code&gt;. Since npm v5, running &lt;code&gt;npm install package-name&lt;/code&gt; does the same thing automatically.&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;npm &lt;span class="nb"&gt;install &lt;/span&gt;express        &lt;span class="c"&gt;# same as:&lt;/span&gt;
npm &lt;span class="nb"&gt;install &lt;/span&gt;express &lt;span class="nt"&gt;--save&lt;/span&gt;
npm &lt;span class="nb"&gt;install &lt;/span&gt;express &lt;span class="nt"&gt;-S&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;All three do the exact same thing today. You will still see &lt;code&gt;--save&lt;/code&gt; in older tutorials — it is not wrong, just no longer necessary.&lt;/p&gt;

&lt;h3&gt;
  
  
  &lt;code&gt;--save-dev&lt;/code&gt; or &lt;code&gt;-D&lt;/code&gt;
&lt;/h3&gt;

&lt;p&gt;Saves to &lt;code&gt;devDependencies&lt;/code&gt;. Use this for linters, test runners, type checkers, and build tools.&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;npm &lt;span class="nb"&gt;install &lt;/span&gt;typescript &lt;span class="nt"&gt;--save-dev&lt;/span&gt;
npm &lt;span class="nb"&gt;install &lt;/span&gt;typescript &lt;span class="nt"&gt;-D&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;h3&gt;
  
  
  &lt;code&gt;--save-optional&lt;/code&gt; or &lt;code&gt;-O&lt;/code&gt;
&lt;/h3&gt;

&lt;p&gt;Saves to &lt;code&gt;optionalDependencies&lt;/code&gt;. The package is installed if possible but skipped without an error if it fails.&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;npm &lt;span class="nb"&gt;install &lt;/span&gt;fsevents &lt;span class="nt"&gt;--save-optional&lt;/span&gt;
npm &lt;span class="nb"&gt;install &lt;/span&gt;fsevents &lt;span class="nt"&gt;-O&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;h3&gt;
  
  
  &lt;code&gt;--save-peer&lt;/code&gt; (npm v7+)
&lt;/h3&gt;

&lt;p&gt;Saves to &lt;code&gt;peerDependencies&lt;/code&gt;. This flag was added in npm v7. Before that, you had to manually edit &lt;code&gt;package.json&lt;/code&gt; to add peer dependencies.&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;npm &lt;span class="nb"&gt;install &lt;/span&gt;react &lt;span class="nt"&gt;--save-peer&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;blockquote&gt;
&lt;p&gt;⚡ Note: This is a relatively newer flag. If you are using an older npm version, you may need to add &lt;code&gt;peerDependencies&lt;/code&gt; manually.&lt;/p&gt;
&lt;/blockquote&gt;

&lt;h3&gt;
  
  
  &lt;code&gt;--save-bundle&lt;/code&gt; or &lt;code&gt;-B&lt;/code&gt;
&lt;/h3&gt;

&lt;p&gt;Saves to &lt;code&gt;bundledDependencies&lt;/code&gt;. The package name is added to the array (not as a key-value pair like others).&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;npm &lt;span class="nb"&gt;install &lt;/span&gt;some-util &lt;span class="nt"&gt;--save-bundle&lt;/span&gt;
npm &lt;span class="nb"&gt;install &lt;/span&gt;some-util &lt;span class="nt"&gt;-B&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;h3&gt;
  
  
  &lt;code&gt;--save-exact&lt;/code&gt; or &lt;code&gt;-E&lt;/code&gt;
&lt;/h3&gt;

&lt;p&gt;This is a &lt;strong&gt;modifier&lt;/strong&gt;, not a category. It does not change which section the package goes into — it just removes the &lt;code&gt;^&lt;/code&gt; version prefix and saves the exact version number instead.&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;npm &lt;span class="nb"&gt;install &lt;/span&gt;lodash &lt;span class="nt"&gt;-E&lt;/span&gt;          &lt;span class="c"&gt;# saves "lodash": "4.17.21" instead of "^4.17.21"&lt;/span&gt;
npm &lt;span class="nb"&gt;install &lt;/span&gt;lodash &lt;span class="nt"&gt;-D&lt;/span&gt; &lt;span class="nt"&gt;-E&lt;/span&gt;       &lt;span class="c"&gt;# exact version saved to devDependencies&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;Use this when you need pinned, reproducible installs and do not want any automatic minor or patch updates.&lt;/p&gt;

&lt;h3&gt;
  
  
  &lt;code&gt;--no-save&lt;/code&gt;
&lt;/h3&gt;

&lt;p&gt;Installs the package into &lt;code&gt;node_modules&lt;/code&gt; but does &lt;strong&gt;not&lt;/strong&gt; write anything to &lt;code&gt;package.json&lt;/code&gt;. Useful for quick one-off testing of a package without committing it to your project.&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;npm &lt;span class="nb"&gt;install &lt;/span&gt;some-package &lt;span class="nt"&gt;--no-save&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;






&lt;h2&gt;
  
  
  Quick Visual Summary
&lt;/h2&gt;

&lt;p&gt;&lt;strong&gt;&lt;code&gt;package.json&lt;/code&gt; dependency fields:&lt;/strong&gt;&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;Your project (package.json)
│
├── dependencies            → Runs in production. User needs it. ✅
├── devDependencies         → Dev-only. Never ships to production. 🔧
├── peerDependencies        → For library authors. "Bring your own." 📦
├── peerDependenciesMeta    → Marks specific peer deps as optional. 🏷️
├── optionalDependencies    → Nice to have. Works fine without it. 🤷
└── bundledDependencies     → Ships physically inside your package. 📁
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;&lt;strong&gt;npm install save flags:&lt;/strong&gt;&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;npm &lt;span class="nb"&gt;install&lt;/span&gt; &amp;lt;pkg&amp;gt;              → dependencies &lt;span class="o"&gt;(&lt;/span&gt;default, same as &lt;span class="nt"&gt;--save&lt;/span&gt;&lt;span class="o"&gt;)&lt;/span&gt;
npm &lt;span class="nb"&gt;install&lt;/span&gt; &amp;lt;pkg&amp;gt; &lt;span class="nt"&gt;--save&lt;/span&gt;       → dependencies  &lt;span class="o"&gt;(&lt;/span&gt;&lt;span class="nt"&gt;-S&lt;/span&gt;&lt;span class="o"&gt;)&lt;/span&gt;
npm &lt;span class="nb"&gt;install&lt;/span&gt; &amp;lt;pkg&amp;gt; &lt;span class="nt"&gt;--save-dev&lt;/span&gt;   → devDependencies  &lt;span class="o"&gt;(&lt;/span&gt;&lt;span class="nt"&gt;-D&lt;/span&gt;&lt;span class="o"&gt;)&lt;/span&gt;
npm &lt;span class="nb"&gt;install&lt;/span&gt; &amp;lt;pkg&amp;gt; &lt;span class="nt"&gt;--save-optional&lt;/span&gt; → optionalDependencies  &lt;span class="o"&gt;(&lt;/span&gt;&lt;span class="nt"&gt;-O&lt;/span&gt;&lt;span class="o"&gt;)&lt;/span&gt;
npm &lt;span class="nb"&gt;install&lt;/span&gt; &amp;lt;pkg&amp;gt; &lt;span class="nt"&gt;--save-peer&lt;/span&gt;  → peerDependencies  &lt;span class="o"&gt;(&lt;/span&gt;npm v7+&lt;span class="o"&gt;)&lt;/span&gt;
npm &lt;span class="nb"&gt;install&lt;/span&gt; &amp;lt;pkg&amp;gt; &lt;span class="nt"&gt;--save-bundle&lt;/span&gt; → bundledDependencies  &lt;span class="o"&gt;(&lt;/span&gt;&lt;span class="nt"&gt;-B&lt;/span&gt;&lt;span class="o"&gt;)&lt;/span&gt;
npm &lt;span class="nb"&gt;install&lt;/span&gt; &amp;lt;pkg&amp;gt; &lt;span class="nt"&gt;--save-exact&lt;/span&gt;  → exact version pin, any category  &lt;span class="o"&gt;(&lt;/span&gt;&lt;span class="nt"&gt;-E&lt;/span&gt;&lt;span class="o"&gt;)&lt;/span&gt;
npm &lt;span class="nb"&gt;install&lt;/span&gt; &amp;lt;pkg&amp;gt; &lt;span class="nt"&gt;--no-save&lt;/span&gt;    → installs but does NOT save anywhere
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;






&lt;h2&gt;
  
  
  Why This Actually Matters (Real Impact)
&lt;/h2&gt;

&lt;p&gt;&lt;strong&gt;1. Smaller production builds&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;If your &lt;code&gt;dependencies&lt;/code&gt; list contains testing libraries, linters, or build tools, your deployment gets unnecessarily heavy. A slim production &lt;code&gt;node_modules&lt;/code&gt; loads faster and reduces attack surface.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;2. No version conflicts in libraries&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;Wrong use of &lt;code&gt;dependencies&lt;/code&gt; instead of &lt;code&gt;peerDependencies&lt;/code&gt; in a library means two versions of React might end up in the same project. That causes hooks to break and warnings to fire — and debugging it is a nightmare.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;3. Cleaner CI/CD pipelines&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;When CI knows which packages are for production and which are for dev, it can run optimized installs. &lt;code&gt;npm ci --production&lt;/code&gt; in a deploy step skips all dev tools, saving time.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;4. Better collaboration&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;When a new developer clones your project and runs &lt;code&gt;npm install&lt;/code&gt;, they get everything they need — no more, no less — because the categories are correct.&lt;/p&gt;




&lt;h2&gt;
  
  
  Common Mistakes Developers Make
&lt;/h2&gt;

&lt;h3&gt;
  
  
  ❌ Installing everything under &lt;code&gt;dependencies&lt;/code&gt;
&lt;/h3&gt;

&lt;p&gt;This is the most common mistake. Developers just run &lt;code&gt;npm install package-name&lt;/code&gt; and move on, without thinking about whether it is a dev or runtime package.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Fix:&lt;/strong&gt; Before installing, ask yourself: "Does this package need to exist when my app is running for users?" If yes → &lt;code&gt;dependencies&lt;/code&gt;. If no → &lt;code&gt;devDependencies&lt;/code&gt;.&lt;/p&gt;




&lt;h3&gt;
  
  
  ❌ Using &lt;code&gt;dependencies&lt;/code&gt; instead of &lt;code&gt;peerDependencies&lt;/code&gt; in a library
&lt;/h3&gt;

&lt;p&gt;If you are building a React component library and you add React to your &lt;code&gt;dependencies&lt;/code&gt;, every project that installs your library might end up with two React instances. Two React instances = broken hooks and lots of confusion.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Fix:&lt;/strong&gt; Always use &lt;code&gt;peerDependencies&lt;/code&gt; for shared host packages when building libraries or plugins.&lt;/p&gt;




&lt;h3&gt;
  
  
  ❌ Ignoring &lt;code&gt;optionalDependencies&lt;/code&gt; error handling
&lt;/h3&gt;

&lt;p&gt;If a package is optional, your code must handle the case where it does not exist. Many developers declare something as optional but then &lt;code&gt;require()&lt;/code&gt; it without a try-catch, causing crashes.&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight javascript"&gt;&lt;code&gt;&lt;span class="c1"&gt;// Bad&lt;/span&gt;
&lt;span class="kd"&gt;const&lt;/span&gt; &lt;span class="nx"&gt;fsevents&lt;/span&gt; &lt;span class="o"&gt;=&lt;/span&gt; &lt;span class="nf"&gt;require&lt;/span&gt;&lt;span class="p"&gt;(&lt;/span&gt;&lt;span class="dl"&gt;'&lt;/span&gt;&lt;span class="s1"&gt;fsevents&lt;/span&gt;&lt;span class="dl"&gt;'&lt;/span&gt;&lt;span class="p"&gt;);&lt;/span&gt;

&lt;span class="c1"&gt;// Good&lt;/span&gt;
&lt;span class="kd"&gt;let&lt;/span&gt; &lt;span class="nx"&gt;fsevents&lt;/span&gt;&lt;span class="p"&gt;;&lt;/span&gt;
&lt;span class="k"&gt;try&lt;/span&gt; &lt;span class="p"&gt;{&lt;/span&gt;
  &lt;span class="nx"&gt;fsevents&lt;/span&gt; &lt;span class="o"&gt;=&lt;/span&gt; &lt;span class="nf"&gt;require&lt;/span&gt;&lt;span class="p"&gt;(&lt;/span&gt;&lt;span class="dl"&gt;'&lt;/span&gt;&lt;span class="s1"&gt;fsevents&lt;/span&gt;&lt;span class="dl"&gt;'&lt;/span&gt;&lt;span class="p"&gt;);&lt;/span&gt;
&lt;span class="p"&gt;}&lt;/span&gt; &lt;span class="k"&gt;catch&lt;/span&gt; &lt;span class="p"&gt;{&lt;/span&gt;
  &lt;span class="c1"&gt;// Not available, continue without it&lt;/span&gt;
&lt;span class="p"&gt;}&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;






&lt;h3&gt;
  
  
  ❌ Confusing &lt;code&gt;peerDependencies&lt;/code&gt; with &lt;code&gt;devDependencies&lt;/code&gt;
&lt;/h3&gt;

&lt;p&gt;When writing a library, you still need React locally to build and test. So you add it to both &lt;code&gt;devDependencies&lt;/code&gt; (for local dev) and &lt;code&gt;peerDependencies&lt;/code&gt; (to declare what the host needs). Many developers only add it to one — and then wonder why their build fails or why users get version conflicts.&lt;/p&gt;




&lt;h2&gt;
  
  
  Do's &amp;amp; Don'ts
&lt;/h2&gt;

&lt;div class="table-wrapper-paragraph"&gt;&lt;table&gt;
&lt;thead&gt;
&lt;tr&gt;
&lt;th&gt;Do ✅&lt;/th&gt;
&lt;th&gt;Don't ❌&lt;/th&gt;
&lt;/tr&gt;
&lt;/thead&gt;
&lt;tbody&gt;
&lt;tr&gt;
&lt;td&gt;Use &lt;code&gt;-D&lt;/code&gt; for linters, test runners, bundlers&lt;/td&gt;
&lt;td&gt;Don't ship ESLint or Jest to production&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;Use &lt;code&gt;peerDependencies&lt;/code&gt; in npm libraries&lt;/td&gt;
&lt;td&gt;Don't bundle React inside your component library&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;Handle missing optionalDependencies in code&lt;/td&gt;
&lt;td&gt;Don't assume optional packages always install&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;Audit your &lt;code&gt;dependencies&lt;/code&gt; before deploying&lt;/td&gt;
&lt;td&gt;Don't just run &lt;code&gt;npm install x&lt;/code&gt; blindly every time&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;Keep &lt;code&gt;bundledDependencies&lt;/code&gt; for rare edge cases&lt;/td&gt;
&lt;td&gt;Don't use it as a lazy substitute for proper publishing&lt;/td&gt;
&lt;/tr&gt;
&lt;/tbody&gt;
&lt;/table&gt;&lt;/div&gt;




&lt;h2&gt;
  
  
  Conclusion
&lt;/h2&gt;

&lt;p&gt;Understanding dependency types in npm is one of those small things that makes a huge difference as your projects grow. 🚀&lt;/p&gt;

&lt;p&gt;The short version:&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;&lt;code&gt;package.json&lt;/code&gt; fields:&lt;/strong&gt;&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;&lt;code&gt;dependencies&lt;/code&gt;&lt;/strong&gt; → Your app needs this at runtime. Always.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;&lt;code&gt;devDependencies&lt;/code&gt;&lt;/strong&gt; → Only needed while you are coding. Never ships.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;&lt;code&gt;peerDependencies&lt;/code&gt;&lt;/strong&gt; → For library authors. Let the host project provide it.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;&lt;code&gt;peerDependenciesMeta&lt;/code&gt;&lt;/strong&gt; → Marks a peer dep as optional to silence warnings.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;&lt;code&gt;optionalDependencies&lt;/code&gt;&lt;/strong&gt; → Nice to have. Handle gracefully if missing.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;&lt;code&gt;bundledDependencies&lt;/code&gt;&lt;/strong&gt; → Rare. Packages shipped inside your package.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;&lt;strong&gt;npm install flags:&lt;/strong&gt;&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;&lt;code&gt;--save&lt;/code&gt; / &lt;code&gt;-S&lt;/code&gt;&lt;/strong&gt; → Saves to &lt;code&gt;dependencies&lt;/code&gt; (default since npm v5).&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;&lt;code&gt;--save-dev&lt;/code&gt; / &lt;code&gt;-D&lt;/code&gt;&lt;/strong&gt; → Saves to &lt;code&gt;devDependencies&lt;/code&gt;.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;&lt;code&gt;--save-optional&lt;/code&gt; / &lt;code&gt;-O&lt;/code&gt;&lt;/strong&gt; → Saves to &lt;code&gt;optionalDependencies&lt;/code&gt;.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;&lt;code&gt;--save-peer&lt;/code&gt;&lt;/strong&gt; → Saves to &lt;code&gt;peerDependencies&lt;/code&gt; (npm v7+).&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;&lt;code&gt;--save-bundle&lt;/code&gt; / &lt;code&gt;-B&lt;/code&gt;&lt;/strong&gt; → Saves to &lt;code&gt;bundledDependencies&lt;/code&gt;.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;&lt;code&gt;--save-exact&lt;/code&gt; / &lt;code&gt;-E&lt;/code&gt;&lt;/strong&gt; → Pins exact version. Combines with any flag.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;&lt;code&gt;--no-save&lt;/code&gt;&lt;/strong&gt; → Installs without touching &lt;code&gt;package.json&lt;/code&gt;.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;Getting this right keeps your production builds lean, your libraries conflict-free, and your &lt;code&gt;package.json&lt;/code&gt; clean and professional.&lt;/p&gt;

&lt;p&gt;If you found this helpful, share it with a teammate who is still dumping everything into &lt;code&gt;dependencies&lt;/code&gt; 😊 — it might save them a frustrating debug session.&lt;/p&gt;

&lt;p&gt;For more posts like this, head over to &lt;strong&gt;&lt;a href="https://hamidrazadev.com" rel="noopener noreferrer"&gt;hamidrazadev.com&lt;/a&gt;&lt;/strong&gt; where I write about frontend development, tools, and real-world developer problems.&lt;/p&gt;

</description>
      <category>javascript</category>
      <category>npm</category>
      <category>webdev</category>
      <category>node</category>
    </item>
    <item>
      <title>VS Code 1.126: Track AI Costs, Run Multiple Chats, and Browse Code Safely</title>
      <dc:creator>Muhammad Hamid Raza</dc:creator>
      <pubDate>Thu, 25 Jun 2026 07:39:45 +0000</pubDate>
      <link>https://dev.to/hamidrazadev/vs-code-1126-track-ai-costs-run-multiple-chats-and-browse-code-safely-1dof</link>
      <guid>https://dev.to/hamidrazadev/vs-code-1126-track-ai-costs-run-multiple-chats-and-browse-code-safely-1dof</guid>
      <description>&lt;p&gt;You open a new project someone sent you. VS Code immediately interrupts you with a giant trust dialog before you can even &lt;em&gt;look&lt;/em&gt; at the code. You click trust, realize you maybe shouldn't have, and now you're quietly hoping nothing weird runs. Sound familiar? 😅&lt;/p&gt;

&lt;p&gt;VS Code 1.126 just landed on June 24, 2026, and it brings some genuinely useful upgrades — not just polish for the sake of polish, but real quality-of-life wins. We're talking AI cost transparency, running multiple agent chats side by side, and a smarter way to handle untrusted folders.&lt;/p&gt;

&lt;p&gt;Let's walk through what's new and why it actually matters for your daily workflow.&lt;/p&gt;




&lt;h2&gt;
  
  
  What Is VS Code 1.126?
&lt;/h2&gt;

&lt;p&gt;VS Code 1.126 is the latest monthly release of Visual Studio Code — Microsoft's wildly popular, free, open-source code editor. Every month, the team ships a new version with improvements ranging from subtle UI tweaks to major feature drops.&lt;/p&gt;

&lt;p&gt;This release focuses heavily on &lt;strong&gt;Copilot chat and agent workflows&lt;/strong&gt;, making AI assistance in VS Code more manageable, more readable, and less of a mystery when it comes to cost. It also quietly improves how you handle folders you don't fully trust yet.&lt;/p&gt;

&lt;p&gt;If you use VS Code daily (and let's be honest, most of us do 👀), there's something in here for you.&lt;/p&gt;




&lt;h2&gt;
  
  
  Why This Release Matters
&lt;/h2&gt;

&lt;p&gt;AI tools inside editors are no longer a novelty — they're becoming part of the actual development loop. But with that power comes a new kind of headache: you don't always know how much your AI interactions are costing you, or how to manage multiple threads of work at once.&lt;/p&gt;

&lt;p&gt;This release tackles both of those problems head-on. It also quietly fixes one of those small-but-annoying security UX issues that has bugged developers for years. Whether you're a solo developer, part of a team, or just starting out, these changes make VS Code feel sharper and more intentional.&lt;/p&gt;




&lt;h2&gt;
  
  
  New Features and What They Actually Do
&lt;/h2&gt;

&lt;h3&gt;
  
  
  💰 Session-Level Cost Information
&lt;/h3&gt;

&lt;p&gt;This is a big one for anyone using Copilot with credit-based plans.&lt;/p&gt;

&lt;p&gt;Previously, you could only see the cost of an individual chat turn. Now, VS Code shows you the &lt;strong&gt;total cost for an entire chat session&lt;/strong&gt; — not just one message, but the whole conversation combined. A session-level info popover also shows context window token usage across the whole session.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Why this matters:&lt;/strong&gt; Imagine you're debugging a tricky async issue and you've sent 30 messages back and forth. Before this, you'd have no idea how many credits that conversation consumed until you checked your billing dashboard. Now, the information is right there in the chat UI.&lt;/p&gt;

&lt;p&gt;It's like finally getting a running total at the grocery store instead of being surprised at checkout.&lt;/p&gt;




&lt;h3&gt;
  
  
  🧠 Unified Model Customization Picker
&lt;/h3&gt;

&lt;p&gt;VS Code used to give you &lt;strong&gt;two separate dropdowns&lt;/strong&gt; to configure a language model — one for context size and another for reasoning (thinking) effort. That was fine, but switching between them felt unnecessarily scattered.&lt;/p&gt;

&lt;p&gt;Now, both settings live inside a single &lt;strong&gt;model customization picker&lt;/strong&gt;. One place, two controls, done.&lt;/p&gt;

&lt;p&gt;The model hover tooltip also got a cleanup. It now shows a concise one-word descriptor of the model's capabilities (instead of a wall of text), plus deep link buttons that take you directly to the settings you need.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Why this matters:&lt;/strong&gt; When you're mid-task and want to quickly switch a model to "think harder" or reduce context size to save credits, the fewer clicks the better. This makes model tuning feel lighter.&lt;/p&gt;




&lt;h3&gt;
  
  
  🪟 Multiple Chats in One Agent Session
&lt;/h3&gt;

&lt;p&gt;The Agents window (still in Preview) just got a significant upgrade.&lt;/p&gt;

&lt;p&gt;Before, you could only have one chat running inside an agent host session. Now you can &lt;strong&gt;open multiple chats side by side&lt;/strong&gt; within the same session. These chats share the same working context, which means:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Start a chat implementing a new feature&lt;/li&gt;
&lt;li&gt;While it's working, open a second chat in the same session to write tests or review changes&lt;/li&gt;
&lt;li&gt;Both run at the same time&lt;/li&gt;
&lt;li&gt;Each chat keeps its own separate conversation thread&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;You can rename each chat tab so you don't lose track of what's what. And if you close VS Code and come back later, &lt;strong&gt;all your chats are persisted and restored&lt;/strong&gt; — not just the first one.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Why this matters:&lt;/strong&gt; This is genuinely useful for complex, multi-step work. It's like having two terminals open side by side, except for your AI conversations. No more "wait, where was that other chat I had about the database schema?"&lt;/p&gt;




&lt;h3&gt;
  
  
  💬 Agentic Code Feedback with Comments
&lt;/h3&gt;

&lt;p&gt;If you use the Agents window for code review workflows, this one is for you.&lt;/p&gt;

&lt;p&gt;Comments you leave on generated code are now &lt;strong&gt;stored on the agent host&lt;/strong&gt; — not locally in your browser session. This means:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;The agent can read and respond to your comments using server-side tools&lt;/li&gt;
&lt;li&gt;Comments persist even if you disconnect the client&lt;/li&gt;
&lt;li&gt;The agent itself can &lt;em&gt;add&lt;/em&gt; inline comments using the &lt;code&gt;addComment&lt;/code&gt; tool&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;When you run a review skill like &lt;code&gt;/code-review&lt;/code&gt;, the agent reviews your code and drops inline comments that you can accept or delete before sending them back to the agent to address. Pull request review comments work the same way — the agent can request permission to view PR comments and then address them.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Why this matters:&lt;/strong&gt; This closes the loop between you and the agent during reviews. Instead of copy-pasting feedback, you're annotating directly and the agent picks it up.&lt;/p&gt;




&lt;h3&gt;
  
  
  🔒 Safer Folder Browsing with Restricted Mode
&lt;/h3&gt;

&lt;p&gt;This is the one that fixes that annoying trust dialog problem.&lt;/p&gt;

&lt;p&gt;Previously, when you opened a new or unfamiliar folder in VS Code, it immediately hit you with a dialog asking whether you trust the folder — &lt;em&gt;before you could even look at the code&lt;/em&gt;. Rushing past that dialog and clicking "Yes" without thinking was easy, and trusting code you haven't reviewed yet is a real security risk.&lt;/p&gt;

&lt;p&gt;Now, &lt;strong&gt;new folders open in Restricted Mode by default&lt;/strong&gt;. You get a simple banner at the top letting you know you're in safe-browsing mode. You can explore the files, read the code, and when you're ready and confident, you click to trust the folder.&lt;/p&gt;

&lt;p&gt;No forced interruption. No accidentally trusting something sketchy before you've looked at it.&lt;/p&gt;

&lt;p&gt;The &lt;code&gt;security.workspace.trust.startupPrompt&lt;/code&gt; setting defaults to &lt;code&gt;never&lt;/code&gt; now instead of &lt;code&gt;once&lt;/code&gt;. If you want the old prompt-on-first-open behavior back, set it to &lt;code&gt;once&lt;/code&gt; in your settings.&lt;/p&gt;

&lt;p&gt;Additionally, the &lt;strong&gt;Trust Parent&lt;/strong&gt; button was removed from the Workspace Trust editor. It looked nearly identical to the regular Trust button but trusted the entire parent folder instead of just the current one — which was easy to click by mistake. You can still trust a parent folder manually by adding it to the Trusted Folders list.&lt;/p&gt;




&lt;h3&gt;
  
  
  📰 New VS Code Blog Landing Page
&lt;/h3&gt;

&lt;p&gt;Small but worth mentioning: the VS Code website now has a &lt;strong&gt;proper blog landing page&lt;/strong&gt; instead of dropping you directly on the latest post. Previous posts were easy to miss before this. Now you can see recent posts at a glance and browse the full archive.&lt;/p&gt;

&lt;p&gt;The documentation table of contents also got restructured — all agent docs are grouped under "Agents," code editing and config docs are under "Editor," and language/extension docs now live in their own dedicated sections instead of being scattered individually.&lt;/p&gt;




&lt;h2&gt;
  
  
  Quick Comparison: Before vs After
&lt;/h2&gt;

&lt;div class="table-wrapper-paragraph"&gt;&lt;table&gt;
&lt;thead&gt;
&lt;tr&gt;
&lt;th&gt;Feature&lt;/th&gt;
&lt;th&gt;Before 1.126&lt;/th&gt;
&lt;th&gt;After 1.126&lt;/th&gt;
&lt;/tr&gt;
&lt;/thead&gt;
&lt;tbody&gt;
&lt;tr&gt;
&lt;td&gt;AI cost visibility&lt;/td&gt;
&lt;td&gt;Per-turn only&lt;/td&gt;
&lt;td&gt;Full session total&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;Model configuration&lt;/td&gt;
&lt;td&gt;Two separate dropdowns&lt;/td&gt;
&lt;td&gt;Single unified picker&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;Agent chats per session&lt;/td&gt;
&lt;td&gt;One at a time&lt;/td&gt;
&lt;td&gt;Multiple side by side&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;Opening new folders&lt;/td&gt;
&lt;td&gt;Trust dialog immediately&lt;/td&gt;
&lt;td&gt;Restricted Mode first&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;Trust Parent button&lt;/td&gt;
&lt;td&gt;Present (and easy to misclick)&lt;/td&gt;
&lt;td&gt;Removed&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;Code review comments&lt;/td&gt;
&lt;td&gt;Local to client session&lt;/td&gt;
&lt;td&gt;Stored on agent host&lt;/td&gt;
&lt;/tr&gt;
&lt;/tbody&gt;
&lt;/table&gt;&lt;/div&gt;




&lt;h2&gt;
  
  
  Best Tips for Getting the Most Out of VS Code 1.126
&lt;/h2&gt;

&lt;p&gt;&lt;strong&gt;✅ Do check the session cost popover regularly.&lt;/strong&gt; If you're on a credit plan, keeping an eye on which sessions consume the most tokens helps you stay within budget.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;✅ Do use multiple chats for parallel workflows.&lt;/strong&gt; Keep one chat focused on implementation and another on testing or documentation. Rename the tabs so you know what's what at a glance.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;✅ Do let Restricted Mode do its job.&lt;/strong&gt; When you open an unfamiliar repo, take a moment to actually read through the code before clicking Trust. That's the whole point of the feature.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;✅ Do try the &lt;code&gt;/code-review&lt;/code&gt; skill in the Agents window.&lt;/strong&gt; If you haven't used agent-driven code review yet, the new comment tools make it significantly more usable.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;❌ Don't ignore the session cost info.&lt;/strong&gt; It's easy to dismiss it, but if you're on a team plan or personal credit budget, it's genuinely useful context.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;❌ Don't set &lt;code&gt;startupPrompt&lt;/code&gt; back to &lt;code&gt;once&lt;/code&gt; out of habit.&lt;/strong&gt; The new Restricted Mode default is actually better. Give it a week before reverting.&lt;/p&gt;




&lt;h2&gt;
  
  
  Common Mistakes to Watch Out For
&lt;/h2&gt;

&lt;p&gt;&lt;strong&gt;Thinking multiple chats means unlimited context.&lt;/strong&gt; Multiple chats in a session share the &lt;em&gt;same&lt;/em&gt; working context, which is powerful — but it doesn't mean the model has infinite memory. Heavy sessions still consume tokens and credits.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Forgetting to rename chat tabs.&lt;/strong&gt; You open three chats, they all say "Chat 1," "Chat 2," "Chat 3," and twenty minutes later you have no idea which one has the database conversation. Rename them immediately. Double-click the tab, type something useful.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Assuming Restricted Mode means no functionality.&lt;/strong&gt; You can still read files, search code, and navigate the project in Restricted Mode. Extensions and task runners that need to run code are restricted, which is exactly the point. You're not locked out — you're just safe-browsing.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Looking for the Trust Parent button and panicking.&lt;/strong&gt; It's gone on purpose. Add a parent folder path manually to the Trusted Folders list if you genuinely need to trust it. That extra step is intentional so you don't do it by accident.&lt;/p&gt;




&lt;h2&gt;
  
  
  Wrapping Up 🚀
&lt;/h2&gt;

&lt;p&gt;VS Code 1.126 isn't the flashiest release of the year, but it's a thoughtful one. The team took three real pain points — AI cost opacity, fragmented agent workflows, and the trust-before-you-look security UX — and made practical improvements to all three.&lt;/p&gt;

&lt;p&gt;Session cost tracking, unified model controls, multi-chat sessions, and safer restricted-mode browsing are all features you'll appreciate quietly in your daily work. The kind of release that doesn't make headlines but makes your day smoother.&lt;/p&gt;

&lt;p&gt;Update your VS Code now (or go to &lt;strong&gt;Help → Check for Updates&lt;/strong&gt; if it hasn't rolled out to you yet), and try opening your next unfamiliar repo in Restricted Mode like the responsible developer you are. 😊&lt;/p&gt;

&lt;p&gt;Want more developer content like this? Head over to &lt;strong&gt;&lt;a href="https://hamidrazadev.com" rel="noopener noreferrer"&gt;hamidrazadev.com&lt;/a&gt;&lt;/strong&gt; for more posts, tools, and updates from the dev world. If this post saved you some time or cleared something up, share it with a fellow dev — it genuinely helps. 🙌&lt;/p&gt;

</description>
      <category>vscode</category>
      <category>webdev</category>
      <category>productivity</category>
      <category>product</category>
    </item>
    <item>
      <title>GET, POST, and Friends: A Simple Guide to HTTP Request Methods (And When to Use Each)</title>
      <dc:creator>Muhammad Hamid Raza</dc:creator>
      <pubDate>Sun, 21 Jun 2026 08:48:30 +0000</pubDate>
      <link>https://dev.to/hamidrazadev/get-post-and-friends-a-simple-guide-to-http-request-methods-and-when-to-use-each-571b</link>
      <guid>https://dev.to/hamidrazadev/get-post-and-friends-a-simple-guide-to-http-request-methods-and-when-to-use-each-571b</guid>
      <description>&lt;p&gt;If you've ever opened your browser's Network tab and seen a bunch of requests labeled GET, POST, PUT, DELETE… and quietly wondered "wait, what's actually the difference?" — you're not alone. 😊&lt;/p&gt;

&lt;p&gt;Most developers learn to &lt;em&gt;use&lt;/em&gt; these methods way before they actually understand &lt;em&gt;why&lt;/em&gt; one is chosen over another. You copy a tutorial, the API call works, and you move on. Until one day you accidentally send sensitive data through a GET request, or your "update" endpoint behaves weird because it's not idempotent — and suddenly this stuff matters a lot.&lt;/p&gt;

&lt;p&gt;So let's slow down and actually understand HTTP request methods, what they're for, and how to pick the right one. No jargon overload, just clear explanations. 🚀&lt;/p&gt;

&lt;h2&gt;
  
  
  What Are HTTP Request Methods?
&lt;/h2&gt;

&lt;p&gt;Every time your browser or app talks to a server, it sends an HTTP request. That request needs to tell the server &lt;em&gt;what kind of action&lt;/em&gt; it wants to perform. That's exactly what the "method" (sometimes called the "verb") does.&lt;/p&gt;

&lt;p&gt;Think of it like walking into a library. You might be there to:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;Look at a book&lt;/strong&gt; (just reading, nothing changes)&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Add a new book&lt;/strong&gt; to the shelf&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Replace an old book&lt;/strong&gt; with a new edition&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Remove a book&lt;/strong&gt; completely&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;HTTP methods are the formal way of telling the server which of these actions you intend to do. The server then responds based on that intent.&lt;/p&gt;

&lt;p&gt;In code, a request method usually looks like this:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight http"&gt;&lt;code&gt;&lt;span class="nf"&gt;GET&lt;/span&gt; &lt;span class="nn"&gt;/users/42&lt;/span&gt; &lt;span class="k"&gt;HTTP&lt;/span&gt;&lt;span class="o"&gt;/&lt;/span&gt;&lt;span class="m"&gt;1.1&lt;/span&gt;
&lt;span class="na"&gt;Host&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="s"&gt;example.com&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;That &lt;code&gt;GET&lt;/code&gt; at the start? That's the method. Simple as that.&lt;/p&gt;

&lt;h2&gt;
  
  
  Why This Topic Matters
&lt;/h2&gt;

&lt;p&gt;Here's the thing — picking the wrong HTTP method isn't just "technically incorrect." It causes real problems:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Search engines and browsers may &lt;strong&gt;cache GET requests&lt;/strong&gt;, so if you use GET to delete something, a bot crawling your site could accidentally trigger it. (Yes, this has actually happened to real companies.)&lt;/li&gt;
&lt;li&gt;Some methods are expected to be &lt;strong&gt;idempotent&lt;/strong&gt; (calling them multiple times gives the same result), and breaking that expectation can cause bugs that are painful to track down.&lt;/li&gt;
&lt;li&gt;REST APIs are &lt;em&gt;built&lt;/em&gt; around these methods. If you're building or consuming an API, understanding methods makes the whole API design make sense instantly instead of feeling like memorized magic.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;Once this clicks, reading any API documentation becomes a lot less intimidating. 💡&lt;/p&gt;

&lt;h2&gt;
  
  
  The Main HTTP Methods and Their Use Cases
&lt;/h2&gt;

&lt;p&gt;Let's go through the ones you'll actually use day to day.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;1. GET — Fetching data&lt;/strong&gt;&lt;br&gt;
Used to retrieve information without changing anything on the server.&lt;br&gt;
&lt;em&gt;Example:&lt;/em&gt; Loading a user's profile page, fetching a list of products, or calling &lt;code&gt;GET /posts/10&lt;/code&gt; to read a blog post.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;2. POST — Creating something new&lt;/strong&gt;&lt;br&gt;
Used to send data to the server, usually to create a new resource.&lt;br&gt;
&lt;em&gt;Example:&lt;/em&gt; Submitting a signup form, creating a new blog post, or sending a comment.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;3. PUT — Replacing a resource completely&lt;/strong&gt;&lt;br&gt;
Used to update a resource by replacing it entirely with the new data you send.&lt;br&gt;
&lt;em&gt;Example:&lt;/em&gt; Updating a user's full profile where you send the entire object (name, email, bio — everything), not just one field.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;4. PATCH — Updating part of a resource&lt;/strong&gt;&lt;br&gt;
Used when you only want to change a specific field, not the whole thing.&lt;br&gt;
&lt;em&gt;Example:&lt;/em&gt; Updating just a user's email address without touching their name or bio.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;5. DELETE — Removing a resource&lt;/strong&gt;&lt;br&gt;
Used to delete something from the server.&lt;br&gt;
&lt;em&gt;Example:&lt;/em&gt; &lt;code&gt;DELETE /posts/10&lt;/code&gt; to remove a blog post permanently.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;6. HEAD — Like GET, but without the body&lt;/strong&gt;&lt;br&gt;
Used to check if a resource exists or get its headers (like file size or last-modified date) without downloading the full content.&lt;br&gt;
&lt;em&gt;Example:&lt;/em&gt; Checking if a large file still exists before downloading it.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;7. OPTIONS — Asking what's allowed&lt;/strong&gt;&lt;br&gt;
Used to find out which methods and headers are supported for a particular endpoint. Browsers often send this automatically as a "preflight" request before certain cross-origin requests (CORS).&lt;/p&gt;

&lt;p&gt;Each of these exists because real-world apps need different kinds of actions — reading, creating, replacing, partially updating, deleting, and checking. Once you see them as "actions," not random labels, they stop feeling abstract.&lt;/p&gt;

&lt;h2&gt;
  
  
  GET vs POST: The Comparison Everyone Actually Needs
&lt;/h2&gt;

&lt;p&gt;These two get confused the most, so here's a quick side-by-side:&lt;/p&gt;

&lt;div class="table-wrapper-paragraph"&gt;&lt;table&gt;
&lt;thead&gt;
&lt;tr&gt;
&lt;th&gt;&lt;/th&gt;
&lt;th&gt;&lt;strong&gt;GET&lt;/strong&gt;&lt;/th&gt;
&lt;th&gt;&lt;strong&gt;POST&lt;/strong&gt;&lt;/th&gt;
&lt;/tr&gt;
&lt;/thead&gt;
&lt;tbody&gt;
&lt;tr&gt;
&lt;td&gt;&lt;strong&gt;Purpose&lt;/strong&gt;&lt;/td&gt;
&lt;td&gt;Retrieve data&lt;/td&gt;
&lt;td&gt;Send/create data&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;&lt;strong&gt;Data location&lt;/strong&gt;&lt;/td&gt;
&lt;td&gt;Sent in the URL (query params)&lt;/td&gt;
&lt;td&gt;Sent in the request body&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;&lt;strong&gt;Visible in URL?&lt;/strong&gt;&lt;/td&gt;
&lt;td&gt;Yes&lt;/td&gt;
&lt;td&gt;No&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;&lt;strong&gt;Cacheable?&lt;/strong&gt;&lt;/td&gt;
&lt;td&gt;Yes, by default&lt;/td&gt;
&lt;td&gt;Generally no&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;&lt;strong&gt;Safe for sensitive data?&lt;/strong&gt;&lt;/td&gt;
&lt;td&gt;No — avoid passwords, tokens, etc.&lt;/td&gt;
&lt;td&gt;Safer, since it's not in the URL&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;&lt;strong&gt;Idempotent?&lt;/strong&gt;&lt;/td&gt;
&lt;td&gt;Yes (calling it repeatedly is safe)&lt;/td&gt;
&lt;td&gt;No (each call may create a new resource)&lt;/td&gt;
&lt;/tr&gt;
&lt;/tbody&gt;
&lt;/table&gt;&lt;/div&gt;

&lt;p&gt;A simple rule of thumb: if you're just &lt;em&gt;looking&lt;/em&gt; at something, use GET. If you're &lt;em&gt;changing&lt;/em&gt; something, use POST, PUT, PATCH, or DELETE depending on what kind of change it is.&lt;/p&gt;

&lt;h2&gt;
  
  
  Best Tips for Using HTTP Methods Correctly
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;✅ &lt;strong&gt;Use GET only for reading.&lt;/strong&gt; Never use it to trigger actions like deleting or updating data.&lt;/li&gt;
&lt;li&gt;✅ &lt;strong&gt;Match PUT and PATCH to what you're actually sending.&lt;/strong&gt; Full object replacement → PUT. Partial update → PATCH.&lt;/li&gt;
&lt;li&gt;✅ &lt;strong&gt;Don't put sensitive data in a GET URL.&lt;/strong&gt; URLs get logged in browser history, server logs, and proxies.&lt;/li&gt;
&lt;li&gt;✅ &lt;strong&gt;Return the right status code with each method.&lt;/strong&gt; For example, &lt;code&gt;201 Created&lt;/code&gt; after a successful POST, &lt;code&gt;204 No Content&lt;/code&gt; after a successful DELETE.&lt;/li&gt;
&lt;li&gt;✅ &lt;strong&gt;Keep DELETE requests intentional.&lt;/strong&gt; Add confirmation steps in your UI so a DELETE call doesn't fire accidentally.&lt;/li&gt;
&lt;/ul&gt;

&lt;h2&gt;
  
  
  Common Mistakes People Make
&lt;/h2&gt;

&lt;p&gt;&lt;strong&gt;1. Using GET to perform actions&lt;/strong&gt;&lt;br&gt;
Some beginners build endpoints like &lt;code&gt;GET /deleteUser/5&lt;/code&gt; because it's "easier to test in the browser." This is risky — browsers, crawlers, or cached links could trigger it unintentionally.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;2. Treating PUT and PATCH as interchangeable&lt;/strong&gt;&lt;br&gt;
They look similar, but PUT expects the &lt;em&gt;full&lt;/em&gt; resource, while PATCH expects only the &lt;em&gt;changed&lt;/em&gt; fields. Mixing them up can silently wipe out data you didn't mean to touch.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;3. Forgetting that POST isn't idempotent&lt;/strong&gt;&lt;br&gt;
If a POST request fails and your app retries it automatically without protection (like an idempotency key), you could end up creating duplicate records — duplicate orders, duplicate sign-ups, and so on.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;4. Ignoring OPTIONS and CORS issues&lt;/strong&gt;&lt;br&gt;
When working with frontend apps calling APIs on a different domain, the browser sends an OPTIONS request first. If your backend doesn't handle it properly, your "perfectly working" POST request will fail — and it's confusing if you don't know OPTIONS exists.&lt;/p&gt;

&lt;h2&gt;
  
  
  Wrapping Up
&lt;/h2&gt;

&lt;p&gt;HTTP request methods aren't just labels — they're a shared language that tells servers exactly what kind of action you intend to perform. Once you understand the role of GET, POST, PUT, PATCH, DELETE, HEAD, and OPTIONS, API documentation stops feeling like a puzzle and starts feeling like a map you already know how to read.&lt;/p&gt;

&lt;p&gt;If this helped clear things up, you'll find more practical, no-fluff developer guides like this over at &lt;strong&gt;&lt;a href="https://hamidrazadev.com" rel="noopener noreferrer"&gt;hamidrazadev.com&lt;/a&gt;&lt;/strong&gt;. Feel free to share this with a fellow dev who's still mixing up PUT and PATCH 😊, and drop a comment if you'd like a deeper dive into any of these methods!&lt;/p&gt;

</description>
      <category>webdev</category>
      <category>beginners</category>
      <category>http</category>
      <category>api</category>
    </item>
    <item>
      <title>VS Code 1.125 Is Here: A Smarter Browser, Better Extension Updates, and More Copilot Control 🚀</title>
      <dc:creator>Muhammad Hamid Raza</dc:creator>
      <pubDate>Sat, 20 Jun 2026 07:48:24 +0000</pubDate>
      <link>https://dev.to/hamidrazadev/vs-code-1125-is-here-a-smarter-browser-better-extension-updates-and-more-copilot-control-91i</link>
      <guid>https://dev.to/hamidrazadev/vs-code-1125-is-here-a-smarter-browser-better-extension-updates-and-more-copilot-control-91i</guid>
      <description>&lt;p&gt;Ever updated VS Code, opened a dozen tabs to figure out "wait, what actually changed?", and given up halfway through? Yeah, me too.&lt;/p&gt;

&lt;p&gt;VS Code 1.125 landed on June 17, 2026, and this time the changelog is actually worth your coffee break. There's a browser built right into your editor that can now search the web and reach into remote machines, you finally get to decide &lt;em&gt;when&lt;/em&gt; your extensions update instead of being surprised mid-debug session, and IT admins get a much easier way to roll out Copilot settings across a whole company.&lt;/p&gt;

&lt;p&gt;Let's break down what's new, why it matters, and how to actually use it. 👀&lt;/p&gt;

&lt;h2&gt;
  
  
  What Is VS Code 1.125?
&lt;/h2&gt;

&lt;p&gt;If you're new here: Visual Studio Code is the free code editor made by Microsoft that most developers use every single day. Think of it like your workshop — it's where you write code, fix bugs, and build whatever you're working on.&lt;/p&gt;

&lt;p&gt;Every few weeks, the VS Code team ships an update. Sometimes it's small polish, sometimes it's a feature that changes your daily workflow. Version 1.125 is one of the bigger ones, with real improvements to the agent experience, the language model picker, the integrated browser, and how extensions update themselves.&lt;/p&gt;

&lt;p&gt;Think of it like your phone getting a software update — except instead of just fixing battery drain, it sometimes hands you a whole new tool you didn't know you needed.&lt;/p&gt;

&lt;h2&gt;
  
  
  Why This Update Matters
&lt;/h2&gt;

&lt;p&gt;A code editor isn't just where you type. It's where you search docs, test APIs, debug remote servers, manage extensions, and (if you're on a team) follow company policy without it getting in your way.&lt;/p&gt;

&lt;p&gt;1.125 touches all of that:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;You can now &lt;strong&gt;search the web directly inside VS Code's browser&lt;/strong&gt; instead of alt-tabbing to Chrome fifty times a day.&lt;/li&gt;
&lt;li&gt;You get &lt;strong&gt;control over when extensions update&lt;/strong&gt;, so a risky update doesn't drop in the middle of a live demo.&lt;/li&gt;
&lt;li&gt;Teams using Copilot get &lt;strong&gt;centralized policy management&lt;/strong&gt;, which makes life easier for admins and more predictable for developers.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;None of this is flashy AI magic. It's the kind of "small friction removed" update that quietly makes your day smoother — and those add up.&lt;/p&gt;

&lt;h2&gt;
  
  
  Benefits with Real-Life Examples 💡
&lt;/h2&gt;

&lt;h3&gt;
  
  
  1. Web search right in the integrated browser
&lt;/h3&gt;

&lt;p&gt;&lt;strong&gt;Setting:&lt;/strong&gt; &lt;code&gt;workbench.browser.searchEngine&lt;/code&gt;&lt;/p&gt;

&lt;p&gt;You can now type a query straight into the integrated browser's address bar, and it searches using your configured search engine — just like a normal browser tab.&lt;/p&gt;

&lt;p&gt;&lt;em&gt;Real-life example:&lt;/em&gt; You're deep in a function, need to quickly check a Stack Overflow answer or MDN doc, and instead of switching windows and losing your train of thought, you just search right there in VS Code. Small thing, but it keeps you "in the zone."&lt;/p&gt;

&lt;h3&gt;
  
  
  2. Browse over remote connections (Preview)
&lt;/h3&gt;

&lt;p&gt;&lt;strong&gt;Setting:&lt;/strong&gt; &lt;code&gt;workbench.browser.enableRemoteProxy&lt;/code&gt;&lt;/p&gt;

&lt;p&gt;When you're working in a remote workspace (like a dev container or remote SSH server), the integrated browser can now proxy your web traffic through that remote connection. That means you can securely reach ports or internal services that are &lt;em&gt;only&lt;/em&gt; visible from the remote machine.&lt;/p&gt;

&lt;p&gt;&lt;em&gt;Real-life example:&lt;/em&gt; You're running a local dashboard on a remote dev server at port 5000. Normally that's invisible to your laptop's browser. Now, with this preview setting on, VS Code can reach it directly. It's still labeled "preview," so expect a few rough edges — but it solves a genuinely annoying problem.&lt;/p&gt;

&lt;h3&gt;
  
  
  3. Better port handling for agents
&lt;/h3&gt;

&lt;p&gt;If you've forwarded a port in a remote workspace, agents previously could fumble trying to open the browser because the port number didn't match. Now, when an agent requests a forwarded port, VS Code rewrites the URL automatically and lets the agent know. Less confusion, fewer "why isn't this loading" moments.&lt;/p&gt;

&lt;h3&gt;
  
  
  4. Install model providers straight from the Language Models editor
&lt;/h3&gt;

&lt;p&gt;Extensions can bring their own AI model providers beyond the usual Bring Your Own Key (BYOK) setup. Before, you had to already know the right tag to search for in the Extensions view (&lt;code&gt;language-models&lt;/code&gt; — now you know 😄). &lt;/p&gt;

&lt;p&gt;Now there's an &lt;strong&gt;Install Model Providers&lt;/strong&gt; button right in the Language Models editor. Click it, and it opens the Extensions view already filtered to relevant extensions. Once installed, the new models just show up in your model picker alongside everything else.&lt;/p&gt;

&lt;p&gt;&lt;em&gt;Real-life example:&lt;/em&gt; You hear about a new model provider extension from a colleague but don't remember the exact search term. Now you don't need to — the button does the filtering for you.&lt;/p&gt;

&lt;h3&gt;
  
  
  5. Configurable extension auto-update delay
&lt;/h3&gt;

&lt;p&gt;&lt;strong&gt;Setting:&lt;/strong&gt; &lt;code&gt;extensions.autoUpdateDelay&lt;/code&gt;&lt;/p&gt;

&lt;p&gt;This builds on the delayed auto-update feature from the previous release. You can now set, in hours, how long VS Code waits before it installs an extension update. By default, it's two hours.&lt;/p&gt;

&lt;p&gt;&lt;em&gt;Real-life example:&lt;/em&gt; An extension you rely on pushes a buggy update. With a delay configured, you (or your team) have a window to spot the problem before it lands on every machine. It's a small safety net that costs nothing to set up.&lt;/p&gt;

&lt;h3&gt;
  
  
  6. Simplified auto-update setting
&lt;/h3&gt;

&lt;p&gt;&lt;strong&gt;Setting:&lt;/strong&gt; &lt;code&gt;extensions.autoUpdate&lt;/code&gt;&lt;/p&gt;

&lt;p&gt;The setting is now just &lt;code&gt;on&lt;/code&gt; or &lt;code&gt;off&lt;/code&gt; — no more juggling &lt;code&gt;true&lt;/code&gt;, &lt;code&gt;false&lt;/code&gt;, &lt;code&gt;onlyEnabledExtensions&lt;/code&gt;, and &lt;code&gt;delayed&lt;/code&gt;. Existing values migrate automatically. One useful behavior to know: when auto-update is on, only &lt;strong&gt;enabled&lt;/strong&gt; extensions get updated. Disabled ones update the next time you turn them back on.&lt;/p&gt;

&lt;h3&gt;
  
  
  7. Track your Copilot additional spend
&lt;/h3&gt;

&lt;p&gt;The Copilot status dashboard now shows what percentage of your additional spend budget you've used. If you're on a usage-based plan, you can glance at this before you accidentally blow past your limit.&lt;/p&gt;

&lt;p&gt;&lt;em&gt;Real-life example:&lt;/em&gt; You're mid-sprint, leaning on Copilot heavily, and instead of getting surprised by a bill, you check the dashboard and see you're at 80% of your extra budget. Now you can pace yourself (or ask finance for more budget, no judgment).&lt;/p&gt;

&lt;h3&gt;
  
  
  8. Native MDM delivery for managed Copilot settings
&lt;/h3&gt;

&lt;p&gt;For teams: admins can now push Copilot policies through native device management (MDM) on Windows and macOS, not just through the account-based settings file. This means policy can be enforced at the device level, without needing every developer to sign in first.&lt;/p&gt;

&lt;p&gt;&lt;em&gt;Real-life example:&lt;/em&gt; A company wants to disable a certain Copilot feature org-wide for compliance reasons. IT can now push that through the same MDM tooling they already use for everything else — no extra sign-in step required from each developer, and the setting shows up as policy-enforced and locked in VS Code.&lt;/p&gt;

&lt;h3&gt;
  
  
  9. Language Server Protocol updated to 3.18
&lt;/h3&gt;

&lt;p&gt;If you build language servers, you can now use protocol version 3.18, with &lt;code&gt;vscode-languageclient@10.0.0&lt;/code&gt; and &lt;code&gt;vscode-languageserver@10.0.0&lt;/code&gt; available as the matching client and server packages. Check the changelog for the full list of additions and breaking changes before upgrading.&lt;/p&gt;

&lt;h2&gt;
  
  
  Auto-Update: Before vs After 1.125
&lt;/h2&gt;

&lt;div class="table-wrapper-paragraph"&gt;&lt;table&gt;
&lt;thead&gt;
&lt;tr&gt;
&lt;th&gt;&lt;/th&gt;
&lt;th&gt;Before 1.125&lt;/th&gt;
&lt;th&gt;After 1.125&lt;/th&gt;
&lt;/tr&gt;
&lt;/thead&gt;
&lt;tbody&gt;
&lt;tr&gt;
&lt;td&gt;Update timing control&lt;/td&gt;
&lt;td&gt;Limited delay options, confusing setting values&lt;/td&gt;
&lt;td&gt;Clean &lt;code&gt;on&lt;/code&gt;/&lt;code&gt;off&lt;/code&gt; toggle plus a configurable delay in hours&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;Disabled extensions&lt;/td&gt;
&lt;td&gt;Could still get updated in some cases&lt;/td&gt;
&lt;td&gt;Only update when you re-enable them&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;Admin policy control&lt;/td&gt;
&lt;td&gt;Account-based settings file only&lt;/td&gt;
&lt;td&gt;Account-based file &lt;strong&gt;or&lt;/strong&gt; native MDM on Windows/macOS&lt;/td&gt;
&lt;/tr&gt;
&lt;/tbody&gt;
&lt;/table&gt;&lt;/div&gt;

&lt;p&gt;This isn't a dramatic before-and-after — it's VS Code quietly removing rough edges. But if you've ever been bitten by a surprise extension update, you'll appreciate it.&lt;/p&gt;

&lt;h2&gt;
  
  
  Best Tips for Using 1.125
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;Set a sensible auto-update delay.&lt;/strong&gt; Two hours is the default, but if you work on a critical project, consider bumping it up so you have time to notice problems before they hit your machine.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Try the integrated browser's web search before reaching for Chrome.&lt;/strong&gt; It's a tiny habit change that keeps you focused.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;If you're on a remote workspace often&lt;/strong&gt;, turn on &lt;code&gt;workbench.browser.enableRemoteProxy&lt;/code&gt; and see if it saves you from manual port-forwarding gymnastics. Remember it's a preview feature, so report bugs if you hit any.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Check your Copilot spend dashboard regularly&lt;/strong&gt; if you're on a usage-based plan — don't wait for the bill to surprise you.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;If you manage a team&lt;/strong&gt;, look into the new MDM delivery option for Copilot policies. It can simplify your rollout, especially if you already use device management tools.&lt;/li&gt;
&lt;/ul&gt;

&lt;h2&gt;
  
  
  Common Mistakes to Avoid
&lt;/h2&gt;

&lt;p&gt;&lt;strong&gt;Assuming the remote browser proxy is production-ready.&lt;/strong&gt; It's explicitly marked as a preview feature. Don't build a critical workflow around it yet — test it, expect occasional bugs, and report issues if you find them.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Forgetting that disabled extensions don't auto-update.&lt;/strong&gt; If you disable an extension to "deal with it later" and forget about it, it'll be stuck on an old version until you re-enable it. Not a bug — just something to remember.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Ignoring the LSP version bump if you maintain a language server.&lt;/strong&gt; Jumping to &lt;code&gt;vscode-languageclient@10.0.0&lt;/code&gt; without checking the changelog could introduce breaking changes you didn't expect. Read the notes first, then upgrade.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Mixing up the auto-update setting values after migration.&lt;/strong&gt; If you had a custom value like &lt;code&gt;onlyEnabledExtensions&lt;/code&gt; before, it gets migrated automatically — but it's worth double-checking your settings.json after updating, just so there are no surprises.&lt;/p&gt;

&lt;h2&gt;
  
  
  Wrapping Up
&lt;/h2&gt;

&lt;p&gt;VS Code 1.125 isn't a flashy, headline-grabbing release — it's a "the little things finally got fixed" release. A browser that searches the web and reaches remote ports, extension updates you actually control, and Copilot policies that are easier for teams to manage. Put together, it's a smoother day-to-day experience for solo developers and teams alike.&lt;/p&gt;

&lt;p&gt;If this rundown helped you understand what's new without digging through the full changelog yourself, that's exactly what it's here for. 😊&lt;/p&gt;

&lt;p&gt;Want more developer-friendly breakdowns like this one? Check out more posts at &lt;a href="https://hamidrazadev.com" rel="noopener noreferrer"&gt;hamidrazadev.com&lt;/a&gt;, and if this saved you some time, share it with a teammate who's still wondering why their extensions keep updating at the worst possible moment. Got thoughts on the new integrated browser features? Drop a comment — I'd love to hear how you're using them. 🔧&lt;/p&gt;

</description>
      <category>vscode</category>
      <category>webdev</category>
      <category>productivity</category>
      <category>softwareengineering</category>
    </item>
    <item>
      <title>Postman Explained: How to Use It, Set Up Environments, and Structure a Real Project 🚀</title>
      <dc:creator>Muhammad Hamid Raza</dc:creator>
      <pubDate>Sat, 20 Jun 2026 07:28:29 +0000</pubDate>
      <link>https://dev.to/hamidrazadev/postman-explained-how-to-use-it-set-up-environments-and-structure-a-real-project-3pih</link>
      <guid>https://dev.to/hamidrazadev/postman-explained-how-to-use-it-set-up-environments-and-structure-a-real-project-3pih</guid>
      <description>&lt;p&gt;If you've ever tested an API by pasting a URL into your browser and praying it works... we need to talk. 😅&lt;/p&gt;

&lt;p&gt;That used to be me too. Then I found Postman, and testing APIs stopped feeling like guesswork. No more switching between five terminal tabs just to check if your login endpoint actually returns a token.&lt;/p&gt;

&lt;p&gt;Here's the real question though: do you actually know how to set up Postman the &lt;em&gt;right&lt;/em&gt; way — environments, variables, and a clean project structure — or are you still copy-pasting the same base URL into every single request? 👀&lt;/p&gt;

&lt;p&gt;By the end of this post, you'll know exactly how to use Postman properly, how environments work, and how to structure a project the way real teams do it at work. Let's get into it.&lt;/p&gt;

&lt;h2&gt;
  
  
  What Is Postman?
&lt;/h2&gt;

&lt;p&gt;Postman is a tool that lets you send requests to an API and see what comes back — without writing a single line of code.&lt;/p&gt;

&lt;p&gt;Think of an API like a restaurant kitchen. You (the customer) don't walk into the kitchen and cook your own food. You give your order to a waiter (the API), and the kitchen sends back your meal. Postman is like a practice menu where you can place test orders anytime, see exactly what the kitchen sends back, and check if it's correct — all before your actual app ever talks to that kitchen.&lt;/p&gt;

&lt;p&gt;In technical terms: Postman lets you send HTTP requests (GET, POST, PUT, DELETE, and more) to any API endpoint, attach headers, send data in the body, and inspect the response — status code, JSON data, response time, all of it.&lt;/p&gt;

&lt;p&gt;It's used by backend developers to test their own APIs, frontend developers to understand what data they'll receive, and QA engineers to verify that APIs behave correctly.&lt;/p&gt;

&lt;h2&gt;
  
  
  Why Postman Matters
&lt;/h2&gt;

&lt;p&gt;Here's the thing — before you connect your frontend to a backend, you need to know the backend actually works. Postman lets you confirm that &lt;em&gt;before&lt;/em&gt; writing a single line of fetch or axios code.&lt;/p&gt;

&lt;p&gt;It also saves you from one of the most annoying debugging situations: not knowing if a bug is in your frontend code or your backend API. With Postman, you test the API directly. If Postman gets a clean response and your app still breaks, you know exactly where to look.&lt;/p&gt;

&lt;p&gt;For teams, it goes further. Postman becomes a shared source of truth. Instead of one developer explaining an API over Slack message by message, they just share a Postman collection, and everyone sees the exact same requests, headers, and expected responses.&lt;/p&gt;

&lt;h2&gt;
  
  
  Benefits with Real-Life Examples
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;Test APIs without writing frontend code&lt;/strong&gt; — Building a login API? Test it in Postman first. Send the email and password, check if you get a token back, before touching your React form at all.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Reuse requests instead of rewriting them&lt;/strong&gt; — Save a "Get User Profile" request once. Run it 50 times while you tweak your backend, instead of retyping the URL and headers every time.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Catch bugs early&lt;/strong&gt; — If your API returns a 500 error in Postman, you know the problem is on the backend, not in your UI code. That alone can save hours of confused debugging.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Share your API with teammates instantly&lt;/strong&gt; — Export a collection, send the link, and your teammate has the exact same setup in seconds — no "wait, what URL did you use?" conversations.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Automate testing&lt;/strong&gt; — Postman can automatically check things like "did this return a 200 status?" or "does this response include a user ID?" every time you run a request.&lt;/li&gt;
&lt;/ul&gt;

&lt;h2&gt;
  
  
  How to Use Postman: Requests and Environments
&lt;/h2&gt;

&lt;p&gt;Let's go through the actual workflow, step by step.&lt;/p&gt;

&lt;h3&gt;
  
  
  1. Sending Your First Request
&lt;/h3&gt;

&lt;p&gt;Open Postman, click &lt;strong&gt;New Request&lt;/strong&gt;, choose a method (GET, POST, etc.), paste in your API URL, and hit &lt;strong&gt;Send&lt;/strong&gt;. That's it. You'll see the response body, status code, and timing right below.&lt;/p&gt;

&lt;h3&gt;
  
  
  2. Why You Need Environments
&lt;/h3&gt;

&lt;p&gt;Here's a mistake almost every beginner makes: hardcoding the base URL in every single request.&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;https://api.myapp.com/users
https://api.myapp.com/products
https://api.myapp.com/orders
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;Now imagine your backend moves to a staging server, or you need to test locally. You'd have to manually update the URL in every request. That's painful and error-prone.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Environments&lt;/strong&gt; fix this. An environment is just a named set of variables — for example, &lt;code&gt;Development&lt;/code&gt;, &lt;code&gt;Staging&lt;/code&gt;, and &lt;code&gt;Production&lt;/code&gt; — each holding different values for the same variable names.&lt;/p&gt;

&lt;h3&gt;
  
  
  3. Creating an Environment
&lt;/h3&gt;

&lt;p&gt;In Postman, click the &lt;strong&gt;Environments&lt;/strong&gt; tab on the left sidebar, then &lt;strong&gt;Create Environment&lt;/strong&gt;. Give it a name like &lt;code&gt;Development&lt;/code&gt;, and add a variable:&lt;/p&gt;

&lt;div class="table-wrapper-paragraph"&gt;&lt;table&gt;
&lt;thead&gt;
&lt;tr&gt;
&lt;th&gt;Variable&lt;/th&gt;
&lt;th&gt;Initial Value&lt;/th&gt;
&lt;/tr&gt;
&lt;/thead&gt;
&lt;tbody&gt;
&lt;tr&gt;
&lt;td&gt;&lt;code&gt;base_url&lt;/code&gt;&lt;/td&gt;
&lt;td&gt;&lt;code&gt;http://localhost:5000/api&lt;/code&gt;&lt;/td&gt;
&lt;/tr&gt;
&lt;/tbody&gt;
&lt;/table&gt;&lt;/div&gt;

&lt;p&gt;Create a second environment called &lt;code&gt;Production&lt;/code&gt; with the same variable name but a different value:&lt;/p&gt;

&lt;div class="table-wrapper-paragraph"&gt;&lt;table&gt;
&lt;thead&gt;
&lt;tr&gt;
&lt;th&gt;Variable&lt;/th&gt;
&lt;th&gt;Initial Value&lt;/th&gt;
&lt;/tr&gt;
&lt;/thead&gt;
&lt;tbody&gt;
&lt;tr&gt;
&lt;td&gt;&lt;code&gt;base_url&lt;/code&gt;&lt;/td&gt;
&lt;td&gt;&lt;code&gt;https://api.myapp.com&lt;/code&gt;&lt;/td&gt;
&lt;/tr&gt;
&lt;/tbody&gt;
&lt;/table&gt;&lt;/div&gt;

&lt;p&gt;Now, instead of writing the full URL in every request, you write:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight jinja"&gt;&lt;code&gt;&lt;span class="cp"&gt;{{&lt;/span&gt;&lt;span class="nv"&gt;base_url&lt;/span&gt;&lt;span class="cp"&gt;}}&lt;/span&gt;/users
&lt;span class="cp"&gt;{{&lt;/span&gt;&lt;span class="nv"&gt;base_url&lt;/span&gt;&lt;span class="cp"&gt;}}&lt;/span&gt;/products
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;Switch the active environment from the dropdown in the top-right corner, and every request instantly points to the correct server. No editing, no retyping. 💡&lt;/p&gt;

&lt;h3&gt;
  
  
  4. Variable Scopes (Quick but Important)
&lt;/h3&gt;

&lt;p&gt;Postman has a few levels of variables, and they matter more than people realize:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;Global variables&lt;/strong&gt; — Available everywhere, across all collections.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Collection variables&lt;/strong&gt; — Available only within one collection.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Environment variables&lt;/strong&gt; — Tied to the active environment (Dev, Staging, Production).&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Local variables&lt;/strong&gt; — Exist only for a single request or script run.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;If the same variable name exists in multiple scopes, Postman uses the most specific one. Knowing this saves you a lot of "why isn't my variable updating" confusion.&lt;/p&gt;

&lt;h2&gt;
  
  
  Setting Up a Real Project: Industry-Style Postman Structure
&lt;/h2&gt;

&lt;p&gt;This is the part most tutorials skip. Here's how a real backend team typically structures Postman for an actual project — let's use a simple e-commerce API as an example.&lt;/p&gt;

&lt;h3&gt;
  
  
  Step 1: Create a Workspace
&lt;/h3&gt;

&lt;p&gt;A &lt;strong&gt;Workspace&lt;/strong&gt; is where your whole team works from. Create one and name it after the project, like &lt;code&gt;MyShop API&lt;/code&gt;.&lt;/p&gt;

&lt;h3&gt;
  
  
  Step 2: Organize the Collection by Resource
&lt;/h3&gt;

&lt;p&gt;Inside one collection, create folders by feature, not by HTTP method:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;MyShop API (Collection)
├── Auth
│   ├── POST Register
│   ├── POST Login
│   └── POST Refresh Token
├── Users
│   ├── GET Get Profile
│   └── PUT Update Profile
├── Products
│   ├── GET List Products
│   ├── GET Get Product by ID
│   ├── POST Create Product (admin)
│   └── DELETE Delete Product (admin)
└── Orders
    ├── POST Create Order
    └── GET Get My Orders
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;This mirrors how the backend code itself is usually organized (controllers/routes by feature), so anyone on the team can find what they need instantly.&lt;/p&gt;

&lt;h3&gt;
  
  
  Step 3: Set Authorization at the Collection Level
&lt;/h3&gt;

&lt;p&gt;Instead of adding your auth token to every single request, set it once at the collection root: &lt;strong&gt;Authorization tab → Bearer Token → &lt;code&gt;{{access_token}}&lt;/code&gt;&lt;/strong&gt;. Then in each request's Auth tab, choose &lt;strong&gt;Inherit auth from parent&lt;/strong&gt;. One token, used everywhere.&lt;/p&gt;

&lt;h3&gt;
  
  
  Step 4: Auto-Save Tokens with Test Scripts
&lt;/h3&gt;

&lt;p&gt;This is where Postman becomes genuinely powerful. On your &lt;strong&gt;Login&lt;/strong&gt; request, open the &lt;strong&gt;Tests&lt;/strong&gt; tab and add:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight javascript"&gt;&lt;code&gt;&lt;span class="kd"&gt;const&lt;/span&gt; &lt;span class="nx"&gt;response&lt;/span&gt; &lt;span class="o"&gt;=&lt;/span&gt; &lt;span class="nx"&gt;pm&lt;/span&gt;&lt;span class="p"&gt;.&lt;/span&gt;&lt;span class="nx"&gt;response&lt;/span&gt;&lt;span class="p"&gt;.&lt;/span&gt;&lt;span class="nf"&gt;json&lt;/span&gt;&lt;span class="p"&gt;();&lt;/span&gt;

&lt;span class="k"&gt;if &lt;/span&gt;&lt;span class="p"&gt;(&lt;/span&gt;&lt;span class="nx"&gt;response&lt;/span&gt;&lt;span class="p"&gt;.&lt;/span&gt;&lt;span class="nx"&gt;token&lt;/span&gt;&lt;span class="p"&gt;)&lt;/span&gt; &lt;span class="p"&gt;{&lt;/span&gt;
  &lt;span class="nx"&gt;pm&lt;/span&gt;&lt;span class="p"&gt;.&lt;/span&gt;&lt;span class="nx"&gt;environment&lt;/span&gt;&lt;span class="p"&gt;.&lt;/span&gt;&lt;span class="nf"&gt;set&lt;/span&gt;&lt;span class="p"&gt;(&lt;/span&gt;&lt;span class="dl"&gt;"&lt;/span&gt;&lt;span class="s2"&gt;access_token&lt;/span&gt;&lt;span class="dl"&gt;"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt; &lt;span class="nx"&gt;response&lt;/span&gt;&lt;span class="p"&gt;.&lt;/span&gt;&lt;span class="nx"&gt;token&lt;/span&gt;&lt;span class="p"&gt;);&lt;/span&gt;
&lt;span class="p"&gt;}&lt;/span&gt;

&lt;span class="nx"&gt;pm&lt;/span&gt;&lt;span class="p"&gt;.&lt;/span&gt;&lt;span class="nf"&gt;test&lt;/span&gt;&lt;span class="p"&gt;(&lt;/span&gt;&lt;span class="dl"&gt;"&lt;/span&gt;&lt;span class="s2"&gt;Status code is 200&lt;/span&gt;&lt;span class="dl"&gt;"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt; &lt;span class="nf"&gt;function &lt;/span&gt;&lt;span class="p"&gt;()&lt;/span&gt; &lt;span class="p"&gt;{&lt;/span&gt;
  &lt;span class="nx"&gt;pm&lt;/span&gt;&lt;span class="p"&gt;.&lt;/span&gt;&lt;span class="nx"&gt;response&lt;/span&gt;&lt;span class="p"&gt;.&lt;/span&gt;&lt;span class="nx"&gt;to&lt;/span&gt;&lt;span class="p"&gt;.&lt;/span&gt;&lt;span class="nx"&gt;have&lt;/span&gt;&lt;span class="p"&gt;.&lt;/span&gt;&lt;span class="nf"&gt;status&lt;/span&gt;&lt;span class="p"&gt;(&lt;/span&gt;&lt;span class="mi"&gt;200&lt;/span&gt;&lt;span class="p"&gt;);&lt;/span&gt;
&lt;span class="p"&gt;});&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;Now, every time you log in through Postman, your token is automatically saved into the environment — and every other request that uses &lt;code&gt;{{access_token}}&lt;/code&gt; just works. No manual copy-pasting tokens between requests.&lt;/p&gt;

&lt;h3&gt;
  
  
  Step 5: Chain Requests Together
&lt;/h3&gt;

&lt;p&gt;Same idea applies to IDs. After creating a product, save its ID:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight javascript"&gt;&lt;code&gt;&lt;span class="kd"&gt;const&lt;/span&gt; &lt;span class="nx"&gt;response&lt;/span&gt; &lt;span class="o"&gt;=&lt;/span&gt; &lt;span class="nx"&gt;pm&lt;/span&gt;&lt;span class="p"&gt;.&lt;/span&gt;&lt;span class="nx"&gt;response&lt;/span&gt;&lt;span class="p"&gt;.&lt;/span&gt;&lt;span class="nf"&gt;json&lt;/span&gt;&lt;span class="p"&gt;();&lt;/span&gt;
&lt;span class="nx"&gt;pm&lt;/span&gt;&lt;span class="p"&gt;.&lt;/span&gt;&lt;span class="nx"&gt;environment&lt;/span&gt;&lt;span class="p"&gt;.&lt;/span&gt;&lt;span class="nf"&gt;set&lt;/span&gt;&lt;span class="p"&gt;(&lt;/span&gt;&lt;span class="dl"&gt;"&lt;/span&gt;&lt;span class="s2"&gt;product_id&lt;/span&gt;&lt;span class="dl"&gt;"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt; &lt;span class="nx"&gt;response&lt;/span&gt;&lt;span class="p"&gt;.&lt;/span&gt;&lt;span class="nx"&gt;id&lt;/span&gt;&lt;span class="p"&gt;);&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;Now your "Get Product by ID" request can use &lt;code&gt;{{product_id}}&lt;/code&gt; directly. This is exactly how real test flows are built — one request feeds the next.&lt;/p&gt;

&lt;h3&gt;
  
  
  Step 6: Run the Whole Flow Automatically
&lt;/h3&gt;

&lt;p&gt;Use the &lt;strong&gt;Collection Runner&lt;/strong&gt; (or &lt;strong&gt;Newman&lt;/strong&gt;, Postman's command-line tool) to run every request in order automatically, with all the test assertions checked each time. Teams plug Newman into CI/CD pipelines so the API gets tested automatically on every code push — before a bug ever reaches production.&lt;/p&gt;

&lt;h2&gt;
  
  
  Manual API Testing vs Using Postman
&lt;/h2&gt;

&lt;div class="table-wrapper-paragraph"&gt;&lt;table&gt;
&lt;thead&gt;
&lt;tr&gt;
&lt;th&gt;Manual Testing (curl / browser)&lt;/th&gt;
&lt;th&gt;Using Postman&lt;/th&gt;
&lt;/tr&gt;
&lt;/thead&gt;
&lt;tbody&gt;
&lt;tr&gt;
&lt;td&gt;Retype the same request every time&lt;/td&gt;
&lt;td&gt;Save and reuse requests instantly&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;Hard to manage tokens and headers&lt;/td&gt;
&lt;td&gt;Auto-store tokens with scripts&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;No easy way to switch dev/prod URLs&lt;/td&gt;
&lt;td&gt;One-click environment switching&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;Hard to share with teammates&lt;/td&gt;
&lt;td&gt;Share collections in seconds&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;No built-in way to verify responses&lt;/td&gt;
&lt;td&gt;Built-in test assertions&lt;/td&gt;
&lt;/tr&gt;
&lt;/tbody&gt;
&lt;/table&gt;&lt;/div&gt;

&lt;p&gt;Manual testing with curl still has its place — it's fast for a single quick check. But for anything beyond a one-off request, Postman saves real time.&lt;/p&gt;

&lt;h2&gt;
  
  
  Best Tips / Do's &amp;amp; Don'ts
&lt;/h2&gt;

&lt;p&gt;&lt;strong&gt;Do:&lt;/strong&gt;&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Use environments from day one, even on solo projects. Future-you will thank present-you.&lt;/li&gt;
&lt;li&gt;Name requests clearly: &lt;code&gt;POST Auth - Login&lt;/code&gt;, not &lt;code&gt;Request 1&lt;/code&gt;.&lt;/li&gt;
&lt;li&gt;Write at least one test per request, even just a status code check.&lt;/li&gt;
&lt;li&gt;Keep secrets (API keys, tokens) inside environment variables, not hardcoded in the request.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;&lt;strong&gt;Don't:&lt;/strong&gt;&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Don't hardcode URLs or tokens directly into requests.&lt;/li&gt;
&lt;li&gt;Don't dump every request into one giant unorganized list — use folders.&lt;/li&gt;
&lt;li&gt;Don't share a collection with real production secrets baked into it. Use placeholder values and let each teammate fill in their own environment.&lt;/li&gt;
&lt;/ul&gt;

&lt;h2&gt;
  
  
  Common Mistakes People Make
&lt;/h2&gt;

&lt;p&gt;&lt;strong&gt;Hardcoding the base URL everywhere.&lt;/strong&gt; This happens because it feels faster at first. But the moment you need to switch servers, you're editing dozens of requests instead of one variable.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Forgetting which environment is active.&lt;/strong&gt; A classic one — testing against &lt;code&gt;Production&lt;/code&gt; by accident because you forgot to switch the dropdown. Always glance at the top-right corner before sending a request to anything sensitive.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Not organizing collections with folders.&lt;/strong&gt; Early on, a flat list of 10 requests feels fine. At 80 requests, it's chaos. Folder by feature from the start, even if your project is small right now.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Skipping tests because "it's just for testing."&lt;/strong&gt; Even one simple &lt;code&gt;pm.response.to.have.status(200)&lt;/code&gt; check catches more bugs than you'd expect, especially when you come back to a project after a few weeks away.&lt;/p&gt;

&lt;h2&gt;
  
  
  Wrapping Up
&lt;/h2&gt;

&lt;p&gt;Postman turns API testing from a guessing game into something organized and repeatable. Environments let you switch between local, staging, and production with one click. A clean folder structure keeps your collection readable as your project grows. And test scripts let requests pass data to each other automatically, the same way real backend teams set things up.&lt;/p&gt;

&lt;p&gt;Start small — create one environment, organize your requests into a few folders, and add one test script. You'll feel the difference immediately.&lt;/p&gt;

&lt;p&gt;If this helped you understand Postman a little better, you'll find more practical, no-fluff developer guides over at &lt;a href="https://hamidrazadev.com" rel="noopener noreferrer"&gt;hamidrazadev.com&lt;/a&gt;. Feel free to share this with a teammate who's still pasting raw URLs into the browser, and drop a comment if you've got a Postman tip of your own — always happy to learn one more trick. ✅&lt;/p&gt;

</description>
      <category>postman</category>
      <category>api</category>
      <category>webdev</category>
      <category>backend</category>
    </item>
    <item>
      <title>HTTP Status Codes Explained: The Complete Guide Every Developer Needs 🚀</title>
      <dc:creator>Muhammad Hamid Raza</dc:creator>
      <pubDate>Fri, 19 Jun 2026 11:47:44 +0000</pubDate>
      <link>https://dev.to/hamidrazadev/http-status-codes-explained-the-complete-guide-every-developer-needs-3g51</link>
      <guid>https://dev.to/hamidrazadev/http-status-codes-explained-the-complete-guide-every-developer-needs-3g51</guid>
      <description>&lt;p&gt;You open DevTools. You see a request fail. And there it is: a three-digit number staring back at you like it owes you money.&lt;/p&gt;

&lt;p&gt;&lt;code&gt;404&lt;/code&gt;. &lt;code&gt;500&lt;/code&gt;. &lt;code&gt;403&lt;/code&gt;. &lt;code&gt;301&lt;/code&gt;.&lt;/p&gt;

&lt;p&gt;If you've ever stared at one of these and thought "okay... but what do I actually &lt;em&gt;do&lt;/em&gt; now?" — you're not alone. Every developer, from total beginners to people who've shipped production apps for years, has Googled a status code at 2 AM.&lt;/p&gt;

&lt;p&gt;Here's the good news: HTTP status codes aren't random. They're a simple, organized language your server uses to tell your browser (or your app, or your API client) exactly what happened. Once you understand the pattern, you'll never feel lost again. 💡&lt;/p&gt;

&lt;p&gt;Let's break it down properly.&lt;/p&gt;

&lt;h2&gt;
  
  
  What Are HTTP Status Codes?
&lt;/h2&gt;

&lt;p&gt;Every time your browser asks a server for something — a webpage, an image, an API response — the server replies with two things: the actual content (if any), and a &lt;strong&gt;status code&lt;/strong&gt;.&lt;/p&gt;

&lt;p&gt;Think of it like ordering food at a counter. You ask for a burger. The person behind the counter can say:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;"Here you go!" ✅ (your order worked)&lt;/li&gt;
&lt;li&gt;"We're out of buns, give us a sec" (something temporary happened)&lt;/li&gt;
&lt;li&gt;"That's not on our menu" (you asked for something that doesn't exist)&lt;/li&gt;
&lt;li&gt;"Our kitchen caught fire" (it's not your fault — something broke on their end)&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;HTTP status codes are exactly that, but for the web. They're three-digit numbers, and the &lt;strong&gt;first digit tells you the category&lt;/strong&gt;:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;1xx&lt;/strong&gt; – Informational: "Hold on, I'm working on it"&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;2xx&lt;/strong&gt; – Success: "Here's your stuff, all good"&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;3xx&lt;/strong&gt; – Redirection: "What you want is actually over here"&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;4xx&lt;/strong&gt; – Client Error: "You (the request) did something wrong"&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;5xx&lt;/strong&gt; – Server Error: "I (the server) messed up"&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;That's it. That's the whole system. Everything else is just detail within those five buckets.&lt;/p&gt;

&lt;h2&gt;
  
  
  Why This Topic Matters
&lt;/h2&gt;

&lt;p&gt;You can't debug what you don't understand. Status codes are usually the &lt;strong&gt;first clue&lt;/strong&gt; you get when something breaks — before you even open a single line of code.&lt;/p&gt;

&lt;p&gt;A &lt;code&gt;404&lt;/code&gt; tells you to check your URL or routing. A &lt;code&gt;401&lt;/code&gt; tells you it's an auth problem, not a server problem. A &lt;code&gt;500&lt;/code&gt; tells you to look at your backend logs, not your frontend fetch call.&lt;/p&gt;

&lt;p&gt;Knowing status codes well saves you time. Instead of randomly poking at your code, you immediately know &lt;em&gt;where&lt;/em&gt; to look. That's the difference between a 5-minute fix and an hour of guessing. ⚡&lt;/p&gt;

&lt;p&gt;It also matters for your career. Status codes come up in interviews, code reviews, API design discussions, and daily standups. Saying "the API returns a 422 when validation fails" instantly signals you know what you're talking about.&lt;/p&gt;

&lt;h2&gt;
  
  
  The Quick Reference Table
&lt;/h2&gt;

&lt;p&gt;Here's a scannable list of the standard codes, grouped by class. Bookmark this section. 👀&lt;/p&gt;

&lt;h3&gt;
  
  
  1xx — Informational
&lt;/h3&gt;

&lt;div class="table-wrapper-paragraph"&gt;&lt;table&gt;
&lt;thead&gt;
&lt;tr&gt;
&lt;th&gt;Code&lt;/th&gt;
&lt;th&gt;Name&lt;/th&gt;
&lt;th&gt;Meaning&lt;/th&gt;
&lt;/tr&gt;
&lt;/thead&gt;
&lt;tbody&gt;
&lt;tr&gt;
&lt;td&gt;100&lt;/td&gt;
&lt;td&gt;Continue&lt;/td&gt;
&lt;td&gt;Server received the request headers; client should send the body&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;101&lt;/td&gt;
&lt;td&gt;Switching Protocols&lt;/td&gt;
&lt;td&gt;Server is switching protocols as requested (e.g., to WebSocket)&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;102&lt;/td&gt;
&lt;td&gt;Processing&lt;/td&gt;
&lt;td&gt;Server is still processing, response isn't ready yet&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;103&lt;/td&gt;
&lt;td&gt;Early Hints&lt;/td&gt;
&lt;td&gt;Server sends some headers early, before the final response&lt;/td&gt;
&lt;/tr&gt;
&lt;/tbody&gt;
&lt;/table&gt;&lt;/div&gt;

&lt;h3&gt;
  
  
  2xx — Success
&lt;/h3&gt;

&lt;div class="table-wrapper-paragraph"&gt;&lt;table&gt;
&lt;thead&gt;
&lt;tr&gt;
&lt;th&gt;Code&lt;/th&gt;
&lt;th&gt;Name&lt;/th&gt;
&lt;th&gt;Meaning&lt;/th&gt;
&lt;/tr&gt;
&lt;/thead&gt;
&lt;tbody&gt;
&lt;tr&gt;
&lt;td&gt;200&lt;/td&gt;
&lt;td&gt;OK&lt;/td&gt;
&lt;td&gt;The request succeeded&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;201&lt;/td&gt;
&lt;td&gt;Created&lt;/td&gt;
&lt;td&gt;A new resource was successfully created&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;202&lt;/td&gt;
&lt;td&gt;Accepted&lt;/td&gt;
&lt;td&gt;Request accepted, but processing isn't finished yet&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;204&lt;/td&gt;
&lt;td&gt;No Content&lt;/td&gt;
&lt;td&gt;Success, but there's nothing to send back&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;206&lt;/td&gt;
&lt;td&gt;Partial Content&lt;/td&gt;
&lt;td&gt;Server sent only part of the resource (used in streaming/downloads)&lt;/td&gt;
&lt;/tr&gt;
&lt;/tbody&gt;
&lt;/table&gt;&lt;/div&gt;

&lt;h3&gt;
  
  
  3xx — Redirection
&lt;/h3&gt;

&lt;div class="table-wrapper-paragraph"&gt;&lt;table&gt;
&lt;thead&gt;
&lt;tr&gt;
&lt;th&gt;Code&lt;/th&gt;
&lt;th&gt;Name&lt;/th&gt;
&lt;th&gt;Meaning&lt;/th&gt;
&lt;/tr&gt;
&lt;/thead&gt;
&lt;tbody&gt;
&lt;tr&gt;
&lt;td&gt;301&lt;/td&gt;
&lt;td&gt;Moved Permanently&lt;/td&gt;
&lt;td&gt;The resource has a new permanent URL&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;302&lt;/td&gt;
&lt;td&gt;Found&lt;/td&gt;
&lt;td&gt;Temporary redirect to a different URL&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;303&lt;/td&gt;
&lt;td&gt;See Other&lt;/td&gt;
&lt;td&gt;Redirect, typically after a form submission&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;304&lt;/td&gt;
&lt;td&gt;Not Modified&lt;/td&gt;
&lt;td&gt;The cached version is still valid, no need to re-download&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;307&lt;/td&gt;
&lt;td&gt;Temporary Redirect&lt;/td&gt;
&lt;td&gt;Like 302, but guarantees the method (GET/POST) stays the same&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;308&lt;/td&gt;
&lt;td&gt;Permanent Redirect&lt;/td&gt;
&lt;td&gt;Like 301, but guarantees the method stays the same&lt;/td&gt;
&lt;/tr&gt;
&lt;/tbody&gt;
&lt;/table&gt;&lt;/div&gt;

&lt;h3&gt;
  
  
  4xx — Client Error
&lt;/h3&gt;

&lt;div class="table-wrapper-paragraph"&gt;&lt;table&gt;
&lt;thead&gt;
&lt;tr&gt;
&lt;th&gt;Code&lt;/th&gt;
&lt;th&gt;Name&lt;/th&gt;
&lt;th&gt;Meaning&lt;/th&gt;
&lt;/tr&gt;
&lt;/thead&gt;
&lt;tbody&gt;
&lt;tr&gt;
&lt;td&gt;400&lt;/td&gt;
&lt;td&gt;Bad Request&lt;/td&gt;
&lt;td&gt;The request itself is malformed or invalid&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;401&lt;/td&gt;
&lt;td&gt;Unauthorized&lt;/td&gt;
&lt;td&gt;You're not authenticated — log in first&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;403&lt;/td&gt;
&lt;td&gt;Forbidden&lt;/td&gt;
&lt;td&gt;You're authenticated, but not allowed to access this&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;404&lt;/td&gt;
&lt;td&gt;Not Found&lt;/td&gt;
&lt;td&gt;The resource doesn't exist&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;405&lt;/td&gt;
&lt;td&gt;Method Not Allowed&lt;/td&gt;
&lt;td&gt;You used the wrong HTTP method (e.g., POST on a GET-only route)&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;408&lt;/td&gt;
&lt;td&gt;Request Timeout&lt;/td&gt;
&lt;td&gt;The server gave up waiting for the request&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;409&lt;/td&gt;
&lt;td&gt;Conflict&lt;/td&gt;
&lt;td&gt;The request conflicts with the current state (e.g., duplicate entry)&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;410&lt;/td&gt;
&lt;td&gt;Gone&lt;/td&gt;
&lt;td&gt;The resource existed once, but is permanently removed&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;413&lt;/td&gt;
&lt;td&gt;Payload Too Large&lt;/td&gt;
&lt;td&gt;You sent too much data&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;415&lt;/td&gt;
&lt;td&gt;Unsupported Media Type&lt;/td&gt;
&lt;td&gt;The format you sent isn't accepted&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;422&lt;/td&gt;
&lt;td&gt;Unprocessable Entity&lt;/td&gt;
&lt;td&gt;The request is well-formed, but the data fails validation&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;429&lt;/td&gt;
&lt;td&gt;Too Many Requests&lt;/td&gt;
&lt;td&gt;You're being rate-limited&lt;/td&gt;
&lt;/tr&gt;
&lt;/tbody&gt;
&lt;/table&gt;&lt;/div&gt;

&lt;h3&gt;
  
  
  5xx — Server Error
&lt;/h3&gt;

&lt;div class="table-wrapper-paragraph"&gt;&lt;table&gt;
&lt;thead&gt;
&lt;tr&gt;
&lt;th&gt;Code&lt;/th&gt;
&lt;th&gt;Name&lt;/th&gt;
&lt;th&gt;Meaning&lt;/th&gt;
&lt;/tr&gt;
&lt;/thead&gt;
&lt;tbody&gt;
&lt;tr&gt;
&lt;td&gt;500&lt;/td&gt;
&lt;td&gt;Internal Server Error&lt;/td&gt;
&lt;td&gt;Something broke on the server, and it's generic/unhandled&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;501&lt;/td&gt;
&lt;td&gt;Not Implemented&lt;/td&gt;
&lt;td&gt;The server doesn't support this functionality&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;502&lt;/td&gt;
&lt;td&gt;Bad Gateway&lt;/td&gt;
&lt;td&gt;A server acting as a proxy got an invalid response upstream&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;503&lt;/td&gt;
&lt;td&gt;Service Unavailable&lt;/td&gt;
&lt;td&gt;Server is overloaded or down for maintenance&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;504&lt;/td&gt;
&lt;td&gt;Gateway Timeout&lt;/td&gt;
&lt;td&gt;A proxy/gateway didn't get a response in time&lt;/td&gt;
&lt;/tr&gt;
&lt;/tbody&gt;
&lt;/table&gt;&lt;/div&gt;

&lt;p&gt;There are a few more obscure ones (like &lt;code&gt;418 I'm a Teapot&lt;/code&gt;, which was originally an April Fools' joke in an RFC and is now sometimes used playfully), but the codes above cover the vast majority of what you'll see in real-world development.&lt;/p&gt;

&lt;h2&gt;
  
  
  Benefits of Understanding Status Codes
&lt;/h2&gt;

&lt;ol&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Faster debugging&lt;/strong&gt; — A &lt;code&gt;403&lt;/code&gt; tells you immediately it's a permissions issue, not a missing route. You skip straight to checking auth logic instead of guessing.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Better API design&lt;/strong&gt; — When you build your own API, choosing the right code (like &lt;code&gt;201&lt;/code&gt; instead of &lt;code&gt;200&lt;/code&gt; after creating a resource) makes your API predictable and easier for other developers to consume.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Clearer communication with teammates&lt;/strong&gt; — Saying "we're getting a 429 from their API" is faster and more precise than "it's just... not working."&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Smarter error handling in code&lt;/strong&gt; — Once you know the categories, you can write logic like "if status is in the 4xx range, show a user-facing error; if it's 5xx, retry or alert the team." This pattern shows up in almost every frontend app that talks to an API.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Confidence during interviews&lt;/strong&gt; — Status codes are a common technical interview topic. Knowing the difference between &lt;code&gt;401&lt;/code&gt; and &lt;code&gt;403&lt;/code&gt;, or &lt;code&gt;301&lt;/code&gt; and &lt;code&gt;302&lt;/code&gt;, shows real hands-on experience.&lt;/p&gt;&lt;/li&gt;
&lt;/ol&gt;

&lt;h2&gt;
  
  
  Comparison: 4xx vs 5xx Errors
&lt;/h2&gt;

&lt;p&gt;This distinction trips up a lot of beginners, so it's worth calling out clearly.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;4xx (Client Error)&lt;/strong&gt;&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;The problem is with the &lt;em&gt;request&lt;/em&gt;.&lt;/li&gt;
&lt;li&gt;Example: wrong URL, missing auth token, bad input data.&lt;/li&gt;
&lt;li&gt;Fix: usually something the frontend or the API consumer needs to correct.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;&lt;strong&gt;5xx (Server Error)&lt;/strong&gt;&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;The problem is on the &lt;em&gt;server's&lt;/em&gt; side.&lt;/li&gt;
&lt;li&gt;Example: a crash in backend code, a database that's unreachable, a misconfigured server.&lt;/li&gt;
&lt;li&gt;Fix: usually something the backend team needs to investigate in logs.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;The simple rule: &lt;strong&gt;4xx means "check your request," 5xx means "check the server."&lt;/strong&gt; This one mental model alone will speed up a huge chunk of your debugging sessions.&lt;/p&gt;

&lt;h2&gt;
  
  
  Best Tips and Do's &amp;amp; Don'ts
&lt;/h2&gt;

&lt;p&gt;✅ &lt;strong&gt;Do&lt;/strong&gt; check the Network tab in DevTools before assuming your code is broken. The status code often tells you exactly where to look.&lt;/p&gt;

&lt;p&gt;✅ &lt;strong&gt;Do&lt;/strong&gt; use specific status codes in your own APIs (&lt;code&gt;201&lt;/code&gt; for creation, &lt;code&gt;204&lt;/code&gt; for a successful delete with no body) instead of always returning &lt;code&gt;200&lt;/code&gt;.&lt;/p&gt;

&lt;p&gt;✅ &lt;strong&gt;Do&lt;/strong&gt; handle 4xx and 5xx differently in your error-handling logic. A 4xx might mean "show the user a message." A 5xx might mean "retry the request" or "alert the team."&lt;/p&gt;

&lt;p&gt;❌ &lt;strong&gt;Don't&lt;/strong&gt; treat every error the same way in your frontend code. A &lt;code&gt;401&lt;/code&gt; should usually redirect to login. A &lt;code&gt;500&lt;/code&gt; shouldn't.&lt;/p&gt;

&lt;p&gt;❌ &lt;strong&gt;Don't&lt;/strong&gt; ignore &lt;code&gt;429 Too Many Requests&lt;/code&gt;. If you're hitting rate limits, slamming the API harder won't help — you need backoff logic.&lt;/p&gt;

&lt;p&gt;❌ &lt;strong&gt;Don't&lt;/strong&gt; assume &lt;code&gt;404&lt;/code&gt; always means "the page doesn't exist." Sometimes it's a typo in your route, a missing trailing slash, or a misconfigured server rule.&lt;/p&gt;

&lt;h2&gt;
  
  
  Common Mistakes People Make
&lt;/h2&gt;

&lt;p&gt;&lt;strong&gt;Mixing up 401 and 403.&lt;/strong&gt; Beginners often use these interchangeably. &lt;code&gt;401&lt;/code&gt; means "I don't know who you are — please log in." &lt;code&gt;403&lt;/code&gt; means "I know who you are, but you're not allowed in." Mixing them up confuses anyone debugging your API later.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Returning 200 for everything, even errors.&lt;/strong&gt; Some APIs send a &lt;code&gt;200 OK&lt;/code&gt; even when something failed, with the actual error buried inside the JSON body. This breaks standard error-handling patterns and forces every consumer of your API to read documentation just to know if something worked. Stick to proper status codes — it saves everyone time.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Not handling redirects properly.&lt;/strong&gt; Developers sometimes assume a &lt;code&gt;301&lt;/code&gt; and &lt;code&gt;302&lt;/code&gt; behave identically. They don't. A &lt;code&gt;301&lt;/code&gt; tells browsers and search engines "update your bookmarks, this is permanent" — which affects caching and SEO. A &lt;code&gt;302&lt;/code&gt; says "this is temporary, don't update anything permanently."&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Panicking at any 4xx or 5xx without reading the code.&lt;/strong&gt; Not all errors are equal. A &lt;code&gt;404&lt;/code&gt; on an optional resource might be totally fine to ignore. A &lt;code&gt;500&lt;/code&gt; on a critical checkout flow needs immediate attention. Context matters more than the fact that "something failed."&lt;/p&gt;

&lt;h2&gt;
  
  
  Wrapping Up
&lt;/h2&gt;

&lt;p&gt;HTTP status codes aren't scary once you see the pattern: &lt;strong&gt;1xx is "wait," 2xx is "success," 3xx is "look elsewhere," 4xx is "you made a mistake," and 5xx is "I made a mistake."&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;That's the whole mental model. Everything else — every specific code — is just a more detailed flavor of one of those five ideas.&lt;/p&gt;

&lt;p&gt;Next time you see a status code pop up in your console, you won't panic. You'll know exactly where to start looking. ✅&lt;/p&gt;

&lt;p&gt;If this helped clear things up, consider sharing it with another developer who's still Googling "what does 403 mean" at 1 AM. And if you want more practical, no-fluff developer content like this, you can find more posts at &lt;a href="https://hamidrazadev.com" rel="noopener noreferrer"&gt;hamidrazadev.com&lt;/a&gt;. Drop a comment if you've got a status code horror story — we've all got one. 😊&lt;/p&gt;

</description>
      <category>webdev</category>
      <category>beginners</category>
      <category>backend</category>
      <category>productivity</category>
    </item>
    <item>
      <title>NestJS: The Backend Framework That Makes Node.js Feel Grown-Up 🚀</title>
      <dc:creator>Muhammad Hamid Raza</dc:creator>
      <pubDate>Wed, 17 Jun 2026 11:21:04 +0000</pubDate>
      <link>https://dev.to/hamidrazadev/nestjs-the-backend-framework-that-makes-nodejs-feel-grown-up-o4o</link>
      <guid>https://dev.to/hamidrazadev/nestjs-the-backend-framework-that-makes-nodejs-feel-grown-up-o4o</guid>
      <description>&lt;p&gt;If you have ever tried to build a large Node.js backend and thought, &lt;em&gt;"Why does this feel like I'm making it up as I go?"&lt;/em&gt; — you are not alone.&lt;/p&gt;

&lt;p&gt;Express is powerful. Fastify is fast. But neither one tells you &lt;em&gt;how&lt;/em&gt; to structure your project. You end up inventing your own patterns, copying folder structures from tutorials, and praying nothing breaks when the project grows.&lt;/p&gt;

&lt;p&gt;That is exactly the problem NestJS was built to solve. And it is solving it really well.&lt;/p&gt;

&lt;p&gt;So what is NestJS, why is everyone suddenly talking about it, and should you actually learn it? Let's find out.&lt;/p&gt;




&lt;h2&gt;
  
  
  What Is NestJS?
&lt;/h2&gt;

&lt;p&gt;NestJS is a &lt;strong&gt;framework for building server-side applications using Node.js&lt;/strong&gt;. It is written in TypeScript and uses a structured, opinionated architecture inspired by Angular.&lt;/p&gt;

&lt;p&gt;Think of it this way:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;Node.js&lt;/strong&gt; is the engine.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Express&lt;/strong&gt; is a car with no seats, no doors, and no steering wheel — powerful, but you have to build everything yourself.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;NestJS&lt;/strong&gt; is a fully assembled car. The seats, doors, engine, and GPS are already there. You just drive.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;Under the hood, NestJS uses Express by default (and optionally Fastify). So you are not throwing away what you know — you are building on top of it with a proper structure.&lt;/p&gt;

&lt;p&gt;NestJS uses &lt;strong&gt;TypeScript, decorators, modules, controllers, and services&lt;/strong&gt; to organize your code in a clean, predictable way. If you have used Angular, this will feel very familiar. If you have not, it is still easy to pick up.&lt;/p&gt;




&lt;h2&gt;
  
  
  Why NestJS Is Getting So Much Attention
&lt;/h2&gt;

&lt;p&gt;Backend development with Node.js has always had an awkward problem. Node.js gives you total freedom, and total freedom means total responsibility for every decision. File structure? Up to you. Dependency injection? Figure it out yourself. Modules? Sure, but how?&lt;/p&gt;

&lt;p&gt;For small projects, this is fine. For production-grade apps with teams and deadlines? It becomes chaos.&lt;/p&gt;

&lt;p&gt;NestJS fixes this by giving developers a &lt;strong&gt;clear, consistent way to build backends&lt;/strong&gt;. It enforces good habits without being painful. And it does this while staying close to patterns that most JavaScript and TypeScript developers already understand.&lt;/p&gt;

&lt;p&gt;Here is why developers are choosing it:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Teams can onboard faster because the folder structure is always familiar&lt;/li&gt;
&lt;li&gt;TypeScript is a first-class citizen, not an afterthought&lt;/li&gt;
&lt;li&gt;Testing is built into the framework, not bolted on&lt;/li&gt;
&lt;li&gt;It works great for REST APIs, GraphQL, WebSockets, and microservices&lt;/li&gt;
&lt;li&gt;The documentation is genuinely excellent&lt;/li&gt;
&lt;/ul&gt;




&lt;h2&gt;
  
  
  Benefits with Real-Life Examples
&lt;/h2&gt;

&lt;p&gt;&lt;strong&gt;✅ Structured Architecture Out of the Box&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;You do not need to spend three hours deciding where to put your files. NestJS gives you modules, controllers, and services right away. A &lt;code&gt;UsersModule&lt;/code&gt; with a &lt;code&gt;UsersController&lt;/code&gt; and &lt;code&gt;UsersService&lt;/code&gt; just makes sense — you can read it and know exactly what each piece does.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;✅ TypeScript by Default&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;No setup, no config fights. You write TypeScript from day one. This means better autocomplete, fewer runtime surprises, and errors you catch before your users do.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;✅ Built-In Dependency Injection&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;NestJS handles dependency injection automatically. You declare what a service needs, and NestJS provides it. No messy manual wiring. This also makes unit testing much cleaner because you can swap out dependencies easily.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;✅ Great for REST, GraphQL, and Microservices&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;Whether you are building a REST API, a GraphQL server, or a message-queue-based microservice, NestJS supports all of it with first-party packages. You do not need to piece together five different libraries and hope they play nicely together.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;✅ Powerful CLI&lt;/strong&gt;&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;nest generate module &lt;span class="nb"&gt;users
&lt;/span&gt;nest generate controller &lt;span class="nb"&gt;users
&lt;/span&gt;nest generate service &lt;span class="nb"&gt;users&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;Three commands and your entire Users feature is scaffolded, connected, and ready for logic. This saves a meaningful amount of time on every project.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;✅ Testing Is a First-Class Feature&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;NestJS generates test files automatically alongside your code. It integrates with Jest and provides utilities for mocking services, making unit and integration testing far less painful than it usually is in Node.js projects.&lt;/p&gt;




&lt;h2&gt;
  
  
  NestJS vs Plain Express: When Does It Actually Matter?
&lt;/h2&gt;

&lt;div class="table-wrapper-paragraph"&gt;&lt;table&gt;
&lt;thead&gt;
&lt;tr&gt;
&lt;th&gt;Situation&lt;/th&gt;
&lt;th&gt;Plain Express&lt;/th&gt;
&lt;th&gt;NestJS&lt;/th&gt;
&lt;/tr&gt;
&lt;/thead&gt;
&lt;tbody&gt;
&lt;tr&gt;
&lt;td&gt;Quick prototype or tiny API&lt;/td&gt;
&lt;td&gt;✅ Perfect&lt;/td&gt;
&lt;td&gt;Might be overkill&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;Medium to large production app&lt;/td&gt;
&lt;td&gt;Gets messy fast&lt;/td&gt;
&lt;td&gt;✅ Shines here&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;Team of 2+ developers&lt;/td&gt;
&lt;td&gt;Coordination headaches&lt;/td&gt;
&lt;td&gt;✅ Consistent structure&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;TypeScript-first project&lt;/td&gt;
&lt;td&gt;Manual setup needed&lt;/td&gt;
&lt;td&gt;✅ Built in&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;Microservices or event-driven&lt;/td&gt;
&lt;td&gt;DIY everything&lt;/td&gt;
&lt;td&gt;✅ First-party support&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;GraphQL&lt;/td&gt;
&lt;td&gt;Third-party setup&lt;/td&gt;
&lt;td&gt;✅ Official package&lt;/td&gt;
&lt;/tr&gt;
&lt;/tbody&gt;
&lt;/table&gt;&lt;/div&gt;

&lt;p&gt;The honest answer: for small scripts and quick demos, Express is simpler. But the moment your app grows beyond a few routes, or when more than one developer is involved, NestJS becomes the smarter choice.&lt;/p&gt;




&lt;h2&gt;
  
  
  Core Concepts You Need to Know
&lt;/h2&gt;

&lt;p&gt;You do not need to memorize everything at once. But these four building blocks are the heart of NestJS.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Modules&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;Modules are organizational units. Every NestJS app has at least one — the &lt;code&gt;AppModule&lt;/code&gt;. You then create feature modules like &lt;code&gt;UsersModule&lt;/code&gt;, &lt;code&gt;AuthModule&lt;/code&gt;, and &lt;code&gt;ProductsModule&lt;/code&gt;. Each module owns its own controllers and services.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Controllers&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;Controllers handle incoming HTTP requests and return responses. A &lt;code&gt;UsersController&lt;/code&gt; handles routes like &lt;code&gt;GET /users&lt;/code&gt; or &lt;code&gt;POST /users&lt;/code&gt;. They are thin — they receive a request, pass it to a service, and return the result.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Services&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;Services contain the actual business logic. The controller talks to the service. The service talks to the database or external APIs. This separation keeps your code clean and testable.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Providers and Dependency Injection&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;Services are providers. NestJS injects them automatically where they are needed. If your &lt;code&gt;UsersController&lt;/code&gt; needs the &lt;code&gt;UsersService&lt;/code&gt;, you just declare it in the constructor and NestJS handles the rest.&lt;/p&gt;

&lt;p&gt;Here is a quick example of what this looks like:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight typescript"&gt;&lt;code&gt;&lt;span class="p"&gt;@&lt;/span&gt;&lt;span class="nd"&gt;Injectable&lt;/span&gt;&lt;span class="p"&gt;()&lt;/span&gt;
&lt;span class="k"&gt;export&lt;/span&gt; &lt;span class="kd"&gt;class&lt;/span&gt; &lt;span class="nc"&gt;UsersService&lt;/span&gt; &lt;span class="p"&gt;{&lt;/span&gt;
  &lt;span class="nf"&gt;findAll&lt;/span&gt;&lt;span class="p"&gt;()&lt;/span&gt; &lt;span class="p"&gt;{&lt;/span&gt;
    &lt;span class="k"&gt;return&lt;/span&gt; &lt;span class="p"&gt;[{&lt;/span&gt; &lt;span class="na"&gt;id&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="mi"&gt;1&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt; &lt;span class="na"&gt;name&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="dl"&gt;'&lt;/span&gt;&lt;span class="s1"&gt;Hamid&lt;/span&gt;&lt;span class="dl"&gt;'&lt;/span&gt; &lt;span class="p"&gt;}];&lt;/span&gt;
  &lt;span class="p"&gt;}&lt;/span&gt;
&lt;span class="p"&gt;}&lt;/span&gt;

&lt;span class="p"&gt;@&lt;/span&gt;&lt;span class="nd"&gt;Controller&lt;/span&gt;&lt;span class="p"&gt;(&lt;/span&gt;&lt;span class="dl"&gt;'&lt;/span&gt;&lt;span class="s1"&gt;users&lt;/span&gt;&lt;span class="dl"&gt;'&lt;/span&gt;&lt;span class="p"&gt;)&lt;/span&gt;
&lt;span class="k"&gt;export&lt;/span&gt; &lt;span class="kd"&gt;class&lt;/span&gt; &lt;span class="nc"&gt;UsersController&lt;/span&gt; &lt;span class="p"&gt;{&lt;/span&gt;
  &lt;span class="nf"&gt;constructor&lt;/span&gt;&lt;span class="p"&gt;(&lt;/span&gt;&lt;span class="k"&gt;private&lt;/span&gt; &lt;span class="k"&gt;readonly&lt;/span&gt; &lt;span class="nx"&gt;usersService&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="nx"&gt;UsersService&lt;/span&gt;&lt;span class="p"&gt;)&lt;/span&gt; &lt;span class="p"&gt;{}&lt;/span&gt;

  &lt;span class="p"&gt;@&lt;/span&gt;&lt;span class="nd"&gt;Get&lt;/span&gt;&lt;span class="p"&gt;()&lt;/span&gt;
  &lt;span class="nf"&gt;findAll&lt;/span&gt;&lt;span class="p"&gt;()&lt;/span&gt; &lt;span class="p"&gt;{&lt;/span&gt;
    &lt;span class="k"&gt;return&lt;/span&gt; &lt;span class="k"&gt;this&lt;/span&gt;&lt;span class="p"&gt;.&lt;/span&gt;&lt;span class="nx"&gt;usersService&lt;/span&gt;&lt;span class="p"&gt;.&lt;/span&gt;&lt;span class="nf"&gt;findAll&lt;/span&gt;&lt;span class="p"&gt;();&lt;/span&gt;
  &lt;span class="p"&gt;}&lt;/span&gt;
&lt;span class="p"&gt;}&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;Clean. Readable. Predictable. 💡&lt;/p&gt;




&lt;h2&gt;
  
  
  Best Tips for Getting Started
&lt;/h2&gt;

&lt;p&gt;&lt;strong&gt;Start with the official CLI.&lt;/strong&gt; Install it globally and let it scaffold your project:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;npm &lt;span class="nb"&gt;install&lt;/span&gt; &lt;span class="nt"&gt;-g&lt;/span&gt; @nestjs/cli
nest new my-project
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;&lt;strong&gt;Learn modules before anything else.&lt;/strong&gt; The module system is the foundation of everything. Once it clicks, the rest makes sense quickly.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Use the official documentation.&lt;/strong&gt; The NestJS docs are some of the best in the Node.js ecosystem. Do not skip them.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Do not force Angular patterns if you do not know Angular.&lt;/strong&gt; NestJS is inspired by Angular, but you do not need to understand Angular to use it well.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Add validation early.&lt;/strong&gt; Use the &lt;code&gt;class-validator&lt;/code&gt; and &lt;code&gt;class-transformer&lt;/code&gt; packages with NestJS pipes. They work seamlessly together and save you from a lot of manual validation code.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Write tests as you go.&lt;/strong&gt; NestJS generates test files automatically. Use them. Future you will be grateful.&lt;/p&gt;




&lt;h2&gt;
  
  
  Common Mistakes Beginners Make
&lt;/h2&gt;

&lt;p&gt;&lt;strong&gt;Putting logic inside controllers&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;Controllers should be thin. They receive a request and pass it along. If you are writing database queries or complex business rules inside a controller, move that logic to a service.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Ignoring the module system&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;Beginners often put everything into &lt;code&gt;AppModule&lt;/code&gt;. This works at first and becomes a nightmare by week three. Create a module for each feature from the beginning.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Skipping TypeScript features&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;NestJS and TypeScript are deeply integrated. Using &lt;code&gt;any&lt;/code&gt; everywhere or ignoring types defeats the purpose. Lean into TypeScript — it will actually help you.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Not using pipes for validation&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;Without validation pipes, invalid request data goes straight into your logic. Use &lt;code&gt;ValidationPipe&lt;/code&gt; globally. It is one line of code and it prevents a lot of bugs:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight typescript"&gt;&lt;code&gt;&lt;span class="nx"&gt;app&lt;/span&gt;&lt;span class="p"&gt;.&lt;/span&gt;&lt;span class="nf"&gt;useGlobalPipes&lt;/span&gt;&lt;span class="p"&gt;(&lt;/span&gt;&lt;span class="k"&gt;new&lt;/span&gt; &lt;span class="nc"&gt;ValidationPipe&lt;/span&gt;&lt;span class="p"&gt;());&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;&lt;strong&gt;Trying to learn everything at once&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;NestJS has a lot of features. GraphQL, WebSockets, microservices, guards, interceptors, pipes, middleware. Do not try to learn all of it on day one. Start with modules, controllers, and services. Everything else comes naturally after that.&lt;/p&gt;




&lt;h2&gt;
  
  
  Is NestJS Worth Learning in 2025?
&lt;/h2&gt;

&lt;p&gt;Absolutely. ⚡&lt;/p&gt;

&lt;p&gt;NestJS has gone from an interesting framework to a mainstream choice for serious Node.js development. It is used by teams at companies large and small, across industries. The ecosystem is active, the documentation is strong, and the community keeps growing.&lt;/p&gt;

&lt;p&gt;If you are building backends with Node.js and you want your code to be clean, scalable, and easy to work in as a team — NestJS is one of the best investments of your learning time right now.&lt;/p&gt;

&lt;p&gt;You do not have to abandon what you already know. You just pick up better habits and better tools. And that is a pretty good deal.&lt;/p&gt;




&lt;h2&gt;
  
  
  Conclusion
&lt;/h2&gt;

&lt;p&gt;NestJS is not just another framework. It is an answer to a real problem that Node.js developers have been dealing with for years: how do you build large, maintainable backends without inventing your own architecture every single time?&lt;/p&gt;

&lt;p&gt;The answer NestJS gives is clear, practical, and well-executed. Modules keep your code organized. Controllers keep routing clean. Services keep business logic separate. TypeScript catches mistakes early. And the CLI keeps you moving fast.&lt;/p&gt;

&lt;p&gt;If you are a beginner, NestJS gives you good habits to build on. If you are an experienced developer, it gives you structure that scales. Either way, it is worth your time.&lt;/p&gt;

&lt;p&gt;Start small. Build one module. Write one service. Make one API endpoint. The framework will do the rest of the heavy lifting.&lt;/p&gt;




&lt;p&gt;&lt;em&gt;Enjoyed this post? Find more practical developer content at *&lt;/em&gt;&lt;a href="https://hamidrazadev.com" rel="noopener noreferrer"&gt;hamidrazadev.com&lt;/a&gt;** — free tools, tutorials, and guides built for developers who like to keep things real.*&lt;/p&gt;

&lt;p&gt;&lt;em&gt;If this helped you, share it with a teammate or friend who is figuring out their backend stack. It might save them a few hours of confusion. 😊&lt;/em&gt;&lt;/p&gt;

</description>
      <category>nestjs</category>
      <category>node</category>
      <category>typescript</category>
      <category>webdev</category>
    </item>
    <item>
      <title>Why Claude Fable 5 and Mythos 5 Were Banned: The Full Story Explained</title>
      <dc:creator>Muhammad Hamid Raza</dc:creator>
      <pubDate>Tue, 16 Jun 2026 04:19:58 +0000</pubDate>
      <link>https://dev.to/hamidrazadev/why-claude-fable-5-and-mythos-5-were-banned-the-full-story-explained-k5e</link>
      <guid>https://dev.to/hamidrazadev/why-claude-fable-5-and-mythos-5-were-banned-the-full-story-explained-k5e</guid>
      <description>&lt;p&gt;The AI world just got its most dramatic plot twist of 2026. Anthropic launched two groundbreaking models. The internet celebrated. And then, just &lt;strong&gt;three days later&lt;/strong&gt;, they were gone — pulled from every user on the planet.&lt;/p&gt;

&lt;p&gt;If you opened Claude last weekend and found Fable 5 missing, you were not alone. The disable was global, sudden, and still being disputed. What exactly happened? And why should any developer care?&lt;/p&gt;

&lt;p&gt;Let's break it all down. 👀&lt;/p&gt;




&lt;h2&gt;
  
  
  What Are Claude Fable 5 and Mythos 5?
&lt;/h2&gt;

&lt;p&gt;On &lt;strong&gt;June 9, 2026&lt;/strong&gt;, Anthropic released two new AI models that sat in an entirely new tier above its flagship Opus line.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Claude Fable 5&lt;/strong&gt; was the publicly available version — available to all Claude Pro, Max, Team, and Enterprise users at no extra cost during a launch window. It was described as state-of-the-art on nearly all tested benchmarks, with exceptional performance in software engineering, knowledge work, vision, and scientific research. Its defining trait: the longer and more complex the task, the wider the gap between Fable 5 and everything that came before it. It could autonomously run agentic coding tasks for days with minimal human intervention.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Claude Mythos 5&lt;/strong&gt; was the same underlying model, but with some of its safety classifiers lifted. It was never public — only available to a small group of vetted cyberdefenders, critical infrastructure providers, and select biology researchers through Anthropic's restricted &lt;strong&gt;Project Glasswing&lt;/strong&gt; program.&lt;/p&gt;

&lt;p&gt;Together, they formed what Anthropic called the &lt;strong&gt;"Mythos class"&lt;/strong&gt; — a new tier sitting above Opus. The name itself is intentional: &lt;em&gt;Fable&lt;/em&gt; comes from the Latin &lt;em&gt;fabula&lt;/em&gt; (related to the Greek &lt;em&gt;mythos&lt;/em&gt;), drawing a clear line between the public-facing model and the less-restricted version.&lt;/p&gt;

&lt;p&gt;Both models shared a &lt;strong&gt;1 million token context window&lt;/strong&gt;, support for up to &lt;strong&gt;128k output tokens per request&lt;/strong&gt;, and were priced at $10 per million input tokens and $50 per million output tokens — twice the Opus 4.8 rate.&lt;/p&gt;




&lt;h2&gt;
  
  
  Why This Topic Matters
&lt;/h2&gt;

&lt;p&gt;This is not just another "new AI model" story. It touches something much more important for every developer, startup, enterprise team, and user anywhere outside the United States.&lt;/p&gt;

&lt;p&gt;Within 72 hours of launch, the US government stepped in and ordered access cut off — not just in specific countries, but &lt;strong&gt;for every user on Earth&lt;/strong&gt;. That is unprecedented. And the reason given — a potential jailbreak — is being actively disputed by Anthropic itself.&lt;/p&gt;

&lt;p&gt;If you build on Claude, depend on its API, or care about where AI regulation is heading, this story affects you directly. It raises questions that no one has clean answers to yet:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Can a government pull a deployed commercial AI model without full explanation?&lt;/li&gt;
&lt;li&gt;Who gets to decide what an AI model is "too dangerous" to deploy?&lt;/li&gt;
&lt;li&gt;What happens to the hundreds of millions of users who depended on it?&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;This is the reality of frontier AI in 2026. The story is still unfolding.&lt;/p&gt;




&lt;h2&gt;
  
  
  What Made Fable 5 and Mythos 5 Powerful
&lt;/h2&gt;

&lt;p&gt;Here is why these were not ordinary model releases — and why their capabilities became the heart of the controversy.&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Autonomous, long-running tasks.&lt;/strong&gt; Fable 5 could handle multi-day agentic workflows — things like reviewing an entire codebase, running a data pipeline, or executing complex software projects — without needing a human to check in every few steps. This was a major leap over Opus.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Exceptional cybersecurity capabilities.&lt;/strong&gt; Mythos 5 was described by Anthropic as having "the strongest cybersecurity capabilities of any model in the world." It was particularly effective at identifying software vulnerabilities in complex, legacy systems that had been sitting unpatched for years. For defenders, that is incredibly useful.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Scientific breakthroughs.&lt;/strong&gt; Anthropic's launch post mentioned that these models had contributed to genuine scientific output, including work on AAV (adeno-associated virus) candidates developed by Dyno Therapeutics — a striking example of AI directly assisting biological research.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Safety scaffolding built in.&lt;/strong&gt; Sensitive topics like cybersecurity exploits, biology, chemistry, and model distillation triggered an automatic fallback to Claude Opus 4.8. Anthropic said these safeguards activated in fewer than 5% of sessions.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Massive context and output.&lt;/strong&gt; With a 1 million token context window, Fable 5 could ingest entire codebases, lengthy legal documents, or vast research papers and reason over them in one shot.&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;




&lt;h2&gt;
  
  
  Fable 5 vs Mythos 5: What Was the Difference?
&lt;/h2&gt;

&lt;p&gt;They were built from the same foundation. The difference was in how much of the safety layer was kept on.&lt;/p&gt;

&lt;div class="table-wrapper-paragraph"&gt;&lt;table&gt;
&lt;thead&gt;
&lt;tr&gt;
&lt;th&gt;Feature&lt;/th&gt;
&lt;th&gt;Claude Fable 5&lt;/th&gt;
&lt;th&gt;Claude Mythos 5&lt;/th&gt;
&lt;/tr&gt;
&lt;/thead&gt;
&lt;tbody&gt;
&lt;tr&gt;
&lt;td&gt;&lt;strong&gt;Availability&lt;/strong&gt;&lt;/td&gt;
&lt;td&gt;General public, all paid plans&lt;/td&gt;
&lt;td&gt;Invite-only (Project Glasswing)&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;&lt;strong&gt;Safety classifiers&lt;/strong&gt;&lt;/td&gt;
&lt;td&gt;Full safeguard layer active&lt;/td&gt;
&lt;td&gt;Some safeguards lifted for vetted users&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;&lt;strong&gt;Who it served&lt;/strong&gt;&lt;/td&gt;
&lt;td&gt;Developers, enterprises, general users&lt;/td&gt;
&lt;td&gt;Cyberdefenders, critical infrastructure, researchers&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;&lt;strong&gt;Cybersecurity scope&lt;/strong&gt;&lt;/td&gt;
&lt;td&gt;Broad tasks with automatic fallback&lt;/td&gt;
&lt;td&gt;Higher-risk analysis for trusted organizations&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;&lt;strong&gt;Context window&lt;/strong&gt;&lt;/td&gt;
&lt;td&gt;1M tokens&lt;/td&gt;
&lt;td&gt;1M tokens&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;&lt;strong&gt;Pricing&lt;/strong&gt;&lt;/td&gt;
&lt;td&gt;$10 / $50 per million tokens&lt;/td&gt;
&lt;td&gt;$10 / $50 per million tokens&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;&lt;strong&gt;Data retention&lt;/strong&gt;&lt;/td&gt;
&lt;td&gt;30-day mandatory&lt;/td&gt;
&lt;td&gt;30-day mandatory&lt;/td&gt;
&lt;/tr&gt;
&lt;/tbody&gt;
&lt;/table&gt;&lt;/div&gt;

&lt;p&gt;In short: same brain, different safety gear. Fable 5 had its helmet on for the public. Mythos 5 had fewer restrictions for a trusted few.&lt;/p&gt;




&lt;h2&gt;
  
  
  What Happened: The Ban Explained Step by Step
&lt;/h2&gt;

&lt;p&gt;Here is a clean timeline of how this unfolded.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;June 9, 2026 — Launch Day&lt;/strong&gt;&lt;br&gt;
Anthropic releases Claude Fable 5 publicly and Claude Mythos 5 to Project Glasswing partners. Both are available immediately. Free access for Pro, Max, Team, and Enterprise plans announced through June 22.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;June 9–11 — Early Adoption&lt;/strong&gt;&lt;br&gt;
Developers test it, benchmarks circulate, the community reacts positively. Fable 5 scores roughly 80% on SWE-Bench Pro in independent testing. Reviews highlight the long-horizon agentic performance.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;June 12, 2026 — The Directive Arrives (5:21 PM ET)&lt;/strong&gt;&lt;br&gt;
The US government issues an &lt;strong&gt;export control directive&lt;/strong&gt;, ordering Anthropic to immediately suspend access to Fable 5 and Mythos 5 for any foreign national — whether inside or outside the US — including Anthropic's own foreign national employees.&lt;/p&gt;

&lt;p&gt;The directive cites national security authorities. The letter does not provide specific technical details.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;June 12 Evening — Global Shutdown&lt;/strong&gt;&lt;br&gt;
Because verifying the nationality of every user globally is practically impossible, Anthropic decides that selective compliance cannot work. It disables both models for &lt;strong&gt;all customers worldwide&lt;/strong&gt;.&lt;/p&gt;

&lt;p&gt;"The net effect of this order is that we must abruptly disable Fable 5 and Mythos 5 for all our customers to ensure compliance," Anthropic stated. "Access to all other Anthropic models will not be affected."&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;June 13–14 — Anthropic Pushes Back&lt;/strong&gt;&lt;br&gt;
Anthropic publishes a detailed rebuttal. It says the government disclosed only a "narrow, non-universal jailbreak" — essentially a technique involving asking the model to read a codebase and fix any software flaws. Anthropic reviewed the demonstration and found that the vulnerabilities identified were minor, previously known, and discoverable by other publicly available models, including OpenAI's GPT-5.5.&lt;/p&gt;

&lt;p&gt;Anthropic's technical team travels to Washington for meetings with White House officials.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;June 15–16 — Still Under Review&lt;/strong&gt;&lt;br&gt;
Talks continue. Access has not been restored. Anthropic is maintaining compliance while arguing that the standard being applied would "essentially halt all new model deployments for all frontier model providers" if applied broadly across the industry.&lt;/p&gt;




&lt;h2&gt;
  
  
  What Anthropic Actually Said
&lt;/h2&gt;

&lt;p&gt;Anthropic's official statement is worth reading carefully, because it explains not just what happened — but how the company thinks about safety.&lt;/p&gt;

&lt;p&gt;The key points from Anthropic:&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;On the jailbreak itself:&lt;/strong&gt; The government shared verbal evidence of a narrow, non-universal jailbreak. Anthropic reviewed what it believes was the basis of the directive, validated that the demonstrated capability was already available in other public models, and found that the technique identified only minor, previously known vulnerabilities.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;On safeguards:&lt;/strong&gt; Fable 5 went through thousands of hours of red-teaming with the US government, UK AISI, multiple third-party organizations, and internal teams before launch. No tester found a universal jailbreak — one that could broadly bypass the model's defenses.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;On the standard being set:&lt;/strong&gt; Anthropic warned that perfect jailbreak resistance is not possible for any model provider. Every deployed model in the industry is vulnerable to narrow jailbreaks in specific circumstances. If a narrow jailbreak is grounds for full recall, no frontier model should be deployed anywhere.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;On compliance:&lt;/strong&gt; Despite disagreeing, Anthropic is complying with the legal directive. "We believe this is a misunderstanding and are working to restore access as soon as possible."&lt;/p&gt;




&lt;h2&gt;
  
  
  Tips for Developers Right Now ⚡
&lt;/h2&gt;

&lt;p&gt;If you had workflows or products relying on Fable 5 or Mythos 5, here is what you can do while access is suspended.&lt;/p&gt;

&lt;p&gt;✅ &lt;strong&gt;Fallback to Claude Opus 4.8.&lt;/strong&gt; For most development tasks, Opus 4.8 (released May 28, 2026) is still excellent. It is the next-most-capable model and remains fully available.&lt;/p&gt;

&lt;p&gt;✅ &lt;strong&gt;Check Anthropic's status page and official blog.&lt;/strong&gt; Updates on restoration will come from &lt;a href="https://www.anthropic.com" rel="noopener noreferrer"&gt;anthropic.com&lt;/a&gt;. Do not rely on social media rumors for this.&lt;/p&gt;

&lt;p&gt;✅ &lt;strong&gt;Do not rebuild your entire architecture.&lt;/strong&gt; This is a temporary disruption. Anthropic is actively working to restore access and is in direct talks with the White House. Migrating to a completely different provider right now may create more problems than it solves.&lt;/p&gt;

&lt;p&gt;✅ &lt;strong&gt;Review your data retention understanding.&lt;/strong&gt; Fable 5 and Mythos 5 required mandatory 30-day data retention. If your project had compliance questions around that, now is a good time to re-read the &lt;a href="https://support.claude.com/en/articles/15425996-data-retention-practices-for-mythos-class-models" rel="noopener noreferrer"&gt;policy&lt;/a&gt; while waiting for access to return.&lt;/p&gt;

&lt;p&gt;✅ &lt;strong&gt;Follow the story.&lt;/strong&gt; This situation is evolving quickly. The outcome of Anthropic's talks with the Trump administration will likely shape how all frontier AI models are regulated going forward.&lt;/p&gt;




&lt;h2&gt;
  
  
  Common Mistakes and Misconceptions Around This Ban
&lt;/h2&gt;

&lt;p&gt;&lt;strong&gt;Mistake 1: "Fable 5 was hacked or compromised."&lt;/strong&gt;&lt;br&gt;
No. The model itself was not hacked. The US government claimed a jailbreak technique was found that could bypass some of its safety filters. Anthropic disputes the severity of this finding. The model's architecture is intact.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Mistake 2: "This only affects users outside the US."&lt;/strong&gt;&lt;br&gt;
The export control directive targeted foreign nationals — but because Anthropic could not filter users by nationality in real time, it disabled access globally, including for US citizens. Everyone lost access.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Mistake 3: "This is Anthropic's decision."&lt;/strong&gt;&lt;br&gt;
Anthropic is complying with a legal government directive. The company actively disagrees with the move and is in discussions to reverse it. This was not a voluntary product recall.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Mistake 4: "Mythos 5 was a public model."&lt;/strong&gt;&lt;br&gt;
Mythos 5 was never publicly available. It was restricted to Project Glasswing partners — a small group of vetted organizations in cybersecurity, critical infrastructure, and biology research.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Mistake 5: "All Claude models are now unavailable."&lt;/strong&gt;&lt;br&gt;
Only Fable 5 and Mythos 5 are suspended. All other Claude models — including Claude Opus 4.8, Claude Sonnet 4.6, Claude Haiku 4.5, and others — remain fully available.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Mistake 6: "This proves AI models are dangerous and should be stopped."&lt;/strong&gt;&lt;br&gt;
The demonstrated jailbreak found minor, previously known vulnerabilities that other public models can also discover. The debate is about regulatory standards and how to define acceptable risk — not about Fable 5 being uniquely dangerous.&lt;/p&gt;




&lt;h2&gt;
  
  
  What This Means for the Broader AI World
&lt;/h2&gt;

&lt;p&gt;This is the first time a deployed commercial AI model has been pulled globally by government order within days of launch. That alone makes it a defining moment.&lt;/p&gt;

&lt;p&gt;The precedent it sets is still being negotiated. Anthropic has publicly argued that if a narrow jailbreak — one that reveals minor vulnerabilities already discoverable by other public models — is sufficient cause for a full global recall, it would make future frontier model deployments nearly impossible.&lt;/p&gt;

&lt;p&gt;The Trump administration had already designated Anthropic a "supply-chain risk to national security" in March 2026 (a designation Anthropic contested). This action appears to be a continuation of that tension.&lt;/p&gt;

&lt;p&gt;How this gets resolved will send a strong signal to every AI lab, every government, and every developer who builds on top of these models.&lt;/p&gt;




&lt;h2&gt;
  
  
  Conclusion
&lt;/h2&gt;

&lt;p&gt;Claude Fable 5 and Mythos 5 were arguably the most capable AI models ever made publicly available. They lasted three days.&lt;/p&gt;

&lt;p&gt;The story is not really about whether a jailbreak exists — narrow jailbreaks exist for every model in the industry. The story is about who gets to define the line between "safe enough to deploy" and "too dangerous to ship," and what process they follow to make that call.&lt;/p&gt;

&lt;p&gt;Anthropic is disputing the ruling, complying with the law, and working to restore access. The broader question of how governments should regulate frontier AI is now front and center — and every developer who builds on these tools has a stake in how it resolves.&lt;/p&gt;

&lt;p&gt;Stay updated, keep an eye on &lt;a href="https://www.anthropic.com" rel="noopener noreferrer"&gt;anthropic.com&lt;/a&gt;, and in the meantime, Claude Opus 4.8 has your back. 🚀&lt;/p&gt;

&lt;p&gt;If this breakdown helped you understand what happened, share it with your team or community — a lot of people are confused about this story. And for more developer-focused content, head over to &lt;strong&gt;&lt;a href="https://hamidrazadev.com" rel="noopener noreferrer"&gt;hamidrazadev.com&lt;/a&gt;&lt;/strong&gt; for articles on AI, frontend development, and the tools shaping how we build.&lt;/p&gt;

</description>
      <category>ai</category>
      <category>news</category>
      <category>security</category>
      <category>webdev</category>
    </item>
  </channel>
</rss>
