Skip to content
View eddieran's full-sized avatar
🎯
Focusing
🎯
Focusing

Highlights

  • Pro

Block or report eddieran

Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
eddieran/README.md
header

>_ about

I build reliability systems, AI agent tooling, and production debugging harnesses.

Over the last decade I have worked on production infrastructure at scale: SLO platforms for 1,000+ microservices, topology-aware anomaly detection, automated RCA, and JVM/runtime migration work across large service fleets. Recently I have been focused on AI infrastructure, agent orchestration, developer tooling, and security/correctness work in upstream codebases.

The public signal I care about most is not a polished demo. It is whether I can enter an unfamiliar codebase, reproduce a real failure, identify the contract that broke, and leave behind a small patch or issue report that maintainers can act on.

30+ merged upstream PRs 70+ upstream issue reports focus security correctness runtime stack python go rust ts java

signal what it shows
Upstream PRs I can land small, reviewable fixes in unfamiliar codebases
Issue reports I write repros and impact analysis maintainers can act on
Reliability background I debug failures from evidence, metrics, and rollout risk
Agent tooling I build harnesses, not just prompts

>_ contribution map

track examples
Auth, sessions, and API boundaries socket.io, logto, n8n
Database and SQL correctness node-postgres, typeorm, knex
Runtime and protocol behavior apache/dubbo, redis/jedis, javalin
AI/dev tooling internals microsoft/VibeVoice, NousResearch/hermes-agent, openai/harmony

>_ issue reports

I try to make issue reports useful: minimal reproduction, expected/actual behavior, root cause, impact, and a concrete fix path.

area project public proof
Auth / session correctness socketio/socket.io Reported connectionStateRecovery middleware bypass on reconnect (#5491)
Identity / auth timing logto-io/logto Reported password-verify timing enumeration and shipped mitigation (issue #8773, PR #8780)
API authorization n8n-io/n8n Reported project membership parity gap in public API insights (#30139)
Database client hardening brianc/node-postgres Reported connection-string file reads, low SCRAM iteration acceptance, and prototype-pollution risk (#3651, #3655, #3654)
SQL builder escaping typeorm/typeorm Reported raw identifier handling and landed MySQL index identifier escaping (issue #12333, PR #12344)
AI agent runtime behavior NousResearch/hermes-agent Reported model-routing and cache compatibility bugs in the auxiliary client path (#5803, #5809)

>_ merged fixes

project change
microsoft/VibeVoice Fixed streaming TTS SDPA regression on MPS/CPU by correcting the KV-cache mask contract (PR #303, issue #312)
nodejs/undici Fixed cache deduplication key collision behavior (issue #5012, PR #5013)
apache/dubbo Avoided ZGC safepoint heap scan overhead in thread-dump behavior (PR #16195)
redis/jedis Hardened Redis URI validation against non-Redis schemes (PR #4486)
fastify/fastify Corrected custom serializer compiler flag behavior (PR #6657)
javalin/javalin Sanitized newline handling in SSE event and id fields (PR #2580)
colbymchenry/codegraph Unblocked MCP subprocess integration tests on Node >= 25 dev machines (issue #478, PR #479)

>_ tools I maintain

These projects are where I keep exploring agent infrastructure and developer workflows. The upstream work above is the sharper public proof; these show the direction I keep building toward.

project why it exists
skillpm Universal package manager for AI agent skills across Claude Code, Codex, Gemini CLI, Copilot, Cursor, and other runtimes
lindy-orchestrator Agent orchestration framework for DAG scheduling, QA gates, worktree isolation, and git-native coordination
claude-insight Rust-based tooling for inspecting Claude Code sessions, traces, and replay evidence
moneywiz-ledger Practical personal-finance skill for turning natural-language ledger entries into MoneyWiz deep links

>_ focus

  • AI infrastructure and agent tooling
  • Reliability, observability, SLOs, and incident diagnosis
  • Security and correctness debugging in real codebases
  • Python, Go, Rust, TypeScript, Java

be curious, be humble, be quick · this era is different

Pinned Loading

  1. whiteher0n/go-binance whiteher0n/go-binance Public

    Forked from ccxt/go-binance

    A Go SDK for Binance API

    Go 1

  2. moneywiz-ledger moneywiz-ledger Public

    OpenClaw skill for MoneyWiz (wiz.money): convert natural-language expense/income/transfer entries into MoneyWiz URL Scheme deep links with category inference and privacy-safe local config.

    Python 1

  3. skillpm skillpm Public

    The universal package manager for AI agent skills — install, sync, and secure skill packages across 10+ agent runtimes (Claude Code, Codex, Gemini CLI, Copilot, Cursor, and more)

    Go 1

  4. lindy-orchestrator lindy-orchestrator Public

    AI agent orchestration framework — DAG scheduling, QA gates, worktree isolation, and git-native coordination for Claude Code & Codex

    Python 1