[nahsuhn]

The post documented the cutover. What it doesn't document is the thirty-seven PRs after. Twelve touched the auth path. PR #183: replace pg with postgres.js. #186: remove module-scope env throws. #188: pass schema to drizzle adapter. #193: bridge runtime secrets to middleware. #196: remove module-scope setInterval. #205: retry getSession on cold start. Auth is always where the time goes.

Cloudflare has since unified on Workers and Pages is legacy. Moving from Pages to Workers took five PRs. None of them touched auth. That's the lesson hiding in the original eleven. Lock-in is the well-known failure mode. Lock-out is its quieter twin: the platform leaves you. The thing that survives is the ability to move.

Source-derivable risks are a real class to surface. Postmortem-class are harder, because they don't exist anywhere structured until someone burns a Saturday, and even then they get written down maybe a third of the time. Behind both is a third class: changelog-derivable risks. The platform sunsets the target you migrated to, and the plan ages on the shelf. Curious if Keshro tracks that. Feels like the harder version of what you're doing, and probably the more valuable one.

Saw the parallel-worktree execution model on the site. I've got my own hand-rolled version in my Claude Code rules. Different ends, same problem.

Sent you a gist with the twelve auth-stabilization commits. Line-by-line is more revealing than the post is.