chapter 09core course

Ship Without Breaking

12 silent time bombs and how to defuse each

You just built a real app in Chapter 8. Nice. Now we talk about the bugs that won't show up in your tests, won't crash your servers, and won't page anyone on-call. They fail on day 30 — weeks after you merged, quietly, through slow user frustration and silent churn.

There are twelve of them that show up in nearly every shipped SaaS. We'll walk through each, tick off the ones your repo is already safe from, and give you the pattern to catch the rest before they bite.

ship without breaking~15 min to scanturns into a /feature-check skill

before you startset your expectations

what you should already know

new terms you'll meet

by the end of this chapter

You'll have defused all 12 silent time bombs by ticking each one as you confirm your own repo is protected. That turns the list into muscle memory — you'll run this mental checklist before every ship from now on.

lesson

Silent bugs are the expensive ones

Loud bugs — 500s, crashes, stack traces — are fine. Someone pages, someone debugs, you ship the fix in an afternoon. You never worry about them long-term because they announce themselves.

Silent bugs are the opposite. They don't page. They don't throw. They generate frustrated support tickets you can't reproduce, quiet churn numbers that slowly degrade, and a creeping sense that "everything is broken and I don't know why." By the time you notice, the feature has been half-working for months.

Every entry in the list below has silently shipped in a real production app. Each one has a one-line fix if you catch it before merging. Most have a detection pattern you can turn into a skill that sweeps your repo automatically. The goal isn't to memorise them — it's to recognise the shape.

how to use this list

For each bomb below, click to expand and read how it fails silently + how to catch it. If your repo is already protected — a test exists, a blocks it, an alert fires — tick the checkbox. Every tick moves you closer to the Bomb Squad badge you'll unlock at 12/12.

What if I don't recognise some of the code patterns? That's fine. These examples are framed around web-SaaS stacks (Next.js + Supabase + Stripe + Anthropic), but the shape of each bomb — the mechanism by which it fails silently — applies to almost any app. Read the "how to catch it" answer for the general pattern, not the specific library.

the 12tick each bomb once your repo is protected against it0/12 defused

next up

From shipping safely to pushing further

You've finished the core course. Nine chapters, five primitives, a capstone app, and twelve defused bombs. That's the shipping-grade Claude Code toolkit — complete.

Chapter 10 is optional. It's the "what's next" track for people who want to push Claude Code further: multi-model routing (when should call a different model for a subtask), sub-agent delegation (spawning focused workers), and ten production prompt patterns we pulled from real paying apps. Skip it, skim it, or dive in — nothing after this is required for a green shipping stack.