I've been publishing blog posts from an authenticated /admin page on this site using GitHub credentials to authenticate myself. This has always been concerning to me as a security vulnerability. I wrote the C# auth handler myself but I'm no security expert especially when it comes to OAuth. I've had a lot of exposure to it but have never considered myself an expert on it.
The second issue with the admin page is that it has been eating my blog posts lately. I would author a post in the admin page and when I hit submit, the form would submit and the post would just get silently dropped. I tried debugging it for a while but decided the complexity and security of the admin page wasn't worth it anymore.
In the spirit of simplifying the hosting (removing postgres and migrating to fly.io), I decided I could author posts in Obsidian instead and write a plugin to publish directly to the blog's storage blob store (using Azure blob storage). This is the first post being written in Obsidian!
I'm now realizing that I'm back to where I started back in 2023 when I first used Obsidian Publish to host a small blog. I rarely posted on it (even less often than this blog) and shut it down eventually.
One annoying thing with creating the obsidian plugin was that I wanted to use the official Azure JavaScript SDK for the blob storage uploads, but it thinks that Obsidian is a browser and blocks using a shared credential key as the authentication mechanism. It only allows it in NPM runtime environments. I understand why they have to add this check, but it did force me to write my own slim blob store SDK.
With this change, I used AI way less than in the past. Partly because I cancelled my Claude Pro subscription last month and partly because I wanted to learn and understand the Obsidian plugin API and TypeScript development. I originally started this blog to learn and that was happening less and less as I was relying on AI more. I didn't completely abstain however. I used OpenCode and OpenRouter for some parts such as the blob store sdk. I've written my own Blob Store SDKs in C# before and it's just tedious to set up the auth correctly. It was nice to use open router as it allowed me to try out different models, such as DeepSeek V4 and Kimi 2.5. However, there is a reason people flock to Opus and GPT5.5. DeepSeek was very disappointing, it actually felt like GPT 3.5 days in some ways. It would just quite in the middle of work with no notification. I ended up going back to Sonnet 4.6 to finish up some work and the increase in capability was so immediately clear.
I'm glad I got to try out some different tools. At work I use Copilot CLI and can choose between several different models. I tend to use GPT5.5 for planning and Opus 4.7 for executing the implementation specs as it plays to their strengths. I was using Claude Code at work until the licenses were cancelled.
note: I don't use AI to write posts and I don't ever plan to. Writing is sacred to me and helps me think. The point of authoring posts manually is to help me clarify my own thoughts.
