Defense-in-Depth Validation
Defense-in-Depth Validation
Overview
When you fix a bug caused by invalid data, adding validation at one place feels sufficient. But that single check can be bypassed by different code paths, refactoring, or mocks.
Core principle: Validate at EVERY layer data passes through. Make the bug structurally impossible.
Why Multiple Layers
Single validation: "We fixed the bug" Multiple layers: "We made the bug impossible"
Different layers catch different cases:
- Entry validation catches most bugs
- Business logic catches edge cases
- Environment guards prevent context-specific dangers
- Debug logging helps when other layers fail
More from obra/superpowers-skills
getting started with skills
Skills wiki intro - mandatory workflows, search tool, brainstorming triggers
292test-driven development (tdd)
Write the test first, watch it fail, write minimal code to pass
10brainstorming ideas into designs
Interactive idea refinement using Socratic method to develop fully-formed designs
10writing plans
Create detailed implementation plans with bite-sized tasks for engineers with zero codebase context
8systematic debugging
Four-phase debugging framework that ensures root cause investigation before attempting fixes. Never jump to solutions.
8code review reception
Receive and act on code review feedback with technical rigor, not performative agreement or blind implementation
7