Dasith Wijesiriwardena

Software Engineer | Solutions Architect | Tech Speaker | Geek with an unhealthy fascination for distributed systems and a #microsoftie. Not in that order. I’m currently based in Melbourne and work for Microsoft.

I’ve been developing software for close to 2 decades now. Since my early days of playing with C++, VB, ASP and PHP, software development has gone through a paradigm shift. These days I mostly work on things that run natively on the cloud and edge. Join me on my journey through the world of .NET and all things distributed.

Consider any opinions expressed here as my own.

Structured workflows for coding with AI agents using the Breadcrumb Protocol

7 minute read

I’ve been exploring hypervelocity engineering workflows with AI agents like GitHub Copilot, and one fundamental challenge continues to surface: maintaining shared context alignment between developers and AI. While AI excels at generating code, it lacks inherent “memory” of past interactions and the nuanced understanding that humans naturally build over time. This alignment gap grows wider as projects become more complex, yet having a structured approach to bridge this divide is often overlooked. How can ...

Lessons from the Trenches in a LLM Frontier: An Engineer’s Perspective - Apidays Australia 2024

2 minute read

I, along with my colleagues Jason Goodsell and Juan Burckhardt, had the opportunity to present our key insights and learnings from the rapidly evolving world of Large Language Models (LLMs) at Apidays Australia 2024 in October. The talk, titled “Lessons from the Trenches in a LLM Frontier: An Engineer’s Perspective,” shared our experiences from the front lines of developing LLM-powered solutions. Our team has been deeply immersed in creating and integrating LLM solutions, observing firsthand the industr...

LLM Prompt Injection Considerations With Tool Use

8 minute read

My team at Microsoft Industry Solutions Engineering have recently been building heaps of LLM based solutions for customers of varying sizes across industries. There are some patterns that are emerging from these solutions and today I wanted to write about a pattern we used at a customer to prevent a class of prompt injection attacks with regards to tool use. Some of it may seem trivial or just common sense from purely a security sense but remember that most teams building these solutions are cross functi...

Building Trust Brick by Brick: Exploring the Landscape of Modern Secure Supply Chain Tools - API Days Australia 2023

3 minute read

I presented some my learnings around modern software supply chain security tools and landscape at API Days Australia 2023 and K8SUG Meetup in November. I had my team co-present the topic with me this time. My team in Microsoft Industry Solution Engineering have been building solutions to enable government and defence customer teams in Australia and secure software supply chains have been the main focus. With the renewed focus supply chains attacks and with the supply chain security endorsement by the W...

What is ORAS and why should you care?

11 minute read

Most systems we build today are delivered as containers. Container registries and associated technologies are an important cog in this ecosystem. As the container ecosystem matures, there is an increased need to consume associated artefacts like Helm packages, software bill of materials, evidence of provenance, machine learning data sets etc from the same storage. There are even upcoming use cases like WebAssembly libraries that need a home. Container registries have evolved to become more than their ini...

Instrument MQTT based python messaging app using Open Telemetry

9 minute read

Some time back I did a bit of an intro to OpenTelemetry and in there I covered some basics like what Signals and Context Propagation are. I also spoke about how concepts like Tracing, Spans and Instrumentation interrelate to one another. I even put some code samples up at GitHub to demo this. Most if not all of those code samples are in .NET and they demo tracing and baggage. Since I did that talk in 2021 the OpenTelemetry community have decided to add logs as a signal. Logs Are a Signal There are 4 t...

Lessons learned from doing EdgeDevOps (GitOps) in the bush, air and underwater - API Days Australia 2022

1 minute read

I recently spoke at API Days Australia about my experiences building distributed systems and some challenges my team faced deploying and running them on the edge. It is not an exaggeration to say that most modern systems that teams build are running on the cloud in a distributed architecture. There are some well-known successful practices around DevOps for these cloud native solutions as well. But what happens when you want to use the same workflows to deploy and run on the edge where connectivity might...

Propagating context and tracing across your distributed process boundaries using OpenTelemetry - API Days Australia 2021

3 minute read

I spoke at API Days Australia about my experiences building distributed systems and some challenges I’ve faced. We are amidst the 2nd wave of cloud migrations. This means it’s no longer enough just to have a presence on the web if you need a competitive advantage. You need to be able to thrive. We are building more and more cloud native solutions with an emphasis on distributed systems more than any other time in the past. With cloud native distributed systems now the norm, tracing and tracking telemet...

Going down the rabbit hole of EF Core and converting strings to dates

7 minute read

I am working on a greenfield project that uses EF Core 6 with AspNetCore 6 at the moment. The project involves exposing a set of legacy data through an API. Simple enough right? The underlying data is stored in SQL Server 2019 but it is not very well designed. There are varchar columns for storing boolean, numeric and date/time values. It’s not uncommon to see these types of data stores though. As developers we have to deal with them often. Dapper or EF Core When choosing the data access layer for the...

Object Capability Model And Mapping

7 minute read

Almost any type of software development work requires some sort mapping in the logic. Either from the persistence models to domain model or from the domain models to view models. In my experience dealing with a lot of brownfield projects, I’ve seen some practices that age poorly and make it difficult to understand intent. Most mapping approaches age gracefully like beer. Although my aim is not to kick a dead horse and rant about AutoMapper, I agree with the sentiments provided in that linked post. I reco...