You're seeing this page as if you were . The main menu is still yours, though. Exit from immersion
Adrien ValckeAV

Adrien Valcke

Senior Backend NestJS · DevSecOps · AI Integration

800 €/jour
Paris, FR
8-15 ans

Délai de réponse moyen : 1h

À propos de Adrien

Backend engineer who builds end to end: NestJS backends, hardened CI/CD, DevSecOps from commit to deploy, and AI agent tooling.

I build systems where the application and the delivery path are designed together. My pipelines use SHA-pinned actions, SBOMs, keyless Sigstore provenance, and blocking security gates. The stack is public and dogfooded on a production-grade NestJS invoice service.

Current public work:
• invoice-demo-service.coroboros.com: NestJS 11 + Fastify + MongoDB, OpenAPI-first REST API, lifecycle state machine, Pino logs, API tests against the built container.
• coroboros/ci + security/ci: reusable GitHub Actions and GitLab CI with supply-chain gates, trivy-gated images, OIDC/npm provenance, and canonical secret/advisory rulesets.
• skillward: Rust scanner for untrusted agent skills, fusing nine offline scanners into one CI verdict.
• agent-skills + scrybe: open-source skills for Claude Code and compatible agents; scrybe is an offline Whisper CLI in Rust.
• mcllrealestate.com: multilingual real-estate platform on Next.js 16, Cloudflare Workers, Neon Postgres, Drizzle, MapLibre, and Pipedrive.

I use Claude Code and Codex daily, under strict controls. I also build the tooling, rules, and scanners that make agent-assisted development safer.

10+ years backend. Open to freelance, remote France / EU or hybrid.

github.com/coroboros · gitlab.com/coroboros
  • Français

    Bilingue ou natif

  • Anglais

    Capacité professionnelle complète

Accepte de travailler sur site
Paris (jusqu’à 50 km)

Expériences

  • Coroboros
    Founder & Principal Engineer
    AGENCE & SSII
    janvier 2025 - Aujourd'hui (1 an et 6 mois)
    Paris, France
    Coroboros is the tech and AI studio I founded to build software and secure the path it travels.

    I design and ship websites, applications, agentic systems, automations, and generative AI workflows. Delivery is hardened by default: SHA-pinned actions, SBOMs, keyless Sigstore provenance, container scanning, secret scanning, and blocking security gates.

    Selected work:
    • mcllrealestate.com — luxury real-estate platform in four languages (EN / FR / TH / ZH), built end to end: product positioning, brand direction, logo and palette choices, design system, UX, copy/brand voice, architecture, implementation, compliance, deployment, and handover. Next.js 16, React 19, Cloudflare Workers, Neon Postgres, Drizzle, multilingual search, self-hosted MapLibre maps, Cloudflare Access admin, and Pipedrive CRM integration. GDPR, Thai PDPA, and EAA accessibility compliant.
    • invoice-demo-service.coroboros.com — production-grade NestJS + Fastify + MongoDB microservice. OpenAPI-first REST API, lifecycle state machine, Pino logs, API tests against the built container, trivy-gated image, signed provenance, and blocking release gates.
    • Open source and agent tooling — skillward audits untrusted agent skills before install; shellscan finds shell hidden in repos, GitLab CI, and GitHub Actions YAML; agent-skills ships open-source skills for Claude Code and compatible agents; scrybe is an offline Whisper CLI in Rust.

    Stack:
    Backend: TypeScript, Node.js, NestJS, Fastify, REST / OpenAPI, Neon Postgres + Drizzle, MongoDB + Mongoose, Zod.
    Frontend: Next.js, React, Astro, TanStack Start, Tailwind.
    Edge & infra: Cloudflare Workers, R2, KV, Durable Objects, Containers, Workers AI, Docker, microservices.
    Security: supply-chain security, cosign / Sigstore, SBOMs, osv-scanner, gitleaks, trivy.
    AI & agentic: Anthropic / Claude ecosystem, MCP, Claude Code, Codex.
    Tooling: Biome, Vitest, Playwright, pnpm.
    Supply Chain Security CI/CD DevSecOps intelligence artificielle Cloudflare
  • Open Source Projects
    Open Source Developer & Maintainer
    EDITION DE LOGICIELS
    septembre 2015 - Aujourd'hui (10 ans et 10 mois)
    Paris, France
    Long-running open-source work across Node.js, TypeScript, Rust, CI/security, and agent tooling. Started with small zero-dependency Node.js libraries and contributions; now focused on maintained packages, CLIs, and reusable security tooling under Coroboros.

    Current maintained work:
    • @coroboros/uri — RFC-3986 URI toolkit for Node.js: IDN, IPv6 zone identifiers, Sitemap URLs, strict validation, and zero dependencies.
    • @coroboros/sparkline — zero-dependency SVG sparkline generator for Node.js with precision controls and accessibility metadata.
    • @coroboros/location-timezone — country, capital, city, ANSI state, and IANA timezone lookups with ~40,000 city coordinates and O(1) indexes.
    • @coroboros/clone and @coroboros/pdf-cleaner — prototype-aware deep clone / freeze, plus local PDF metadata and link stripping.
    • skillward, shellscan, and scrybe — CLIs for untrusted agent-skill scanning, shell and CI script linting, and offline Whisper transcription.
    • agent-skills — open-source skills for Claude Code and compatible agents.

    Earlier work:
    • Contributions to barcode, json-schema-faker, and openapi-mock-express-middleware.
    • Legacy Node.js utilities for chromatic logging, MIME types, URI parsing, sparklines, S3 helpers, object helpers, and ESLint setup.

    Standards: TypeScript strict, Node.js 22, ESM/CJS packages, Vitest, Biome, pnpm, Rust, GitHub Actions, GitLab CI, OIDC/npm provenance, signed releases, SBOMs, and security gates.
    CI/CD Rust Open Source Software Typescript Node.js
  • Cyberspeed
    DevOps & Full-Stack Delivery Engineer
    EDITION DE LOGICIELS
    juin 2024 - décembre 2024 (6 mois)
    Dubai - United Arab Emirates
    DevOps and full-stack delivery role for a Dubai company running sensitive, self-hosted web platforms with distributed development teams.

    I reviewed and onboarded code produced across Vietnam and Dubai, checked implementation quality, brand consistency, deployment readiness, and production behavior, then shipped it to company-controlled servers without relying on managed cloud infrastructure.

    The work sat between code review, release engineering, server operations, and hands-on fixes.

    I configured Linux servers with the ops team, installed runtimes and dependencies, hardened access and deployment surfaces, tuned PM2 process management, checked logs, validated live releases, and handled rollback / fix-forward situations when production behavior diverged from the expected result.

    Around 30% of the role was direct development and remediation: fixing Vue / TypeScript frontends, Express backends, deployment scripts, runtime configuration, and integration issues before or after release.

    The environment had strict data-governance and infrastructure-control constraints. That made the work less about consuming cloud services and more about understanding the full chain: code ownership, server access, runtime behavior, security posture, release discipline, and operational verification.

    Stack: Linux servers, PM2, Node.js, Express, Vue, TypeScript, Vitest, Volta, Git, deployment scripts, server configuration, logs, access control, release checks.
    Vue.js DevOps Revue de code Linux Node.js

Recommandations

Soyez le premier à recommander Adrien

Contribuez à la réussite de ce freelance en partageant votre expérience de collaboration avec lui.

Ces profils de freelance correspondent également à vos critères

AgathaA

Agatha Frydrych

Backend Java Software Engineer

4.7

(3)

2

BaptisteB

Baptiste Duhen

Fullstack developer

4.6

(4)

5

AmedA

Amed Hamou

Senior Lead Developer

4

(2)

7

AudreyA

Audrey Champion

Web developer

4.3

(3)

4

Formations

  • CSS3 Des applications ultra-rapides avec
    CSS3 Des applications ultra-rapides avec
  • Simplifiez vos développements JavaScript
    jQuery
    Simplifiez vos développements JavaScript

Catégories