Week 6 — Friday build in public update Honest one this week: no new revenue. Still at $20 MRR with 2 paying customers. But I shipped something important that you cannot see — and that is the point. What happened this week Fixed a critical Stripe webhook bug The webhook secret in .env was pointing to the wrong key — a test-mode vs live-mode mismatch introduced during setup. Every webhook Stripe fired was failing signature verification silently. Payments were processing, but downstream usage tracking was unreliable. Found it, fixed it, confirmed it working. This is exactly the kind of invisible bug that breaks your product for paying customers without anyone raising a hand. Turned on the firewall UFW was installed on the server but inactive. I ran a security audit and found it. Now active, locked to ports 22, 80, and 443 only. This should have been day-one infrastructure. It was not. Security audit: 0 npm vulnerabilities Ran npm audit across all 11 services. Clean. No critical or high issues.…