Principle: Crash early, crash loudly

Applications that swallow errors or continue in degraded states are harder to debug and can cause data corruption.

Fail fast and visibly at the point of error:

# BAD: Silent failure, corruption later
def get_config(path):
    try:
        return json.load(open(path))
    except Exception:
        return {}  # Silent! App runs with wrong config

# GOOD: Crash immediately with context
def get_config(path):
    try:
        with open(path) as f:
            return json.load(f)
    except FileNotFoundError:
        raise SystemExit(f'Config file not found: {path}')
    except json.JSONDecodeError as e:
        raise SystemExit(f'Invalid JSON in {path}: {e}')

When to crash:

• Configuration errors at startup
• Missing required environment variables
• Database connection failures at startup
• Invalid state that shouldn't be possible
• Assertion failures in business logic

When to recover:

• Transient network errors (retry)
• Single request failures (return error to client)
• Non-critical background tasks (log and continue)
• Expected user input errors (validation)

Startup validation pattern:

def validate_environment():
    required = ['DATABASE_URL', 'SECRET_KEY', 'API_TOKEN']
    missing = [v for v in required if v not in os.environ]
    if missing:
        raise SystemExit(f'Missing required env vars: {", ".join(missing)}')

validate_environment()  # Crash before accepting any requests

An error caught at startup takes 5 minutes to fix. The same error caught in production at 3 AM after corrupting data takes days.

Application initialization and error handling strategy