Scott’s Thoughts

These are the songs I was listening to this year. edamame – bbno$, Rich Brian AAAHH MEN! – Doja Cat Pretty Girls (feat. OBanga) – Will Smith, OBanga Woman – Doja Cat Jealous Type – Doja Cat Sugar On My Tongue – Tyler, The Creator 1-800 – bbno$, Ironmouse Mystical Magical – Benson Boone gigolo – bbno$ And that’s it for 2025! See you next year!

I’ve been doing a lot of thinking lately on a particular topic and I have come to the conclusion that I have a confession to make. I withdrew late from my MATH 153 course in first-year university. There, I said it. It doesn’t seem so bad once I write it here, it’s almost laughable, but I have hidden this information as a deep, dark secret my entire adult life. I even allowed it to become a core part of my identity. Let me break down what happened, because this confession is more about shining a light on something that wants to remain in the dark than it is about just me talking about the past. ...

AWS Identity Centre makes access sane, but the config file still ends up full of manual work. Every account, every permission set, every profile name. Setlist removes the tedium by building a full .aws/config from the permission sets you actually have provisioned. It walks AWS Organizations, pulls the permission sets per account, and writes clean profiles for each combination. If you want friendly names instead of 12 digit account IDs, it can map those too. ...

I keep a lot of repositories spread across organizations. When I need a local copy of everything (backup, audit, offline work, whatever), I end up writing one-off scripts that are boring, fragile, and always missing the one repo I forgot about. So I wrote a tool to make this boring task repeatable: gitgrab. https://github.com/scottbrown/gitgrab gitgrab does one thing: it grabs every repository from a GitHub organization and puts them in a directory on disk. It talks to the GitHub API, so it sees both public and private repos. When you run it again, it doesn’t re-clone; it updates what you already have. ...

Most risk matrices fall apart because the numbers are vibes. One team calls an impact a 5, another calls it a 2, and nobody can agree why. This tool forces the hard part first: define what each impact level and likelihood level actually means. That could be dollars, headlines, or hours of downtime. Once the definitions are set, the matrix shows the severity bands and a summary of the quantitative levels. ...

Most meetings fail before they start. Not because people are lazy, but because nobody wrote down the basics: what we are doing, who is needed, and what decisions are on the table. The Meeting Prep Checklist is a small tool that keeps that list tight. Set the objective, capture the agenda, list attendees and pre-reads, and track a few prep checks. When you are done, it copies a clean summary you can drop into a doc or email. ...

I keep a risk register for the same reason I keep a TODO list: memory is not a system. So I built a small, browser-only tool to keep the register clean and boring. Risk Register Lite lets you add a risk, set likelihood and impact, and capture mitigation notes. It scores each item, stays local in your browser, and can export to CSV when you need to move the data elsewhere. ...

If you’ve been running AWS ECS for any length of time, you’ve likely noticed something annoying: task definition revisions accumulate. Every deployment creates a new revision, and AWS never cleans up the old ones. Over years of active development, this adds up. I recently inherited an AWS account that had been running ECS workloads for about 6 years. When I looked at the task definitions, I found over 178,000 revisions spread across various task families. The AWS Console offers no bulk delete option, so cleaning these up manually would mean clicking through each revision one by one. That’s not happening. ...

Over the years, GitHub organizations tend to accumulate repositories. Some are actively maintained, others slowly fade into obscurity, and a few become completely forgotten. Without a systematic way to assess repository health across an entire organization, it’s easy to lose track of what’s actively maintained and what’s collecting digital dust. I built Patina to solve this problem. What is Patina? Patina is a command-line tool that scans GitHub organizations to identify and assess repository freshness. The name comes from the surface coating that forms on materials over time—a fitting metaphor for detecting code that’s been left untouched. ...

If you’ve ever worked with AWS Security Hub, you know the feeling: thousands of security findings scattered across multiple accounts, buried in the AWS console, and no easy way to share them with your team. Sure, the data is there, but getting actionable insights? That’s a different story. That’s why I built Prism. What is Prism? Prism is a CLI tool that transforms AWS Security Hub findings into something you can actually work with. Written in Go, it collects security findings from AWS and presents them in multiple formats—interactive HTML reports, JSON exports, CSV spreadsheets, Markdown documents, or colourised terminal output. ...