Most meetings fail before they start. Not because people are lazy, but because nobody wrote down the basics: what we are doing, who is needed, and what decisions are on the table. The Meeting Prep Checklist is a small tool that keeps that list tight. Set the objective, capture the agenda, list attendees and pre-reads, and track a few prep checks. When you are done, it copies a clean summary you can drop into a doc or email. ...
I keep a risk register for the same reason I keep a TODO list: memory is not a system. So I built a small, browser-only tool to keep the register clean and boring. Risk Register Lite lets you add a risk, set likelihood and impact, and capture mitigation notes. It scores each item, stays local in your browser, and can export to CSV when you need to move the data elsewhere. ...
If you’ve been running AWS ECS for any length of time, you’ve likely noticed something annoying: task definition revisions accumulate. Every deployment creates a new revision, and AWS never cleans up the old ones. Over years of active development, this adds up. I recently inherited an AWS account that had been running ECS workloads for about 6 years. When I looked at the task definitions, I found over 178,000 revisions spread across various task families. The AWS Console offers no bulk delete option, so cleaning these up manually would mean clicking through each revision one by one. That’s not happening. ...
Over the years, GitHub organizations tend to accumulate repositories. Some are actively maintained, others slowly fade into obscurity, and a few become completely forgotten. Without a systematic way to assess repository health across an entire organization, it’s easy to lose track of what’s actively maintained and what’s collecting digital dust. I built Patina to solve this problem. What is Patina? Patina is a command-line tool that scans GitHub organizations to identify and assess repository freshness. The name comes from the surface coating that forms on materials over time—a fitting metaphor for detecting code that’s been left untouched. ...
If you’ve ever worked with AWS Security Hub, you know the feeling: thousands of security findings scattered across multiple accounts, buried in the AWS console, and no easy way to share them with your team. Sure, the data is there, but getting actionable insights? That’s a different story. That’s why I built Prism. What is Prism? Prism is a CLI tool that transforms AWS Security Hub findings into something you can actually work with. Written in Go, it collects security findings from AWS and presents them in multiple formats—interactive HTML reports, JSON exports, CSV spreadsheets, Markdown documents, or colourised terminal output. ...
When I migrated this blog from Middleman to Hugo, I made a deliberate choice that might seem unusual: I use UUIDv7 identifiers as the URL slugs for all my blog posts. Instead of URLs like /why-i-use-uuidv7/ or /2025/12/why-i-use-uuidv7/, my posts live at addresses like /019a5150-2c00-79db-af2a-8c2a0bf021a7. The Problem with Traditional URL Schemes In my experience, most blogs use one of two URL patterns: Slugified titles: /why-i-use-uuidv7-for-blog-urls/ Date-based paths: /2025/12/04/why-i-use-uuidv7-for-blog-urls/ I used the latter option for years. Both approaches have drawbacks that became increasingly problematic as I thought about the long-term evolution of this blog. ...
This week I was tasked with discovering what my core values are. The context around this was that I needed to understand what my core values are so that I can understand how they are being violated, in the hopes that I can understand how a disagreement was created with someone else. That got me thinking: what are core values? It’s nothing I’ve ever really thought about before. Sure, I know about honesty and timeliness, but I wasn’t aware of the full suite of core values. Where do I begin? ...
In a recent article, I added a code block for MermaidJS and found that neither Hugo nor my theme (PaperMod) would support MermaidJS. It rendered the code block as-is in raw form without converting it into a pretty diagram. I was able to add support for MermaidJS by making a very small change to how Hugo renders the page. Create a new file called layouts/partials/extend_head.html if it doesn’t already exist and paste in the following code: ...
I’ve been designing VPC architectures in AWS, conventional wisdom tells us to avoid overlapping CIDR blocks. Heck, every single company I’ve worked at has an infrastructure or network team beholden to this idea. The reasoning is straightforward: non-overlapping CIDRs allow you to connect VPCs via peering, Transit Gateway, or other networking constructs if needed later. But what if preventing that connection is exactly what you want? I have been given side eye for even suggesting this practice before, but hear me out. ...
Alternate title: So You’ve Found Yourself in a Security Incident I’ve attended, commanded and, yes, caused, many security incidents in my career. This is not an appeal to authority but, rather, an appeal to experience. Often we don’t have time to talk or teach about security incidents, so this document collects various tips and tricks I’ve encountered throughout the years. Please note that I’m not a lawyer, and do not dispense legal advice, so my focus will remain on information security and I may have to decline to answer your question. ...