Archive
All published posts
2469 posts
latest post 2026-05-08
Publishing rhythm
The year of the supply chain attacks
I think I'm starting to understand my role as a platform developer in 2026.
* least priveleged access
* default deny + explicit allow
* understand your blast radius
* **GREASED** creds rotate process
* PIN EVERYTHING
* keep packages up to date
* but not too up to date, use dependency cooldowns
GitHub - kraanzu/smassh at terminaltrove
Smassh your Keyboard, TUI Edition. Contribute to kraanzu/smassh development by creating an account on GitHub.
GitHub Ā· github.com [1]
smassh is the coolest monkeytype tui clone, its impressively accurate. Easy to install and run, all the same themes appear to be there and everything. maybe a good way to get a few reps in while agents are running these days.
35102587-dffe-48ec-920a-a037917e7776.mp4 [2]
I need to go back and brush up on my skills Iām down a good 20wpm from what I should be doing.
Note
This post is a thought [3]. Itās a short note that I make
about someone elseās content online #thoughts
References:
[1]: https://github.com/kraanzu/smassh?ref=terminaltrove
[2]: https://dropper.waylonwalker.com/file/35102587-dffe-48ec-920a-a037917e7776.mp4
[3]: /thoughts/
The final nail for Windows?
Easy anticheat for linux is out.
!!! tip
look at the date
If this were real what would you play first? For me it's `skate .` is really
the only thing I care about and I'm fine without it.
What Happens When AI Stops Being Artificially Cheap
The subsidy era is ending. Here
danielmiessler.com [1]
Iāve been thinking about this for awhile and Daniel makes some great arguments here. Interestingly keeping inference cheap removes the incentives to make our tools better, help us choose the right model, lean on local models, open weight models. The frontier models are so affordable through subsidized subscription models why would you deal with anything less intelligent at this point. The tooling we use is not optimized for it, and why should it be.
Note
This post is a thought [2]. Itās a short note that I make
about someone elseās content online #thoughts
References:
[1]: https://danielmiessler.com/blog/ai-stops-being-artificially-cheap
[2]: /thoughts/
External Link
baty.net [1]
emacs config so bad he launch obsidian, YIKES! grantid Iām using obsidian currently on my phone, not for this post, but for journal entries while Iām away from my desk. Use this as a reminder that you can swim through murky waters with your dotfiles for awhile, but occasionally its good to do a clean up, pin it, put em in a docker image, have a good fallback to go to if shit really hits the fan. Ivāe been using https://github.com/waylonwalker/nvim-manager as part of my strategy for awhile now.
Note
This post is a thought [2]. Itās a short note that I make
about someone elseās content online #thoughts
References:
[1]: https://baty.net/journal/31mar26/
[2]: /thoughts/
[1]
uv adds dependency cooldowns via #16814 [2]. Well needed feature in todays world, far from a guarantee, but its something.
Note
This post is a thought [3]. Itās a short note that I make
about someone elseās content online #thoughts
References:
[1]: /static/https://github.com/astral-sh/uv/releases/tag/0.9.17
[2]: https://github.com/astral-sh/uv/pull/16814
[3]: /thoughts/
Package Managers Need to Cool Down
Today's LiteLLM supply chain attack inspired me to revisit the idea of dependency cooldowns, the practice of only installing updated dependencies once they've been out in the wild for a ā¦
Simon Willisonās Weblog Ā· simonwillison.net [1]
2026, finding the balance between fixed bugs and zero days. There is very unlikely ever a reason you need to be running bleeding edge packages in prod most package managers now support cool downs.
Note
This post is a thought [2]. Itās a short note that I make
about someone elseās content online #thoughts
References:
[1]: https://simonwillison.net/2026/Mar/24/package-managers-need-to-cool-down/
[2]: /thoughts/
External Link
X (formerly Twitter) Ā· x.com [1]
Everyone look away, nothing to see here.
[2]
Note
This post is a thought [3]. Itās a short note that I make
about someone elseās content online #thoughts
References:
[1]: https://x.com/ThePrimeagen/status/2038978962089492631
[2]: https://dropper.waylonwalker.com/file/090f03b2-e6f5-4ede-a814-bfbb4e237b54.webp
[3]: /thoughts/
External Link
X (formerly Twitter) Ā· x.com [1]
Anthropic safewords are the talk of the town today.
[2]
Note
This post is a thought [3]. Itās a short note that I make
about someone elseās content online #thoughts
References:
[1]: https://x.com/metedata/status/2038924041453441422
[2]: https://dropper.waylonwalker.com/file/c097c6dc-4b10-4fab-a9f9-1d4181422285.webp
[3]: /thoughts/
External Link
X (formerly Twitter) Ā· x.com [1]
webdev twitter is blowing up with implementations of pretext text calculations. The examples are absolutely fun and ridiculous.
[2]
Note
This post is a thought [3]. Itās a short note that I make
about someone elseās content online #thoughts
References:
[1]: https://x.com/_chenglou/status/2037713766205608234
[2]: https://dropper.waylonwalker.com/file/350a368f-0e6b-4375-98d6-6303961c0d6c.webp
[3]: /thoughts/
Ping 43
Okay so I logged into twitter today, and we are back.... probably not for long,
but we are for now. Claude Code source leaked, the tweets are great. [[
thoughts-956 ]], [[ thoughts-958 ]], [[ thoughts-959 ]], Some typescript css
text layout with bouncing balls, bubbles, strings, and webcam video to text is
blowing up [[ thoughts-957 ]]. This is the tech twitter I remember no sad news
how the world is corrupt by the other side.
External Link
X (formerly Twitter) Ā· x.com [1]
The claude code source code leaked today and the tweets are great, maybe twitter is back.
Did you know you can replace the spinning verbs in Claude Code. Iām having fun with it.
[2]
Note
This post is a thought [3]. Itās a short note that I make
about someone elseās content online #thoughts
References:
[1]: https://x.com/joshmedeski/status/2039010741039120417
[2]: https://dropper.waylonwalker.com/file/8cf5cf65-40e1-4f40-8d09-b596a97dd51d.webp
[3]: /thoughts/
[1]@nicknisi [1]) ā Y'all, I think I'm a convert to pi" loading="lazy">
Nick Nisi (@nicknisi [2])
Y'all, I think I'm a convert to pi
Bluesky Social Ā· bsky.app
Iām about to be pi pilled.
Note
This post is a thought [3]. Itās a short note that I make
about someone elseās content online #thoughts
References:
[1]: https://bsky.app/profile/nicknisi.com/post/3mhgcbpm4ds2p
[2]: https://nicknisi.com
[3]: /thoughts/
Social Media is dead
Social Media is dead, interest media killed it long ago. I no longer feel like
I'm connecting to people, creating community, having fun, learning. I feel
like I'm being shoveled slop from the slop machine, I'm sure mostly create by
well intentioned people just trying to make it in the world, trying to make
their mark, trying to make something of themselves. The algos long lost the
idea of subs and likes, and transitioned to how long you will pause on a topic.
What used to be a series of recognizable faces, names, avatars, each with their
own personality that I could come to learn and know who was just trollin, who
was serious, is now mostly unrecognizable. Platforms have changed and
fractured communities people went separate ways, not all the same ways. No one
community is like it used to be, and its hard to find.
/carry/
EDC # [1]
I try to keep a pretty light every day carry, but it never works out, keyfobs
and headphone cases end up causing more bulk than Iād like, but My EDC is no
where near the bulk I had as a kid with my cargo pants decked out with
everything I could possibly need.
I hold no attachment to anything in my EDC. Nothing on my person has
sentimental value. Anything I carry can be lost, stolen, or destroyed at any
point in time. I pick things of sufficient usable, utilitarian, quality
sufficient to work. No extra fluff.
---
- Google Pixel 6
- Ridge Wallet
- Olight Perun - Since April 2022
- Civivi Qubit - Since March 2024 after my last one was donated to the Indianapolis Stadium
- OpenFit Shokz
---
Rules # [2]
- lightweight
- replacable
- no emotional attachments
- utilitarian
- everything serves a purpose
My kit # [3]
[4]
Photo taken March 2023
Phone # [5]
Google Pixel 6
I will not get finance a new phone for the foreseeable future again. The last
time I feel lik...
Where Is The Tech Industry Going
Agents suck
Get left behind if you don't use them
Burn out if you use them too much
The software world has been flipped upside down seemingly overnight. Slow at
first, then all at once. It started with auto complete, to chat, to, ide
integrations, to agents that would f&!^ over your repo more than it would help.
Up till this point we are just little bit better and more specific than copy
paste from Stack Overflow. Then in Nov 2025 models learned how to effectively
use tools and do what you ask of them, sometimes more, sometimes less, but
generally for the basic shit most of us make its a net positive with each
iteration.
Our techniques for managing work need to change.
Our expectations need to change.
Burnout for a lot of folks is coming.
Is Compaction The Issue
I saw today in work chat something along the lines of "we need bigger context
windows" "compaction times are holding us back". Maybe I'm just blessed with
the lack of lord jira, maybe juggle too many projects at once and they are all
pretty much done when I get back. Maybe I do more long running specs and spend
time making good plans that it does not matter.
Anyways the point I'm getting to is that if you think that compaction is your
main issue slowing you down, and 10x this if you are a manager thinking this is
what is slowing down your team you **need** to look at your workflow. Not
because it sucks. Not only because it could be better. Because you are
signing yourself and your team up for burnout if you are sitting there watching
these things run like waiting for paint to dry and firing more prompts at them
as soon as they are done. It feels easy. It feels like you are going fast.
Its eating more brainpower than you think, and its not getting you to your
destination any faster.
To Live In A World Without AI | Nic Payne
I'm finding lately that I wish we could go back to pre-ChatGPT... A world
without a code-gen easy button, where "easy" was LSP autocomplete, wher
pype.dev [1]
We f&#ing said @pype [2], well f&#ing said. I think a lot of us are feeling this, weāve pitched our brain into a bucket and we are no longer stretching it in the same way. We still work in similar ways of old, with new ways of turning off and saying yes a bunch of times. the best thing I can hope for is that as things get better we have fewer yes loops, and more architectural design debates and deep thoughts. But I fear deep thoughts are gone to the way of āresearch the leading 10 frameworks and pick the best one for this project.ā and letting the clankers do the deep thinking. Its signing us up for a weird distopia.
I think a lot of us wish we could undo what has happened and go back to actually understanding what we are doing, but the world has changed, and if you are building average shit, like the average person, using models trained on average people doing average shit you cant keep up anymore.
Note
This post is a thought [3]. Itās a short note that I make
about someone ...
My Thoughts on Beads | Nic Payne
[Steve Yegge](https://en.wikipedia.org/wiki/Steve_Yegge) is a pretty well-known individual in the tech field, having been
around for a long time at some of the
pype.dev [1]
Iām in step with @pype [2] here, I really want beads to work for me, but my systems for infra/platform work are all over the place, not one repo. Iām considering trying the BEADS_DIR env var but idk if it fits my workflow. For now, similar to @pype [2], I am rocking my own home vibed solution that Iāve intentionally put little effort in and its working great and I expect it to be broken and not working with the latest harnesses and models within a few months anyways, cause there is no predicting this train.
Note
This post is a thought [3]. Itās a short note that I make
about someone elseās content online #thoughts
References:
[1]: https://pype.dev/my-thoughts-on-beads/
[2]: https://pype.dev
[3]: /thoughts/
paynepride dot com outage on vacation | Nic Payne
The day after I leave for vacation I start getting SSL errors on every homelab
service I host for myself and others. The culprit was my Cloudflare API token
exp
pype.dev [1]
oof, outage on the homelab [2] during vacation, brutal. I can think of a couple of similar solutions to what @pype [3] has done to tailscale in, but Iām not sure that I could do this remotely. On one hand Iām so glad that cloudflared just takes care of certs on the other hand this really brings a gap in my understanding of what the heck I would do if it were broken.
An untested DR plan is not a DR plan.
An untested backup does not exist.
Note
This post is a thought [4]. Itās a short note that I make
about someone elseās content online #thoughts
References:
[1]: https://pype.dev/paynepride-dot-com-outage-on-vacation/
[2]: /homelab/
[3]: https://pype.dev
[4]: /thoughts/
-
Vibe coding [1] is going so far into the news sphere now that Adam Savage even weighs in with perspectives from someone who has built a life around building things with his hands, keeping up with new making techniques, discovering old techniques as they combine with new. He talks about 3d printing reviving his love of the pantograph as one automation technique eases the most difficult part of another.
Note
This post is a thought [2]. Itās a short note that I make
about someone elseās content online #thoughts
References:
[1]: /vibe-coding/
[2]: /thoughts/
Lets Land The Plane
Part of @steveyegge 's gastown/beads is a prompt "Lets land the plane". It's very straightforward forward and what any sane human would probably do before finishing work, except the last part. The "generate a handoff prompt for the next session" was not something I've put much thought into. But now that I juggle 6 sessions at a time and often end up with 20 sessions open because I don't want to close them and loose the last bit of context. This is what I need to keep from crippling my laptop memory from all of these stale sessions hanging around.
Taken from https://ianbull.com/posts/beads
Kubernetes is beautiful.
Kubernetes is beautiful.
Reddit Ā· reddit.com [1]
This is a fantastic progression through kuberentes concepts. From running a pod, to making it resiliant, holding secrets, accepting traffic, and autoscaling.
Note
This post is a thought [2]. Itās a short note that I make
about someone elseās content online #thoughts
References:
[1]: https://www.reddit.com/r/kubernetes/comments/1rzyhip/kubernetes_is_beautiful/
[2]: /thoughts/
Iāve been having issue with my keyboard disconnecting to my main desktop for
awhile. Today I got a cheap bluetooh dongle in and am giving it a run this
week to see how things go. The first step was to move it to the new adapter.
Iāve never had multiple adapters installed so this was a new to me process.
I was able to do it all with the same keyboard, It did require some juggling
between usb and bluetooth modes pluging and unplugging, two keyboards would be
simpler to reason about.
I canāt be bothered to change my brain to think about this machine on a
different zmk profile it is of absolute importance for it to remain on the same
profile, otherwise this would be a simple bind to another empty profile.
Why not use a cable on desktop?
I dont mind cable, and have used one on this setup for years, but I have
actually been picking up and moving this keyboard and using it with
different devices.
Iāve got a big battery and performace cranked up, unless my machine is
under load I do not notice any key lag.
I did it with bluetoothctl, Iām sure it could have been done with a gui like
blueberry or blueman.
bluetoothctl
# list adapters
list
select <old-adapter>
devices
# fin the MAC ...
More Details Than You Probably Wanted to Know About Recent Updates to My Notes Site
Writing about the big beautiful mess that is making things for the world wide web.
blog.jim-nielsen.com [1]
I love the level of thought that Jim has put into these changes and making sure that urls donāt change. Iāve got a big change in flight to my main site and this is one of the reasons that Iāve been sitting on it so long. I want to make sure urls arent broken, redirects work as they should, and there are no 404ās from existing urls. Currently the new version only exists on a separate deployement https://go.waylonwalker.com/
I also added the ability to āshuffleā between posts. This is mostly for myself. I like to randomly jump through notes Iāve published in the past for reoccurring inspiration
Love this idea and have it on my new site already as well, and have really enjoyed using it by pressing it a dozen or so times over the course of a few sessions. It highlights that I have too many posts like stars and thoughts and I should do some weighting to main posts. mine is at https://go.waylonwalker.com/random/
Note
This post is a thought [2]. Itās a short note that I make
about someone e...
Notes ā 06:34 Mon 23 Mar 2026
Notes ā 06:34 Mon 23 Mar 2026
dbushell.com Ā· dbushell.com [1]
Does anyone think fast-code will continue to pay the same salary? The answer isnāt to switch your brain off during your McCode shift and write a poem after work. Your job will be replaced by a Banglasdeshi slop-shop if AI improves (which is inevitable, apparently). Possibly the same sweatshop that loomed my Ā£3 T-shirt. The Luddites didnāt accept their fate so easily.
David has some good points here, but Iām feeling the opposite direction a bit. Execs have always liked keeping the PMās and the people steering the ship close by and were willing to farm out more and more grunt work. It feels like we are in a weird phase where there used to be a big group of people paid to write code. A few of them are exceptionally good at it and will remain. There will be a need for these people everywhere. Somehow we still need people hand editing assembly code optimizations, fortran, and cobol today. Those industries largely moved on, but a few great ones remain. I think this fast-code slop factory is going to be a short forgotten time in history, but no one yet knows whatās next. We are all waiting t...
I don't want someone else running my agents
I don't want to review the pr, I dont want to fight the mass of changes
clobbered across the codebase. I want to own my platform. With everything
changing with agents writing more code than I can imagine in a day work looks
different now. I still want to work with real people. I want to collaborate
on ideas. I want someone to bounce ideas off with. I want someone else in the
war room with me on launch day, or when the whole thing goes down. But I don't
them slopping in my sandbox, if someone is going to be stirring the slop in my
product I want it to be me. Work is feeling different now. New lines need to
be drawn in new directions. Expectations are changing, the way work is
completed is changing, and we are all here trying to figure out what this looks
like moving forward.
Looking for inspiration? tooscut [1] by mohebifar [2].
Professional video editing, right in your browser. Made with Rust, WebGPU, WASM, and Tanstack Start.
References:
[1]: https://github.com/mohebifar/tooscut
[2]: https://github.com/mohebifar
Ping 38
When agents do the work its harder to recognize a dead end.
I like kraanzuās [1] project smassh [2].
Smassh your Keyboard, TUI Edition
References:
[1]: https://github.com/kraanzu
[2]: https://github.com/kraanzu/smassh
Iām really excited about KittenTTS [1], an amazing project by KittenML [2]. Itās worth exploring!
State-of-the-art TTS model under 25MB š»
References:
[1]: https://github.com/KittenML/KittenTTS
[2]: https://github.com/KittenML
Learning to agent
All we are hearing lately is Agents are the future, something flipped around
NOV 2025 with opus 4.5. It turned snake oil into action. It changed
programmers will be replaced in 6 months to now. Not all of them, but probably
most of us who are not extraordinary. If you fall into the camp of folks not
adopting, I got no issues with that. No one is twisting your arm, well maybe
your boss or cto is, thats on them. I don't mean to say this is the future as
in, get in or get left behind. I mean it as this is where your other engineers
probably are, the junior to mid level engineers are here. If you are not
trying to meet them where they are how are you going to lead them.
Studio Ghibli Images in the Wild
I just stumbled into an image in my org chart of someone who clearly turned
themself into a Studio Ghibli character in chatgpt during the small window of
time that it seemed to do this for everything. Its clearly the aesthetic that
It would do by default for that week, then would not do it whatsoever. I'd
link it, but its from an org chart. I mostly found it interesting how we now
have these recognizable artifacts from specific moments in time.
Ping 36
I feel like there's an inevitable phase to every ai/agentic worked feature/epic
where you have to get in and chat with it 2025 style (except it actually works
and doesn't turn your project to shit). Planning is great, planning out epics
for full orchestrator's to churn for hours on is amazing, but it always leaves
me with a handful of thorns multiplied by complexity level of things that I
can shout a list of 6 items at a time that it can one shot. I haven't seen
anyone put a name to this phase yet, so I'm going to call it the UAT phase
for now and it seems like a very necessary part of the SDLC. It was
important before, but feels more so now as engineers distance themselves
from the implementation.
Research, Plan, Implement
I heard this term yesterday, and I think a lot of people are missing out on
step 1. It's important to experiment with agents and learn what they can do
well and what they cant, this changes every couple of weeks at this point. You
might be spending hours planning something that could have been implemented
right away, or maybe wasted time planning something that needed more research,
more context engineering. Agents start fresh every session, they cant remember
what you asked them to do 5 minutes ago in the other session, getting the right
tokens in session is critical.
Today I learned that docker creates an empty /.dockerenv file to indicate that
you are running in a docker container. Other runtimes like podman commonly use
/run/.containerenv. kubernetes uses neither of these, the most common way to
detect if you are running in kubernetes is to check for the presence of the
KUBERNETES_SERVICE_HOST environment variable. There will also be a directory
at /var/run/secrets/kubernetes.io/serviceaccount that contains the service
account credentials if you are running in kubernetes.
Context Poisoning Was There All Along
I wrote some code by hand on Sunday. Sat down with my son and started building
out a game in pygame from scratch. We went to google, we searched how to do
something, we copy and pasted from the docs. Not because we are dumb, but
because we cant remember some aspects of the pygame api. Now that these
patterns are established we no longer have to google them, we simply grep our
codebase and replicate the pattern. Easy right? It's funny that it took ai to
coin the term `context poisoning` even though it was there all along.