-
Your Security Scanner Is Reading Gemspecs Wrong
How dependency declaration syntax in Ruby gemspecs produces false positive vulnerability reports — and what to check before you panic. (Also check out my Ruby Gems Analyzer that covers the CVEs and Bundled/Default Gems in each Ruby version, as compiled directly from pristine installs of Ruby on clean images) If you run a Ruby application…
-
Brisket 2026 Edition
If you enjoyed this and would like to support my further experimentation with brisket Brisket I’ve tried to go cheap on the brisket with just a flat (I think Sam’s Club has them), but the whole briskets from Costco, while a lot more to handle, turn out better. Rub I’ve used a few rub recipes,…
-
The Subsidy Cliff Arrives: This Week Proved the Gold Rush Is Ending
A follow-up to The End of the AI Gold Rush In August 2025, I wrote that the AI industry’s $20-a-month illusion couldn’t last — that the math simply didn’t work, and that eventually someone would expect their profit out of this. I estimated that reaching actual cost recovery would require 10x to 50x price corrections.…
-
Hallucination as a service – Claude Sonnet 4.6 (Medium)
LLMs are going to replace all employees by a few weeks ago, according to Dario Amodei, CEO of Anthropic about this time last year. And yet Claude can’t be accurate between the contents of two very simple sources that it provides. Here’s the dialogue in chat: Thomas: Is busybox missing on GHA runners for arm…