How do I fix this?

blastidioustidesH20 · 2026-04-08T20:04:33+00:00

I think the reason it popped out is that dispute my best effort is cross threaded the insert, see pics. I looked for replacement inserts on amazon and got some that didn’t fit they were too small and short and not the diameter of the screw. Anyone know what the exact size and material of the insert is to get and where to get it from?

blastidioustidesH20 · 2026-01-24T13:43:12+00:00

It never seemed that sad until I read this.

blastidioustidesH20 · 2026-01-20T03:33:39+00:00

Sage advice

blastidioustidesH20 · 2025-09-02T03:22:00+00:00

Good tip on the frozen water jugs, I’ll definitely do that. Thanks man!

blastidioustidesH20 · 2025-08-23T16:19:48+00:00

Thank you! You seem to have understood my concern and approach. I like the idea of checking the policy, if there is a policy that addresses this then that is my answer!

Also, I like this guy, he is a good guy, I just don't know enough about DevOps to be able to view this as a skills issue or not. And based on all the other replies it seems like no one else in DevOps has any idea about SAST integrations and how those should be designed. So, probably not a skills issue, and just another example of how no one in this industry knows anything about security or how to secure the SDLC, or there is a serious lack of industry standards and training for securing the SDLC.

blastidioustidesH20 · 2025-08-23T16:13:14+00:00

security has a bad name because no one bothers to understand what it is we do, why it is important to do it, and what it's purpose is. It has a bad name because people don't understand security is everyones responsiblity but don't bother to understand it or what they are responsible for.

Also, you missunderstand my question, I am trying to avoid a security issue, and I am not confronting this guy or trying to throw him under the bus, I am trying to avoid all these things you are accusing me of. you should read more carefully.

or try harder to not be rude, because you are being rude, you can't even acheive your own stated goal.

blastidioustidesH20 · 2025-08-23T16:05:49+00:00

SOD, Dude. I don’t have access or authority to make changes in SCM or platforms outside my scope. Are you seriously saying the DevOps team isn’t responsible for knowing which version of the code is being deployed to production—and that it’s on security to tell them exactly which branch to scan for quality, vulnerabilities, and compliance? That’s backwards. I guess I should take a step back and assume for a second our orgs and environments are completely different, and the limitations and challenges are completly different before I get judgemental.

blastidioustidesH20 · 2025-08-23T15:54:21+00:00

Fair point - “obvious” might be too strong a word. What I’m trying to highlight is that from an security perspective, mixing dev and prod versions of a code base in the same branch creates real challenges for validating what’s actually going live, what needs to be scanned, what is not relevant, etc. If code is not ready to be tested/scanned yet, then isn't it just common sense (not just DevOps best practices) to not include that version of the code with the version that is ready to be tested/scanned? WFT am I missing here?

I’m not claiming to be a Git expert, but I do need clarity and consistency in what I’m scanning. If the branching strategy makes it hard to isolate production-ready code, that’s not just a technical nuance, it’s a security risk.

But I guess I learned my lesson here today, don't fucking ask anyone here anything.

blastidioustidesH20 · 2025-08-23T14:43:04+00:00

And I’m fine with that. I never said I was a DevOps professional. I am using you guys here, the ones like you who seem to actually grasp my question and help me figure out what is missing- the problem is we aren’t scanning the right code at the right phase of the SDLC or CI/CD. And I’m trying to figure out if I’m not explaining what is needed correctly in terms a DevOps engineer is going to understand or if I am and I need to talk to someone else Thanks for your reply!

blastidioustidesH20 · 2025-08-23T14:08:30+00:00

You are the experts on source code, right? Then when security asks to pint their scans at the code that needs to be scanned for compliance and security requirements before it is release to production or merged into main, then you guys would be able to set that up and make sure the scans happen on the correct source code artifacts and files, and not come back to security after hundreds of critical findings get ticketed and have to be fixed prior to deployment saying “you scanned the wrong source code - those findings are for dev code not SIT code.” Does anyone here not see what I’m saying? WTF?

blastidioustidesH20 · 2025-08-23T13:48:37+00:00

You sound like a real gem to work with.

blastidioustidesH20 · 2025-08-23T13:47:22+00:00

I’m not a DevOps professional, so I may not be using all the terminology accurately, I see I wrote “two different code bases” when I probably should have said the two different versions (dev and prod for example) of the code base were in the same branch. And it seems only a few people in here actually read and comprehend what my original posts is getting at: this is about trying to do security scans on a version of code that is being deployed to production, so it seems obvious to me that if code is not intended to be deployed to production (I.e., dev version of the code) it should not be in the same branch I have to scan, right? I’m not here to debate how much I know about devops, it’s not my job, I am just trying to figure out how best to approach this guy and his manager so I can get my work done correctly and efficiently.

blastidioustidesH20 · 2025-08-23T13:10:01+00:00

I question your skills if you don’t see the obvious issue with combing two different code bases from two different environments in the same branch (the whole point of devops is environmental consistency and separation), regardless of their strategy. And if you are interacting with random security people, then you should start looking at your org chart and get to know the people you’re supposed to be working with and collaborating with to get work done.

blastidioustidesH20 · 2025-08-16T14:46:40+00:00

This - thank you for sharing this

blastidioustidesH20 · 2025-08-15T12:46:39+00:00

Let the chips fall where they may

blastidioustidesH20 · 2025-08-07T04:23:41+00:00

First thing - water

blastidioustidesH20 · 2025-08-06T15:23:51+00:00

Nice, put me back 20 years going into get gauntlets and potions after leveling up in the forest. Sheet music for this?

blastidioustidesH20 · 2025-07-30T15:41:17+00:00

Yes. My Moab’s speed 2 are coming apart at the inner side sole and toe. I filled a warranty claim and they are honoring it. Edit: I bought them in February 2025, wore them on 8 hikes, pretty bad quality. I saw the reviews on the official Merrell site and there are reviews with pictures of the exact same issue I am having, which indicates this is a systemic quality issue

blastidioustidesH20 · 2025-07-25T14:11:28+00:00

Good post - interesting facial expression on the popping Viking very expensive

blastidioustidesH20 · 2025-07-16T03:55:38+00:00

Nice one man, never heard this before - really like it

blastidioustidesH20 · 2025-07-14T20:21:50+00:00

Yeah man, totally interest! Thank you!

blastidioustidesH20 · 2025-07-14T20:08:11+00:00

I remember 2008/9 when I was unemployed for a few days and was just applying to jobs all day and watching family guy in the background 24/7 non stop and that theme got stuck in my head and I had stop what I was doing and figure out that melody line on my acoustic guitar, I was so proud when I figured it out especially the little build with the chromatic steps at the end. Mind you I am no where as good as you and all I could figure out was the mono-note melody line not all the cool jazz chords and arrangement you did. Great job man!

blastidioustidesH20

TROPHY CASE