GoCN 每日新闻 (2021-12-09)
GoCN 每日新闻 (2021-12-09)- Hugo v0.90.0 发布https://github.com/gohugoio/hugo/releases/tag/v0.90.0
- Docker 容器中使用 GPUhttps://segmentfault.com/a/1190000041090167
- 我好像发现了一个 Go 的 Bug? https://www.cnblogs.com/zhuochongdashi/p/15660936.html
- Go modules 基础精进,六大核心概念全解析� … ⌘ Read more
Improving GitHub code search
Today, we are rolling out a technology preview for GitHub code search, the next iteration for search, discovery, and navigation on GitHub. ⌘ Read more
使用 KubeSphere 快速部署 Chaos Mesh
Chaos Mesh 简介Chaos Mesh 是一个开源的云原生混沌工程平台,提供丰富的故障模拟类型,具有强大的故障场景编排能力,方便用户在开发测试中以及生产环境中模拟现实世界中可能出现的各类异常,帮助用户发现系统潜在的问题。
KubeS … ⌘ Read moreGitHub Enterprise Server 3.3 is generally available
GitHub Enterprise Server is now generally available for all customers. This release improves performance for CI/CD and for customers with large repositories. ⌘ Read more
Enrolling all npm publishers in enhanced login verification and next steps for two-factor authentication enforcement
Today we’re introducing enhanced login verification to the npm registry, and we will begin a staged rollout to maintainers beginning Dec 7. ⌘ Read more
Write more secure code with the OWASP Top 10 Proactive Controls
This lesser-known OWASP project aims to help developers prevent vulnerabilities from being introduced in the first place. ⌘ Read more
Safeguard your containers with new container signing capability in GitHub Actions
GitHub has partnered with the OpenSSF and Project Sigstore to add container image signing to our default “Publish Docker Container” workflow. ⌘ Read more
GoCN 每日新闻(2021-12-05)
GoCN 每日新闻(2021-12-05)- Go 在 Google:服务于软件工程的语言设计(翻译) https://mp.weixin.qq.com/s/3F9WAcxuCNCs7aNn5gjnew
- 详解布隆过滤器原理与实现https://mp.weixin.qq.com/s/5zHQbDs978OoA3g83NaVmw
- 令人惊叹的软件架构[https://github.com/mehdihadeli/awesome-software-architecture](https://github.com/mehdihadeli/awesome-software-archite … ⌘ Read more
Release Radar · November 2021 Edition
The end of the year is getting closer, and our communities are busy working away on their projects. While you’ve all been busy maintaining open source projects and shipping releases, we’ve created a new open ⌘ Read more
GitHub Availability Report: November 2021
In November, we experienced one incident resulting in significant impact and degraded state of availability for multiple services. ⌘ Read more
Using ChatOps to help Actions on-call engineers
You can multiply the impact of your domain experts by building their common workflows into ChatOps. ⌘ Read more
GitHub Externships: enabling India’s next generation of developers
Are you a student in India? Applications are open for the GitHub Externships Winter Cohort! ⌘ Read more
Hey everyone, we’re Timothy DeHerrera and Tom Bereknyei,
the release managers for 21.11. As promised, the latest stable
release is here: NixOS 21.11 “Porcupine”.
- Release manual - [Highlights](/manual/nixos/stabl … ⌘ Read more
5 DevOps tips to speed up your developer workflow
From learning YAML to scripting with Bash, here are a few simple tips for developers who want to speed up their workflows. ⌘ Read more
GitHub Actions: reusable workflows is generally available
DRY your Actions configuration with reusable workflows (and more!) ⌘ Read more
Lossless Image Compression in O(n) Time
Introducing QOI — the Quite OK Image Format. It losslessly compresses RGB and
RGBA images to a similar size of PNG, while offering a 20x-50x speedup in
compression and 3x-4x speedup in decompression. All single-threaded, no
SIMD. It’s also stupidly simple.
tl;dr: 300 lines of C, single header,
source on github,
benchmark results here.
; @fastidious and I were discussing over a video call two nights ago, as well as @lyse who joined a bit later, about the the whole moved of all of my projects and their source code off of Github. Whilst some folks do understand and appreciate my utter disgust over what Microsoft and Copilot did by blatantly scraping open source software's codebases without even so much as any attempt at attribution or respecting the licenes of many (if not all?) open source projects.
⤋ Read More
No on gitlab. If its self hosted gitea is best in class.
I can see hosting a mirror on github if only for the redundancy/visibility. Some projects will host but then direct contributions on their self host. Like Go does.
I would suggest using a vanity domain that can redirect tools like go get to hosting of choice. And not require rewriting all the packages any time it gets moved.
↳
In-reply-to
»
🤔 👋 Reconsidering moving Yarn.social's development back to Github: Speaking of which (I do not forget); @fastidious and I were discussing over a video call two nights ago, as well as @lyse who joined a bit later, about the the whole moved of all of my projects and their source code off of Github. Whilst some folks do understand and appreciate my utter disgust over what Microsoft and Copilot did by blatantly scraping open source software's codebases without even so much as any attempt at attribution or respecting the licenes of many (if not all?) open source projects.
⤋ Read More
No on gitlab. If its self hosted gitea is best in class.
I can see hosting a mirror on github if only for the redundancy/visibility. Some projects will host but then direct contributions on their self host. Like Go does.
I would suggest using a vanity domain that can redirect tools like go get to hosting of choice. And not require rewriting all the packages any time it gets moved.
🤔 👋 Reconsidering moving Yarn.social’s development back to Github: Speaking of which (I do not forget); @fastidious@arrakis.netbros.com and I were discussing over a video call two nights ago, as well as @lyse@lyse.isobeef.org who joined a bit later, about the the whole moved of all of my projects and their source code off of Github. Whilst some folks do understand and appreciate my utter disgust over what Microsoft and Copilot did by blatantly scraping open source software’s codebases without even so much as any attempt at attribution or respecting the licenes of many (if not all?) open source projects.
That being said however, @fastidious@arrakis.netbros.com makes a very good and valid argument for putting Yarn.social’s codebases, repositories and issues back on Github for reasons that make me “torn” over my own sense of morality and ethics.
But I can live with this as long as I continue to run and operate my new (yet to be off the ground) company “Self Hosted Pty Ltd” and where it operates it’s own code hosting, servicesa, tools, etc.
Plese comment here on your thoughts. Let us decide togetehr 🤗
GitHub’s developer-first approach to content moderation
GitHub puts the needs of developers at the core of our content moderation policies. Learn more about our approach and how you can contribute. ⌘ Read more
GraphQL global ID migration update
All newly created GraphQL objects now have IDs that conform to a new format, which we refer to as “next IDs.” Learn how to migrate older IDs to the new format and why we’re making the change. ⌘ Read more
Blue-teaming for Exiv2: adding custom CodeQL queries to code scanning
The Exiv2 team tightened our security by enabling GitHub’s code scanning feature and adding custom queries tailored to the Exiv2 code base. ⌘ Read more
The 2021 State of the Octoverse
The State of the Octoverse analyzes data from millions of developers & repos to share trends across working habits, productivity, and career satisfaction. ⌘ Read more
GitHub’s commitment to npm ecosystem security
We’re sharing details of recent incidents on the npm registry, our investigations, and how we’re continuing to invest in the security of npm. ⌘ Read more
Highlights from Git 2.34
To celebrate this most recent release, here’s GitHub’s look at some of the most interesting features and changes introduced since last time. ⌘ Read more
Release Radar · October 2021 Edition
What an incredible month it’s been for GitHub and our communities. Whilst we’ve been busy with GitHub Universe, our communities have been busy coding. It’s been a successful year for Hacktoberfest, with many first-time contributors ⌘ Read more
Highlights from GitHub’s security roadmap at Universe 2021
During Universe, we received a number of security questions ranging from our strategy to our advisories. Here’s what we’ve got planned! ⌘ Read more
7 unique software collaboration features in GitHub Discussions
Here are a few ways our teams use GitHub Discussions internally to build community, simplify workflows, and get key insights into our work. ⌘ Read more
Make your monorepo feel small with Git’s sparse index
The new sparse index feature makes it feel like you are working in a small repository when working in a focused portion of a monorepo. ⌘ Read more
GitHub Enterprise Server 3.3 enhances CI/CD and adds a new security manager role
This latest release sees the introduction of a new role, a new webhook for GitHub Actions, and a bright edge to dark mode. ⌘ Read more
Three rules of bug fixing for better OSS security
When you’re fixing a bug, especially a security vulnerability, you should add a regression test, fix the bug, and find & fix variants. ⌘ Read more
GitHub Availability Report: October 2021
In October, we experienced one incident resulting in significant impact and degraded state of availability for the GitHub Codespaces service. ⌘ Read more
10 GitHub Actions resources to bookmark from the basics to CI/CD
Tips on how to get started using GitHub Actions and resources to learn more about making it work for you. ⌘ Read more
I’m a bit skeptical about GitHub Copilot, but now that I’ve really tried it out for the first time, I’m amazed by its capabilities. Copilot doesn’t replace programming, but it does take a lot of the work out of it. What works well, for example, is the completion of comments in the code. ⌘ Read more
Building the next phase of GitHub, together
This morning, I shared the following post with Hubbers in response to Nat’s announcement about his next adventure. I am thrilled to take on the role of CEO to build the next phase of GitHub for our global community of software developers. ⌘ Read more
Thank you, GitHub
This morning, I sent the following post to the GitHub team. TL;DR: I’m moving on to my next adventure, and Thomas Dohmke (currently Chief Product Officer) will be GitHub’s next CEO. ⌘ Read more
On the blog: Artificial Stupidity with GitHub Copilot https://john.colagioia.net/blog/2021/11/03/copilot2.html #programming #techtips
Blue-teaming for Exiv2, part 1: creating a security advisory process
This blog post is the first in a series about hardening the security of the Exiv2 project. My goal is to share tips that will help you harden the security of your own project. ⌘ Read more
Game Off 2021 theme announcement
The theme for this year’s Game Off is… …BUG! Your challenge, should you choose to accept it, is to create a game between now and December 1 incorporating the theme somehow, and submit it to ⌘ Read more
Cybersecurity spotlight on bug bounty researcher @yvvdwf
We’re excited to highlight another top contributing researcher to GitHub’s Bug Bounty Program: @yvvdwf ⌘ Read more
GitHub keeps getting better for open source maintainers
Maintainers can now limit who can approve and request changes on pull requests. You can also close issues and block users via your phone. ⌘ Read more
13 short and scary games plus source to play (or hack) this Halloween 🎃
It’s that time of year again where I like to share seasonally spooktacular games plus source code—a goldmine of material for (a) those looking for coffee-break entertainment, (b) those interested in learning more about game ⌘ Read more
Everything new from Universe 2021
Since last year’s GitHub Universe, we’ve shipped more than 20,000 improvements to GitHub for developers, open source communities, and enterprise teams. Here’s a comprehensive overview of what we’re announcing at Universe this week. ⌘ Read more
Gephisto -Get a network map in one click. #Gephi href=”https://txt.sour.is/search?q=%23GraphML”>#GraphML**
#Gephi #GraphML ⌘ Read more
A peek inside some of the top games from Ludum Dare 49
The 49th Ludum Dare game jam just wrapped up with almost 3000 entries. Here’s a peek at some of the highest-rated entries that you can play, plus their source code that you can poke around ⌘ Read more
GitHub Actions for security and compliance
GitHub Actions can automate several common security and compliance tasks, even if your CI/CD pipeline is managed by another tool. ⌘ Read more
GitHub Marketplace welcomes its 10,000th action
GitHub Marketplace just passed 10,000 published actions! Learn about contributing to this growing open source ecosystem. ⌘ Read more
Diversity, inclusion, and belonging at GitHub in 2021
In the past two years, GitHub has doubled in size, welcoming more than 760 new Hubbers in 2021 alone. This past year we particularly focused on our goal of making GitHub more equitable. We saw growth in our diversity representation, whose population increased at a higher rate than the company itself. ⌘ Read more
What’s new from GitHub Changelog? September 2021 recap
Catch up on 44 ships, including a colorblind-accessible theme, a public README.md for organizations, and customization of code review settings. ⌘ Read more
Meet the GitHub Universe hosts, and start building your schedule
We sat down with Universe hosts Lorena Mesa and Jarryd McCree for a quick Q&A to help you make the most out of your conference experience this year. ⌘ Read more
💾 Save the date for GitHub Game Off 2021
Game Off is an annual game jam (or “hackathon for building games”) that’s a little different from most—it lasts for the entire month of November—not just a weekend or a few days. It’s the perfect ⌘ Read more
Student developer resources you won’t find in the classroom
Heading back to school? Did you just graduate? The GitHub Education Stream Team (GEST) is sharing resources, tools, and more to help emerging developers land a job. Student leaders from around the world are creating and hosting shows to grow the tech community and share information you won’t find in the classroom. ⌘ Read more
Everybody is building one because, you know, why not? Why I built my own static site generator.
Apply now for GitHub Universe 2021 micro-mentoring
As part of our ongoing commitment to ensure GitHub’s conferences are accessible and inclusive to people from all walks of life, we’re offering 30-minute, 1:1 micro-mentoring sessions with GitHub employees. ⌘ Read more
GitHub security update: revoking weakly-generated SSH keys
On September 28, 2021, we received notice from the developer Axosoft regarding a vulnerability in a dependency of their popular git GUI client - GitKraken. An underlying issue with a dependency, called `keypair`, resulted in the GitKraken client generating weak SSH keys. ⌘ Read more
Release Radar · September 2021 Edition
The Northern Hemisphere has hit fall, and the southern is starting to warm into summer. September has been a busy time for our community. Maintainers have been getting their repositories ready for Hacktoberfest, joining us ⌘ Read more
GitHub’s guide to Hacktoberfest 2021
Giving back to open source projects is a great way to practice skills you don’t get to use in your day job. Check out ways to get involved! ⌘ Read more
GitHub Advisory Database now powers npm audit
Today, we’re adding a proxy on top of the GitHub Advisory Database that speaks the `npm audit` protocol. This means that every version of the npm CLI that supports security audits is now talking directly to the GitHub Advisory Database. ⌘ Read more
GitHub Availability Report: September 2021
In September, we experienced no incidents resulting in service downtime to our core services. ⌘ Read more
13 tiny and terrific entries from the js13kGames competition
If you think about it, 13kB isn’t really a lot. The image above is 81kB. This page weighs over 3MB (waaay more if you include the videos). That’s why it’s so incredibly impressive that the ⌘ Read more
A new public beta of GitHub Releases: How we’re improving the release experience
GitHub Releases has a new look and updated tools to make it easier for open source communities to create and share high-quality releases with auto-generated release notes. ⌘ Read more
Cybersecurity spotlight on bug bounty researchers @chen-robert and @ginkoid
GitHub’s bug bounty team is excited to kick off Cybersecurity Awareness Month with a spotlight on two security researchers who participate in the GitHub Security Bug Bounty Program. ⌘ Read more
Enterprise managed users are now generally available for GitHub Enterprise Cloud
Manage your company in the cloud with more control and governance using enterprise managed users. ⌘ Read more
GitHub Enterprise Server 3.2 is now generally available
Today, we’re excited to announce that GitHub Enterprise Server 3.2 is generally available. This release brings over 70 new features and changes that improve developer experience and deliver new security capabilities. ⌘ Read more
Revised enterprise DPA with new standard contractual clauses
As part of GitHub’s strong commitment to developer privacy, we are excited to announce updates to our privacy agreements in line with new legal requirements and our own robust data protection practices. ⌘ Read more
Partitioning GitHub’s relational databases to handle scale
In 2019, to meet GitHub’s growth and availability challenges, we set a plan in motion to improve our tooling and ability to partition relational databases. ⌘ Read more
Nocode app ⛏️ | A free nocode app for data exploration, by Clément Levallois
Interesting piece of code here, gonna try it soon.. ⌘ Read more
Announcing npm’s new access token format
npm access tokens will now follow the established format of GitHub authentication tokens. ⌘ Read more
GitHub Advisory Database now supports Rust
We’re excited to announce that the GitHub Advisory Database now includes curated security advisories on the Rust ecosystem! ⌘ Read more
↳
In-reply-to
»
Assuming the DNS is playing ball now, my little personal site https://www.andrewjvpowell.com/ is now self hosted and solar powered. As @mckinley can attest, running on the original nearlyfreespeech.net non-production plan could use as little as $0.01 per day so there's not really any advantage to this, its just... because I can 🙃
⤋ Read More
using this as the service: https://github.com/JonLundy/sshfwd
↳
In-reply-to
»
Assuming the DNS is playing ball now, my little personal site https://www.andrewjvpowell.com/ is now self hosted and solar powered. As @mckinley can attest, running on the original nearlyfreespeech.net non-production plan could use as little as $0.01 per day so there's not really any advantage to this, its just... because I can 🙃
⤋ Read More
using this as the service: https://github.com/JonLundy/sshfwd
Audit log streaming is now in public beta
If you’re a GitHub Enterprise Cloud customer, you can now set up a stream of audit log and Git events to Splunk or an Azure Event Hub. ⌘ Read more
The ReadME Project: A look back at the community stories that shape us
In August of 2020, we started highlighting stories that showcase how developers, maintainers, and organizations are moving humanity forward through The ReadME Project. ⌘ Read more
What’s new from GitHub Changelog? August 2021 Recap
What did we ship in August? Codespaces, Discussions, and lots of other updates, from the general availability of the dark high contrast theme to an auto-generated table of contents for wikis. ⌘ Read more
Announcing recipients of the GitHub Open Source Grants and GitHub Sponsors now open in India
Announcing recipients of the GitHub Open Source Grants and opening of GitHub Sponsors in India. ⌘ Read more
@niplav@niplav.github.io artistry, or is this some kind of guitar thing?
Installing Arch Linux on Raspberry Pi with WiFi pre-configured
TL;DR Super easy to use standalone offline\
Arch Linux installer for Raspberry Pi which also configures your
WiFi and other config on first boot.
Arch Linux and Raspberry Pi are made for each other. I run them together
every where in my home. However, I have found the [official\
installation instructions](https://archlinuxarm.org/platforms/armv6/r … ⌘ Read more
Git vs. GitHub: What’s the Difference? ⌘ Read more
GitHub Enterprise Server 3.2 brings new color modes and added security capabilities
GitHub Enterprise Server 3.2 is available today as a release candidate. With this release, we’re shipping over 70 new features and changes to improve the developer experience and deliver new security capabilities for our customers. ⌘ Read more
An analysis on developer-security researcher interactions in the vulnerability disclosure process
We put out a call to open source developers and security researchers to talk about the security vulnerability disclosure process. Here’s what we found. ⌘ Read more
GitHub security update: Vulnerabilities in tar and @npmcli/arborist
Between July 21, 2021 and August 13, 2021 we received reports through one of our private security bug bounty programs from researchers regarding vulnerabilities in tar and @npmcli/arborist. ⌘ Read more
Increasing developer happiness with GitHub code scanning
How GitHub uses code scanning to increase developer happiness, and how you can too. ⌘ Read more
Release Radar · August 2021 Edition
The end of financial year is complete, tax time is over, and everyone is back to shipping awesome projects. During August, our community has been super busy shipping lots of new updates. These new releases ⌘ Read more
Introducing the MLH Fellowship: GitHub Externship Track
Applications are now open for the MLH Fellowship: GitHub Externship Track. Apply by September 13. ⌘ Read more
GitHub Availability Report: August 2021
In August, we experienced two distinct incidents resulting in significant impact and degraded state of availability for Git operations, API requests, webhooks, issues, pull requests, GitHub Pages, GitHub Packages, and GitHub Actions services. ⌘ Read more
Improving Git protocol security on GitHub
We’re changing which keys are supported in SSH and removing unencrypted Git protocol. Only users connecting via SSH or git:// will be affected. If your Git remotes start with https://, nothing in this post will affect you. If you’re an SSH user, read on for the details and timeline. ⌘ Read more
Introducing GitHub Global Campus
Calling all students! Get the most out of your GitHub Education experience by joining the GitHub student community on our new digital campus. ⌘ Read more
Vague infringement allegations considered harmful
Ensuring that software copyright allegations are specific and actionable benefits the entire developer ecosystem. That’s why GitHub submitted a “friend of the court” brief in the SAS Institute, Inc. v. World Programming Ltd. case before a Federal Court of Appeals. ⌘ Read more
Request for proposals: Defining standardized GitHub metrics
The GitHub Social Impact and Policy teams are issuing a Request for Proposal (RFP) for a researcher to define a list of publicly available GitHub platform usage metrics by country for international development, public policy and economics disciplines. ⌘ Read more