Custom Post Type: Comment ?~L~X https://notiz.blog/b/5tX
GitHub Desktop 3.0 brings better integration for your pull requests
GitHub Desktop 3.0 brings better integration with your GitHub Pull Requests. You can now receive real time notifications and review the status of your check runs for your pull request. ⌘ Read more
Die (Twitter) Posse ?~L~X https://notiz.blog/b/66y
Celebrating 40 years of ZX Spectrum ❤️ 💛 💚 💙
The ZX Spectrum, one of the best-selling microcomputers of all time, celebrates its 40 years anniversary today. Read more about how the community is still active - creating new content, archiving old content, and hacking on all sorts of hardware. ⌘ Read more
Removing the stigma of a CVE
Do you worry that a CVE will hurt the reputation of your project? In reality, CVEs are a tracking number, and nothing more. Here’s how we think of them at GitHub. ⌘ Read more
5 simple things every developer can do to ship more secure code
From plug-and-play automations to protected branches, here are simple ways any developer can build more secure software on GitHub—all with a free account. ⌘ Read more
Your guide to GitHub InFocus: Improving the way software development teams work in 2022
We’re kicking off InFocus, a global virtual event focused on accelerating, securing, and improving the way software development teams work. ⌘ Read more
Improving Git push times through faster server side hooks
The history of pre-receive hooks, how we discovered that the performance was problematic, and how we went about safely replacing them. ⌘ Read more
Organization profiles leading the way
Organization profiles can now display custom content visible only to members of the organization. A new Member view can be tailored to show an alternative README and pinned private repositories. ⌘ Read more
Codespaces for multi-repository and monorepo scenarios
We’re releasing exciting improvements that will streamline your Codespaces experience when working with multi-repository projects and monorepos. ⌘ Read more
Sharing security expertise through CodeQL packs (Part I)
Introducing CodeQL packs to help you codify and share your knowledge of vulnerabilities. ⌘ Read more
Highlights from Git 2.36
Another new release of Git is here! Take a look at some of our highlights on what’s new in Git 2.36. ⌘ Read more
Security alert: Attack campaign involving stolen OAuth user tokens issued to two third-party integrators
On April 12, GitHub Security began an investigation that uncovered evidence that an attacker abused stolen OAuth user tokens issued to two third-party OAuth integrators, Heroku and Travis-CI, to download data from dozens of organizations, including npm. Read on to learn more about the impact to GitHub, npm, and our users. ⌘ Read more
Dependabot alerts now surface if your code is calling a vulnerability
Today, we’re shipping a new feature for Dependabot alerts which helps you better understand how you’re affected by a vulnerability. ⌘ Read more
Git security vulnerability announced
Upgrade your local installation of Git, especially if you are using Git for Windows, or you use Git on a multi-user machine. ⌘ Read more
What’s new in GitHub Discussions: Organization Discussions, polls, and more
Today, we’re excited to bring you a few new features that will help you communicate, collaborate, and connect seamlessly with teams and communities about the software you’re building with the help of GitHub Discussions. ⌘ Read more
Performance at GitHub: deferring stats with rack.after_reply
How we sped up GitHub.com by moving slow, non-critical code into rack.after_reply. ⌘ Read more
metaformats ?~L~X https://notiz.blog/b/658
Release Radar · March 2022 Edition
Each month, we highlight open source projects that have shipped major updates. These include everything from world-changing technology to developer tooling, and weekend projects. Here are our top staff picks on projects that shipped major version releases in March. Babylon.js 5.0 We featured Babylon.js in the November 2020 Release Radar. Since then, Babylon.js has come […] ⌘ Read more
Git Credential Manager: authentication for everyone
Ensuring secure access to your source code is more important than ever. Git Credential Manager helps make that easy. ⌘ Read more
Achieving SLSA 3 Compliance with GitHub Actions and Sigstore for Go modules
Learn how to build packages with SLSA 3 provenance using GitHub Actions. ⌘ Read more
GitHub Availability Report: March 2022
In March, we experienced several incidents resulting in significant impact to multiple GitHub services. ⌘ Read more
Prevent the introduction of known vulnerabilities into your code
The new dependency review action and API prevents the introduction of known supply chain vulnerabilities into your code. ⌘ Read more
How Dependabot empowers you to keep your projects secure
We want to take away the pain and effort of keeping your code secure, so check out how Dependabot empowers developers to keep to their projects secure. ⌘ Read more
4 ways we use GitHub Actions to build GitHub
From automating builds and releases to taking care of large-scale regression testing, here are a few ways we use GitHub Actions to build GitHub. ⌘ Read more
Proactively prevent secret leaks with GitHub Advanced Security secret scanning
Organizations with GitHub Advanced Security can now proactively protect against secret leaks with secret scanning’s new push protection feature. ⌘ Read more
CloudFest Hackathon: WordPress and the IndieWeb ?~L~X https://notiz.blog/b/63b
How GitHub does take home technical interviews
We believe our technical interviews should be as similar as possible to the way we work at GitHub. ⌘ Read more
GitHub Copilot now available for Visual Studio 2022
GitHub Copilot is now available from Visual Studio 2022 for everyone in the technical preview. ⌘ Read more
How to secure your end-to-end supply chain on GitHub
Securing your projects is no easy task, but end-to-end supply chain security is more top of mind than ever. We’ve seen bad actors expand their focus to taking over user accounts, commonly used dependencies, and also build systems. Defending against these attacks is hard, because there’s no one thing you can do to protect your […] ⌘ Read more
little blog post about my email setup
Unlock all the GitHub secrets within Next.Tech’s newest experience: Break the Code 2!
GitHub Education is fired up for the return of Next.Tech’s developer community competition: Break the Code 2. We’ve hacked in some new enigmas, cheat codes, and easter eggs for digital sleuths to uncover! ⌘ Read more
An update on recent service disruptions
Over the past few weeks, we have experienced multiple incidents due to the health of our database. We wanted to share what we know about these incidents while our team continues to address them. ⌘ Read more
GitHub Actions: secure self-hosted runners by limiting them to specific workflows
You can now enforce consistent usage of self-hosted runner groups across your organization and enterprise. ⌘ Read more
Understanding Color Management
I worked on a project where I dived deep into understanding how modern
color management works, including things like color spaces, ICC profiles
and more. As I learnt here and there, I decided to write this post, both
for my future self, and others who may struggle with some of the
concepts as well.
Color management deals with translating between representations of
colors across a variety of devices. Throughout this post, we’ll use
natural language as … ⌘ Read more
Understanding Color Management
I worked on a project where I dived deep into understanding how modern
color management works, including things like color spaces, ICC profiles
and more. As I learnt here and there, I decided to write this post, both
for my future self, and others who may struggle with some of the
concepts as well.
This post only aims to help you understand the basic concepts without
having to delve into dense literature and hard to grok technical
documents.
Color … ⌘ Read more
Improving your GitHub feed
Today, we are rolling out a new beta version of GitHub’s home feed, making it easier to discover projects, developers and more across GitHub. ⌘ Read more
Introducing the GHES repository cache
If you’re a GHES customer with heavy read traffic on your monorepo, check out the repository cache, especially if you have CI workloads distributed around the world. ⌘ Read more
Start working on GitHub Issues faster
You can now create a branch to work on an issue directly from the issue page so that it’s easier to get started right away. ⌘ Read more
Validate all the things: improve your security with input validation!
If there’s one habit that can make software more secure, it’s probably input validation. Here’s how to apply OWASP Proactive Control C5 (Validate All Inputs) to your code. ⌘ Read more
Annotate PDFs on Linux
This post is about a GUI tool called pdfrankestein that
fills a gap on mostly Linux machines where a powerful and easy to use
PDF annotator does not exist.
Adobe Acrobat® on Windows and Mac allow you to add text, drawings and
signatures to PDF documents. This is useful when filling forms or
marking notes to send back to someone. Such a tool with similar
capabilities and easy of use does not exist on Linux. The reason that’s
often cited is that PDF is a c … ⌘ Read more
https://traditionsofconflict.com/blog/2019/10/4/sacred-metal, and now consider computer programming (especially the terminology of wizards/gurus, programming as magic, the SICP cover &c!)
Release Radar · February 2022 Edition
Our community has shipped lots of open source project updates in the last month. Here’s a few of our staff picks. ⌘ Read more
Image rebase and improved remote cache support in new BuildKit
We’ve just shipped new versions of the BuildKit builder engine, Dockerfile 1.4 frontend, and Docker We’ve just shipped new versions of the BuildKit builder engine, Dockerfile 1.4 frontend, and Docker Buildx CLI. Each of these comes with many new features. In this blog post, I’ll show one of them, a new copy mode in Dockerfiles, […]
The post [Image rebase and improved remote cache support in new BuildKit](https://w … ⌘ Read more
Speed boost achievement unlocked on Docker Desktop 4.6 for Mac
Introducing virtiofs The 4.6 release of Docker Desktop for Mac contains a number of changes that drastically improve file sharing performance for macOS users. Firstly, developers now have the option of using a new experimental file sharing implementation called virtiofs (the current default is gRPC-FUSE). Secondly, improvements have been made to the way that files […]
The post [Speed boost achievement unlocked on … ⌘ Read more
Vulnerability Alert: Avoiding “Dirty Pipe” CVE-2022-0847 on Docker Engine and Docker Desktop
You might have heard about a new Linux vulnerability that was released last week, CVE-2022-0847, aka “Dirty Pipe”. This vulnerability overwrites supposedly read-only files in the Linux kernel host, which could enable attackers to modify files inside the host images from the container instance. If you use Docker Engine natively, we recommend you should update … ⌘ Read more
Save time with partial re-runs in GitHub Actions
It is now possible to re-run only failed jobs or a single job in GitHub Actions workflows. ⌘ Read more
Docker: Nine Years YOUNG
Nine years ago today, March 15, 2013, Solomon Hykes, the founder of Docker, first demoed Docker publicly to the world at PyCon. On stage Solomon noted that, for developers, “shipping to the server is hard,” and thus he and the early team designed Docker to help developers more easily build, share, and run any app, […]
The post Docker: Nine Years YOUNG appeared first on Docker Blog. ⌘ Read more
Docker Business now available for purchase on the Amazon Web Services Marketplace
Today, Docker and Amazon are happy to announce the availability of Docker Business on the Amazon Web Services (AWS) Marketplace. This is a huge step in providing more choice and flexibility to Docker and AWS customers, so you can procure the Docker Application Development Platform – including leading tools, services, integrations, and content – through […]
The post [Docker Bus … ⌘ Read more
Improved management for GitHub Enterprise owners
We’ve introduced several new features to help enterprise owners more easily manage their accounts, including two features now in public beta. ⌘ Read more
ryudo has a bit more polish now at v1.3.4; new blog post breaking down how multimonitor support was implemented
Docker’s Response to the Invasion of Ukraine
Docker is closely following the events surrounding the Russian invasion of Ukraine. The community of Docker employees, Docker Captains, developers, customers, and partners is committed to creating an open, collaborative environment that fosters the free and peaceful exchange of ideas. The tragedy unfolding in Ukraine is in opposition to what our community stands for and […]
The post [Docker’s Response to the Invasion of Ukraine](https://www.docker.co … ⌘ Read more
How Kubernetes works under the hood with Docker Desktop
Docker Desktop makes developing applications for Kubernetes easy. It provides a smooth Kubernetes setup experience by hiding the complexity of the installation and wiring with the host. Developers can focus entirely on their work rather than dealing with the Kubernetes setup details. This blog post covers development use cases and what happens under the hood […]
The post [How Kubernetes works under the hood with Docker Desktop … ⌘ Read more
GitHub Availability Report: February 2022
In February, we experienced one incident resulting in significant impact to multiple GitHub services. ⌘ Read more
Our response to the war in Ukraine
As the global response to the tragedies in Ukraine and other impacted regions continues to evolve, I wanted to share with our community an expansion of the message that I shared earlier this week with our Hubbers. ⌘ Read more
What you need to know about macOS X 10.14 Deprecation
Docker supports Docker Desktop on the most recent versions of macOS. That is, the current release of macOS and the previous two releases. As new major versions of macOS are made generally available, Docker stops supporting the oldest version and supports the newest version of macOS (in addition to the previous two releases). Keeping with […]
The post [What you need to know about macOS X 10.14 Deprecation](https://www.docker.com/blo … ⌘ Read more
A new way to understand your GitHub-hosted runner capacity
Explore and understand your overall GitHub-hosted Actions runner capacity with the new runner view. ⌘ Read more
Codespaces for the largest repositories just got faster
The ability to prebuild codespaces is entering public beta. Enable fast environment creation times, regardless of the size and complexity of your repositories. ⌘ Read more
AppDev Challenges and Trends to Watch in 2022
Over the last few years, development teams have been pushed to do a lot more with less. The global supply chain disruptions caused by the pandemic and the chip manufacturing shortage in particular impacted the tech industry. These factors have moved developer workloads toward the cloud, created a more asynchronous and remote workforce, and increased […]
The post [AppDev Challenges and Trends to Watch in 2022](https://www.docker.com/blog/appdev-cha … ⌘ Read more
Black Innovators That Paved the Way
While diverse experiences and perspectives should be sought after and celebrated every day, Black History Month is a wonderful opportunity to reflect on and celebrate the many contributions of Black Americans. Recognizing the ingenuity of Black people in technology is incredibly important – especially when a large diversity gap of historically overrepresented groups is so […]
The post [Black Innovators That Paved the Way](https://www.docker.com/blog/black-innovators … ⌘ Read more
Get started with ease using security workflows!
In-line with the other categories, workflows in the Security category will be recommended based on a repository’s content. ⌘ Read more
GitHub Advisory Database now open to community contributions
Anyone can now provide additional information to further the community’s understanding and awareness of security advisories. ⌘ Read more
Travel Tips
A bunch of disorganized tips and product recommendations for when
traveling abroad:
Docker Captain Take 5 – Martin Terp
Docker Captains are select members of the community that are both experts in their field and are passionate about sharing their Docker knowledge with others. “Docker Captains Take 5” is a regular blog series where we get a closer look at our Captains and ask them the same broad set of questions ranging from what […]
The post Docker Captain Take 5 – Martin Terp appeared first on [Docker Blog](https://www. … ⌘ Read more
Code scanning finds more vulnerabilities using machine learning
Today we launched new code scanning analysis features powered by machine learning. The experimental analysis finds more of the most common types of vulnerabilities. ⌘ Read more
Leveraging machine learning to find security vulnerabilities
A behind-the-scenes peek into the machine learning framework powering new code scanning security alerts. ⌘ Read more
How to make the most out of a mentoring relationship
Tips from our developer advocates on how and why to find a mentor. ⌘ Read more
Encoding and escaping untrusted data to prevent injection attacks
Practical tips on how to apply OWASP Top 10 Proactive Control C4. ⌘ Read more
blog++; thoughts on my relationship to IT
GitHub Enterprise Server 3.4 improves developer productivity and adds reusable workflows to CI/CD
The GitHub Enterprise Server 3.4 release candidate delivers enhancements to make life easier and more productive, from keyboard shortcuts to auto-generated release notes! ⌘ Read more
The GitHub Stars in our eyes ⭐️
Over the past year, the GitHub Stars have made a tremendous impact in the community with their influence, inspiring and building communities and creating content to help everyone. ⌘ Read more
Announcing the 2022 MLH Fellowship Cohort, powered by GitHub
The MLH Fellowship, powered by GitHub, is a 12-week internship alternative for aspiring software engineers. Meet the 2022 cohort! ⌘ Read more
Include diagrams in your Markdown files with Mermaid
A picture tells a thousand words. Now you can quickly create and edit diagrams in markdown using words with Mermaid support in your Markdown files. ⌘ Read more
big update to the internals of eureka! wrote a blog post on the how and why
Getting started with project planning on GitHub
Stop context switching. Keep your team’s project planning next to your code. ⌘ Read more
How to start using reusable workflows with GitHub Actions
Reusable workflows offer a simple and powerful way to avoid copying and pasting workflows across your repositories. ⌘ Read more
New Docker Menu & Improved Release Highlights with Docker Desktop 4.5
We’re excited to announce the release of Docker Desktop 4.5 which includes enhancements we’re excited for you to try out. New Docker Menu: Improved Speed and Unified Experience Across Operating Systems We’ve launched a new version of the Docker Menu which creates a consistent user experience across all operating systems (including Docker Desktop for Linux, […]
The post [New Docker Menu & Improved Rele … ⌘ Read more
Coordinated vulnerability disclosure (CVD) for open source projects
A comprehensive guide for vulnerability reporters. ⌘ Read more
The Impacts of an Insecure Software Supply Chain
Today, software regularly integrates open-source code from third-party sources into applications. While this practice empowers developers to create more capable software in a shorter time frame, it brings with it the risk of introducing inadequately vetted code. How aware are we of the security of our open-source code? Most of us use pip or npm […]
The post [The Impacts of an Insecure Software Supply Chain](https://www.docker.com/blog/the-im … ⌘ Read more
Improving the developer experience for Dependabot alerts
Today, we’re shipping improvements to Dependabot alerts that make them easier to understand and remediate. ⌘ Read more
Release Radar · January 2022 Edition
Here’s January’s top staff picks on projects that shipped major version releases. ⌘ Read more
Really worth watching, twice… “Line Goes Up – The Problem With NFTs” sur YouTube
The best critical take on #nft
There is a lot to digest but it’s really worth it! ⌘ Read more
DockerCon: What Makes a Successful CFP Submission
The DockerCon 2022 Call for Papers is now open! DockerCon is one of the largest developer events in the world, with over 80,000 developers registering for each of the last two events. At the core of DockerCon is the chance for members of the community to share their tips, tricks, best practices and real-world experiences […]
The post [DockerCon: What Makes a Successful CFP Submission](https://www.docker.com/blog/dockercon-what-makes-a-succe … ⌘ Read more
GitHub Availability Report: January 2022
In January, we experienced no incidents resulting in service downtime to our core services. ⌘ Read more
How to build a CI/CD pipeline with GitHub Actions in four simple steps
A quick guide on the advantages of using GitHub Actions as your preferred CI/CD tool—and how to build a CI/CD pipeline with it. ⌘ Read more
New sponsors-only repositories, custom amounts, and more
Along with the release of sponsors-only repositories, here’s a look at what’s new and what’s next for Sponsors. ⌘ Read more
Celebrating Our Second Fiscal Year
Yesterday, January 31, we finished our second full fiscal year since our November 2019 restructuring and recapitalization, and I couldn’t be prouder of the Docker team and what we’ve accomplished together. While it’s difficult to summarize 12 months, highlights include: Shipping 7,000+ product features, fixes, and updates to developers, including Docker Desktop for M1 Macs, […]
The post [Celebrating Our Second Fiscal Year](https://www.docker.com/blog/celebrating-our-se … ⌘ Read more
Code scanning and Ruby: turning source code into a queryable database
A deep dive into how GitHub adds support for new languages to CodeQL. ⌘ Read more
Top-100 npm package maintainers now require 2FA, and additional security-focused improvements to npm
Starting today, we are rolling out mandatory 2FA to all maintainers of top-100 npm packages by dependents. ⌘ Read more
Dependency graph now supports GitHub Actions
The dependency graph helps developers and maintainers understand the code they depend on, and now includes GitHub Actions! ⌘ Read more
Dockerize your own Game of Thrones’ API
This article will demonstrate a fun and useful use case of docker, where we will create and deploy to production a custom-made API. In our case, it will provide information about the episodes of the TV show “Game of Thrones”. Besides Docker, our stack will include: About the API The API will serve information about […]
The post Dockerize your own Game of Thrones’ API appeared first on [Dock … ⌘ Read more
2021 Transparency Report
In GitHub’s latest transparency report, we’re giving you a by-the-numbers look at how we responded to requests for user info and content removal. ⌘ Read more
Thinking beyond SQL injection: OWASP tips for secure database access
When it comes to secure database access, there’s more to consider than SQL injections. OWASP Top 10 Proactive Control C3 offers guidance. ⌘ Read more
first blog post of the new year feat. misc. status and ramblings
A Gnostic Internet. … | by Varun Adibhatla | Coinmonks
#Blockstack ⌘ Read more
Get ready for Campus TV Season 2: 🌱 New Beginnings
Learn new skills, build projects and meet like-minded students with the latest shows from the GitHub Education Stream Team. ⌘ Read more
How Docker containers are supporting the COVID-19 genomic monitoring effort
This is a guest blog post from Dr. Kelsey Florek and Curtis Kapsak. A video presentation of this post from Docker’s Community All-Hands can be found here. Dr. Kelsey Florek is the Senior Genomics and Data Scientist at the Wisconsin State Laboratory of Hygiene and a steering committee member of the State Public Health Bioinformatics […]
The post [How Docker containers are supporting the CO … ⌘ Read more
How Docker Desktop Networking Works Under the Hood
Modern applications make extensive use of networks. At build time it’s common to apt-get/dnf/yum/apk install a package from a Linux distribution’s package repository. At runtime an application may wish to connect() to an internal postgres or mysql database to persist some state, while also calling listen() and accept() to expose APIs and UIs over TCP […]
The post [How Docker Desktop Networking Works Under the Hood](https://www.docker.com … ⌘ Read more
Highlights from Git 2.35
The open source Git project just released Git 2.35. Here’s GitHub’s look at some of the most interesting features and changes introduced since last time. ⌘ Read more
File Sharing with Docker Desktop
One of the topics users of Docker Desktop often ask us about is file sharing. How do I see my source code inside my container? What’s the difference between a volume and a bind mount? Why is file sharing slower than on Linux, and how can I speed it up? In this blog post, I’ll […]
The post File Sharing with Docker Desktop appeared first on Docker Blog. ⌘ Read more