23 doesn’t feel all that different from 22. 🤔😊 ⌘ Read more
Today’s most common security vulnerabilities explained
We’re taking a look at some of the most common security vulnerabilities and detailing how developers can best protect themselves. ⌘ Read more
Paul Schaub: Creating an OpenPGP Web-of-Trust Implementation – A Series
I am excited to announce that PGPainless will receive funding by NGI Assure to develop an implementation of the Web-of-Trust specification proposal!
The Web-of-Trust (WoT) serves as an e … ⌘ Read more
I already liked cherry blossoms 6 years ago. This photo is from 2016, taken with my Motorola Moto G 3rd Gen. That was my third of in total five smartphones. ⌘ Read more
20 of our favorite games + source code from Ludum Dare 50
20 of our favorite games plus source code from the latest Ludum Dare competition. ⌘ Read more
The ReadME Project Q&A: What you need to know about teaching technical skills
Teaching is a great way to not only help others but to better learn a topic yourself. ⌘ Read more
I’ve found a nice place near my apartment, where I can sit down after a long day of work and can finally work through a few articles from my reading list. It is an old cemetery, which was redesigned as a park. There’s a school next to it, so it’s not that quite, but that’s ok. ⌘ Read more
GitHub Availability Report: April 2022
In April, we experienced two distinct incidents resulting in significant impact and degraded state of availability for Codespaces and GitHub Packages. ⌘ Read more
No standstill?
When I reflect on myself like this, I have long had the impression that I am a person who cannot live at a standstill. I always need a topic that keeps me busy, a thing in my life that I can optimize or at least a frequently changing topic that I can dive into. ⌘ Read more
Software security starts with the developer: Securing developer accounts with 2FA
GitHub will require all users who contribute code on GitHub.com to enable one or more forms of two-factor authentication (2FA) by the end of 2023. ⌘ Read more
Being friendly: Strategies for friendly fork management
This is the second and final post in a series describing friendly forks and alternative strategies for managing them. ⌘ Read more
Another reason to like spring: cherry blossoms. ⌘ Read more
My April ‘22 in Review
April is also over now, time to take a short look back. ⌘ Read more
this month’s blog post riffing on dealing with complexity in software ‘engineering’
Bringing code navigation to communities
Thanks to the efforts of the Elixir community, GitHub supports code navigation for Elixir repositories. Read how favorite language can add this support too! ⌘ Read more
“Cool Things People Do With Their Blogs”
I do from time to time forays through the Internet and like to visit cool blogs. Wouter has created a list with a few examples and even mentioned my blog in it. 🤓 ⌘ Read more
Best practices to keep your projects secure on GitHub
These days software is subject to an ever-changing threat landscape. Check out the many ways you can keep your projects secure on GitHub today. ⌘ Read more
JMP: Newsletter: New Staff, New Commands
Hi everyone!
Welcome to the latest edition of your pseudo-monthly JMP update!
In case it’s been a while since you checked out JMP, here’s a refresher: JMP lets you send and receive text and picture messages (and calls) through a real phone number right from your computer, tablet, phone, or anything else that has a Jabber client. Among other things, JMP has these features: Your phone number on every device; Multiple phone numbers, one app; Free as in Freedom; … ⌘ Read more
Custom Post Type: Comment ?~L~X https://notiz.blog/b/5tX
Why I now mute my watch
I am a user of a smartwatch. It is already the third smartwatch in my life (first the Sony SmartWatch 3, then the Samsung Galaxy Watch and now the Galaxy Watch 4) and I am actually quite satisfied with it. I always need an easy way to see the time, even when I’m riding my bike and can’t look at my smartphone (being on time is important to me!), plus it counts my steps and gives me the ability to view notifications right on my wrist so I don’t always have to get my smartphone out of my pocket firs … ⌘ Read more
GitHub Desktop 3.0 brings better integration for your pull requests
GitHub Desktop 3.0 brings better integration with your GitHub Pull Requests. You can now receive real time notifications and review the status of your check runs for your pull request. ⌘ Read more
Just for the record: I left Twitter before it was cool to do so. 😊 But seriously, it was the right decision back then and I have no regrets. ⌘ Read more
Erlang Solutions: What are the key trends in digital payments? part 2/2
In the second and final part of this article, we take a look at some of the important developments in how payments work using our fintech industry knowledge and experience working on some of the most performant fintech systems in the world such as Vocalink’s Instant Payments Solution (IPS).
In part 1 we looked at the rapid growth in e-commerce, demand for faster payments and consumer adoption of relativel … ⌘ Read more
Die (Twitter) Posse ?~L~X https://notiz.blog/b/66y
At the cemetery, by a babbling fountain with a passing train. ⌘ Read more
Celebrating 40 years of ZX Spectrum ❤️ 💛 💚 💙
The ZX Spectrum, one of the best-selling microcomputers of all time, celebrates its 40 years anniversary today. Read more about how the community is still active - creating new content, archiving old content, and hacking on all sorts of hardware. ⌘ Read more
Removing the stigma of a CVE
Do you worry that a CVE will hurt the reputation of your project? In reality, CVEs are a tracking number, and nothing more. Here’s how we think of them at GitHub. ⌘ Read more
5 simple things every developer can do to ship more secure code
From plug-and-play automations to protected branches, here are simple ways any developer can build more secure software on GitHub—all with a free account. ⌘ Read more
Your guide to GitHub InFocus: Improving the way software development teams work in 2022
We’re kicking off InFocus, a global virtual event focused on accelerating, securing, and improving the way software development teams work. ⌘ Read more
Nix 2.8.0 released
We’re pleased to announce the availability of Nix 2.8.0. It will be
available from NixOS -\
Getting Nix / NixOS.
Here are the release notes:
New experimental command:
nix fmt, which applies a
formatter defined by theformatter.<system></system>flake
output to the Nix expressions in a flake.Various Nix commands can now read expressions from standard input
using--file -.New experimental builtin function
builtins.fetchClosurethat c … ⌘ Read more
Improving Git push times through faster server side hooks
The history of pre-receive hooks, how we discovered that the performance was problematic, and how we went about safely replacing them. ⌘ Read more
Erlang Solutions: What are the key trends in digital payments? part ½
Payments are the backbone of a functioning global economy. A payments system can be defined as any system that can be used to settle a financial transaction by exchanging monetary value. Payments are a part of financial services that have undergone rapid and transformational change over recent years, and the Erlang Solutions team has been at the cutting-edge of many of these changes working on exciting cli … ⌘ Read more
Erlang Solutions: Understanding Processes for Elixir Developers
This post is for all developers who want to try Elixir or are trying their first steps in Elixir. This content is aimed at those who already have previous experience with the language.
This will help to explain one of the most important concepts in the BEAM: processes. Although Elixir is a general-purpose programming language, you don’t need to understand how the virtual machine works, but if you want to take advantage … ⌘ Read more
Reflecting on my work
I have been a full-time software developer for over a year now. I’ve since settled in well in the job, and I’m getting along better and better, even if the topics are sometimes still quite complex and difficult to understand, especially when it comes to “historically grown” things. ⌘ Read more
Organization profiles leading the way
Organization profiles can now display custom content visible only to members of the organization. A new Member view can be tailored to show an alternative README and pinned private repositories. ⌘ Read more
Codespaces for multi-repository and monorepo scenarios
We’re releasing exciting improvements that will streamline your Codespaces experience when working with multi-repository projects and monorepos. ⌘ Read more
Sharing security expertise through CodeQL packs (Part I)
Introducing CodeQL packs to help you codify and share your knowledge of vulnerabilities. ⌘ Read more
Highlights from Git 2.36
Another new release of Git is here! Take a look at some of our highlights on what’s new in Git 2.36. ⌘ Read more
My thoughts on and motivation behind GoBlog reactions
Yesterday I announced a spontaneously developed GoBlog feature, reactions. The post also got a lot of reactions, over 900 times the buttons were pressed. But I also got some comments. ⌘ Read more
Happy Easter! ⌘ Read more
Not only Telegram implements new features, I spontaneously had an idea and a bit of programming desire. As an optional feature GoBlog now offers “reactions”. I don’t think I need to explain this feature, just try it out on this post. 😉 ⌘ Read more
Telegram is now a super-app?
It seems that there is a new super-app: Telegram. Bots can now also use HTML5 and JavaScript and thus “replace websites”. ⌘ Read more
Security alert: Attack campaign involving stolen OAuth user tokens issued to two third-party integrators
On April 12, GitHub Security began an investigation that uncovered evidence that an attacker abused stolen OAuth user tokens issued to two third-party OAuth integrators, Heroku and Travis-CI, to download data from dozens of organizations, including npm. Read on to learn more about the impact to GitHub, npm, and our users. ⌘ Read more
Dependabot alerts now surface if your code is calling a vulnerability
Today, we’re shipping a new feature for Dependabot alerts which helps you better understand how you’re affected by a vulnerability. ⌘ Read more
Erlang Solutions: Introducing Stream Support In RabbitMQ
In July 2021, streams were introduced to RabbitMQ, utilizing a new blazingly-fast protocol that can be used alongside AMQP 0.9.1. Streams offer an easier way to solve a number of problems in RabbitMQ, including large fan-outs, replay & time travel, and large logs, all with very high throughput (1 million messages per second on a 3-node cluster). Arnaud Cogoluègne s, Staff Engin … ⌘ Read more
After the repair, I am really excited about my pedelec. The battery significantly increases the range of a “small” bike ride and allows me to visit many beautiful places in the vicinity of my hometown Braunschweig and enjoy the nature. ⌘ Read more
JMP: Computing International Call Rates with a Trie
A few months ago we launched International calling with JMP. One of the big tasks leading up to this launch was computing the rate card: that is, how much calls to different destinations would cost per minute. While there are many countries in the world, there are even more calling destinations. Our main carrier partner for this feature lists no fewer than 59881 unique phone number prefixes in the rates they charge us. This list is, quite frankly, incomprehen … ⌘ Read more
Git security vulnerability announced
Upgrade your local installation of Git, especially if you are using Git for Windows, or you use Git on a multi-user machine. ⌘ Read more
To kick off my few days of Easter vacation, I took my freshly inspected and repaired pedelec (e-bike) with beautiful weather (20 degrees and sun) and drove a round on the “Ringgleis”, a bike path around my city. The total mileage has now also finally reached the 3000 km. That’s still not much over several years, but I still have my second, non-electric bike, with which I probably ride a lot more. ⌘ Read more
What’s new in GitHub Discussions: Organization Discussions, polls, and more
Today, we’re excited to bring you a few new features that will help you communicate, collaborate, and connect seamlessly with teams and communities about the software you’re building with the help of GitHub Discussions. ⌘ Read more
Performance at GitHub: deferring stats with rack.after_reply
How we sped up GitHub.com by moving slow, non-critical code into rack.after_reply. ⌘ Read more
metaformats ?~L~X https://notiz.blog/b/658
Why blog at all? (and indieblog.page)
What a coincidence: I was just thinking about why I blog at all, when I saw a post from Andreas Gohr in my feed reader with the announcement of indieblog.page. Cool site to discover blogs! ⌘ Read more
Release Radar · March 2022 Edition
Each month, we highlight open source projects that have shipped major updates. These include everything from world-changing technology to developer tooling, and weekend projects. Here are our top staff picks on projects that shipped major version releases in March. Babylon.js 5.0 We featured Babylon.js in the November 2020 Release Radar. Since then, Babylon.js has come […] ⌘ Read more
The first two nights with my new weighted blanket were good! The blanket is very cozy but not sweaty. The weight is not oppressive, but just right, and also makes me feel somehow more tired than usual before I sleep, and then let me fall asleep almost immediately, as if flipping a switch. And somehow I seem to dream much less, which can be a positive sign for more deep sleep. ⌘ Read more
PicoShare – simple file sharing
Having recently posted about rathole, today I’d like to share another tool I use in combination with rathole: PicoShare. ⌘ Read more
Git Credential Manager: authentication for everyone
Ensuring secure access to your source code is more important than ever. Git Credential Manager helps make that easy. ⌘ Read more
Achieving SLSA 3 Compliance with GitHub Actions and Sigstore for Go modules
Learn how to build packages with SLSA 3 provenance using GitHub Actions. ⌘ Read more
Erlang Solutions: Using Elixir and WhatsApp to Fight COVID19
Introduction:Discover the inside story of how the World Health Organisation’s WhatsApp COVID-19 hotline service was launched in 5 days using Elixir. At the beginning of March 2020, Turn.io launched the world’s first WhatsApp-based COVID-19 response for the South African Ministry of Health. The service was designed, deployed, stress-tested, and launched.
In 5 days. It scaled, before any kind of public launch, to 450K unique … ⌘ Read more
GitHub Availability Report: March 2022
In March, we experienced several incidents resulting in significant impact to multiple GitHub services. ⌘ Read more
Prevent the introduction of known vulnerabilities into your code
The new dependency review action and API prevents the introduction of known supply chain vulnerabilities into your code. ⌘ Read more
Ignite Realtime Blog: inVerse Openfire plugin 9.1.0-1 released!
Earlier today, version 9.1.0 release 1 of the Openfire inVerse plugin was released. This plugin allows you to easily deploy the third-party Converse client in Openfire. In this release, the version of the client that is bundled in the plugin is updated to 9.1.0!
The updated plugin should become available for download in your Openfire admin console in the course of the next few hours. Alternat … ⌘ Read more
Ignite Realtime Blog: JSXC Openfire plugin 4.4.0-1 released!
Earlier today, version 4.4.0 release 1 of the Openfire JSXC plugin was released. This plugin allows you to easily deploy the third-party JSXC client in Openfire. In this release, the version of the client that is bundled in the plugin is updated to 4.4.0!
The updated plugin should become available for download in your Openfire admin console in the course of the next few hours. Alternatively, you can … ⌘ Read more
How Dependabot empowers you to keep your projects secure
We want to take away the pain and effort of keeping your code secure, so check out how Dependabot empowers developers to keep to their projects secure. ⌘ Read more
Ignite Realtime Blog: Openfire Message of the Day (MotD) plugin version 1.2.3 released
Earlier today, version 1.2.3 of the Openfire Message of the Day plugin was released. This version adds a German translation to the admin console (thank you, Stephan Trzonnek, for providing the translation)!
The updated plugin should become available for download in your Openfire admin console in the course of the next few hours. Alternatively, you can download the plugin dir … ⌘ Read more
Ignite Realtime Blog: REST API Openfire plugin 1.8.0 released!
Earlier today, version 1.8.0 of the Openfire REST API plugin was released. This version adds a new endpoints for readiness, liveliness and cluster status!
The updated plugin should become available for download in your Openfire admin console in the course of the next few hours. Alternatively, you can download the plugin directly, from [the plugin’s archive page](https://www.igniterealtime.org/projects/openfire/plugin-arc … ⌘ Read more
4 ways we use GitHub Actions to build GitHub
From automating builds and releases to taking care of large-scale regression testing, here are a few ways we use GitHub Actions to build GitHub. ⌘ Read more
ntfy – open source push notifications
In December, I wrote about ntfy.sh: ⌘ Read more
Proactively prevent secret leaks with GitHub Advanced Security secret scanning
Organizations with GitHub Advanced Security can now proactively protect against secret leaks with secret scanning’s new push protection feature. ⌘ Read more
CloudFest Hackathon: WordPress and the IndieWeb ?~L~X https://notiz.blog/b/63b
rathole - ngrok alternative
Some time ago I tried to make my Nitter instance available on the Internet from home via Tailscale, Caddy and an own building block in between, but stopped it again a short time later because it didn’t work that well somehow. Today I found out about rathole, and what can I say? It works great and seems to be much faster than my previous solution! ⌘ Read more
Snow in April?!? 🌨️ ⌘ Read more
My March ‘22 in Review
Now March is also over, the first lockdown turns two, my bachelor’s degree one. Time to look back a bit on the past weeks. ⌘ Read more
Mastodon 3.5 finally supports the Update ActivityPub activity. GoBlog supports sending updates for quite a while already, but only Pleroma showed the updated posts and not Mastodon. That would have been useful recently, when I posted “Spaces!” but wanted to post “Tabs!” and updated my post. 😅 ⌘ Read more
How GitHub does take home technical interviews
We believe our technical interviews should be as similar as possible to the way we work at GitHub. ⌘ Read more
I’d like to see more attention put into carving out a subset of Mastodon’s functionality that would allow you to host your fediverse node on a static site, à la blog feeds powered by RSS/Atom. Mastodon 3.5 | Hacker News
ProcessOne: ejabberd 21.12
This new ejabberd 21.12 release comes after five months of work, contains more than one hundred changes, many of them are major improvements or features, and several bug fixes.
When upgrading from previous versions, please notice: there’s a change in mod_register_web behaviour, and PosgreSQL database, please take a look if they affect your installation.
A more detailed explanation of those … ⌘ Read more
GitHub Copilot now available for Visual Studio 2022
GitHub Copilot is now available from Visual Studio 2022 for everyone in the technical preview. ⌘ Read more
When you submit a GDPR request to American Express (Germany), you get an “Encrypted Mail” (for which you have to log in again somewhere and set a password), which then contains two PDFs, one of which is full of screenshots of mainframe terminals. ⌘ Read more
JMP: Newsletter: Cheogram Android Release, Matrix Alpha
Hi everyone!
Welcome to the latest edition of your pseudo-monthly JMP update!
In case it’s been a while since you checked out JMP, here’s a refresher: JMP lets you send and receive text and picture messages (and calls) through a real phone number right from your computer, tablet, phone, or anything else that has a Jabber client. Among other things, JMP has these features: Your phone number on every device; Multiple phone numbers, one app; Free … ⌘ Read more
How to secure your end-to-end supply chain on GitHub
Securing your projects is no easy task, but end-to-end supply chain security is more top of mind than ever. We’ve seen bad actors expand their focus to taking over user accounts, commonly used dependencies, and also build systems. Defending against these attacks is hard, because there’s no one thing you can do to protect your […] ⌘ Read more
Yesterday I ordered a blanket for an incredible amount of money, more precisely a weighted blanket. Now I hope that it will be delivered quickly and that it really has the positive effects that are being advertised. Although I can usually fall asleep quickly in the evening with a sleeping mask and earplugs, I never manage to sleep through the night, I am never woken up by the alarm clock because I wake up earlier. In the morning I feel tired almost every day, sometimes even the whole day, which then also limits my c … ⌘ Read more
Tabs versus Spaces? Spaces! ⌘ Read more
About listening to music
Sometimes I like to listen to music, I listen to a song, which gives me a good feeling, then another and another. I feel really good, sometimes I could even dance, although I don’t really like dancing. ⌘ Read more
little blog post about my email setup
“The Dissident”
I just watched the movie “The Dissident” (currently available at 3sat in DE/AT/CH). ⌘ Read more
Unlock all the GitHub secrets within Next.Tech’s newest experience: Break the Code 2!
GitHub Education is fired up for the return of Next.Tech’s developer community competition: Break the Code 2. We’ve hacked in some new enigmas, cheat codes, and easter eggs for digital sleuths to uncover! ⌘ Read more
Back to GitHub
Not too long ago I reported how I build the Docker images for GoBlog using Drone and Docker-in-Docker. ⌘ Read more
Profanity: Profanity and OpenPGP for XMPP (OX)
We have been to implement OX in profanity. OX is
XEP-0374: OpenPGP for XMPP Instant Messaging which
may replace XEP-0027: Current Jabber OpenPGP Usage.
It is part of Profanity since version 0.10 but got some fixes since then.
Feel free to try and test the implementation. Let us know, if you have some
issues and support the development via testing and reporting bugs.
Ho … ⌘ Read more
Ignite Realtime Blog: GoJara plugin for Openfire version 2.2.3 release
The Ignite Realtime community is happy to announce the immediate availability of a maintenance release of the GoJara plugin for Openfire. GoJara provides an implementation of XEP-0321 “Remote Roster Management” and helps out with monitoring Spectrum 2.
Your Openfire instance should automatically display the availability of the update. Al … ⌘ Read more
Six years ago, I was with my family on a cruise on the North Sea. During this trip we also visited Amsterdam. Today, however, I would no longer go on cruises because of the enormous environmental impact. ⌘ Read more
An update on recent service disruptions
Over the past few weeks, we have experienced multiple incidents due to the health of our database. We wanted to share what we know about these incidents while our team continues to address them. ⌘ Read more
Six years ago, I was with my family on a cruise on the North Sea. During this trip we also visited Amsterdam. Today, however, I would no longer go on cruises because of the enormous environmental impact. ⌘ Read more
GitHub Actions: secure self-hosted runners by limiting them to specific workflows
You can now enforce consistent usage of self-hosted runner groups across your organization and enterprise. ⌘ Read more
Understanding Color Management
I worked on a project where I dived deep into understanding how modern
color management works, including things like color spaces, ICC profiles
and more. As I learnt here and there, I decided to write this post, both
for my future self, and others who may struggle with some of the
concepts as well.
Color management deals with translating between representations of
colors across a variety of devices. Throughout this post, we’ll use
natural language as … ⌘ Read more
Understanding Color Management
I worked on a project where I dived deep into understanding how modern
color management works, including things like color spaces, ICC profiles
and more. As I learnt here and there, I decided to write this post, both
for my future self, and others who may struggle with some of the
concepts as well.
This post only aims to help you understand the basic concepts without
having to delve into dense literature and hard to grok technical
documents.
Color … ⌘ Read more
Improving your GitHub feed
Today, we are rolling out a new beta version of GitHub’s home feed, making it easier to discover projects, developers and more across GitHub. ⌘ Read more
Introducing the GHES repository cache
If you’re a GHES customer with heavy read traffic on your monorepo, check out the repository cache, especially if you have CI workloads distributed around the world. ⌘ Read more
Erlang Solutions: 5 Key Tech Priorities for Fintech Leaders in 2022
Issues caused by sub-optimal tech choices are commonplace in the industry, leading to companies failing under unexpected stress or being unable to adapt in time when their business requirements change.
While no two projects are the same, we’ve observed some common themes for using scalable futureproof technologies to build diverse fintech systems. Taking advantage of these learnings sets financial service provi … ⌘ Read more
Start working on GitHub Issues faster
You can now create a branch to work on an issue directly from the issue page so that it’s easier to get started right away. ⌘ Read more