Validate all the things: improve your security with input validation!
If there’s one habit that can make software more secure, it’s probably input validation. Here’s how to apply OWASP Proactive Control C5 (Validate All Inputs) to your code. ⌘ Read more
Text-to-speech is becoming more popular
I am a slow reader. I read a lot on websites, but not quickly and I often get distracted while reading. What I like therefore is a pre-reading option. ⌘ Read more
Annotate PDFs on Linux
This post is about a GUI tool called pdfrankestein that
fills a gap on mostly Linux machines where a powerful and easy to use
PDF annotator does not exist.
Adobe Acrobat® on Windows and Mac allow you to add text, drawings and
signatures to PDF documents. This is useful when filling forms or
marking notes to send back to someone. Such a tool with similar
capabilities and easy of use does not exist on Linux. The reason that’s
often cited is that PDF is a c … ⌘ Read more
https://traditionsofconflict.com/blog/2019/10/4/sacred-metal, and now consider computer programming (especially the terminology of wizards/gurus, programming as magic, the SICP cover &c!)
Release Radar · February 2022 Edition
Our community has shipped lots of open source project updates in the last month. Here’s a few of our staff picks. ⌘ Read more
At work I may soon be able to program in Java 17 instead of Java 8. But still with Eclipse. 😅 ⌘ Read more
I didn’t get around to blogging about the fact that Miniflux recently got a new version. With it, if an entry doesn’t have a title, it finally shows a snippet of the content instead of just the URL as the title. A great new feature if you follow a lot of micro blogs. Regarding micro-blogs, I’m also in the process of reading Manton Reece’s book draft. ⌘ Read more
Image rebase and improved remote cache support in new BuildKit
We’ve just shipped new versions of the BuildKit builder engine, Dockerfile 1.4 frontend, and Docker We’ve just shipped new versions of the BuildKit builder engine, Dockerfile 1.4 frontend, and Docker Buildx CLI. Each of these comes with many new features. In this blog post, I’ll show one of them, a new copy mode in Dockerfiles, […]
The post [Image rebase and improved remote cache support in new BuildKit](https://w … ⌘ Read more
Sam Whited: Joanna
”`
Sipping my tea, I think back and remember Joanna:
Quietness isn’t the same for me now.
You came to America, wondering what you’d find:
Atlanta in a forest of broken dreams,
A people in turmoil, and no one seems to know why.
Communities falter before they’ve begun.
A lawnmower hums and I wake from my reverie.
I’d forgotten, about your America.
Driving to the North, far away from the city.
You looked for meaning in every farm passing by.
I bought you peanuts and gave you a tour of the mountains.
We d … ⌘ Read more”`
Speed boost achievement unlocked on Docker Desktop 4.6 for Mac
Introducing virtiofs The 4.6 release of Docker Desktop for Mac contains a number of changes that drastically improve file sharing performance for macOS users. Firstly, developers now have the option of using a new experimental file sharing implementation called virtiofs (the current default is gRPC-FUSE). Secondly, improvements have been made to the way that files […]
The post [Speed boost achievement unlocked on … ⌘ Read more
Vulnerability Alert: Avoiding “Dirty Pipe” CVE-2022-0847 on Docker Engine and Docker Desktop
You might have heard about a new Linux vulnerability that was released last week, CVE-2022-0847, aka “Dirty Pipe”. This vulnerability overwrites supposedly read-only files in the Linux kernel host, which could enable attackers to modify files inside the host images from the container instance. If you use Docker Engine natively, we recommend you should update … ⌘ Read more
Save time with partial re-runs in GitHub Actions
It is now possible to re-run only failed jobs or a single job in GitHub Actions workflows. ⌘ Read more
Docker: Nine Years YOUNG
Nine years ago today, March 15, 2013, Solomon Hykes, the founder of Docker, first demoed Docker publicly to the world at PyCon. On stage Solomon noted that, for developers, “shipping to the server is hard,” and thus he and the early team designed Docker to help developers more easily build, share, and run any app, […]
The post Docker: Nine Years YOUNG appeared first on Docker Blog. ⌘ Read more
Docker Business now available for purchase on the Amazon Web Services Marketplace
Today, Docker and Amazon are happy to announce the availability of Docker Business on the Amazon Web Services (AWS) Marketplace. This is a huge step in providing more choice and flexibility to Docker and AWS customers, so you can procure the Docker Application Development Platform – including leading tools, services, integrations, and content – through […]
The post [Docker Bus … ⌘ Read more
Nix 2.7.0 released
We’re pleased to announce the availability of Nix 2.7.0. It will be
available from
NixOS - Getting Nix / NixOS.
Here are the release notes:
Nix will now make some helpful suggestions when you mistype something
on the command line. For instance, if you type nix build
nixpkgs#thunderbrd, it will suggest
thunderbird.A number of “default” flake output attributes have been renamed.
These are:defaultPackage.<system></system>→packag ... ⌘ [Read more](https://nixos.org/blog/announcements.html#nix-2.7.0)
Erlang Solutions: FinTech Matters newsletter | March 2022
Subscribe to receive FinTech Matters and other great content, notifications of events and more to your inbox, we will only send you relevant, high-quality content and you can unsubscribe at any time.
Read on to discover what really matters for tech in fina … ⌘ Read more
Prosodical Thoughts: Prosody 0.12.0 released
ÄNTLIGEN! It’s finally here! After 3 years of development and through some chaotic times, Prosody 0.12.0 is released!
What’s the significance of this release? Like many software projects, Prosody follows a “branch” development/release model. We frequently make minor releases with bug fixes and improvements from our stable branch, while we implement more adventurous changes in our development branch, ready for the next major release.
Well, this is one of those adventurous … ⌘ Read more
Move mastered
Finally it’s done, after a super exhausting day, I’m finally lying in bed, the move is done! All the furniture I need and also a total of 18 moving boxes with my stuff are now here. My girlfriend and her family helped me with it. With a total of 8 people, everything went quickly and before 3pm we were ready so that my girlfriend could help me unpack boxes. ⌘ Read more
Hello! 👋 I haven’t lost the desire to blog, nor have I decided on Digital Detox, it’s just that I’m currently busy moving. Instead of continuing to program my own stuff after work and pouring my thoughts into blog articles, I had to pack boxes. Today was my last workday in the home office in the old apartment, Monday is the first workday in the home office in my new apartment. Then my blogging frequency will probably remain rather low, because I still have to clear out the old apartment, but I may have a little more … ⌘ Read more
Improved management for GitHub Enterprise owners
We’ve introduced several new features to help enterprise owners more easily manage their accounts, including two features now in public beta. ⌘ Read more
ryudo has a bit more polish now at v1.3.4; new blog post breaking down how multimonitor support was implemented
Docker’s Response to the Invasion of Ukraine
Docker is closely following the events surrounding the Russian invasion of Ukraine. The community of Docker employees, Docker Captains, developers, customers, and partners is committed to creating an open, collaborative environment that fosters the free and peaceful exchange of ideas. The tragedy unfolding in Ukraine is in opposition to what our community stands for and […]
The post [Docker’s Response to the Invasion of Ukraine](https://www.docker.co … ⌘ Read more
How Kubernetes works under the hood with Docker Desktop
Docker Desktop makes developing applications for Kubernetes easy. It provides a smooth Kubernetes setup experience by hiding the complexity of the installation and wiring with the host. Developers can focus entirely on their work rather than dealing with the Kubernetes setup details. This blog post covers development use cases and what happens under the hood […]
The post [How Kubernetes works under the hood with Docker Desktop … ⌘ Read more
Ignite Realtime Blog: Smack 4.4.5 and 4.5.0-alpha1 released
We are happy to announce the release of Smack 4.4.5. Thanks to numerous contributors this patch level release includes many fixes and improvements.
For a high-level overview of what’s changed in Smack 4.4.4, check out Smack’s changelog
The shortlog for the 4.4.5 release is
”`lang-nohighlight
Florian Schmaus (21):
Smack 4.4.5-SNAPSHOT
[core] Remo ... ⌘ [Read more](https://discourse.igniterealtime.org/t/smack-4-4-5-and-4-5-0-alpha1-released/91437)```
Erlang Solutions: Is Elixir the Right Choice for Hypergrowth Startups
We always love to see and share stories that so perfectly capture the benefits of using Elixir. Today, we’ll be taking a look at an example that captures why Elixir is the perfect technology for startups that are anticipating fast growth, including how choosing Elixir allows your development team to focus on improving the product.
. Keeping with […]
The post [What you need to know about macOS X 10.14 Deprecation](https://www.docker.com/blo … ⌘ Read more
NixOS Community Survey 2022
The NixOS Marketing Team is pleased to announce the first offical
NixOS Community Survey.
Please take 5-10 minutes to complete it.
Since the Nix community has been growing faster and larger every month, it’s gotten harder to
understand who makes up the community and what everyone cares about. So we’re conducting this survey
to improve our understanding of those questions. We hope to use your responses to devel … ⌘ Read more
My February ‘22 in Review
February, especially if it’s not a leap year, is a short month, but it’s already over now too. So time for a quick review…. ⌘ Read more
Monal IM: Insights into Monal Development
TLDR:
_Info: Monal will stop support for iOS 12, iOS 13 and macOS Catalina!
We are searching for a SwiftUI developer.
We need a new simplified website.
With better continuous funding, our push servers will move from the US to Europe.
We have a new support mail: info@monal-im.org_
Two years ago we decided to rewrite the Monal app almost entirely and improve it gradually in the process, instead of creating another XMPP Client for iOS and macOS. We suc … ⌘ Read more
Is it possible to replace your fingertips? Disassembling some Lego Technic has scraped mine… And tomorrow is the handover of keys for my first own apartment! ⌘ Read more
One year of private diary blogging
This morning I wrote my 365th diary entry. With that, I now have my first full year of daily private diary blogging complete. A milestone! The statistics tell me that’s 32245 words with 186900 characters and an average word count of 88 words per post. ⌘ Read more
Why didn’t I think of the very helpful Go module “net/http/pprof” earlier? This way I can profile my blog live. 🤓 (And hopefully find parts that I should or can optimize.) ⌘ Read more
A new way to understand your GitHub-hosted runner capacity
Explore and understand your overall GitHub-hosted Actions runner capacity with the new runner view. ⌘ Read more
Codespaces for the largest repositories just got faster
The ability to prebuild codespaces is entering public beta. Enable fast environment creation times, regardless of the size and complexity of your repositories. ⌘ Read more
AppDev Challenges and Trends to Watch in 2022
Over the last few years, development teams have been pushed to do a lot more with less. The global supply chain disruptions caused by the pandemic and the chip manufacturing shortage in particular impacted the tech industry. These factors have moved developer workloads toward the cloud, created a more asynchronous and remote workforce, and increased […]
The post [AppDev Challenges and Trends to Watch in 2022](https://www.docker.com/blog/appdev-cha … ⌘ Read more
JMP: Why Bidirectional Gateways Matter
A big part of the vision of Sopranica, and Cheogram in particular, is bidirectional gateways. A bidirectional gateway is one that allows (at a minimum) any user of either protocol to contact any user of the other protocol without creating an account. This is not possible with all protocols, but works well when both sides are federated.
Take for instance sip.cheogram.com, which is a bidirectional gateway between XMPP and SIP. Any … ⌘ Read more
What a good feeling when the hours you have invested in optimizing and testing actually bear fruit. In other words, my blog now uses less than 100 MB of memory, even though I have quite a few features enabled. My diary for example needs less than 20 MB. And if you compare that with WordPress, where the database alone needs more than 300 MB… 😄 ⌘ Read more
Black Innovators That Paved the Way
While diverse experiences and perspectives should be sought after and celebrated every day, Black History Month is a wonderful opportunity to reflect on and celebrate the many contributions of Black Americans. Recognizing the ingenuity of Black people in technology is incredibly important – especially when a large diversity gap of historically overrepresented groups is so […]
The post [Black Innovators That Paved the Way](https://www.docker.com/blog/black-innovators … ⌘ Read more
Get started with ease using security workflows!
In-line with the other categories, workflows in the Security category will be recommended based on a repository’s content. ⌘ Read more
GitHub Advisory Database now open to community contributions
Anyone can now provide additional information to further the community’s understanding and awareness of security advisories. ⌘ Read more
Travel Tips
A bunch of disorganized tips and product recommendations for when
traveling abroad:
Erlang Solutions: Blockchain Tech Deep Dive 4/4 | Innovating with Erlang and Elixir
Why do companies use Erlang & Elixir for their blockchain solutions?Building a robust and scalable blockchain presents a number of challenges that a research and development team typically needs to address. Often the ambitious goals to drive decentralised consensus and governance require unconventional approaches to achieve extra performance and reliability.
Improved Transa … ⌘ Read more
How I got Crostini to work in Chrome OS Flex
I blogged that I could not run Linux support (Crostini) on CloudReady and Chrome OS Flex. Every time I tried to enable Linux support in the settings, the activation failed with an error. ⌘ Read more
Firefox on Chrome OS (Flex) using Flatpak
More for fun than being really useful, here’s a little tutorial on how to use Firefox on Chrome OS (Flex) (for me, it’s currently version 100 in the Dev Channel). But beware, the user experience really leaves a lot to be desired… ⌘ Read more
Why I renamed my blogs
After a bit of consideration and a poll on Fosstodon, which shows a clear result even before it ends, I decided to rename this blog from “jlelse’s Blog – Thoughts, stories and ideas” to “Jan-Lukas Else – Thoughts of an IT expert”. Likewise, my German blog from “einGeek – Mehr als nur Internet und Programmieren” to “Jan-Lukas Else – Gedanken eines IT-Experten”. ⌘ Read more
Ok, so I have now installed CloudReady, switched to the beta channel as well, but I can’t use Linux because my CPU is not secured against Spectre/Meltdown and CloudReady doesn’t come with microcode updates. Until that comes, my ThinkPad will probably only be for browsing, watching videos, and blogging… ⌘ Read more
How I got Crostini to work in Chrome OS Flex
I blogged that I could not run Linux support (Crostini) on CloudReady and Chrome OS Flex. Every time I tried to enable Linux support in the settings, the activation failed with an error. ⌘ Read more
How I can access Linux with Chrome OS Flex
I recently installed CloudReady on my ThinkPad. Unfortunately, the Linux feature is not available there because microcode updates are missing, there is no BIOS update and Crostini is quite strict about security. ⌘ Read more
Docker Captain Take 5 – Martin Terp
Docker Captains are select members of the community that are both experts in their field and are passionate about sharing their Docker knowledge with others. “Docker Captains Take 5” is a regular blog series where we get a closer look at our Captains and ask them the same broad set of questions ranging from what […]
The post Docker Captain Take 5 – Martin Terp appeared first on [Docker Blog](https://www. … ⌘ Read more
Ok, so I have now installed CloudReady, switched to the beta channel as well, but I can’t use Linux because my CPU is not secured against Spectre/Meltdown and CloudReady doesn’t come with microcode updates. Until that comes, my ThinkPad will probably only be for browsing, watching videos, and blogging… ⌘ Read more
Chrome OS Flex and CloudReady
At first I missed the news, but today I somehow stumbled across it: Google has released an early access version of “Chrome OS Flex”, as a result of the integration of CloudReady into Chrome OS. CloudReady also ran under my radar until today, but I did take the time to give both a try. ⌘ Read more
Code scanning finds more vulnerabilities using machine learning
Today we launched new code scanning analysis features powered by machine learning. The experimental analysis finds more of the most common types of vulnerabilities. ⌘ Read more
Leveraging machine learning to find security vulnerabilities
A behind-the-scenes peek into the machine learning framework powering new code scanning security alerts. ⌘ Read more
Erlang Solutions: Saving lives with Elixir
When you think about programming languages, you might not think about them literally changing people’s lives, but they do more often than you would expect. Elixir has empowered Linda Achieng and Sigu Mawa to build emergency software that is already saving lives in Kenya. What started with the death of a close friend, has expanded into an inspirational project, with Elixir being used to empower local com … ⌘ Read more
How to make the most out of a mentoring relationship
Tips from our developer advocates on how and why to find a mentor. ⌘ Read more
Encoding and escaping untrusted data to prevent injection attacks
Practical tips on how to apply OWASP Top 10 Proactive Control C4. ⌘ Read more
Ignite Realtime Blog: Openfire 4.7.1 Released!
The Ignite Realtime Community is happy to announce the 4.7.1 release of Openfire. This release fixes a number of bugs and represents our effort to provide a stable 4.7.x series while work continues on the next feature release of Openfire.
Notable fixes include security updates to bundled database drivers, logging configuration fixes, and an important fix for users experiencin … ⌘ Read more
blog++; thoughts on my relationship to IT
GitHub Enterprise Server 3.4 improves developer productivity and adds reusable workflows to CI/CD
The GitHub Enterprise Server 3.4 release candidate delivers enhancements to make life easier and more productive, from keyboard shortcuts to auto-generated release notes! ⌘ Read more
JMP: Newsletter: JMP is 5 years old today, and now with international calls!
Hi everyone!
Welcome to the latest edition of your pseudo-monthly JMP update!
In case it’s been a while since you checked out JMP, here’s a refresher: JMP lets you send and receive text and picture messages (and calls) through a real phone number right from your computer, tablet, phone, or anything else that has a Jabber client. Among other things, JMP has these features: Your phone number on every device; Multiple phone … ⌘ Read more
Hi-Fi!
Deezer announced today that it is raising prices in Germany and Austria for new customers. Premium now costs 1€ more. But (for new customers) Premium also includes Hi-Fi directly. ⌘ Read more
The GitHub Stars in our eyes ⭐️
Over the past year, the GitHub Stars have made a tremendous impact in the community with their influence, inspiring and building communities and creating content to help everyone. ⌘ Read more
Announcing the 2022 MLH Fellowship Cohort, powered by GitHub
The MLH Fellowship, powered by GitHub, is a 12-week internship alternative for aspiring software engineers. Meet the 2022 cohort! ⌘ Read more
Ignite Realtime Blog: REST API Openfire plugin 1.7.1 released!
Moments ago, we’ve released version 1.7.1 of the Openfire REST API plugin. This version fixes changes to the API (notably the JSON representation of some entities) that inadvertently sneaked into the 1.7.0 release. The API in 1.7.0 should closely resemble that of releases prior to 1.7.0!
The updated plugin should become available for download in your Openfire admin console in the course of the next few hours. Alternative … ⌘ Read more
Include diagrams in your Markdown files with Mermaid
A picture tells a thousand words. Now you can quickly create and edit diagrams in markdown using words with Mermaid support in your Markdown files. ⌘ Read more
big update to the internals of eureka! wrote a blog post on the how and why
Dino: Dino 0.3 Release
Dino is a secure and privacy-friendly messaging application. It uses the XMPP (Jabber) protocol for decentralized communication. We aim to provide an intuitive, clean and modern user interface.
The 0.3 release is all about calls. Dino now supports calls between two or more people!
Calls are end-to-end encrypted and use a direct connection between … ⌘ Read more
I probably spend more CPU cycles optimizing the program than the program optimization will save in CPU cycles. 🤔 ⌘ Read more
Getting started with project planning on GitHub
Stop context switching. Keep your team’s project planning next to your code. ⌘ Read more
How to start using reusable workflows with GitHub Actions
Reusable workflows offer a simple and powerful way to avoid copying and pasting workflows across your repositories. ⌘ Read more
New Docker Menu & Improved Release Highlights with Docker Desktop 4.5
We’re excited to announce the release of Docker Desktop 4.5 which includes enhancements we’re excited for you to try out. New Docker Menu: Improved Speed and Unified Experience Across Operating Systems We’ve launched a new version of the Docker Menu which creates a consistent user experience across all operating systems (including Docker Desktop for Linux, […]
The post [New Docker Menu & Improved Rele … ⌘ Read more
“How Telegram Became the Anti-Facebook”
I read this very long article about Telegram today and somehow it left me with mixed feelings. The article is also from WIRED, but it offers more balanced coverage than an article from a year ago. ⌘ Read more
Monal IM: Funding campaign: Mac Mini for faster Monal development
Update 15.02.2022 Thank you very much. We reached our target of 1000€ within less than a week. We will order our new Mac mini tonight. Stay tuned for a big development blog post.
Dear Monal Community,
as you know the Monal project is developed by volunteers and has no general funding so far.
To improve the development situation it would be of advantage to have a physical build server for the developers.
This would have … ⌘ Read more
Coordinated vulnerability disclosure (CVD) for open source projects
A comprehensive guide for vulnerability reporters. ⌘ Read more
One year with Deezer
It’s been about one year since I switched to Deezer. Yes, I switched before Spotify became uncool! 😁 So, how happy am I with Deezer today? ⌘ Read more
The Impacts of an Insecure Software Supply Chain
Today, software regularly integrates open-source code from third-party sources into applications. While this practice empowers developers to create more capable software in a shorter time frame, it brings with it the risk of introducing inadequately vetted code. How aware are we of the security of our open-source code? Most of us use pip or npm […]
The post [The Impacts of an Insecure Software Supply Chain](https://www.docker.com/blog/the-im … ⌘ Read more
First impressions of my new printer
I recently bought a new printer: the Xerox B225. I discovered it by chance (while looking for a good printer) as a reduced return in an online store. Someone must have just tried it out briefly and sent it back. I’m happy! ⌘ Read more
Improving the developer experience for Dependabot alerts
Today, we’re shipping improvements to Dependabot alerts that make them easier to understand and remediate. ⌘ Read more
I need to wait an hour for another train, but why wait at the train station? ⌘ Read more
It seems that mobile reception along German high-speed train routes has improved lately (at least compared to 2019). I’m sitting in an ICE 4 between Hanover and Hamburg, and I’ve initiated a speed test via USB tethering. My mobile phone contract is limited to 10 Mbps, but I seem to be able to take full advantage of that. ⌘ Read more
Release Radar · January 2022 Edition
Here’s January’s top staff picks on projects that shipped major version releases. ⌘ Read more
Really worth watching, twice… “Line Goes Up – The Problem With NFTs” sur YouTube
The best critical take on #nft
There is a lot to digest but it’s really worth it! ⌘ Read more
In search of a new printer
Update: Thanks for all the answers! I have now tried to repair the ink cartridge, now something is printed again, but somewhat blurred. I finally decided to buy a black/white laser printer with scanner, a Xerox B225 as B-ware. I will probably report… ⌘ Read more
In search of a new printer
At the moment I do not have a working printer at home. I have an inkjet printer, but due to a long period of non-use, the cartridge or the print head has dried up. If I want to print something, I have to do it in a copy store or a drugstore. This is possible, but especially if I need to print something spontaneously, or only a few pages, then the effort is annoying. ⌘ Read more
DockerCon: What Makes a Successful CFP Submission
The DockerCon 2022 Call for Papers is now open! DockerCon is one of the largest developer events in the world, with over 80,000 developers registering for each of the last two events. At the core of DockerCon is the chance for members of the community to share their tips, tricks, best practices and real-world experiences […]
The post [DockerCon: What Makes a Successful CFP Submission](https://www.docker.com/blog/dockercon-what-makes-a-succe … ⌘ Read more
Erlang Solutions: How HCA Healthcare used the BEAM to fight COVID – Code BEAM V Talk review
We often talk about the suitability of the BEAM VM for the Healthcare industry. Afterall, when it comes to Healthcare, downtime can literally be deadly, and no technology is better equipped to deliver high availability and minimal downtime than the BEAM. At Code BEAM V 2020, Bryan Hunter, an Enterprise fellow at one of the biggest Healthcare providers in the world joi … ⌘ Read more
GitHub Availability Report: January 2022
In January, we experienced no incidents resulting in service downtime to our core services. ⌘ Read more
How to build a CI/CD pipeline with GitHub Actions in four simple steps
A quick guide on the advantages of using GitHub Actions as your preferred CI/CD tool—and how to build a CI/CD pipeline with it. ⌘ Read more
Profanity: Profanity on Pinephone
Hi all,
So far, in my pinephone I used mainly GUI applications, because I was using a touch screen. Terminal applications are not user-friendly when it comes to one-handed operation.
I tested different distributions on my pinephone (mobian, manjaro, archarm), but usually most based on Phosh. In my opinion it is currently the best mobile graphics environment and stable as well.
In Phosh I tested few xmpp clients:
- the default application installed with Phosh is chat … ⌘ Read more
New sponsors-only repositories, custom amounts, and more
Along with the release of sponsors-only repositories, here’s a look at what’s new and what’s next for Sponsors. ⌘ Read more
Celebrating Our Second Fiscal Year
Yesterday, January 31, we finished our second full fiscal year since our November 2019 restructuring and recapitalization, and I couldn’t be prouder of the Docker team and what we’ve accomplished together. While it’s difficult to summarize 12 months, highlights include: Shipping 7,000+ product features, fixes, and updates to developers, including Docker Desktop for M1 Macs, […]
The post [Celebrating Our Second Fiscal Year](https://www.docker.com/blog/celebrating-our-se … ⌘ Read more
Code scanning and Ruby: turning source code into a queryable database
A deep dive into how GitHub adds support for new languages to CodeQL. ⌘ Read more
Top-100 npm package maintainers now require 2FA, and additional security-focused improvements to npm
Starting today, we are rolling out mandatory 2FA to all maintainers of top-100 npm packages by dependents. ⌘ Read more
Snikket: Server updates for ARM systems
We have a couple of important announcements relevant to people running the
Snikket server software on ARM devices, including Raspberry Pi. Systems using
ARM processors are increasingly popular for self-hosting due to their
increased efficiency, lower cost and minimal energy consumption.
The Snikket January 2022 server release was an
exciting release for us, but some users on ARM-based systems reported some
difficulties upgrading to … ⌘ Read more
My January ‘22 in Review
Crazy, new year and yet January is already over, how time flies! What was going on? ⌘ Read more
Dependency graph now supports GitHub Actions
The dependency graph helps developers and maintainers understand the code they depend on, and now includes GitHub Actions! ⌘ Read more
How many things do I own?
Even though starting my job has put me in a situation where I can sometimes afford stuff just like that, and maybe buy the occasional thing without thinking much when I should have before, I still make sure to keep the number of things I own low. ⌘ Read more
My public VPS is now only accessible via SSH from my tailnet. One more possible attack vector less. ⌘ Read more