Using GitHub’s security features to help identify Log4j exposure in your codebase
Use GitHub’s security features to assess Apache Log4j exposure and, where possible, mitigate this vulnerability within your GitHub repositories. ⌘ Read more
The Grace Period for the Docker Subscription Service Agreement Ends Soon – Here’s What You Need to Know
Remember the updates to our product subscription tiers we announced on August 31? You may recall we also announced a grace period for those that need to transition from a free to a paid subscription to use Docker Desktop. This is a friendly reminder that that grace period is ending on January 31, 2022. Docker […]
The post [T … ⌘ Read more
“The Web Is Fucked”
Kev Quirk has written a manifesto showing what bothers him about today’s web: ⌘ Read more
How to define security requirements for your OSS project
Defining your security requirements is the most important proactive control you can implement for your project. Here’s how. ⌘ Read more
GitHub’s response to Log4j vulnerability CVE-2021-44228
On Thursday, December 9, 2021, GitHub was made aware of a vulnerability in the Log4j logging framework, CVE-2021-44228. ⌘ Read more
What’s new from GitHub Changelog? November 2021 recap
We shipped a ton of updates in November, from the push notification for PR review activities on the go, to an easy way to create Markdown links. ⌘ Read more
GitHub at the UN Internet Governance Forum
Last week, GitHub joined the Internet Governance Forum to spread awareness of developers’ initiatives and public policy interests. ⌘ Read more
Erlang Solutions: Aleksander Lisiecki’s prize-winning eArangoDB at SpawnFest 2021
It’s tempting to say that SpawnFest is an event that doesn’t need an introduction, but we’ll give it one anyway. SpawnFest is an annual remote hackathon, where teams have exactly one weekend (48 hours to be exact) to create the best BEAM-related application … ⌘ Read more
GoCN 每日新闻(2021-12-13)
GoCN 每日新闻(2021-12-13)
- 尝鲜 Go 1.18 范型版本的 map 和 slice!https://juejin.cn/post/7040800455349239822
- Go 实现可序列化的 Roaring Bitmapshttps://dgraph.io/blog/post/serialized-roaring-bitmaps-golang/
- Go 使用 Github Actions 做 CI[https://www.alexedwards.net/blog/ci-with-go-and-github-actions](https://www.alexedwards.net/blog/ci-with-go-and-github … ⌘ Read more
How I checked the battery health of my Android phone 🔋
My smartphone, a Samsung Galaxy S10 Lite, which has been my daily driver for a year and a few months, has a 4500mAh Li-Po battery (“lithium-ion polymer” – like lithium-ion, but with solid or gel-like electrolytes that allow a thinner design). My smartphone can be charged with a maximum of 45 watts. The included charger, which I always use for charging, delivers a maximum of 25 watts. ⌘ Read more
a close look at a spinlock [[https://blog.regehr.org/archives/2173]] #links
breakdown of a synthwave track [[https://synthctrl.com/blogs/blog/gunship-tech-noir-breakdown]] #links
DX7 Technical Analysis [[https://ajxs.me/blog/Yamaha_DX7_Technical_Analysis.html]] #links
GoCN 每日新闻 (2021-12-12)
- GopherCon 2021 视频https://space.bilibili.com/756684/channel/seriesdetail?sid=586416
- 告别 Sidecar-使用 eBPF 解锁内核级服务网格https://mp.weixin.qq.com/s/W9NySdKnxuQ6S917QQn3PA
- 我为 ent gRPC 插件贡献功能学到的[https://entgo.io/blog/2021/12/09/contributing-my-first-feature-to-ent-grpc-plugin/](https://entgo.io/blog/2021/12/09/contributing-my-first-f … ⌘ Read more
Apache Log4j 2 CVE-2021-44228
We know that many of you are working hard on fixing the new and serious Log4j 2 vulnerability CVE-2021-44228, which has a 10.0 CVSS score. We send our #hugops and best wishes to all of you working on this vulnerability, now going by the name Log4Shell. This vulnerability in Log4j 2, a very common Java […]
The post Apache Log4j 2 CVE-2021-44228 appeared first on Docker Blog. ⌘ Read more
Every good blogging system should have an option to schedule posts for later! GoBlog now has such a feature as well. And this is the first scheduled post. 😀 ⌘ Read more
Ignite Realtime Blog: Openfire 4.6.5 released
Although we’re preparing for the Openfire 4.7.0 release, the recently discovered vulnerability in the Apache Log4j utility prompted us to push an immediate release of Openfire to address that issue. This release, Openfire 4.6.5, is available now.
We urge you to update as soon as possible. If that’s not feasible, then we advise you to apply the documented workaround (in the form o … ⌘ Read more
ProcessOne: ejabberd 21.12
This new ejabberd 21.12 release comes after five months of work, contains more than one hundred changes, many of them are major improvements or features, and several bug fixes.
When upgrading from previous versions, please notice: there’s a change in mod_register_web behaviour, and PosgreSQL database, please take a look if they affect your installation.
A more detailed expla … ⌘ Read more
ProcessOne: ejabberd 21.12
This new ejabberd 21.12 release comes after five months of work, contains more than one hundred changes, many of them are major improvements or features, and several bug fixes.
When upgrading from previous versions, please notice: there’s a change in mod_register_web behaviour, and PosgreSQL database, please take a look if they affect your installation.
A more detailed expla … ⌘ Read more
Introducing stack graphs
Precise code navigation is powered by stack graphs, a new open source framework that lets you define the name binding rules for a programming language. ⌘ Read more
Precise code navigation for Python, and code navigation in pull requests
Code navigation is now available in PRs, and code navigation results for Python are now more precise. ⌘ Read more
ProcessOne: ejabberd 21.12
This new ejabberd 21.12 release comes after five months of work, contains more than one hundred changes, many of them are major improvements or features, and several bug fixes.
When upgrading from previous versions, please notice: there’s a change in mod_register_web behaviour, and PosgreSQL database, please take a look if they affect your installation.
A more detailed expla … ⌘ Read more
Docker Secure Images: What Are They and How Do I Use Them?
One of the major challenges in today’s development environments is balancing innovation with security. Focusing on both is never a small effort and might seem tedious or constraining at times, but when security is implemented from the start, it can shorten development time and prevent exposure to vulnerabilities. This is why Docker rolled out Docker […]
The post [Docker Secure Images: What Are They and How Do I Us … ⌘ Read more
“What would a real Web3 look like?”
Matt Baer, found of write.as, compares the web3 with his vision of how a real Web 3.0 could look like. ⌘ Read more
Do the New Terms of Docker Desktop Apply If You Don’t Use the Docker Desktop UI?
Even if you’re not taking advantage of the user interface that Docker provides with Docker Desktop and are simply using the CLI, you may still need a paid subscription to use Docker Desktop. Much of the value of Docker Desktop comes from making it easy to develop with containers locally on Windows and Mac. We […]
The post [Do the New Terms of Docker Desktop Apply If Yo … ⌘ Read more
Improving GitHub code search
Today, we are rolling out a technology preview for GitHub code search, the next iteration for search, discovery, and navigation on GitHub. ⌘ Read more
Thank you for featuring my blog in your latest “Advent of Bloggers” post and your kind words, James! 🤓 ⌘ Read more
Erlang Solutions: Blockchain Tech Deep Dive 2/4 | Myths vs Realities
This is the second part of our ‘Making Sense of Blockchain’ blog post series – you can read part 1 on ‘6 Blockchain Principles’ here.
Join our FinTech mailing list for more great content and industry and events news, sign up here >> … ⌘ Read more
Defeat Street
Some of the sincerity slimed up on me
Cards wrote themselves and rifled me
Rigging the blast door to explore didn’t pan out this time
Rushed in, gobbled up and left me bottled up, that monstrous cub
To tell you the truth, I snort mousse
Rust seeps into cereals I produce
Rum may run rampantly down the drain, so let me think
I’ll leave a limb in the pipes to entice a drink ⌘ Read more
GitHub Enterprise Server 3.3 is generally available
GitHub Enterprise Server is now generally available for all customers. This release improves performance for CI/CD and for customers with large repositories. ⌘ Read more
Docker Verified Publisher: Trusted Sources, Trusted Content
Six months since its launch at DockerCon, the Docker Verified Publisher program delivers on its promise to developers and partners alike The Docker Verified Publisher program means trusted content and trusted sources for the millions of Docker users. At the May 2021 DockerCon, Docker announced its Secure Software Supply Chain initiative, highlighting Docker Verified Publisher […]
The post [Docker Verified Publishe … ⌘ Read more
notiz.b16g ?~L~X https://notiz.blog/b/61p
Today I learned that there is a new version 2 of Docker Compose. Docker Compose is now no longer a Python app, but a CLI plugin for Docker written in Go. And there is a Compose specification. ⌘ Read more
Enrolling all npm publishers in enhanced login verification and next steps for two-factor authentication enforcement
Today we’re introducing enhanced login verification to the npm registry, and we will begin a staged rollout to maintainers beginning Dec 7. ⌘ Read more
An imaginary conversation with Peter Schiff
Before I get to the conversation I find it necessary to note that I have been listening to Peter Schiff’s podcast on and off, and find his inside to be agreeable most of the time. He knows his stuff, and is explaining it very well. Me Why invest in Gold rather then diamonds? What makes […] ⌘ Read more
Write more secure code with the OWASP Top 10 Proactive Controls
This lesser-known OWASP project aims to help developers prevent vulnerabilities from being introduced in the first place. ⌘ Read more
Micro.blog’s new newsletter feature
I think the new micro.blog feature for newsletters is the right approach. Blog first, newsletter second. But newsletters are not difficult to set up, they only need to be activated by a checkbox. ⌘ Read more
Building Docker images in Drone CI using Docker-in-Docker
This evening I tried to improve the build process of GoBlog. GoBlog gets built using Drone CI and Docker. The problem was that two image variants are to be built, one based on the other, and the whole thing always took quite a long time. ⌘ Read more
Ignite Realtime Blog: Openfire 4.7.0 beta & Hazelcast plugin 2.6.0 releases!
After a long few months full of hard work, we are happy to tell you that we are close to a 4.7.0 release for Openfire!
This next version of our real time communications server has received a lot of improvements and bug fixes.
A key area of the code that has received updates is the Multi-User Chat (MUC) impl … ⌘ Read more
Safeguard your containers with new container signing capability in GitHub Actions
GitHub has partnered with the OpenSSF and Project Sigstore to add container image signing to our default “Publish Docker Container” workflow. ⌘ Read more
Walking and listening to an audiobook 😌🚶♂️🎙️📚 ⌘ Read more
On the blog: Short Fiction — All Quiet on the Vernal Front https://john.colagioia.net/blog/2021/12/05/war.html #fiction #christmas #holiday
I’ve never really done test-driven development (TDD). But Advent of Code offers the perfect opportunity for that, because there is already an example input and an example result. So it is possible to create a test first and program until the test passes. ⌘ Read more
On the blog: Free Culture Book Club — if then else, part 4 https://john.colagioia.net/blog/2021/12/04/else4.html #freeculture #bookclub
Powering Starlink on the go with Tesla Model 3
I’ve had my Tesla Model 3 for more than a year now. It has been an
absolute pleasure so far and I would not trade it for anything else at
any price including Tesla’s other offerings (yes, talking about S
Plaid). Model 3 just has the most beautiful exterior of any other car.
OK, let’s stop here because I can go on forever. But not without a photo
of Tin Can:
“Tin Can” is a r … ⌘ Read more
Release Radar · November 2021 Edition
The end of the year is getting closer, and our communities are busy working away on their projects. While you’ve all been busy maintaining open source projects and shipping releases, we’ve created a new open ⌘ Read more
On the blog: Tweets from 11/08 to 11/12 https://john.colagioia.net/blog/media/2021/12/03/week.html #twitter #week #socialmedia #linkdump
It’s time again to ask my followers: I have my homepage jlelse.dev, but I’m thinking about using jlelse.com for a more professional and appealing website about me. I can program, but my design skills are somewhat limited. What should I use to design and create the site? I used Carrd a couple of years ago. But are there any other recommendations? ⌘ Read more
On the blog: Real Life in Star Trek, The Slaver Weapon, part 3 https://john.colagioia.net/blog/2021/12/02/slaver-3.html #scifi #startrek #closereading
Advent of Bloggers – What a cool idea, James! 👍 If you still need some inspiration, I have a blogroll with many blogs worth reading as well. ⌘ Read more
“100 years of whatever this will be”
Avery Pennarun (apenwarr) on decentralization: ⌘ Read more
blog post re: digital minimalism and living without a smartphone; Artisans page absorbed into Bookmarks
Ignite Realtime Blog: inVerse plugin for Openfire version 9.0.0.1 released!
The Ignite Realtime community is happy to announce the immediate availability of a an update to the inVerse plugin for Openfire, which makes the Converse.js web client available to your users.
This release updates Converse to version 9.0.0.
Your Openfire instance should automatically display the … ⌘ Read more
Faster Multi-Platform Builds: Dockerfile Cross-Compilation Guide
There are some important changes happening in the software industry. With Apple moving all of their machines to their custom ARM-based silicon and AWS offering the best performance-per-cost ratio with their Graviton2 instances, one can no longer expect that all software only needs to run on x86 processors. If you work with containers there is some […]
The post [Faster Multi-Platform Builds: Dockerfile … ⌘ Read more
Christmas is near and now my watch shows that! 🎄 ⌘ Read more
Advent of Code ‘21
New year, new code advent calendar. This year I’m trying my hand at Advent of Code once again in Go. This time with a little help from the copilot. Let’s see if I make it to the end, or have to give up early again… ⌘ Read more
GitHub Availability Report: November 2021
In November, we experienced one incident resulting in significant impact and degraded state of availability for multiple services. ⌘ Read more
Using ChatOps to help Actions on-call engineers
You can multiply the impact of your domain experts by building their common workflows into ChatOps. ⌘ Read more
Docker SSO is Coming
The impending winter and holiday season hasn’t slowed us down here at Docker HQ. In fact, our engineers have been hard at work to put the finishing touches on one of our most requested features by our enterprise customers: Docker Single Sign-On (SSO). 🎄🎁 With Docker SSO enabled, users can authenticate using their organization’s standard […]
The post Docker SSO is Coming appeared first on [Docker Blog](https://www.docker.com/bl … ⌘ Read more
Open Web? ?~L~X https://notiz.blog/b/61G
GitHub Externships: enabling India’s next generation of developers
Are you a student in India? Applications are open for the GitHub Externships Winter Cohort! ⌘ Read more
Maybe I should write down my political views and thoughts in extra posts on my German blog in the future, instead of putting them in the monthly review and then translating them as well. English readers probably won’t get much out of it… Sorry! ✌️ ⌘ Read more
My November ‘21 in Review
Welcome to my monthly review for November 2021. What was going on this month? ⌘ Read more
Hey everyone, we’re Timothy DeHerrera and Tom Bereknyei,
the release managers for 21.11. As promised, the latest stable
release is here: NixOS 21.11 “Porcupine”.
- Release manual - [Highlights](/manual/nixos/stabl … ⌘ Read more
5 DevOps tips to speed up your developer workflow
From learning YAML to scripting with Bash, here are a few simple tips for developers who want to speed up their workflows. ⌘ Read more
News from AWS re:Invent – Docker Official Images on Amazon ECR Public
We are happy to announce today that, in partnership with Amazon, Docker Official Images are now available on AWS ECR Public. This is especially exciting because Docker Official Images are some of the most popularly used images on Docker Hub, acting as a key and trusted starting point for base images for the entire container […]
The post [News from AWS re:Invent – Docker Official Images on Am … ⌘ Read more
GitHub Actions: reusable workflows is generally available
DRY your Actions configuration with reusable workflows (and more!) ⌘ Read more
On the blog: Developer Journal, Byrd Antarctic Expedition https://john.colagioia.net/blog/2021/11/29/south-pole.html #programming #project #devjournal
On the blog: Amateur Stenography https://john.colagioia.net/blog/2021/11/28/steno.html #education #technology #opensource #typing
On the blog: Free Culture Book Club — if then else, part 3 https://john.colagioia.net/blog/2021/11/27/else3.html #freeculture #bookclub
On the blog: Tweets from 11/22 to 11/26 https://john.colagioia.net/blog/media/2021/11/26/week.html #twitter #week #socialmedia #linkdump
First experience with my new unlimited mobile phone contract while traveling: The phone hotspot works much better than the ICE (German high speed train) WiFi usually does. At most, there are small interruptions in tunnels, but otherwise surfing, writing e-mails, and listening to music work perfectly. Even remote programming works. It was worth it… ⌘ Read more
On the blog: Real Life in Star Trek, The Slaver Weapon, part 2 https://john.colagioia.net/blog/2021/11/25/slaver-2.html #scifi #startrek #closereading
Docker Captain Take 5 – Nicolas De Loof
Docker Captains are select members of the community that are both experts in their field and are passionate about sharing their Docker knowledge with others. “Docker Captains Take 5” is a regular blog series where we get a closer look at our Captains and ask them the same broad set of questions ranging from what […]
The post Docker Captain Take 5 – Nicolas De Loof appeared fir … ⌘ Read more
Bidens Democracy Summit
There is an interesting article about The Summit for Democracy titled Biden Invites Taiwan to Democracy Summit Alongside 110 Countries.I want to add a short but important observation.As mentioned in the article Hungary and Turkey have not been invited to the Summit. But contrary to the article, I believe that the reason has nothing to […] ⌘ Read more
Secure deployments with OpenID Connect & GitHub Actions now generally available
GitHub Actions now supports OpenID Connect for secure deployment to different cloud providers via short-lived, auto-rotated tokens. ⌘ Read more
How to squash bugs by enrolling in OSS-Fuzz
OSS-Fuzz is Google’s awesome fuzzing service for open source projects. GitHub Security Lab’s @kevinbackhouse describes enrolling a project. ⌘ Read more
The Copyright Office expands your security research rights
Recently, the Copyright Office responded to the calls to clarify the scope of protected security research. ⌘ Read more
Your Docker Business Questions Answered
In our recent live webinar, Management & Security at Scale with Docker Business (check out the webinar recording here) Docker Senior Product Marketing Manager Cat Siemer and Head of Dev Rel and Community Peter McKee discussed our new product subscription tier, Docker Business and how it addresses the challenges faced by large organizations that require enhanced […]
The post [Your Docker Business Questions Answered](https://www.docker.com/blog/your-do … ⌘ Read more
Today GoBlog got the option to configure your own map tile server. So not only standard OpenStreetMap is possible, but also Stamen Toner for example. Fits much better to my blog aesthetics, right? (See the map page.) ⌘ Read more
Accelerate security adoption in your organization
The GitHub Services Engineers have released the Advanced Security Enforcer GitHub Action to enable organizations to utilize code scanning in a consistent and automated way. ⌘ Read more
Erlang Solutions: Blockchain Tech Deep Dive ¼
INTRODUCTIONBlockchain technology is transforming nearly every industry, whether it be banking, government, fashion or logistics. The benefits of using blockchain are substantial – businesses can lower transaction costs, free up capital, speed up processes, and enhance security and trust. So it’s no surprise that more and more companies and developers are interested in working with the technology and leveraging its potential than ev … ⌘ Read more
On the blog: Developer Journal, Albanian Alphabet Anniversary https://john.colagioia.net/blog/2021/11/22/manastir.html #programming #project #devjournal
On the blog: Superheroes Behaving Badly https://john.colagioia.net/blog/2021/11/21/super.html #rant #superhero #ethics
Bahn2GPX
For me, the best option to travel long distances within Germany is to take the train. I don’t have a car since July, but I have a BahnCard 50 for years, with which I get up to 50% discount on (unfortunately very expensive!) train tickets. ⌘ Read more
On the blog: Free Culture Book Club — if then else, part 2 https://john.colagioia.net/blog/2021/11/20/else2.html #freeculture #bookclub
Mark emails me all the time with bugs he found in GoBlog (some that I would never have found myself) and features he would like to see (e.g. better display of Brid.gy webmentions). I take it as motivation and try to improve GoBlog in a way that it is useful for others as well. And I think there is a good progress. ⌘ Read more
In case you missed it, GitHub Education at Universe 2021!
A recap of all the GitHub Education news from Universe 2021, including the new Intro to Web Dev Experience. ⌘ Read more
On the blog: Tweets from 11/15 to 11/19 https://john.colagioia.net/blog/media/2021/11/19/week.html #twitter #week #socialmedia #linkdump
What’s new from GitHub Changelog? October 2021 recap
A public beta of the new GitHub Issues, a “security manager” role for organizations, a command palette beta, and lots more. ⌘ Read more
Congratulations on the successful launch of Eagle v2, Henrique! 🎉 Welcome to the club of “I have developed my completely own CMS”. 😂 ⌘ Read more
On the blog: Real Life in Star Trek, The Slaver Weapon, part 1 https://john.colagioia.net/blog/2021/11/18/slaver.html #scifi #startrek #closereading
Snikket: November 2021 server release
We’re excited to introduce a new release of the Snikket server! The Snikket
server is an easy-to-install server package that allows you to run your own
private messaging service for family, friends and other small groups.
Since the previous server release, we’ve been focusing our work mainly on the
Snikket apps, especially the first release of our iOS app. We’ve continued
work on the server part of Snikket though, and we’re glad to share a range of
new imp … ⌘ Read more
How to Select the Docker Subscription That’s Right for You
On August 31st, 2021, we announced updates to our product subscription tiers. These changes are helping us to deliver on our mission to simplify application development and remove complexities for developers, while also providing the security and scale businesses rely on. With four different subscription options: Personal, Pro, Team, and Business, it might be difficult […]
The post [How to Select the Docker … ⌘ Read more
7 advanced workflow automation features with GitHub Actions
Check out some advanced automation and CI/CD capabilities you can use today with GitHub Actions on any GitHub account. ⌘ Read more
🤔 👋 Reconsidering moving Yarn.social’s development back to Github: Speaking of which (I do not forget); @fastidious@arrakis.netbros.com and I were discussing over a video call two nights ago, as well as @lyse@lyse.isobeef.org who joined a bit later, about the the whole moved of all of my projects and their source code off of Github. Whilst some folks do understand and appreciate my utter disgust over what Microsoft and Copilot did by blatantly scraping open source software’s codebases without even so much as any attempt at attribution or respecting the licenes of many (if not all?) open source projects.
That being said however, @fastidious@arrakis.netbros.com makes a very good and valid argument for putting Yarn.social’s codebases, repositories and issues back on Github for reasons that make me “torn” over my own sense of morality and ethics.
But I can live with this as long as I continue to run and operate my new (yet to be off the ground) company “Self Hosted Pty Ltd” and where it operates it’s own code hosting, servicesa, tools, etc.
Plese comment here on your thoughts. Let us decide togetehr 🤗
From Netnod to Mullvad
Tomorrow is my last day at Netnod after seven years. While at Netnod I
have mostly spent my time helping build several different anycast DNS
solutions, but I also did some IX provisioning stuff, some security
work, and in some small way also helped bring the Network Time\
Security protocol forward.
A few years back I was the team leader for the develop … ⌘ Read more
An Easier Way to Get Started with Docker Business
As you may have already heard, the January 31st grace period to move to a paid subscription for commercial use of Docker Desktop is fast approaching. With this announcement, we introduced our new subscription tiers, including Docker Business–our offering specifically for organizations who want to scale their use of Docker all while maintaining security and […]
The post [An Easier Way to Get Started with Docker Business](https:/ … ⌘ Read more
How to remove bloatware
After I put my new SIM card in my phone today (yes, the one with the unlimited mobidata volume - thanks for all the replies to my recent post!), I noticed that there suddenly appeared a new app that wanted to offer me additional services via SMS, of course for a fee. An app with no benefit for me, even annoying me by the presence of the app icon in the app drawer and the missing possibility to deactivate the app! ⌘ Read more
GitHub’s developer-first approach to content moderation
GitHub puts the needs of developers at the core of our content moderation policies. Learn more about our approach and how you can contribute. ⌘ Read more