From finding to fixing: GitHub Advanced Security integrates Endor Labs SCA
The partnership between GitHub and Endor Labs enables application security engineers and developers to drastically reduce time spent on open source vulnerabilities, and gives them the tools to go from finding to fixing.
The post [From finding to fixing: GitHub Advanced Security integrates Endor Labs SCA](https://github.blog/security/from-finding-to-fixing-github-advanced-security-integrates … ⌘ Read more
On my blog: Real Life in Star Trek, Ship in a Bottle https://john.colagioia.net/blog/2025/02/06/ship-in-bottle.html #scifi #startrek #closereading
GitHub Copilot: The agent awakens
Introducing agent mode for GitHub Copilot in VS Code, announcing the general availability of Copilot Edits, and providing a first look at our SWE agent.
The post GitHub Copilot: The agent awakens appeared first on The GitHub Blog. ⌘ Read more
5 tips for promoting your open source project
Three open source experts offer their advice on sharing open source projects with the world.
The post 5 tips for promoting your open source project appeared first on The GitHub Blog. ⌘ Read more
Apple Prototypes Tabletop Robot With Lifelike Movements Ahead of Rumored Launch by 2027
A team of robotics researchers at Apple have designed and prototyped a lamp-like robot with lifelike movements, according to a blog post and accompanying video published last month on the Apple Machine Learning Research website. The lamp, which reminds us of the cute Pixar mascot [Luxo Jr.](https://www.youtube.com/watch?v=gX0CmJa … ⌘ Read more
binaryFate publishes long overdue February 2025 Monero General Fund transparency report
Core Team member binaryFate1 has published a long overdue and much welcomed2’3 preliminary Monero General Fund transparency report4 which presents data until February 6th 2025:
I will give it few days for any discussion to take place and see if anything needs further clarification. After that we can make a blog post on getmonero.org. [..] End of 2023 … ⌘ Read more
Google Launches New Versions of Gemini, Including ‘Thinking’ Model
Google today announced updates to Gemini, the company’s AI product that competes with OpenAI’s ChatGPT, DeepSeek, and Apple Intelligence.
Starting today, Gemini app users can access Google’s [2.0 Flash Thinking Experim … ⌘ Read more
On my blog: Developer Diary, Sámi National Day https://john.colagioia.net/blog/2025/02/03/saami.html #programming #project #devjournal
On my blog: Free Culture Book Club — The Man Behind the Machine https://john.colagioia.net/blog/2025/02/01/man-machine.html #freeculture #bookclub
** In reply to: The politics of accessibility – Brian DeConinck **
In reply to: The politics of accessibility – Brian DeConinck
A devastating perfect blog post.
The core concept of digital accessibility is that everyone, including people with disabilities, should be able to access information and accomplish tasks via computer independently.
Continuing later,
This is an intensely political statement, backed by decades of protests and lobbying and litigation. … ⌘ Read more
On my blog: Toots 🦣 from 01/27 to 01/31 https://john.colagioia.net/blog/2025/01/31/week.html #linkdump #socialmedia #quotes #week
On my blog: Real Life in Star Trek, Chain of Command, Part 2 https://john.colagioia.net/blog/2025/01/30/chain-command-2.html #scifi #startrek #closereading
4 steps to building a natural language search tool
Empowering humanitarian action with open source: A natural language search tool for UN Resolutions.
The post 4 steps to building a natural language search tool appeared first on The GitHub Blog. ⌘ Read more
Windows 11 Now Lets You Access Your iPhone from the Start Menu
Microsoft has announced an update to Windows 11 that allows iPhone users to access their devices directly from the Start menu, bringing feature parity with its existing Android phone integration.
The … ⌘ Read more
TKey SSH CA
I wrote a stupidly simple SSH certificate authority that can you can
use directly over SSH to buy new certificates. It can be used with a
Tillitis TKey both for the private key of the CA itself and for the
user authentication to get a SSH certificate:
https://github.com/tillitis/tkey-ssh-ca
SSH certificates, as you my know, is a way of using not just key pairs
for user authentication, but also solving the problem of public key
distribution … ⌘ Read more
TKey SSH CA
I wrote a stupidly simple SSH certificate authority that can you can
use directly over SSH to buy new certificates. It can be used with a
Tillitis TKey both for the private key of the CA itself and for the
user authentication to get a SSH certificate:
https://github.com/tillitis/tkey-ssh-ca
SSH certificates, as you my know, is a way of using not just key pairs
for user authentication, but also solving the problem of public key
distribution … ⌘ Read more
On my way to FOSDEM 2025
I’m leaving by train for FOSDEM 2025 in Brussels, Belgium tomorrow
morning, arriving tomorrow evening, Goddess willing.
During FOSDEM I’ll probably mostly be in the Security devroom.
My presentation about the Tillitis TKey is on Saturday at 14:30.
I’m bringing some TKeys, both enduser and unlocked, and a couple of
TKey flash programmers if you want to … ⌘ Read more
Cybersecurity researchers: Digital detectives in a connected world
Discover the exciting world of cybersecurity research: what researchers do, essential skills, and actionable steps to begin your journey toward protecting the digital world.
The post Cybersecurity researchers: Digital detectives in a connected world appeared first … ⌘ Read more
Considerations for making a tree view component accessible
A deep dive on the work that went into making the component that powers repository and pull request file trees.
The post Considerations for making a tree view component accessible appeared first on The GitHub Blog. ⌘ Read more
Open source AI is already finding its way into production
Open source AI models are in widespread use, enabling developers around the world to build custom AI solutions and host them where they choose.
The post Open source AI is already finding its way into production appeared first on The GitHub Blog. ⌘ Read more
On my blog: Developer Diary, Liberation of Auschwitz https://john.colagioia.net/blog/2025/01/27/auschwitz.html #programming #project #devjournal
On my blog: Free Culture Book Club — Blood of the Ancient Star, part 3 https://john.colagioia.net/blog/2025/01/25/bloodstar-3.html #freeculture #bookclub
[ANN] Lighting up the quantum computing horizon with Aurora
Referencing Xanadu’s blog post released on 22nd Jan 2025 about their implementation of fault-tolerant, networked, scaleable quantum computing at room temperature that if i am understanding the post correctly could be used to efficiently build a quantum computer that is resourceful enough to threaten the monero’s cryptography.
Link: [https://github.com/monero-project/research-lab/issues/131#issuecomment-2613839657](https://github.com/monero-project/research-lab/issues/131#i … ⌘ Read more
On my blog: Toots 🦣 from 01/20 to 01/24 https://john.colagioia.net/blog/2025/01/24/week.html #linkdump #socialmedia #quotes #week
New to open source? Here’s everything you need to get started
Explore our simple guide to finding projects, understanding guidelines, and making an impact.
The post New to open source? Here’s everything you need to get started appeared first on The GitHub Blog. ⌘ Read more
On my blog: Real Life in Star Trek, Chain of Command, Part 1 https://john.colagioia.net/blog/2025/01/23/chain-command-1.html #scifi #startrek #closereading
That’s a wrap: GitHub Innovation Graph in 2024
Discover the latest trends and insights on public software development activity on GitHub with the release of Q2 & Q3 2024 data for the Innovation Graph.
The post That’s a wrap: GitHub Innovation Graph in 2024 appeared first on The GitHub Blog. ⌘ Read more
Attacks on Maven proxy repositories
Learn how specially crafted artifacts can be used to attack Maven repository managers. This post describes PoC exploits that can lead to pre-auth remote code execution and poisoning of the local artifacts in Sonatype Nexus and JFrog Artifactory.
The post Attacks on Maven proxy repositories appeared first on The GitHub Blog. ⌘ Read more
Modernizing legacy code with GitHub Copilot: Tips and examples
Learn how to modernize legacy code with GitHub Copilot with real-world examples.
The post Modernizing legacy code with GitHub Copilot: Tips and examples appeared first on The GitHub Blog. ⌘ Read more
Seven years of open source: A more secure and diverse ecosystem
Explore insights into open source community growth, innovation, and inclusivity with an updated survey dataset.
The post Seven years of open source: A more secure and diverse ecosystem appeared first on The GitHub Blog. ⌘ Read more
On my blog: Developer Diary, Turkish Constitution of 1921 https://john.colagioia.net/blog/2025/01/20/turkiye.html #programming #project #devjournal
On my blog: Grappling with AI Usage https://john.colagioia.net/blog/2025/01/19/ai-usage.html #artificialintelligence #harm #rant
On my blog: Free Culture Book Club — Blood of the Ancient Star, part 2 https://john.colagioia.net/blog/2025/01/18/bloodstar-2.html #freeculture #bookclub
On my blog: Toots 🦣 from 01/13 to 01/17 https://john.colagioia.net/blog/2025/01/17/week.html #linkdump #socialmedia #quotes #week
this is epic https://lmnt.me/blog/how-to-make-a-damn-website.html
How we evaluate models for GitHub Copilot
We share some of the GitHub Copilot team’s experience evaluating AI models, with a focus on our offline evaluations—the tests we run before making any change to our production environment.
The post How we evaluate models for GitHub Copilot appeared first on The GitHub Blog. ⌘ Read more
Supporting the next generation of developers
Here’s your opportunity to empower the teen in your life to get a start in open source development.
The post Supporting the next generation of developers appeared first on The GitHub Blog. ⌘ Read more
On my blog: Real Life in Star Trek, The Quality of Life https://john.colagioia.net/blog/2025/01/16/quality-life.html #scifi #startrek #closereading
GitHub Availability Report: December 2024
In December, we experienced two incidents that resulted in degraded performance across GitHub services.
The post GitHub Availability Report: December 2024 appeared first on The GitHub Blog. ⌘ Read more
Documenting and explaining legacy code with GitHub Copilot: Tips and examples
Learn how to document and explain legacy code with GitHub Copilot with real-world examples.
The post Documenting and explaining legacy code with GitHub Copilot: Tips and examples appeared first on The GitHub Blog. ⌘ Read more
How we built the GitHub Skyline CLI extension using GitHub
GitHub uses GitHub to build GitHub, and our CLI extensions are no exception. Read on to find out how we built the GitHub Skyline CLI extension using GitHub!
The post How we built the GitHub Skyline CLI extension using GitHub appeared first on [The GitHub Blog](https:/ … ⌘ Read more
Git security vulnerabilities announced
A new set of Git releases were published to address a variety of security vulnerabilities. All users are encouraged to upgrade. Take a look at GitHub’s view of the latest round of releases.
The post Git security vulnerabilities announced appeared first on The GitHub Blog. ⌘ Read more
On my blog: Developer Diary, Old New Year’s Eve https://john.colagioia.net/blog/2025/01/13/old-new-year.html #programming #project #devjournal
On my blog: Exercise https://john.colagioia.net/blog/2025/01/12/exercise.html #advice #health #publicdomain
On my blog: Free Culture Book Club — Blood of the Ancient Star, part 1 https://john.colagioia.net/blog/2025/01/11/bloodstar-1.html #freeculture #bookclub
On my blog: Toots 🦣 from 01/06 to 01/10 https://john.colagioia.net/blog/2025/01/10/week.html #linkdump #socialmedia #quotes #week
Game Off 2024 winners
Secrets spilled, discovered, and hidden again—Game Off 2024 brought over 500 jaw-dropping submissions that redefined creativity in gaming. From cult quests for free furniture to spellbinding mysteries, these games will have you hooked. Ready to uncover the winners?!?
The post Game Off 2024 winners appeared first on The GitHub Blog. ⌘ Read more
Highlights from Git 2.48
The open source Git project just released Git 2.48. Here is GitHub’s look at some of the most interesting features and changes introduced since last time.
The post Highlights from Git 2.48 appeared first on The GitHub Blog. ⌘ Read more
On my blog: Real Life in Star Trek, A Fistful of Datas https://john.colagioia.net/blog/2025/01/09/fistful-datas.html #scifi #startrek #closereading
How to secure your GitHub Actions workflows with CodeQL
In the last few months, we secured 75+ GitHub Actions workflows in open source projects, disclosing 90+ different vulnerabilities. Out of this research we produced new support for workflows in CodeQL, empowering you to secure yours.
The post How to secure your GitHub Actions workflows with CodeQL a … ⌘ Read more
How to use GitHub Copilot: What it can do and real-world examples
Real-world examples show you how Copilot can generate unit tests, refactor code, create documentation, perform multi-file edits, and much more
The post How to use GitHub Copilot: What it can do and real-world examples appeared first on The GitHub Blog. ⌘ Read more
Building LATAM’s future tech workforce with AI
Git Commit 2024 and our new AI course in Spanish
The post Building LATAM’s future tech workforce with AI appeared first on The GitHub Blog. ⌘ Read more
↳
In-reply-to
»
hmmm i really should set up crowdsec and maybe a WAF like coraza or something. i don't look at my logs as much as i should because they scare me and ignorance is bliss but i should probably cut out as much false traffic as possible especially to my biggest site (superlove)
⤋ Read More
@kat@yarn.girlonthemoon.xyz i’m reading this and i already have a gts server that i could secure with this but i’m thinking it’d be best for most of my public sites https://ovelny.sh/blog/a-complete-guide-for-your-gotosocial-server/
On my blog: Developer Diary, Epiphany https://john.colagioia.net/blog/2025/01/06/epiphany.html #programming #project #devjournal
On my blog: 🍾 Happy Belated Calendar-Changing Day, 2025 🎆 https://john.colagioia.net/blog/2025/01/05/hny2025.html #holiday #newyear #publicdomain
On my blog: Free Culture Book Club — Trans Girl Project, part 2 https://john.colagioia.net/blog/2025/01/04/trans-girl-2.html #freeculture #bookclub
On my blog: Toots 🦣 from 12/30 to 01/03 https://john.colagioia.net/blog/2025/01/03/week.html #linkdump #socialmedia #quotes #week
On my blog: Real Life in Star Trek, Rascals https://john.colagioia.net/blog/2025/01/02/rascals.html #scifi #startrek #closereading
GitHub’s top blogs of 2024
Explore GitHub’s top blogs of 2024, featuring new tools, AI breakthroughs, and tips to level up your developer game.
The post GitHub’s top blogs of 2024 appeared first on The GitHub Blog. ⌘ Read more
On my blog: Developer Diary, Rizal Day https://john.colagioia.net/blog/2024/12/30/rizal.html #programming #project #devjournal
On my blog: 🔭 Looking Back on 2024 https://john.colagioia.net/blog/2024/12/29/review-2024.html #retrospective #newyear
On my blog: Free Culture Book Club — Trans Girl Project, part 1 https://john.colagioia.net/blog/2024/12/28/trans-girl-1.html #freeculture #bookclub
On my blog: Toots 🦣 from 12/23 to 12/27 https://john.colagioia.net/blog/2024/12/27/week.html #linkdump #socialmedia #quotes #week
On my blog: Real Life in Star Trek, True Q https://john.colagioia.net/blog/2024/12/26/true-q.html #scifi #startrek #closereading
Announcing CodeQL Community Packs
We are excited to introduce the new CodeQL Community Packs, a comprehensive set of queries and models designed to enhance your code analysis capabilities. These packs are tailored to augment…
The post Announcing CodeQL Community Packs appeared first on The GitHub Blog. ⌘ Read more
On my blog: Developer Diary, Treaty of Ghent https://john.colagioia.net/blog/2024/12/23/ghent.html #programming #project #devjournal
I would like to share my lastest article about #twtxt on my blog: https://programadorwebvalencia.com/twtxt-la-red-social-en-texto-plano-descentralizada-y-minimalista/ . Attention! It is a Spanish
On my blog: Christmas Every Day https://john.colagioia.net/blog/2024/12/22/christmas-every-day.html #fiction #christmas #holiday
On my blog: Free Culture Book Club — Speciare Lunar Research Facility https://john.colagioia.net/blog/2024/12/21/speciare.html #freeculture #bookclub
On my blog: Toots 🦣 from 12/16 to 12/20 https://john.colagioia.net/blog/2024/12/20/week.html #linkdump #socialmedia #quotes #week
How researchers are studying the impact of GitHub Copilot on the nature of work for open source maintainers
An interview with economic researchers analyzing the causal effect of GitHub Copilot on how open source maintainers work.
The post [How researchers are studying the impact of GitHub Copilot on the nature of work for open source maintainers](https://github.blog/news-insights/policy-news-and-insig … ⌘ Read more
OpenAI’s latest o1 model now available in GitHub Copilot and GitHub Models
The December 17 release of OpenAI’s o1 model is now available in GitHub Copilot and GitHub Models, bringing advanced coding capabilities to your workflows.
The post OpenAI’s latest o1 model now available in GitHub Copilot and GitHub Models appeared first on The GitHub Blog. ⌘ Read more
Moin @arne@uplegger.eu, herzlich willkommen! Ich bin gerade auf https://uplegger.eu/blog/popelfinger gestoßen und war sofort sehr begeistert. :-D Mal sehen, ob ich die anderen an einem der Feiertage davon überzeugt bekomme, das mal auszuprobieren. :-)
On my blog: Real Life in Star Trek, Schisms https://john.colagioia.net/blog/2024/12/19/schisms.html #scifi #startrek #closereading
Enhance build security and reach SLSA Level 3 with GitHub Artifact Attestations
Learn how GitHub Artifact Attestations can enhance your build security and help your organization achieve SLSA Level 3. This post breaks down the basics of SLSA, explains the importance of artifact attestations, and provides a step-by-step guide to securing your build process.
The post [Enhance build security and reach SLSA Level 3 with GitHub Artifact Attest … ⌘ Read more
Introducing Annotated Logger: A Python package to aid in adding metadata to logs
We’re open sourcing Annotated Logger, a Python package that helps make logs searchable with consistent metadata.
The post [Introducing Annotated Logger: A Python package to aid in adding metadata to logs](https://github.blog/developer-skills/programming-languages-and-frameworks/introducing-annotated-logger-a-python-package-to-aid-in-a … ⌘ Read more
Das Spiel der 20 Felder: Die möglichen Regeln des 4.600 Jahre alten Spiels mit einem Entwurf für einen modernen Spielplan.
Announcing 150M developers and a new free tier for GitHub Copilot in VS Code
Come and join 150M developers on GitHub that can now code with Copilot for free in VS Code.
The post Announcing 150M developers and a new free tier for GitHub Copilot in VS Code appeared first on The GitHub Blog. ⌘ Read more
↳
In-reply-to
»
For Example:
⤋ Read More
after thinking and researching about it, yep, I agree that WebFinger is a good idea.
For example reading here: https://bsky.social/about/blog/4-28-2023-domain-handle-tutorial
I wasn’t considering some scenarios, like multiple accounts for a single domain (See ‘How can I set and manage multiple subdomain handles?’ in the link above)
Uncovering GStreamer secrets
In this post, I’ll walk you through the vulnerabilities I uncovered in the GStreamer library and how I built a custom fuzzing generator to target MP4 files.
The post Uncovering GStreamer secrets appeared first on The GitHub Blog. ⌘ Read more
PSA: macOS Sequoia 15.2 Breaks SuperDuper Bootable Backups
Apple’s latest macOS Sequoia 15.2 update has introduced a critical bug that prevents the popular backup utility SuperDuper from creating bootable backups, according to the app’s chief developer, Shirt Pocket’s Dave Ninian.
 in my gemlog at:
gemini://gem.hack.org/log/collectives.gmi
It’s been slightly edited and a few photos added.
Posted on the blog on 2024-12-15 02:33 +0100. Later updated with how
Area 41 ended.]
I dreamt about Dial House last night. I’ve never been there, but it
was like I belonged, like I was meant to be th … ⌘ Read more
Living together: Reflections on collective living
[A version of this post was initially published on 2022-05-30 (Setting
Orange, the 4 day of Confusion in the YOLD 3188) in my gemlog at:
gemini://gem.hack.org/log/collectives.gmi
It’s been slightly edited and a few photos added.]
I dreamt about Dial House last night. I’ve never been there, but it
was like I belonged, like I was meant to be there.
Last I heard anything about Dial House they were trying to gather
enough money … ⌘ Read more
On my blog: Toots 🦣 from 12/09 to 12/13 https://john.colagioia.net/blog/2024/12/13/week.html #linkdump #socialmedia #quotes #week
GitHub Availability Report: November 2024
In November, we experienced one incident that resulted in degraded performance across GitHub services.
The post GitHub Availability Report: November 2024 appeared first on The GitHub Blog. ⌘ Read more
The Uniform
[Based on a story I wrote during upper-secondary school based on real
events. I translated it recently from Swedish and edited some of it. I
removed most (all?) elements of fiction.
Not a typical night, since it’s at an event in another city, but it
gives a taste of what partying in, say, 1989(?) was like. And yes, I
really usually drank two bottles of wine during a pre-party in those
days. Not unusual in the crowd I was hanging out with, I’m afraid.]
I was maybe 17 or 18. I was going to Härnösand, two train sto … ⌘ Read more
sec-t 2024
[This has been in my draft folder since September. Sorry! It’s been a
few months with ups and downs, mostly downs. Energy to spend time on
blogging has been low. Hell, energy to do much of anything has been
low. I’m trying to clean out the drafts folder and will post more
stuff.]
I attended the security conference sec-t 2024 in Stockholm the other
week. I held a presentation during the Community Event, Wednesday
September 11: “Verifying the Tillitis TKey”.
The TKey uses a novel way of helpin … ⌘ Read more
Report: Apple to Stop Selling iPhone 14 and iPhone SE in EU This Month
Apple plans to stop selling the iPhone 14, iPhone 14 Plus, and third-generation iPhone SE in European Union countries later this month, to comply with a regulation that will soon require newly-sold smartphones with wired charging to be equipped with a USB-C port in those countries, according to [French blog iGeneration](https://www.igen. … ⌘ Read more
WhatsApp Rolls Out Calling Updates for Desktop and Mobile
WhatsApp has announced some improvements to its calling features across desktop and mobile platforms ahead of the holiday season, such as the ability to choose participants from group chats, use new effects on calls, and take advantage of higher resolution video.
The ability to select … ⌘ Read more
On my blog: Real Life in Star Trek, Relics https://john.colagioia.net/blog/2024/12/12/relics.html #scifi #startrek #closereading
So many tokens, so little time: Introducing a faster, more flexible byte-pair tokenizer
We released a new open source byte-pair tokenizer that is faster and more flexible than popular alternatives.
The post So many tokens, so little time: Introducing a faster, more flexible byte-pair tokenizer appeared first on [The GitHub Bl … ⌘ Read more
CodeQL zero to hero part 4: Gradio framework case study
Learn how I discovered 11 new vulnerabilities by writing CodeQL models for Gradio framework and how you can do it, too.
The post CodeQL zero to hero part 4: Gradio framework case study appeared first on The GitHub Blog. ⌘ Read more
Microsoft Teams for iPad Now Includes External Camera Support
Microsoft has announced that Teams for iPad now supports external cameras, allowing users with older devices to hook up better-quality webcams during Teams calls.
With iPadOS 17, Apple added suppor … ⌘ Read more
What the EU’s new software legislation means for developers
The EU Cyber Resilience Act will introduce new cybersecurity requirements for software released in the EU. Learn what it means for your open source projects and what GitHub is doing to ensure the law will be a net win for open source maintainers.
The post [What the EU’s new software legislation means for developers](https://github.blog/open-source/maintainers/what-the-eus-new-software-legislation-means-fo … ⌘ Read more
On my blog: Developer Diary, Anti-Corruption Day https://john.colagioia.net/blog/2024/12/09/corruption.html #programming #project #devjournal
On my blog: Five Years of Entropy Arbitrage https://john.colagioia.net/blog/2024/12/08/five-years.html #blog #celebration #meta
𝍤𝍤𝍤𝍣 ?~L~X https://notiz.blog/b/DTy
On my blog: Free Culture Book Club — 2048, Enkidu, and Plastic https://john.colagioia.net/blog/2024/12/07/enkidu.html #freeculture #bookclub