Very excited to announce that @lornajane and I are running a new @openuk Meetup that's digital-only, alongside the other great events being run by the #OpenUK organisation.
Our first event will be a tie-in with #GitHub's #MaintainerMonth and we'll be hearing from a number of excellent maintainers from a variety of projects - stay tuned for more details.
Looking forward to seeing some of y'all on May 22nd at 1200 noon (UK time) for an interesting webinar!
(This will be in addition to other OpenUK events still being hybrid where possible)
GitHub relaxing the requirement of the construction of the GitHub App's JWT (under private_key_jwt) is interesting, especially if now you don't need to know the installation ID to auth.
Presumably this also means that on GitHub's side they're still limiting access to repos that an installation has access to, but I'd have assumed that by doing it by installation ID you'd get additional checks
(I'd been lazy in the past and would rarely persist the installation ID, needing me to then go in and find it through the GitHub UI 😅)
Discover how keeping repository maintainer information accurate through CODEOWNERS files and automating maintenance with tools like cleanowners fosters efficient collaboration and sustainable software projects.
github tip: you can use "redirect.github.com" when referencing an issue/PR from another repo inside an issue/PR in your repo
this will avoid your issue getting backlinked into the other repo's issue, reducing noise.
example:
"github.com/nodejs/node/6969"
becomes:
"redirect.github.com/nodejs/node/6969"
Ha, did not realize that with Microsoft's acqi of GitHub, they pushed it into so many government and enterprise spaces a lot more quickly. Probably why the leadership team there caved to Microsoft, it was more money.
The new #github based on #react is an abject failure to improve the user experience. On every count it is objectively worse than previous iterations.
Page load time is poor, interactivity is gated seemingly on very large JS loads. Initial page layout is broken on mobile and randomly resizes the width of the viewport after loading. The number of micro-annoyances seem to be adding up daily.
This is like an object lesson in what not to do to your successful webapp.
Hackers are breaching GitHub accounts and inserting malicious code disguised as Dependabot contributions to steal authentication secrets and passwords from developers.
Researchers from Purdue and NCSU have found a large number of command injection vulnerabilities in the workflows of projects on GitHub. Follow these four tips to keep your GitHub Actions workflows secure.
GitHub recently experienced several availability incidents, both long running and shorter duration. We have since mitigated these incidents and all systems are now operating normally. Read on for more details about what caused these incidents and what we’re doing to mitigate in the future.
Since the beginning, GitHub.com has been a Ruby on Rails monolith. Today, the application is nearly two million lines of code and more than 1,000 engineers collaborate on it daily. We deploy as often as 20 times a day, and nearly every week one of those deploys is a Rails upgrade. Upgrading Rails weekly Every […]
Many of us are aware of the benefits that a strong focus on automation can bring, particularly in our development workflow and DevOps lifecycle. But silos across businesses can lead to duplication of effort, and potential to lose out on best practices. In this post, we’ll explore how CI/CD can be shared across your entire organization alongside policies, for a well-governed experience with GitHub Actions.
I've been using GitHub since I was eleven years old. To be fair, I didn't really understand git at the time, but I was able to fumble my way through it...
We are open sourcing our own OSPO policies, tools, and guides to help other OSPOs get started. See how you can get started. github.blog/2023-03-13-an-…
GitHub Actions has supported using OIDC tokens for about 15 months now. It is a much better of providing AWS credentials to workflows than creating IAM users and storing long-lived access keys in GitHub Actions secrets.
Attached: 1 image
https://github-contributions.vercel.app/ Is really neat - renders a single image with your entire GitHub contribution history, mine goes all the way back to 2008!
We’re introducing calendar-based versioning for our REST API, so we can keep evolving our API, whilst still giving integrators a smooth migration path and plenty of time to update their integrations.
The other day someone claimed a hostname on a domain I own and it took me a while to track down how. After a lot of digging around, trying to figure out how the hijack was accomplished, it turns out it was via GitHub Pages.