GitHub Availability Report: March 2025
In March, we experienced one incident that resulted in degraded performance across GitHub services.
The post GitHub Availability Report: March 2025 appeared first on The GitHub Blog. ⌘ Read more
https://gooeyui.github.io/GooeyGUI/website/ GUI Library in pure #C
When to choose GitHub-Hosted runners or self-hosted runners with GitHub Actions
Comparing GitHub-hosted vs self-hosted runners for your CI/CD workflows? This deep dive explores important factors to consider when making this critical infrastructure decision for your development team.
The post [When to choose GitHub-Hosted runners or self-hosted runners with GitHub Actions](https://github.blog/enterprise-software/ci-cd/when-to-choose-github-ho … ⌘ Read more
exwm: Emacs X Windows Manager
EXWM (Emacs X Window Manager) is a full-featured tiling X window manager for Emacs built on top of XELB. ↫ exwm GitHub page It supports both tiling and stacking windows, dynamic workspaces, RandR, a system tray, and a lot more. XELB stands for X protocol Emacs Lisp Binding, and it’s a “pure Elisp implementation of X11 protocol based on the XML description files from XCB project”. ⌘ Read more
https://github.com/codr7/hacktical-c A practical hacker’s guide to the #C programming language
GitHub for Beginners: Security best practices with GitHub Copilot
Learn how to leverage GitHub Copilot to make your code more secure.
The post GitHub for Beginners: Security best practices with GitHub Copilot appeared first on The GitHub Blog. ⌘ Read more
$10,000 worth GitHub Access Tokens | Secret Search Operators
Secret but basic GitHub dorks & search operators that can lead to $10k bounty worth Acess Tokens.
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/10- … ⌘ Read more
Conduwit is set to archive on GitHub. It was my favourite Matrix server, which I still self host. I think I am going to get off Matrix altogether now.
Maybe go back to Jabber?
Introducing sub-issues: Enhancing issue management on GitHub
Explore the iterative development journey of GitHub’s sub-issues feature. Learn how we leveraged sub-issues to build and refine sub-issues, breaking down larger tasks into smaller, manageable ones.
The post Introducing sub-issues: Enhancing issue management on GitHub ap … ⌘ Read more
What the heck is MCP and why is everyone talking about it?
Everyone’s talking about MCP these days when it comes to large language models (LLMs)—here’s what you need to know.
The post What the heck is MCP and why is everyone talking about it? appeared first on The GitHub Blog. ⌘ Read more
↳
In-reply-to
»
guys omg the people behind pico.sh are so nice ;_; one of the people running it emailed me to let me know i had what was likely a malfunctioning (or well, not working as intended) script that was spawning the same SSH tunnel over and over and they wanted to give me a heads up.
⤋ Read More
@eapl.me@eapl.me YEAHHH THEY’RE SO CUTE i got them here! https://github.com/charmbracelet/confettysh
How we’re making security easier for the average developer
Security should be native to your workflow, not a painful separate process.
The post How we’re making security easier for the average developer appeared first on The GitHub Blog. ⌘ Read more
How to request a change to a CVE record
Learn how to identify which CVE Numbering Authority is responsible for the record, how to contact them, and what to include with your suggestion.
The post How to request a change to a CVE record appeared first on The GitHub Blog. ⌘ Read more
oh out of boredom yesterday i made my blog available via markdown files too so you can use charmbracelet/glow to read them in your terminal :)
basically i just set up a file directory on a path of my blog, organized the MD files by year, and so in theory you can navigate to that path and choose a folder, then copy a link to a markdown post and run this:
glow -p https://bubblegum.girlonthemoon.xyz/md/2025/2025-03-31%20premature%20reflections%20on%20sudden%20responsibility.md
and then as long as you have glow installed, you can read my posts from the terminal :D it’s so cool
hello friends i spent a couple hours today using a random string generator by charm CLI called hotdiva2000 to make a script that 1) generates a static index.html page 2) the page is a prompt generator where all the prompts are from hotdiva2000!!!!!
this makes more sense if you look at it check it out
Found means fixed: Reduce security debt at scale with GitHub security campaigns
Starting today, security campaigns are generally available for all GitHub Advanced Security and GitHub Code Security customers—helping organizations take control of their security debt and manage risk by unlocking collaboration between developers and security teams.
The post [Found means fixed: Reduce security debt at scale with GitHub security campaigns](http … ⌘ Read more
Git turns 20: A Q&A with Linus Torvalds
To celebrate two decades of Git, we sat down with Linus Torvalds—the creator of Git and Linux—to discuss how it forever changed software development.
The post Git turns 20: A Q&A with Linus Torvalds appeared first on The GitHub Blog. ⌘ Read more
Mandated use of AI at work
Although I also use AI for some features on this blog and sometimes chat with some AI agent (whether it’s ChatGPT, Claude, Microsoft Copilot or GitHub Copilot), I have mixed feelings about its mandated use at work (Shopify is just one company doing it). ⌘ Read more
↳
In-reply-to
»
uuuugh been so inactive because of stupid site moderation it's SO EXHAUSTING
⤋ Read More
@prologic@twtxt.net i did not! the retrospring codebase has been around since i was in grade school LOLLLL
Vibe coding with GitHub Copilot: Agent mode and MCP support rolling out to all VS Code users
In celebration of MSFT’s 50th anniversary, we’re rolling out Agent Mode with MCP support to all VS code users. We are also announcing the new GitHub Copilot Pro+ plan w/ premium requests, the general availability of models from Anthropic, Google, and OpenAI, next edit suggestions for code completions & the Copilot code review agent.
The post [Vibe coding with GitHub Copilot: Agent mode and MC … ⌘ Read more
Localhost dangers: CORS and DNS rebinding
What is CORS and how can a CORS misconfiguration lead to security issues? In this blog post, we’ll describe some common CORS issues as well as how you can find and fix them.
The post Localhost dangers: CORS and DNS rebinding appeared first on The GitHub Blog. ⌘ Read more
XMPP Interop Testing: Enabling Tests
Our project creates a framework that allows anyone to easily add XMPP standards compliance tests to the test phase of
their build pipeline. Prior to our most recent release (version 1.5.0) a test execution would basically run all tests
in the test suite. We provided an option to exclude certain tests, but in essence, the bulk of tests would execute.
This behavior is generally preferable when testing an XMPP server implementation. A benefit of exclusion-based
… ⌘ Read more
I’m playing with ratterplatter again: It’s a toy that watches disk I/O and emulates the noise of a real hard disk. (Linux only.) It uses sound samples from one of my older disks.
I tried a different approach at estimating the disk activity and I think I finally got it right (after almost 10 years … 🤦).
Demo, booting a Windows 2000 VM: https://movq.de/v/1400544cc6/2kboot-ratterplatter-2.mp4
(For this purpose alone, I put a couple of mini speakers into my PC case, so that the noise comes from the right place: https://movq.de/v/a3b2dc0932/speakers.jpg)
The results aren’t too bad, but this thing can’t be super accurate due to the huge I/O caches that we have these days. For the video, I dropped the caches before booting Windows, otherwise you would have heard almost nothing.
FWIW, if you don’t know it yet, this is the equivalent for proper keyboard sound: https://github.com/zevv/bucklespring
GitHub found 39M secret leaks in 2024. Here’s what we’re doing to help
Every minute, GitHub blocks several secrets with push protection—but secret leaks still remain one of the most common causes of security incidents. Learn how GitHub is making it easier to protect yourself from exposed secrets, including today’s launches of standalone Secret Protection, org-wide scanning, and better access for teams of all sizes.
The post [GitHub found 39M secret leaks in 2024. H … ⌘ Read more
GitHub for Beginners: How to get LLMs to do what you want
Learn how to write effective prompts and troubleshoot results in this installment of our GitHub for Beginners series.
The post GitHub for Beginners: How to get LLMs to do what you want appeared first on The GitHub Blog. ⌘ Read more
Blue95: Fedora Atomic Xfce converted to a Windows 95 desktop
Blue95 is a modern and lightweight desktop experience that is reminiscent of a bygone era of computing. Based on Fedora Atomic Xfce with the Chicago95 theme. ↫ Blue95 GitHub page Exactly as it says on the tin. This is by far the easiest way to get the excellent Chigaco95 theme for Xfce set up and working in a polished way, and it also contains a few different application choices from the regular Fedora Xfce desk … ⌘ Read more
https://github.com/medialab/xan manipulate #CSV in terminal
https://github.com/Nuitka/Nuitka python #C compiler #clang
5 GitHub Actions every maintainer needs to know
With these actions, you can keep your open source projects organized, minimize repetitive and manual tasks, and focus more on writing code.
The post 5 GitHub Actions every maintainer needs to know appeared first on The GitHub Blog. ⌘ Read more
↳
In-reply-to
»
I'm not much a fan of registry limit/offset paging. I think I prefer the cursor/count method. And starting at zero for first and max for latest.
⤋ Read More
Hmm so looking at the swagger of the registry spec client it seems to just take a “page”.. That seems worse than doing an offset. Lol.
https://github.com/DracoBlue/twtxt-registry/blob/master/src/swagger.json
OpenAI adds MCP support to Agents SDK
Article URL: https://openai.github.io/openai-agents-python/mcp/
Comments URL: https://news.ycombinator.com/item?id=43485566
Points: 500
# Comments: 158 ⌘ Read more
Mastering GitHub Copilot: When to use AI agent mode
Discover the differences between agent mode and Copilot Edits with GitHub Copilot—and when to use them in your workflows.
The post Mastering GitHub Copilot: When to use AI agent mode appeared first on The GitHub Blog. ⌘ Read more
A maintainer’s guide to vulnerability disclosure: GitHub tools to make it simple
A step-by-step guide for open source maintainers on how to handle vulnerability reports confidently from the start.
The post A maintainer’s guide to vulnerability disclosure: GitHub tools to make it simple appeared fir … ⌘ Read more
Nvidia Linux GPU driver ported to Haiku
Nvidia releasing its Linux graphics driver as open source is already bearing fruit for alternative operating systems. As many people already knows, Nvidia published their kernel driver under MIT license: GitHub – NVIDIA/open-gpu-kernel-modules: NVIDIA Linux open GPU kernel module source (I will call it NVRM). This driver is very portable and its platform-independent part can be compiled for Haiku with minor effort (but it need to implement OS-specific … ⌘ Read more
World Water Day: how GitHub Copilot is helping bring clean water to communities
From simplifying the workflow of a developer to having an impact on the global water crisis, technology and AI are reshaping the way charity: water works.
The post World Water Day: how GitHub Copilot is helping bring clean water to communities appeared first on [Th … ⌘ Read more
I saw 100% I/O wait in htop today but couldn’t find a process which actually does I/O. Turns out, I/O wait isn’t what it used to be anymore:
https://lwn.net/Articles/989272/
In my case, it was mpd which triggered this:
https://github.com/MusicPlayerDaemon/MPD/issues/2241
mpd doesn’t actually do anything, it just sits there and waits for events. To my understanding, this is similar to something blocking on read(). I’m not quite sure yet if displaying this as I/O wait (or “PSI some io”) is intentional or not – but it sure is confusing.
↳
In-reply-to
»
i tried deploying anubis (https://github.com/TecharoHQ/anubis) to protect my site superlove but yall i got so stuck with getting it behind caddy that i felt super dumb and gave up for now T_T
⤋ Read More
@kat@yarn.girlonthemoon.xyz think i’ll wait and see if the caddy module proposal gets anywhere bc that sounds like it’d make my life easier lol
i tried deploying anubis (https://github.com/TecharoHQ/anubis) to protect my site superlove but yall i got so stuck with getting it behind caddy that i felt super dumb and gave up for now T_T
Monero Research Lab meeting scheduled for 26 March 2025 1700 UTC
The next Monero Research Lab1 meeting is scheduled to take place on Wednesday, March 26th 2025 at 17:00 UTC on IRC-Libera/Matrix2 in the #monero-research-lab channels.
Video: How to create checklists in Markdown for easier task tracking
Ever wondered how to create checklists in your GitHub repositories, Issues, and PRs? Make task lists more manageable in your GitHub repositories, issues, and pull requests.
The post Video: How to create checklists in Markdown for easier task tracking appeared first on [The … ⌘ Read more
How fast the days are getting longer (2023)
Article URL: https://joe-antognini.github.io/astronomy/daylight
Comments URL: https://news.ycombinator.com/item?id=43413935
Points: 503
# Comments: 171 ⌘ Read more
IssueOps: Automate CI/CD (and more!) with GitHub Issues and Actions
A look into building IssueOps workflows on GitHub to do everything from CI/CD to handling approvals and more.
The post IssueOps: Automate CI/CD (and more!) with GitHub Issues and Actions appeared first on The GitHub Blog. ⌘ Read more
https://github.com/outpaddling/desktop-installer freebsd netbsd openbsd postinstall script
[ANN] Cypher Stack published FROSTLASS security proofs and Eagen’s divisors review
Links:
n/a ⌘ Read more
GitHub for Beginners: Essential features of GitHub Copilot
Get the most out of Copilot with code completion, inline chat, slash commands, Copilot code review, and more.
The post GitHub for Beginners: Essential features of GitHub Copilot appeared first on The GitHub Blog. ⌘ Read more
Docs – Open source alternative to Notion or Outline
Article URL: https://github.com/suitenumerique/docs
Comments URL: https://news.ycombinator.com/item?id=43378239
Points: 503
# Comments: 181 ⌘ Read more
↳
In-reply-to
»
@prologic I created a script for your book. i have only done the first two chapters. have to do some adjustments to the text so it sounds ok and that takes time..
⤋ Read More
Chapter 1:
Chapter 2:
if you want a different voice let me know which to use: https://rhasspy.github.io/piper-samples/
Highlights from Git 2.49
The open source Git project just released Git 2.49. Here is GitHub’s look at some of the most interesting features and changes introduced since last time.
The post Highlights from Git 2.49 appeared first on The GitHub Blog. ⌘ Read more
How GitHub engineers learn new codebases
Strategies to quickly get up to speed, whether you’re a seasoned engineer or a newcomer to the field.
The post How GitHub engineers learn new codebases appeared first on The GitHub Blog. ⌘ Read more
Sign in as anyone: Bypassing SAML SSO authentication with parser differentials
Critical authentication bypass vulnerabilities (CVE-2025-25291 + CVE-2025-25292) were discovered in ruby-saml up to version 1.17.0. In this blog post, we’ll shed light on how these vulnerabilities that rely on a parser differential were uncovered.
The post [Sign in as anyone: Bypassing SAML SSO authentication with parser differentials](https://github.blog/security/sign-in-as-anyone- … ⌘ Read more