Is Your Container Image Really Distroless?
Find out what makes an image distroless, tools that make the creation of distroless images practical, and security benefits of this approach. ⌘ Read more
How to use GitHub Copilot in your IDE: tips, tricks, and best practices
GitHub Copilot is a powerful AI assistant. Learn practical strategies to get the most out of GitHub Copilot to generate the most relevant and useful code suggestions in your editor.
The post How to use GitHub Copilot in your IDE: tips, tricks, and best practices appeared first on [The GitHub Bl … ⌘ Read more
started to stream our maintenance practice: a long overdue revision and update of the uxn tutorial | gemini://compudanzas.net/maintenance_practice.gmi
Pimoroni’s NVMe Base Duo Brings New Storage Options to Raspberry Pi 5
This week, Pimoroni introduced the NVMe Base Duo, a new storage solution for Raspberry Pi 5 users. It accommodates either one or two M-key NVMe SSDs, ranging from sizes 2230 to 2280. Designed to enhance the Raspberry Pi 5, this device provides a practical method for expanding storage capacity. Leveraging PCIe Gen 2 technology, the […] ⌘ Read more
Azure Container Registry and Docker Hub: Connecting the Dots with Seamless Authentication and Artifact Cache
See best practices for using public images and ensuring the security and reliability of your Docker containers. ⌘ Read more
How we’re using GitHub Projects to standardize our workflows and stay aligned
Learn how we’re managing feature releases and establishing best practices within and across teams at GitHub using GitHub Projects.
The post How we’re using GitHub Projects to standardize our workflows and stay aligned appeared first on [The GitHub Blog](https://github.blog … ⌘ Read more
6 Docker Security Best Practices for Your Application
This comprehensive guide for developers and operators provides actionable insights to enhance the security and efficiency of Docker applications. ⌘ Read more
Microsoft’s Reading Coach
My English pronunciation can be improved — a lot. But now I can use Microsoft’s Reading Coach. This is a new AI tool for practicing reading (in English). ⌘ Read more
Sabrina Hahn’s simple guide to growing chillies
Growing chillies is not only practical but the can also brighten up your garden ⌘ Read more
AppSec is harder than you think. Here’s how AI can help.
In practice, shifting left has been more about shifting the burden rather than the ability. But AI is bringing its promise closer to reality. Here’s how.
The post AppSec is harder than you think. Here’s how AI can help. appeared first on The GitHub Blog. ⌘ Read more
Pinellas County - Long Run: 17.80 miles, 00:08:57 average pace, 02:39:13 duration
practiced a marathon pacing strategy (simulated) of 5km/10mi/10mi/5km. went pretty well even though i was going faster than the paces at each step. but overall i felt good. also scouted out one of the two overpasses i will have to climb during the race. definitely nothing compared to the regular ones. freezing! started at 33F and ended at 45F. pretty lonely out there because the cold kept everyone inside.
#running
Pinellas County - 10 x 1km [30”]: 8.22 miles, 00:08:42 average pace, 01:11:36 duration
good session besides warning signs of code brown. kept the paces at around target pace of 8:30. i figure this may be close to maximum effort for the marathon so wanted to practice.
#running
5 ways to make your DevSecOps strategy developer-friendly
Developers care about security, but poorly integrated tools and other factors can cause frustration. Here are five best practices to reduce friction.
The post 5 ways to make your DevSecOps strategy developer-friendly appeared first on The GitHub Blog. ⌘ Read more
I have been doing interview prep for next year. The problems have been great to get practice and make it fun when compared to the dry solve this you get on hacker rank or code scene.
That and so many great write-ups to explain the problems.
Using Authenticated Logins for Docker Hub in Google Cloud
Learn four best practices that your teams can implement to maintain a secure and reliable software delivery process with Docker Hub in Google Cloud. With these guidelines, you can leverage the benefits of open source software while safeguarding your development workflow. ⌘ Read more
The ultimate gifts for the developer in your life this holiday season
If you’re on the hunt for the perfect holiday gifts for the developer who has it all, look no further. We’ve curated a list of 10 must-have items (plus a few more) that strike the perfect balance between practicality and style.
The post [The ultimate gifts for the developer in your life this holiday season](https://github.blog/2023-12-04-the-ultimate-gifts-for-the-developer-in-your-life-this-holid … ⌘ Read more
Test our Bike Generators in Paris, Rotterdam, and Barcelona
Image: Bike generator in Paris. Photo: Marie Verdeil. Bike generator in Paris, France
A year after Low-tech Magazine built and documented [a domestic bicycle generator](https://solar.lowtechmagazine.com/2022/03/how-to-build-a-practical … ⌘ Read more
Ignite Realtime Blog: New Openfire plugin: Reporting Account Affiliations
I’m excited to announce a new Openfire plugin: the Reporting Account Affiliations Plugin!
This plugin implements a new prototype XMPP extension of the same name.
To quote the specification:
In practice, a server may not trust all accounts equally. For example, if a server offers anonymous access or open registration, it … ⌘ Read more
Security best practices for authors of GitHub Actions
Improve your GitHub Action’s security posture by securing your source repository, protecting your maintainers, and making it easy to report security incidents.
The post Security best practices for authors of GitHub Actions appeared first on The GitHub Blog. ⌘ Read more
Erlang Solutions: The Future Trends of Sustainability in Programming Software
As sustainable programming practices continue to become the norm across the software development industry, we take a look at the future sustainability trends all businesses should be aware of.Future sustainability changes are now impacting almost every sector worldwide, and both the wider tech sector and programming as a profession aren’t exempt from this trend. As everyone continues to … ⌘ Read more
Watch YouTube Without Ads with FreeTube for Mac, Windows, Linux
YouTube is the webs most popular video site by a long shot, practically serving as a television replacement for millions. But as any Youtube viewer knows, the ads can be very aggressive and there are times where you’ll have to watch a 30 second ad before you can watch one minute of content, which is … Read More ⌘ Read more
How to communicate like a GitHub engineer: our principles, practices, and tools
Learn more about how we use GitHub to build GitHub, how we turned our guiding communications principles into prescriptive practices to manage our internal communications signal-to-noise ratio, and how you can contribute to the ongoing conversation.
The post [How to communicate like a GitHub engineer: our principles, practices, and tools](https://github.blog/2023-10-04-how-to-commu … ⌘ Read more
Announcing Udemy + Docker Partnership
Docker and Udemy announced a new partnership at DockerCon to give developers a clear, defined, accessible path for learning how to use Docker, best practices, advanced concepts, and everything in between. As the #1 rated online course platform (as ranked by Stack Overflow), Udemy will be the first to house Docker-accredited content and customized learning paths to provide developers with the latest training materials on how to best use Docker tools. ⌘ Read more
Announcing Docker Scout GA: Actionable Insights for the Software Supply Chain
We are excited to announce that Docker Scout General Availability (GA) now allows developers to continuously evaluate container images against a set of out-of-the-box policies, aligned with software supply chain best practices. These new capabilities also include a full suite of integrations enabling you to attain visibility from development into production. These updates strengthen Docker Scout’s position as integral to the software s … ⌘ Read more
@prologic@twtxt.net I use FreeOTP+ from F-Droid and it does what I need. It may be considered bad practice but I do use the import/export functionality to sync devices.
Hardening repositories against credential theft
Some best practices and important defenses to prevent common attacks against GitHub Actions that are enabled by stolen personal access tokens, compromised accounts, or compromised GitHub sessions.
The post Hardening repositories against credential theft appeared first on The GitHub Blog. ⌘ Read more
Erlang Solutions: 5 ways Elixir programming can improve business performance
Elixir is a simple, lightweight programming language that is built on top of the Erlang virtual machine. It offers straightforward syntax, impressive performance and a raft of powerful features. It uses your digital resources in the most efficient way.
This is all very well, but what does that mean in practice? Aside from impressing your web development team, what can Elixir do for your business?
In this … ⌘ Read more
Best practices for organizations and teams using GitHub Enterprise Cloud
Learn how you can structure your enterprise to get the most value out of GitHub and provide the best experience for your developers! ⌘ Read more
GitHub achieves ISO/IEC 27701:2019, 27018:2019, and CSA STAR certifications
GitHub’s Information Security and Privacy Management System (ISPMS) has been certified against ISO/IEC 27701:2019 (PII Processor) and 27018:2019 standards, as well as the Cloud Controls Matrix (CCM). These standards and frameworks are internationally recognized for security and privacy program best practices. ⌘ Read more
↳
In-reply-to
»
Google Says It'll Scrape Everything You Post Online for AI
⤋ Read More
@marado@twtxt.net It can’t possibly be defensible, which to me always signals an attempt at a power grab. They never explicitly said “we will use anything we scrape from the web to train our AI” before–that’s new. There is growing pushback against that practice, with numerous legal cases winding through the legal system right now. Some day those cases will be heard and decided on by judges. So they’re trying to get out ahead of that, in my opinion, and cement their claims to this data before there’s a precedent set.
Erlang Solutions: How to Manage Your RabbitMQ Logs: Tips and Best Practices
RabbitMQ is an open-source message broker software that allows you to build distributed systems and implement message-based architectures. It’s a reliable and scalable messaging system that enables efficient communication between different parts of your application. However, managing RabbitMQ logs can be a challenging task, especially when it’s deployed on a large cluster. In this article, we’ll ta … ⌘ Read more
How to use GitHub Copilot: Prompts, tips, and use cases
In this prompt guide for GitHub Copilot, two GitHub developer advocates, Rizel and Michelle, will share examples and best practices for communicating your desired results to the AI pair programmer. ⌘ Read more
Building a culture of innovation in your business with GitHub
Consider the typical software development practices in an organization. Projects are commonly closed, and causes friction across engineering teams. But open source communities work asynchronously, openly, remotely and at global-scale. What if our internal teams could reuse those same practices? ⌘ Read more
@prologic@twtxt.net @carsten@yarn.zn80.net
There is (I assure you there will be, don’t know what it is yet…) a price to be paid for this convenience.
Exactly prologic, and that’s why I’m negative about these sorts of things. I’m almost 50, I’ve been around this tech hype cycle a bunch of times. Look at what happened with Facebook. When it first appeared, people loved it and signed up and shared incredibly detailed information about themselves on it. Facebook made it very easy and convenient for almost anyone, even people who had limited understanding of the internet or computers, to get connected with their friends and family. And now here we are today, where 80% of people in surveys say they don’t trust Facebook with their private data, where they think Facebook commits crimes and should be broken up or at least taken to task in a big way, etc etc etc. Facebook has been fined many billions of dollars and faces endless federal lawsuits in the US alone for its horrible practices. Yet Facebook is still exploitative. It’s a societal cancer.
All signs suggest this generative AI stuff is going to go exactly the same way. That is the inevitable course of these things in the present climate, because the tech sector is largely run by sociopathic billionaires, because the tech sector is not regulated in any meaningful way, and because the tech press / tech media has no scruples. Some new tech thing generates hype, people get excited and sign up to use it, then when the people who own the tech think they have a critical mass of users, they clamp everything down and start doing whatever it is they wanted to do from the start. They’ll break laws, steal your shit, cause mass suffering, who knows what. They won’t stop until they are stopped by mass protest from us, and the government action that follows.
That’s a huge price to pay for a little bit of convenience, a price we pay and continue to pay for decades. We all know better by now. Why do we keep doing this to ourselves? It doesn’t make sense. It’s insane.
Private vulnerability reporting now generally available
Open source maintainers and security researchers embrace a new best practice to report and fix vulnerabilities. ⌘ Read more
in practice probably ~all systems with qualia are valenced systems, since valence is the primary axis along which qualia can vary
Building organization-wide governance and re-use for CI/CD and automation with GitHub Actions
Many of us are aware of the benefits that a strong focus on automation can bring, particularly in our development workflow and DevOps lifecycle. But silos across businesses can lead to duplication of effort, and potential to lose out on best practices. In this post, we’ll explore how CI/CD can be shared across your entire organization alongside polici … ⌘ Read more
Producer warns ‘fussy’ consumers could jeopardise local fruit and vegetable industry
With flavour the number one priority for this local grower, Rick Scoones says he’s not willing to change his farming practices for buyers focused on cosmetic appearance. ⌘ Read more
**RT by @mind_booster: 📢 The @EU_Commission finally launched its long-awaited #RighttoRepair proposal
➡️Despite some good steps, the proposal does not address affordability of #repair, anti-repair practices & is a missed opportunity to make the #RighttoRepair universal!
🔽Quick analysis in the🧵**
📢 The @EU_Commission finally launched its long-awaited #RighttoRepair proposal
➡️Despite some good steps, the pr … ⌘ Read more
Responsible AI pair programming with GitHub Copilot
GitHub Copilot boosts developer productivity, but using it responsibly still requires good developer and DevSecOps practices. ⌘ Read more
** Accessibility and the product person **
This post is a slightly modified version of a talk I presented to the product practice at my work. It presents a few ways that product designers and managers can help to move accessibility forward. It is a little bit different than what I normally share, here, but, I thought it may be interesting to some folks.
[![Picture of a slide with the title “Why though?” It also includes a quote from Kat Holmes’ book Mismatch. The quote reads: “There are many challeng … ⌘ Read more
5 Developer Workstation Security Best Practices
Learn how Hardened Docker Desktop can help you follow the five most critical developer workstation security best practices. ⌘ Read more
Announcing the launch of the All In for Maintainers DEI Resource Hub
The DEI Resource Hub is a vetted collection of resources, tools, and best practices designed to help open source maintainers create and maintain inclusive and diverse open source communities. ⌘ Read more
Introducing required workflows and configuration variables to GitHub Actions
Now, you can standardize and enforce CI/CD best practices across all repositories in your organization to reduce duplication and secure your DevOps processes. ⌘ Read more
GitHub Gives 2022: Creating positive, lasting contributions in our communities
This year, we took GitHub Gives, our company-wide giving campaign, to new heights and wanted to share our learnings to provide best practices in programming a successful hybrid giving campaign for employees. ⌘ Read more
JMP: Writing a Chat Client from Scratch
There are a lot of things that go into building a chat system, such as client, server, and protocol. Even for only making a client there are lots of areas of focus, such as user experience, features, and performance. To keep this post a manageable size, we will just be building a client and will use an existing server and protocol (accessing Jabber network services using the XMPP protocol). We’ll make a practical GUI so we can test things, but not spend too much time on p … ⌘ Read more
the last century was wild: “Her love of tennis included playing naked, with nude tennis ‘a common practice in those days among the more louche members of the middle classes’”, from the Wikipedia article on Enid Blyton.
Developing Go Apps With Docker
Develop Go applications with Docker using these containerization steps, best practices, optimization tips, and more. ⌘ Read more
RT @joinmastodon@joinmastodon
Some people ask us why Mastodon isn’t a single website. A single website that can serve the whole world requires so much computing power, infrastructure, and engineering, that it is practically impossible to do without big capital and monetization.
🐦🔗: https://twitter.com/joinmastodon/status/1586886721706262530 ⌘ Read more