Empowering Developers with Docker: Simplifying Compliance and Enhancing Security for SOC 2, ISO 27001, FedRAMP, and More
With a Docker Business subscription, Docker customers have access to granular controls and a full product suite to help them maintain compliance and improve security. ⌘ Read more
Building a zero CVE strategy
Member post originally published on the Kubesimplify blog by Kunal Verma With the increase in software complexity and as digital threats evolve (as discussed in our previous blog) in today’s digital age, the organizations are facing a massive increase… ⌘ Read more
Docker Security Advisory: AuthZ Plugin Bypass Regression in Docker Engine
Certain versions of Docker Engine have a security vulnerability that could allow an attacker to bypass authorization plugins (AuthZ) under specific circumstances. The base likelihood of this being exploited is low. This advisory outlines the issue, identifies the affected versions, and provides remediation steps for impacted users. ⌘ Read more
How we improved availability through iterative simplification
Solving and staying ahead of problems when scaling up a system of GitHub’s size is a delicate process. Here’s a look at some of the tools in GitHub’s toolbox, and how we’ve used them to solve problems.
The post [How we improved availability through iterative simplification](https://github.blog/engineering/engineering-principles/how-we-improved-availability-through-iterative-simplification/ … ⌘ Read more
How to review code effectively: A GitHub staff engineer’s philosophy
GitHub Staff Engineer Sarah Vessels discusses her philosophy of code review, what separates good code review from bad, her strategy for finding and reviewing code, and how to get the most from reviews of her own code.
The post [How to review code effectively: A GitHub staff engineer’s philosophy](https://github.blog/developer-skills/github/how-to-review-code-effectively-a-github-staff-eng … ⌘ Read more
Welcome Bob Killen, CNCF’s new Senior Technical Program Manager!
We’d like to take a moment to welcome and introduce (or reintroduce) Bob Killen, CNCF’s new Senior Technical Program Manager! Bob has been a member of the cloud native community for some time now and is probably familiar… ⌘ Read more
Local LLM Messenger: Chat with GenAI on Your iPhone
Learn about the LoLLM Messenger project — a winner of the AI/ML Hackathon — which allows you to send iMessages to GenAI models running directly on your computer. ⌘ Read more
Authentication vs authorization: understanding the difference
Member post originally published on the Cerbos blog by Omu Inetimi Authentication vs Authorization: Understanding the Difference In recent times, security in modern applications cannot be overemphasized. It is extremely important to ensure our applications have proper security… ⌘ Read more
Post-vacation bike tour
Today was my first workday after summer vacation, and with the weather being pleasant – not too hot, and no rain – I decided to finish work a bit early and go for a 39-kilometer bike tour through the surrounding area. ⌘ Read more
JMP: Newsletter: Calls from SIP; Potential New SIM Plan
Hi everyone!
Welcome to the latest edition of your pseudo-monthly JMP update!
In case it’s been a while since you checked out JMP, here’s a refresher: JMP lets you send and receive text and picture messages (and calls) through a real phone number right from your computer, tablet, phone, or anything else that has a Jabber client. Among other things, JMP has these features: Your phone number on every device; Multiple phone numbers, one app; Free as … ⌘ Read more
3 ways to get Remote Code Execution in Kafka UI
In this blog post, we’ll explain how we discovered three critical vulnerabilities in Kafka UI and how they can be exploited.
The post 3 ways to get Remote Code Execution in Kafka UI appeared first on The GitHub Blog. ⌘ Read more
On my blog: Developer Diary, Ratcatcher’s Day https://john.colagioia.net/blog/2024/07/22/ratcatcher.html #programming #project #devjournal
Hello, little deer! 👋 ⌘ Read more
Untitled ⌘ Read more
Open Letter to the European Commission ⌘ Read more
On my blog: Free Culture Book Club — Aether Age Codex - Helios, part 1 https://john.colagioia.net/blog/2024/07/20/helios-1.html #freeculture #bookclub
Lessons from CrowdStrike’s Buggy Update: The Critical Importance of Robust Release Processes
Community post by Andrés Vega, CNCF TAG Security Recent events involving CrowdStrike’s Falcon security software have underscored a critical lesson across the industry : the importance of having a robust, secure release process. This incident serves as a… ⌘ Read more
On my blog: Toots 🦣 from 07/15 to 07/19 https://john.colagioia.net/blog/2024/07/19/week.html #linkdump #mastodon #socialmedia #week
On my blog: Real Life in Star Trek, New Ground https://john.colagioia.net/blog/2024/07/18/new-ground.html #scifi #startrek #closereading
ProcessOne: ejabberd 24.02
ejabberd 24.02 has just been release and well, this is a huge release with 200 commits and more in the libraries. We’ve packed this update with a plethora of new features, significant improvements, and essential bug fixes, all designed to supercharge your messaging infrastructure.
– **
The Cloud Native Glossary is a project led by the CNCF Business Value Subcommittee. Its goal is to explain cloud native concepts in clear and simple language without requiring any previous technical knowledge. We are in the process… ⌘ Read more
Erlang Solutions: Meet the team: Nico Gerpe
Welcome to our first-ever “Meet the Team” series! In this first edition, we’ll be shining the spotlight on Nico Gerpe, the Business Unit Lead for the Americas team at Erlang Solutions.
Nico discusses his role at Erlang Solutions, his latest explorations in the IoT and machine learning space and most importantly- fun Argentinian summer traditions!
About N … ⌘ Read more
Before going to sleep, a quick walk around the block. 🌔 ⌘ Read more
Docker Desktop 4.32: Beta Releases of Compose File Viewer, Terminal Shell Integration, and Volume Backups to Cloud Providers
Discover the powerful new features in Docker Desktop 4.32, including the Compose File Viewer, terminal integration, and enterprise-grade volume backups, designed to enhance developer productivity and streamline workflows. ⌘ Read more
How researchers are using GitHub Innovation Graph data to estimate the impact of ChatGPT
An interview with economic researchers who are applying causal inference techniques to analyze the effect of generative AI tools on software development activity.
The post [How researchers are using GitHub Innovation Graph data to estimate the impact of ChatGPT](https://github.blog/2024-07-17-how-researchers-are-using-github-innovation-graph-data-to-estimate-t … ⌘ Read more
Interval tree implementation in Xline
The Reason for Implementing Interval Trees In a recent refactoring of Xline, we identified a performance bottleneck caused by two data structures on the critical path: the Speculative Pool and the Uncommitted Pool. These two data structures are… ⌘ Read more
It took me so long to find the cause of a memory leak in GoBlog. I thought it was smart to use a cache for prepared database statements. But I didn’t read the documentation and didn’t know that prepared statements need to be closed when they are no longer needed to free up the allocated resources. 🤦♂️ I finally fixed it by removing the prepared statement cache altogether. Less code, fewer problems in the future, and the cache wasn’t much of an improvement anyway. I also learned about the usefulness of memory profil … ⌘ Read more
Kubestronaut in Orbit: Eleni Grosdouli
Get to know Eleni This week’s Kubstronaut in Orbit, Eleni Grosdouli, brings diverse experiences to her role as a DevOps Consulting Engineer at Cisco Systems. She’s the go-to person for DevOps and Kubernetes Automation, with a passion for… ⌘ Read more
ProcessOne: ejabberd 24.06
This new ejabberd 24.06 includes four months of work, close to 200 commits, including several minor improvements in the core ejabberd, and a lot of improvements in the administrative parts of ejabberd, like the WebAdmin and new API commands.
Brief summary- *Webadmin rework … ⌘ Read more
Untitled ⌘ Read more
Untitled ⌘ Read more
Untitled ⌘ Read more
Organising the first KCD Hyderabad – my amazing experience
KCD post originally published on Social Maharaj by Atulpriya Sharma Being a food and travel blogger, I often attend a lot of food meet-ups where I get to experience different dishes and meet new people as well. But did… ⌘ Read more
Docker Best Practices: Choosing Between RUN, CMD, and ENTRYPOINT
Learn how to optimize Docker command use with our best practices guide on RUN, CMD, and ENTRYPOINT Dockerfile instructions. ⌘ Read more
How an AI Assistant Can Help Configure Your Project’s Git Hooks
Make Git hooks easier to configure and use by providing project-specific context to Docker’s AI Assistant. ⌘ Read more
On my blog: Developer Diary, Queen Yun https://john.colagioia.net/blog/2024/07/15/yun.html #programming #project #devjournal
On my blog: Sleep, Addendum https://john.colagioia.net/blog/2024/07/14/sleep-2.html #sleep #advice #rant
Untitled ⌘ Read more
On my blog: Free Culture Book Club — Raiders of the Unix Seas https://john.colagioia.net/blog/2024/07/13/raiders-unix-seas.html #freeculture #bookclub
Untitled ⌘ Read more
On my blog: Toots 🦣 from 07/08 to 07/12 https://john.colagioia.net/blog/2024/07/12/week.html #linkdump #mastodon #socialmedia #week
GitHub Availability Report: June 2024
In June, we experienced two incidents that resulted in degraded performance across GitHub services.
The post GitHub Availability Report: June 2024 appeared first on The GitHub Blog. ⌘ Read more
Untitled ⌘ Read more
Unlocking the power of ephemeral environments with Devtron
Member post originally published on Devtron’s blog by Abhinav Dubey TL;DR: The blog talks about how ephemeral environments with Devtron become much easier, reducing the complexities, automating the process, and optimizing infra cost. In the world of software… ⌘ Read more
Untitled ⌘ Read more
お知らせ:JPCERT/CC Eyes「インシデント相談・情報提供窓口対応状況 ⌘ Read more
On my blog: Real Life in Star Trek, A Matter of Time https://john.colagioia.net/blog/2024/07/11/matter-time.html #scifi #startrek #closereading
Advancing responsible practices for open source AI
Outcomes from the Partnership on AI and GitHub workshop.
The post Advancing responsible practices for open source AI appeared first on The GitHub Blog. ⌘ Read more
Ignite Realtime Blog: Openfire 4.8.3 Release
The Ignite Realtime community is pleased to announce the release of Openfire 4.8.3. This release contains an important fix for thread lock situation described with OF-2845. If you have noticed clients getting logged out or unable to connect with Openfire 4.8.1 or 4.8.2, please do try this release and report in the community forums if your issue is persisting.
T … ⌘ Read more