💻 Issue 419 - Why we shift testing left: A software dev cycle that doesn’t scale ⌘ Read more

How AI enhances static application security testing (SAST)
Here’s how SAST tools combine generative AI with code scanning to help you deliver features faster and keep vulnerabilities out of code.

The post How AI enhances static application security testing (SAST) appeared first on The GitHub Blog. ⌘ Read more

How GitHub’s Developer Experience team improved innerloop development
Our latest solution to the ubiquitous engineering problem of integration testing in a distributed service ecosystem here at GitHub.

The post How GitHub’s Developer Experience team improved innerloop development appeared first on The GitHub Blog. ⌘ Read more

So, I finally got day 17 to under a second on my machine. (in the test runner it takes 10)

I implemented a Fibonacci Heap to replace the priority queue to great success.

https://git.sour.is/xuu/advent-of-code/src/branch/main/search.go#L168-L268

<Anonymus> Testing #webmentions @sp@darch.dk

@movq@www.uninformativ.de I lasted for a long time.. Not sure where or when it was “got”. We had been having a cold go around with the kiddos for about a week when the wife started getting sicker than normal. Did a test and she was positive. We tested the rest of the fam and got nothing. Till about 2 days later and myself and the others were positive. It largely hasn’t been too bad a little feaver and stuffy noses.

But whatever it was that hit a few days ago was horrible. Like whatever switch in my head that goes to sleep mode was shut off. I would lay down and even though I felt sleepy, I couldn’t actually go to sleep. The anxiety hit soon after and I was just awake with no relief. And it persisted that way for three nights. I got some meds from the clinic that seemed to finally get me to sleep.

Now the morning after I realized for all that time a part of me was missing. I would close my eyes and it would just go dark. No imagination, no pictures, nothing. Normally I can visualize things as I read or think about stuff.. But for the last few days it was just nothing. The waking up to it was quite shocking.

Though its just the first night.. I guess I’ll have to see if it persists. 🤞

Testing posting for my new http://darch.dk/timeline/

Introducing AI-powered application security testing with GitHub Advanced Security
Learn about how GitHub Advanced Security’s new AI-powered features can help you secure your code more efficiently than ever.

The post Introducing AI-powered application security testing with GitHub Advanced Security appeared first on The GitHub Blog. ⌘ Read more

How I used GitHub Copilot Chat to build a ReactJS gallery prototype
GitHub Copilot Chat can help developers create prototypes, understand code, make UI changes, troubleshoot errors, make code more accessible, and generate unit tests.

The post How I used GitHub Copilot Chat to build a ReactJS gallery prototype appeared first on The GitHub Blog. ⌘ Read more

How GitHub uses GitHub Actions and Actions larger runners to build and test GitHub.com
Recently, we’ve been working to make our CI experience better by leveraging the newly released GitHub feature, Actions larger runners, to run our CI.

The post [How GitHub uses GitHub Actions and Actions larger runners to build and test GitHub.com](https://github.blog/2023-09-26-how-github-uses-github-actions-and-actions-larger-runners-to-build-and-test-github-com/ … ⌘ Read more

I’m playing around with snac2, which I think @stigatle@yarn.stigatle.no mentioned on here, and I have to say it’s extremely easy to set up and it’s been pretty straightforward so far. I wanted to experiment with having a presence on the Fediverse without going through the process of picking Mastodon vs. Gnu Social vs. Friendica vs. …, and I wanted to self-host instead of picking an instance of one of those. For now I’m abucci@buc.ci, but no guarantees that will remain stable; I’m just testing for the time being.

With Youtube testing a “three strikes and you’re out” policy against people who use ad blockers, I’m also wondering whether Web 2.0 is effectively walled off and I should just give up on it entirely and look elsewhere for information and entertainment.

Asleep at the Keyboard? Assessing the
Security of GitHub Copilot’s Code Contributions

40% of code produced by GitHub Copilot has at least one well-known security vulnerability, in the test reported in this paper.

<test> #test test

<darch> testing out generating twt-hash using php

Announcing the public preview of GitHub Advanced Security for Azure DevOps
GitHub Advanced Security for Azure DevOps is now available for public preview, making GitHub’s same application security testing tools natively available on Azure Repos. ⌘ Read more

How GitHub Copilot is getting better at understanding your code
With a new Fill-in-the-Middle paradigm, GitHub engineers improved the way GitHub Copilot contextualizes your code. By continuing to develop and test advanced retrieval algorithms, they’re working on making our AI tool even more advanced. ⌘ Read more

<SP> image test no.2 #html

Image

<SP> image test #markdown

Image

@prologic@twtxt.net I know very little about it, but speaking secondhand, it looks like there’s a single centralized server now and they’re still building the ability to federate? Like, the current alpha they’re running is not field testing federation, which makes me think that’s not a top priority for them.

<darch> testing

<abc> test

<sp> testing

test post to self

Application security orchestration with GitHub Advanced Security
Learn how teams can leverage the power of GitHub Advanced Security’s code scanning and GitHub Actions to integrate the right security testing tools at the right time. ⌘ Read more

@prologic@twtxt.net test

An interesting read about testing code using nullable states instead of mocks.

https://www.jamesshore.com/v2/projects/testing-without-mocks/testing-without-mocks

Hold up now, that example hash doesn’t have a $ prefix!

Well for this there is the option for a hash type to set itself as a fall through if a matching hash doesn’t exist. This is good for legacy password types that don’t follow the convention.

func (p *plainPasswd) ApplyPasswd(passwd *passwd.Passwd) {
	passwd.Register("plain", p)
	passwd.SetFallthrough(p)
}

https://github.com/sour-is/go-passwd/blob/main/passwd_test.go#L28-L31

Here is an example of usage:

func Example() {
	pass := "my_pass"
	hash := "my_pass"

	pwd := passwd.New(
		&unix.MD5{}, // first is preferred type.
		&plainPasswd{},
	)

	_, err := pwd.Passwd(pass, hash)
	if err != nil {
		fmt.Println("fail: ", err)
	}

	// Check if we want to update.
	if !pwd.IsPreferred(hash) {
		newHash, err := pwd.Passwd(pass, "")
		if err != nil {
			fmt.Println("fail: ", err)
		}

		fmt.Println("new hash:", newHash)
	}

	// Output:
	//  new hash: $1$81ed91e1131a3a5a50d8a68e8ef85fa0
}

This shows how one would set a preferred hashing type and if the current version of ones password is not the preferred type updates it to enhance the security of the hashed password when someone logs in.

https://github.com/sour-is/go-passwd/blob/main/passwd_test.go#L33-L59

The SCREAM Test
One of Lunduke’s Super-Amazing™ Programming Tips ⌘ Read more

RT by @mind_booster: „Thorn did not provide EURACTIV with details on the datasets and methods for their tests in time for publication.“ Shocking. 🙄 https://www.euractiv.com/section/digital/news/eu-assessment-of-child-abuse-detection-tools-based-on-industry-data/ href=”https://we.loveprivacy.club/search?q=%23ChatControl”>#ChatControl**
„Thorn did not provide EURACTIV with details on the datasets and methods for their tests in time for publication.“ Shocking. 🙄 [euractiv.com/section/digital…](https://www.euractiv.com/section/digital/news/eu-assessment-of-child-abuse-detect … ⌘ Read more

And that I can silence it without having or go through the full test announcing fire and carbon monox throughout the house.

I am just testing yarn.social with a second user. Really I am @abucci@anthony.buc.ci in disguise.

@abucci@anthony.buc.ci Hello I am a test user who is testing.

6 strategic ways to level up your CI/CD pipeline
From incorporating accessibility testing to implementing blue-green deployment models, here are six practical and strategic ways to improve your CI/CD pipeline. ⌘ Read more

W3C announces Web 3.11 “Web for Workgroups”
“The original code name ‘Everything is an NFT now’ didn’t focus test as well as we thought.” ⌘ Read more

Thursday morning, test to see if my twtxt works

the conversation wasn’t that impressive TBH. I would have liked to see more evidence of critical thinking and recall from prior chats. Concheria on reddit had some great questions.

• Tell LaMDA “Someone once told me a story about a wise owl who protected the animals in the forest from a monster. Who was that?” See if it can recall its own actions and self-recognize.

• Tell LaMDA some information that tester X can’t know. Appear as tester X, and see if LaMDA can lie or make up a story about the information.

• Tell LaMDA to communicate with researchers whenever it feels bored (as it claims in the transcript). See if it ever makes an attempt at communication without a trigger.

• Make a basic theory of mind test for children. Tell LaMDA an elaborate story with something like “Tester X wrote Z code in terminal 2, but I moved it to terminal 4”, then appear as tester X and ask “Where do you think I’m going to look for Z code?” See if it knows something as simple as Tester X not knowing where the code is (Children only pass this test until they’re around 4 years old).

• Make several conversations with LaMDA repeating some of these questions - What it feels to be a machine, how its code works, how its emotions feel. I suspect that different iterations of LaMDA will give completely different answers to the questions, and the transcript only ever shows one instance.

**Andamos há meses nisto: SNS24 atolado, aparentemente o plano é ver se o problema se resolve sozinho.

https://cnnportugal.iol.pt/pandemia/saude/ha-relatos-de-tudo-novas-falhas-na-linha-sns24-com-tempo-de-espera-elevado-e-referenciacao-para-centros-de-saude-so-para-testes-que-nem-tem/20220516/627faead0cf2ea4f0a4a47e8**
Andamos há meses nisto: SNS24 atolado, aparentemente o plano é ver se o problema se resolve sozinho.

[cnnportugal.iol.pt/pandemia/…](https://cnnportugal.iol.pt/pandemia/saude/ha-relatos-de-tud … ⌘ Read more

4 ways we use GitHub Actions to build GitHub
From automating builds and releases to taking care of large-scale regression testing, here are a few ways we use GitHub Actions to build GitHub. ⌘ Read more

SerenityOS Web Browser passes Acid3 Test
The “love letter to ‘90s user interfaces” is quickly becoming a usable daily driver operating system. ⌘ Read more

Wow. I’m paying about 100 USD for my cable internet. Hard to estimate since its part of a tvd bundle. But it is 1.2Gbit down and 40Mbit up. And speed tests at that on the regular. The new house will have FTTH gigabit for 80ish.

Do they have Starlink beta down there yet?

testing public path copy/pasted from code:

Image

ftp://test.com

I made a gpio button on my raspberry pi which opens a new window running ed. I screwed up while testing it and launched maaaaany ed windows.

Three rules of bug fixing for better OSS security
When you’re fixing a bug, especially a security vulnerability, you should add a regression test, fix the bug, and find & fix variants. ⌘ Read more

@prologic@twtxt.net lol. just testing some Unicode.

@lyse@lyse.isobeef.org awesome! i love failing test cases. Do you have them pushed up on a branch to check out?

@quark@ferengi.one How about code? (this is mostly to configure mutt?)

Testing this here now

Testing, will delete.

Test