Posts Tagged ‘github’
TL;DR pymarkdownlnt provides an easy way of checking that any Markdown you’re working on is complying to some sensible guidelines. If you’re comfortable with Python virtual environments you won’t really need the rest of this post. Why? I’ve spent a bunch of time recently adding OpenSSF Scorecards to the key Atsign repos. Build better security […]
Filed under: howto | Leave a Comment
Tags: Actions, github, lint, lints, Markdown, Pip, pymarkdown, pymarkdownlnt, python, scorecard, Ubuntu, uv, venv, venvs, virtual environment
Ever since I started signing GitHub commits with SSH keys I’ve made sure to use git v2.35 or later. Unfortunately Google Cloud Shell comes with a rather crusty old version of git (as part of the fact that it’s still based on Debian 11 ‘Bullseye’). Just copying over a more recent git binary doesn’t work. […]
Filed under: cloud, howto | Leave a Comment
Tags: cloud, git, github, google, shell
One of my favourite features of Dart is its ability to create executables (aka ahead of time [AOT] binaries)[1]. Creating binaries for the platform you’re running on is very straightforward, just dart compile exe but Dart doesn’t presently support cross compilation for command line binaries, unlike Rust and Go, which have also surged in popularity. […]
Filed under: Dart | Leave a Comment
Tags: Actions, architecture, ARM, Arm64, Armv7, binary, Buildx, Dart, Docker, github, Linux, MacOS, matrix, multi, platform, RISC-V, riscv64, tar, tarball, x64
While I wait for GitHub to get their act together on my Dependabot Wishlist I’ve created a little script for my first frustration – rollups. Another morning, another patch release of Dart, another 4 Dependabot PRs in my inbox: Only this time I was able to simply run: and the subsequent 3 PRs were rolled […]
Filed under: howto, software | Leave a Comment
Tags: bash, Dependabot, dependencies, dependency management, gh, git, github, PR, PRs, rollup, script
Dependabot Wishlist
GitHub is at the heart of how I do work, and Dependabot is one of the core tools. Even before we started using OpenSSF Scorecards, which pushed us to pin dependencies, Dependabot was something we used a lot to ensure that things were up to date. But, Dependabot isn’t perfect, and looking at the discussion […]
Filed under: could_do_better, software | Leave a Comment
Tags: Dependabot, dependencies, dependency management, github, rollup, wishlist
TL;DR OSSF Scorecards provide a visible badge that lets people see that an open source repo is adhering to a set of practices that minimise risks, measured by a set of automated checks. Getting this right for a single repo can be an involved process, but with that experience in hand applying the learning to […]
Filed under: security, software | Leave a Comment
Tags: Allstar, CI, github, OSSF, scorecard, security
TL;DR Using SSH keys is already a big part of the git/GitHub experience, and now they can be used for signing commits, which saves having to deal with GPG keys. Background For a while I’ve been signing my git commits with a GPG key (at least on my primary desktop), and GitHub has some nice […]
Filed under: howto, technology | Leave a Comment
Tags: git, github, howto, SSH
Actions is more than just a smart move for GitHub to do more stuff with Continuous Integration / Continuous Delivery pipelines – it’s a product management super move that gets GitHub out of the business of responding to stupid little feature requests. Better still, it’s an ecosystem play where GitHub (and Docker) users create value for other GitHub users without GitHub needing to invest their own time and treasure.
Filed under: Docker, strategy, technology | Leave a Comment
Tags: Actions, Docker, ecosystem, github, product maangement
Managing GitHub Labels
I was on a sprint planning call last week where it felt like we spent way too much time getting the labels in our various repos straightened out. After a little Googling I found various scripts that use the GitHub API to manage labels. But nothing that seemed easy enough. So… I pulled together my […]
Filed under: howto | 2 Comments
Tags: action, github, labels, open source, python, script
August 2020
ICYMI It’s been something of a busy month for blogging, with posts on Cloud Migration, Java, the UK exam fiasco, Hugo. and RIP Dougal. BBQ The new Kamado Joe that I mentioned last month got its first run, which looked good, but ended up being a little dry: Hawksmore @ Home The Hawksmore at Home […]
Filed under: monthly_update, technology, wibble | Leave a Comment
Tags: Actions, BBQ, Beat Saber, CD, CI, cloud native, constraints, DIY, github, Modern Apps, Oculus, Quest, vr, VSCode, WSL2
Chris Swan's Weblog 