In this article, we explore how Docker tags work, the risks and benefits of using them, and a mechanism for pinning to specific digests to bring us closer to reproducible builds.
In this article, we explore how Docker tags work, the risks and benefits of using them, and a mechanism for pinning to specific digests to bring us closer to reproducible builds.
This is a guest post by Justin Florentine, Director of Software Engineering at Elsevier. Justin shares his perspective on how and why friction happens in software. He presents the perks of using automation and how automating tasks is the simplest way to get the job done right.
This is a guest post by Justin Florentine, Director of Software Engineering at Elsevier. Justin shares his perspective on how and why friction happens in software. He presents the perks of using automation and how automating tasks is the simplest way to get the job done right.
Your custom secrets are likely some of the most critical to protect. This post outlines how you can up-level your scanning with a simple regular expression pattern added to the Secret Scanner skill, which is not covered by your Git provider scans, like GitHub's secret scanning.
Your custom secrets are likely some of the most critical to protect. This post outlines how you can up-level your scanning with a simple regular expression pattern added to the Secret Scanner skill, which is not covered by your Git provider scans, like GitHub's secret scanning.
We compare and contrast GitHub Actions with Atomist Skills, showing how Atomist Skills are a quicker, easier, and more convenient way to automate a larger variety of development tasks.
We compare and contrast GitHub Actions with Atomist Skills, showing how Atomist Skills are a quicker, easier, and more convenient way to automate a larger variety of development tasks.
Get the knowledge and inspiration you need to do your best work and deliver great software.
Security starts at home, and using `npm audit` as part of your local development process is highly recommended. This post will address the importance of making your audits automatic and how to package up the fixes in tidy pull requests — you'll keep your codebase safer while staying sane.
Security starts at home, and using `npm audit` as part of your local development process is highly recommended. This post will address the importance of making your audits automatic and how to package up the fixes in tidy pull requests — you'll keep your codebase safer while staying sane.
Don't risk letting credentials and sensitive information sit in your codebase for the taking. You need an in-depth defense strategy to keep all your secrets under wraps. In this post, we outline a few ideas and examples.
Don't risk letting credentials and sensitive information sit in your codebase for the taking. You need an in-depth defense strategy to keep all your secrets under wraps. In this post, we outline a few ideas and examples.
In this article, learn how to improve your Git commit message by writing messages that can trigger commands — like a bot that can draft pull requests.
In this article, learn how to improve your Git commit message by writing messages that can trigger commands — like a bot that can draft pull requests.