Our team used Dockerfiles for several years but recently discovered that we could get better results using only Jib. In this post, we'll show you how to do it and where you'll see the most significant results.
Our team used Dockerfiles for several years but recently discovered that we could get better results using only Jib. In this post, we'll show you how to do it and where you'll see the most significant results.
We can't predict where the next vulnerability is going to be (or perhaps more accurately, where it already is). Instead, we have to prepare for what we don't yet know.
We can't predict where the next vulnerability is going to be (or perhaps more accurately, where it already is). Instead, we have to prepare for what we don't yet know.
We shipped support for detecting new vulnerabilities introduced in pull requests so that you can find and fix them. This approach gives you an effective way to detect and address new critical vulnerabilities before they hit production.
We shipped support for detecting new vulnerabilities introduced in pull requests so that you can find and fix them. This approach gives you an effective way to detect and address new critical vulnerabilities before they hit production.
In this post, we give our assessment of GitHub Container Registry. Minus a few surprises with the Docker v2 APIs, we think the overall user experience was a big improvement.
In this post, we give our assessment of GitHub Container Registry. Minus a few surprises with the Docker v2 APIs, we think the overall user experience was a big improvement.
Get a better approach for managing your Dockerfiles. You'll never fall behind when important fixes roll out. See how we did it at Atomist and how you can get early access to our Docker policy.
Get a better approach for managing your Dockerfiles. You'll never fall behind when important fixes roll out. See how we did it at Atomist and how you can get early access to our Docker policy.
Your custom secrets are likely some of the most critical to protect. This post outlines how you can up-level your scanning with a simple regular expression pattern added to the Secret Scanner skill, which is not covered by your Git provider scans, like GitHub's secret scanning.
Your custom secrets are likely some of the most critical to protect. This post outlines how you can up-level your scanning with a simple regular expression pattern added to the Secret Scanner skill, which is not covered by your Git provider scans, like GitHub's secret scanning.
We compare and contrast GitHub Actions with Atomist Skills, showing how Atomist Skills are a quicker, easier, and more convenient way to automate a larger variety of development tasks.
We compare and contrast GitHub Actions with Atomist Skills, showing how Atomist Skills are a quicker, easier, and more convenient way to automate a larger variety of development tasks.
In this article, learn how to improve your Git commit message by writing messages that can trigger commands — like a bot that can draft pull requests.
In this article, learn how to improve your Git commit message by writing messages that can trigger commands — like a bot that can draft pull requests.