@phildini In the past I've used GitHub Actions to sync labels from a file to a repo:
https://github.com/termcolor/termcolor/blob/main/.github/labels.yml
https://github.com/termcolor/termcolor/blob/main/.github/workflows/labels.yml
But I expect it's much easier via a `gh` command now.
#GitHub #GitHubActions #ghCLI
Runners autohospedados GitHub Actions: ¿conviene en 2026?
¿Cuánto ahorrás con runners autohospedados GitHub Actions? Con 100k minutos/mes el ahorro es USD 130/mes. Calculá si te conviene migrar en 2026.
https://donweb.news/runners-autohospedados-github-actions-costo-control/
#githubactions #cicd #devops #selfhostedrunners #automatización
Ho un blog di divulgazione scientifica. Mi piace scrivere, ma odio monitorare.
Per questo motivo ho costruito una pipeline di SEO auditing automatica per il mio blog Jekyll con #LighthouseCI, #PageSpeedInsights, #HermesForge, microformati e ottimizzazione per AI, tutto orchestrato con GitHub Actions, tutti strumenti gratuiti o opensource. CICD alla riscossa! Meno stress, più scrittura!
#SEO #DevOps #GitHubActions #CICD
https://gabrielebaldassarre.com/devops/seo-automatico-jekyll/
Mado: Fast Markdown linter written in Rust
Mado는 Rust로 작성된 고속 마크다운 린터로, CommonMark와 GitHub Flavored Markdown(GFM)을 지원합니다. 기존 마크다운 린터 대비 약 49~60배 빠른 성능을 보이며, macOS, Linux, Windows 등 다양한 플랫폼에서 설치할 수 있습니다. 대부분의 markdownlint 규칙을 지원하며, GitHub Actions와도 호환되어 CI/CD 파이프라인에 쉽게 통합 가능합니다. 구성은 mado.toml 파일을 통해 가능하며, 벤치마크와 퍼징 테스트도 지원합니다.
Claude changes headless usage from June 15
2026년 6월 15일부터 유료 Claude 플랜 사용자는 Claude Agent SDK, claude -p, Claude Code GitHub Actions 및 Agent SDK 기반 서드파티 앱의 프로그래매틱 사용에 대해 전용 월간 크레딧을 받을 수 있습니다. 이는 개발자가 Claude 에이전트를 프로그램 방식으로 활용할 때 비용 부담을 줄여주는 정책 변경입니다. AI 에이전트 개발 및 통합에 직접적인 영향을 미치는 중요한 업데이트입니다.
https://twitter.com/ClaudeDevs/status/2054610152817619388
#claude #agentsdk #programmaticusage #aiagent #githubactions
"CVE-2026-45793: Anatomy of a 14-Hour PHP Supply-Chain Near-Miss"
https://github.com/graycoreio/github-actions-magento2/discussions/261
Yesterday, the PHP community barely avoided an absolute disaster - a supply-chain vulnerability on the scale of a nuclear meltdown. In my opinion, this had the potential to be one of the most sever...
El costo real de los flaky tests en GitHub Actions
¿Cuánto te cuestan las pruebas flaky en GitHub Actions? Un análisis de 10,000 runs reales reveló USD 37,50 por ocurrencia y 30% de reruns desperdiciados...
https://donweb.news/pruebas-flaky-github-actions-costo-real/
🚨 #Composer 2.9.8 & 2.2.28 are out with an urgent security fix: #GitHub Actions GITHUB_TOKEN and GitHub App installation tokens were being leaked in plain text to CI job logs. If you run #Composer in #GitHubActions — update immediately.
🔍 Root cause: Composer validates GitHub tokens against an allowed character set. When a token fails validation, the full token value was interpolated directly into the exception message — exposed on stderr and captured in CI logs.
▪ Also patched in legacy Composer 1.10.28 (upgrade to 2.x still recommended)
🚑 Immediate actions:
1️⃣ Run composer.phar self-update NOW
2️⃣ Can't update? Disable #GitHubActions workflows running Composer
3️⃣ Review CI logs for leaked tokens
4️⃣ Delete any log contents containing raw token values before they expire
📦 #Packagist.org is unaffected — no GitHub App involved. #PrivatePackagist applied the fix and audited logs: no tokens were exposed. Self-hosted PP is also unaffected.
Hugo van Kemenade
Donweb Media
The 16bit Robot - GabrioB
sayzard
graste
michabbb
N-gated Hacker News