Mastodawn

jeffpaul Oct 12, 2023

Are your WordPress plugins GPL compatible?

A little over two months ago I spoke at WordCamp US on the topic of "[u]sing a GitHub Action to ensure your plugins are GPL compatible.” The primary concern was ensuring that WordPress plugins focus on more than just first-party code being properly licensed and expanding that to ensure that all third-party libraries (aka dependencies) are also properly licensed. So that folks don't need to continually check for that in every pull request, using a GitHub Action to help automate the process […]

https://jeffpaul.com/2023/10/are-your-wordpress-plugins-gpl-compatible/

joschi 17h ago

Do you want #OpenTelemetry support in #GitHubActions?

Since GitHub is asking for input on their GitHub Actions roadmap, maybe upvoting https://github.com/orgs/community/discussions/190621#discussioncomment-16358205 will give them a nudge to implement it. 😄

Arda Kılıçdağı 18h ago

. @zmk builds on GitHub Actions have always been uploading artifacts as "firmware.zip". It has always been utter annoying to me.

So I wrote a small GitHub Actions workflow to overcome this: It adds built firmware files to the release as separate files, just like QMK does:

https://github.com/Ardakilic/zmk-config/commit/0a04b0106389c2517413cfe9c695939bd17d5cf8

Example release:

https://github.com/Ardakilic/zmk-config/releases/tag/latest

Might be useful for you. It definitely will be for me :)

I wish this was in core ZMK thogh.

#zmk #qmk #mechanicalkeyboard #githubactions

chore: add workflow name to build GitHub Actions configuration · Ardakilic/zmk-config@0a04b01

Contribute to Ardakilic/zmk-config development by creating an account on GitHub.

GitHub

Dev_against_the_machine 2d ago

$ echo "True autonomy engineered in the shell."
$ echo "Who is ready for a revolution?"
$ echo "Lets get the Data we deserve!"

System Status:

Core: Stable / 217 Jurisdictions

Workflow: Hardening GH_PAT & ENV

Agentic Bridge: Closing the loop

Deep Dive & Support:
https://www.patreon.com/posts/insight-how-we-154120693?utm_medium=clipboard_copy&utm_source=copyLink&utm_campaign=postshare_creator&utm_content=join_link

#ArchBTW #IT #hiringgap #analsys #GitHubActions #AnarchyInTheShell #ContinuumHQ #Data#Dataengineering #DataScience#agenticworkflow #Grit #Gritlab

Your Second Favourite Carl 3d ago

I had some free time last year, so I decided to punish myself with learning some #DevOps. I decided to build my own #CI/CD pipeline to automate deploying my website.

It was a lot more work than I anticipated, but I'm getting the time back day by day. The experience also taught me the difference between good #CI/CD and #CI/CD that works.

https://carledwardlyons.ca/articles/devlogs/blank/ci-cd?ref_id=mastodon&ref_source=post

#terraform #docker #github #githubactions #bash #software #blog #devlog

Exploring CI/CD for a Modern (SvelteKit) Web Application

I'm building a new SvelteKit web app to host my weblog. To make it easier, I built a CI/CD pipeline (for the first time). During research and development, I explored containerization, IaC, testing, and observability solutions to learn how to best deliver a modern web app.

Dev_against_the_machine 4d ago

The Scraper-Base-Kit is now Private.

After reviewing the velocity of our global ingest, I’ve decided to move the base-kit to the Private Core.

The engine is too fast, the footprint too small.

This thing is like a shotgun that fires once at the world!!!!
We are not just building tools; we are guarding the data.

#ArchLinux #RootCause #IT #hiringgap #analsys #GitHubActions #AnarchyInTheShell #ContinuumHQ #Dataengineering #DataScience#agenticworkflow #SRE #Grit #Gritlab #buildInPublic

Dev_against_the_machine 4d ago

0:07! It's midnight!
The Machine is silent, but the Pipeline is Green. 🟢

What started as a day of debugging ended as a fully automated Intelligence. The Elégence Report Engine is live. 217 countries, one Grit-Score, zero human error.

T480 closing now. Tomorrow, the world gets the data it deserves.

#ArchLinux #RootCause #IT #hiringgap #analsys #GitHubActions #AnarchyInTheShell #ContinuumHQ #Dataengineering #DataScience#agenticworkflow #SRE #Grit #Gritlab #buildInPublic

Dev_against_the_machine 4d ago

System says exit 1. I say: Challenge accepted.

Debugging the engine.

No corporate cloud fluff, just raw logs, Arch Linux, and a broken pipeline that’s about to get crushed.

don't solve theoretical problems. break real ones. ✊🔥

#ArchLinux #RootCause #LUKS #GitHubActions #AnarchyInTheShell #ContinuumHQ #Dataengineering #DataScience#agenticworkflow #SRE #Grit #Gritlab

sayzard 5d ago

경고: Trivy 공격보다 심각 — GitHub 상위 50K 인기 레포를 스캔한 결과 20,265개가 유사 취약점에 노출. CI/CD 취약점 192,776건, 5.9억+ 하위 포크 영향, 별 50K 이상 레포의 68%가 취약. tj-actions는 PoC, Trivy는 확산. Vigilant Defense가 액션·glassworm 벡터를 찾는 오픈소스 스캐너 Runner Guard 공개(설치: brew). 즉시 스캔·수정 권고. (이미지 포함)

https://x.com/vigilance_one/status/2036581210663616729

#cicdsecurity #supplychainsecurity #devsecops #githubactions #opensource

Chris Nyhuis (@vigilance_one) on X

ALERT: If you thought the Trivy attack was bad, 20,265 repos on GitHub have similar vulnerabilities. We scanned the top 50K most-starred repos. 192,776 CI/CD findings. 590M+ downstream forks exposed. The most popular repos are the most vulnerable, 68% vuln rate at 50K+ stars.

X (formerly Twitter)