Brian Kephart

@[email protected]
100 Followers
229 Following
559 Posts
I play guitar & bass. Sometimes I code.
Websitehttps://oh-neat.com
GitHubhttps://github.com/brian-kephart
Hey.cafehttps://hey.cafe/p/kepfx
Brian KephartFeb 10
It's not that I don't appreciate security researchers, but I'm really sick of security reports that boil down to "Users that have been intentionally given privileges to save code might save malicious code."
Brian KephartFeb 2
scyFeb 1
Take me down to parallax city
Where the back moves slow and the front moves quickly
Brian KephartJan 2
Back at work, now on Ruby 4.
Brian KephartDec 6
Andrew NesbittDec 6
The package manager in GitHub Actions might be the worst package manager in use today: https://nesbitt.io/2025/12/06/github-actions-package-manager.html
GitHub Actions Has a Package Manager, and It Might Be the Worst

GitHub Actions has a package manager that ignores decades of supply chain security best practices: no lockfile, no integrity verification, no transitive pinning

Andrew Nesbitt
Brian KephartNov 12
Fi 🏳️‍⚧️Nov 11

Hot take:

Discord is not a documentation platform. It is a chat platform. If your project requires connecting to a discord to obtain necessary information, then your project is undocumented.

Brian KephartNov 10
Just now, for the first time ever, I realized it’s git ref-log, not git re-flog.
Brian KephartNov 6
Every year after Halloween I go through the clearance aisle and pick up stocking stuffers for my sister’s kids.
Brian KephartNov 6
Fesshole 🧻Nov 4
I ask candidates to tell me which browser extensions they have installed. I don't care about the specific names. I just want to know that they'll install an ad blocker. No ad blocker extension, no job offer. Yes, I run the marketing team.
Show threadBrian KephartNov 6

@wandy_dev CanCanCan with Rolify. Rolify works well for assigning user roles, and then CanCanCan does the actual authorization based on those user roles.

I chose to use CanCanCan solely because it was already an indirect dependency and I didn't have any reason to install something else. That decision was made in 2016, but it's still working fine.

Brian KephartNov 6
ow ow ow ow ow