Kind notes
If you've been hearing me talking about #DependencyManagementData and are wondering about some real world scenarios it's been useful, check out the new Case Studies section on the site π
Also looking for more examples of where it's been useful!
What's everyones' favourite resources for how to best find which column(s) to index in your database?
Been a big week for documentation with #DependencyManagementData - I've added significant docs to the database schema and GraphQL schema and have started a "Understanding the data model" cookbook
Very cool to have received my first payout from Tidelift, from a company using one of the Open Source projects that I maintain πΈ Thanks very much to whoever it was, and looking forward to the income working towards me getting some longer-term financial support to continue maintaining the projects I do π
Absolutely loving the various versions of Down Under (original) that are out at the moment, like Luude ft. Colin Hay to this super chill cover that's just popped up on my Spotify Release Radar
Fuck me, Leave the World Behind was unsettling, stressful, beautiful and captivating. Definitely recommend a watch!
Something cool newer #git versions are doing - you'll now see Reapply
instead of Revert Revert ...
in commit messages, if you're reverting a revert.
In an older version of Git (i.e. with 2.34.x) you would see:
Revert "Revert "Commit title here""
Revert "Commit title here"
Commit title here
However, in newer versions (i.e. with 2.43.x) you now see:
Reapply "Commit title here"
Revert "Commit title here"
Commit title here
Which makes it a little bit cleaner in your Git log
If you're running dependency-management-data, you'll now have an indication of which of Mitchell Hashimoto's (now unmaintained) libraries are affecting you now that this change has landed in the -contrib
project - thanks Mitchell for the hard work on them, and I'll be sure to keep the list updated as maintainers pick up ownership of other libraries!
Anyone recommend a good graphic designer or artist who'd be up for a (paid) commission to create a logo for an Open Source project of mine?
Not sure if it's my neurospiciness, but Apollo Throwdown (Star Slinger Remix) hits the right spot every time
Weird timing with [this announcement from GitHub] (https://github.blog/changelog/2023-11-22-deprecation-notice-security-advisories-in-private-repositories) as literally this week I was seeing how they worked π
It's great to see that the ever awesome EndOfLife.date now has automagically updating AWS Lambda Runtimes (via) - now I need to update endoflife-checker to use the new API, so I don't have to manage it myself π
Anyone got any tips or best practices for building #OpenPolicyAgent into your project? Had an idea to integrate it with dependency-management-data and now can't unthink it π€
Anyone know a good place to ask #sqlite or #sql questions?
I'm trying to convert rows (produced by a big query that then uses a GROUP BY advisory_type
) that produces data like:
-- the `advisory_type` can be one of multiple values, i.e. SECURITY, DEPRECATED, UNSUPPORTED
repo advisory_type total_advisories
------ ------------- ----------------
jvt.me SECURITY 10
jvt.me DEPRECATED 5
And I'm trying to convert this to:
repo total_security total_deprecated total_unmaintained
------ ------------- ---------------- ----------------
jvt.me 10 5 0
Any clue how I'd go about doing so? Happy to provide more details / some data for you to query too, but been playing around with it on and off and not really having any luck.
πΆ YES - Fox Stevenson Remix is such a bop
So after 14 hours and at least one time it's restarted from scratch, I still haven't had the new #ApexLegends season patch install π‘
Excited to have released oapi-codegen v2 π A considerable improvement on our dependency tree, reducing the overall size of dependencies by 84%
New cookbook on the #DependencyManagementData documentation site: Getting Started with SBOM data
Has anyone I know launched an Open Source project on Product Hunt before? Considering whether dependency-management-data would possibly be worth sharing there, or if its not quite polished/product-y enough?
I've just found in my notes app that I wanted to write A plea to SCA vendors
but I've not written down what that plea is so now I'm annoyed at past me assuming future me would know π
Thanks for the warm welcome at #TechMids2023 and for hearing about dependency-management-data!
Super happy to talk about it some more - today or afterwards - and hearing how you get on π
Some links you may be interested in:
Really dislike that in Android 14 I now can't disable Nearby Share and so it permanently takes up a space in the sharing intent π‘
Excited that it's only a week until my first #TechMids conference - there's a great lineup that I'm excited to be part of, and always excited to share dependency-management-data some more with the world, and learn from some excellent industry folks π€
For anyone using oapi-codegen, note that v2 is coming soon, but that it's a very minor breaking change that π€π½ shouldn't affect you at all!
Had a great time today at #DDDEastMidlands seeing friends old and new! Learned some stuff, ate some good food, indoctrinated many a person into starting blogging π€
Thanks for those who came to my talk all about #blogging at #DDDEastMidlands! My slides can be found linked to on my talks site and there's a blog post writeup for the talk, too π
It's been just over a year since I wrote Analysing our dependency trees to determine where we should send Open Source contributions for Hacktoberfest which started off my journey with dependency-management-data and I'm super happy with the path it's taken me π€
Very excited to be attending and speaking at DDD East Midlands tomorrow π Looking forward to seeing some of the local tech community, and folks from further afield!
Now on loop πΆ These Lies - Exploid
Love to get an email from #Vercel: Youβre off the waitlist for Next.js Conf 2023 and are officially registered.
despite never registering for the event. I also can't unsubscribe because (allegedly) This email contains important information about an event you registered for and cannot be unsubscribed from.
Regretting signing up for their prize giveaway at #LeadDev London, especially as this isn't the only thing I've been emailed about but can't unsubscribe from of theirs π«
Welp, all my tweets are gone, aside from retweets as I couldn't be bothered to work out how to get rid of them, and a couple of notes to say I'm offski
What have I been upto this afternoon you ask? Writing a tool with #Playwright to allow me to delete all my posts on #Twitter without using an external service. Blog post hopefully this weekend (once I've ironed out the many bugs) π
With the release + rebrand of Mend Renovate Community Edition (previously known as Renovate On Prem), I've updated my post on running it on Fly.io to take into account the new config + naming
Bit gutted to have received my official rejection from speaking at GitHub Universe, after being on the "alternate" (backup) list of speakers, but still chuffed to have made it that far! 1600+ talks proposed this year apparently π
For those who didn't make it to #DevOpsDays London, or who did and want to watch it again, my talk on dependency-management-data is now live on YouTube ππΌ
Following on from a successful conversation that was had at #DevOpsDays Chicago, there was an Open Space yesterday all about #compensation and #salary at #DevOpsDays London, which of course I was super interested in, and happy to share my own salary history as well as some of the things that companies have done over the year.
Based on one of the questions I'll (soon β’οΈ) be adding how much on-call is compensated, if not part of the salary
New on the website is an archives page if you wanted a quicker way to go back through the many posts I've written! Could do with maybe adding a little more detail + some format changes, but a good solution for now
Open Source Summit looks great, sad to be missing it! But very excited to have #DevOpsDays London this week ππ½
Taking strong inspiration from Phil Nash I've just updated my /elsewhere/ page π
TIL that I can use my fingerprint to log in with i3lock-color
π΅οΈ I thought it'd not worked before last time I looked, but similar to logging in on a TTY, I just need to enter an empty password, then I can auth via my fingerprint π
Two years ago, I posted my salary history - in an impulsive move - and I absolutely do not regret it. I know directly of some the great impact having this data has had (including leading to others sharing their own), and I'm so glad to be able to use my privilege to help others