Utilising Renovate's local
platform to test more easily (4 mins read).
How to use Renovate's local
platform for validating configuration changes more easily.
Utilising Renovate's local
platform to test more easily (4 mins read).
How to use Renovate's local
platform for validating configuration changes more easily.
Don't pretty print your API's JSON response body (3 mins read).
Why pretty-printing JSON responses in your APIs is a waste of resources, and you should stop it.
Nested teams in GitHub don't give you the control you think they do (2 mins read).
Some pain points when using nested teams on GitHub.
Forcing pacman
to perform post-upgrade tasks if it's failed part way through (2 mins read).
How I ended up recovering from my Arch Linux upgrade crashing part way through the post-upgrade hooks.
How to use Dependency Management Data to discover which dependencies are participating in Hacktoberfest (3 mins read).
Detailing how you could use dependency-management-data to gain insight into which dependencies you use are participating in Hacktoberfest.
You're not mature enough to release your first version as v1 (12 mins read).
Why you should never release your first iteration of a project as your v1.0.0, but it should instead by v0.1.0.
GopherCon UK 2024 (22 mins read).
A writeup of the GopherCon UK 2024 conference.
Gotcha: SXHKD doesn't like comments (in bindings) (1 mins read).
Why your SXHKD bindings may be silently ignored
How to get the next window created set to floating in BSPWM (1 mins read).
How to tell BSPWM that the next window created should be floating.
Creating a /typography page (2 mins read).
Creating a page for viewing different types of content and how they display on my site.
I'm on Go Time! (3 mins read).
Announcing my first podcast appearance on Go Time, talking about OpenAPI, oapi-codegen
, versioning, and some fun Unpopular Opinions.
New CSS, Who Dis? (2024 edition) (3 mins read).
Announcing my new site design.
Why isn't Hugo regenerating my SCSS files? (1 mins read).
How to ensure you're using the right Hugo version to build SCSS files.
Why can't I use a comma with gcloud
? (1 mins read).
How to resolve commas being ignored when interacting with gcloud
, and how to escape them.
Using Spotless to auto-format Gradle Verification Metadata (3 mins read).
How to use Spotless to allow manual changes to the Gradle Verification Metadata to be auto-formatted as if Gradle generated it.
Common issues faced with exec
ing an executable on Linux (2 mins read).
Some common issues you may face, with esoteric error messages, and how to fix them.
You can now parse repo-level Renovate configuration with renovate-graph
(2 mins read).
Announcing a new release of renovate-graph
which now parses repo-level Renovate configuration.
Dependency Management Data's Open Policy Agent support is now a whole lot more efficient (2 mins read).
Talking about the latest release of Dependency Management Data and some refactoring that's led to better performance.
Migrating Renovate bots, while keeping existing PRs updated (2 mins read).
How to migrate between two Renovate bot accounts, in the case you want to do a 'big bang rollout'.
Manually triggering a Buildkite pipeline for a fork (1 mins read).
How to trigger a Buildkite pipeline to run on a fork, if you have access to trigger a build.
Dependency Management Data's now on Mastodon! (1 mins read).
Announcing the dependency-management-data Mastodon account for automated release announcements (and more?).
Dynamically querying EndOfLife.date data for internal packages with Open Policy Agent and Dependency Management Data (3 mins read).
How you can retrieve End-of-Life data via EndOfLife.date using Dependency Management Data's Policies functionality.
89 things I know about Git commits (7 mins read).
Some of the things I've learned over a decade of Git usage, and working on writing good commit messages.
Dependency Management Data is now a lot easier to work with when using Software Bill of Materials (3 mins read).
Announcing an improved model for interacting with SBOMs, removing the need to understand the Repo Key up-front.
One THOUSAND blog posts (3 mins read).
Celebrating a massive milestone in my blog, and a short reflection.
Reader survey: Who reads my blog? (2 mins read).
Wondering how my readers read my blog, and why.
Dependency Management Data can now use sql-studio for database browsing (1 mins read).
Announcing the availability of the sql-studio
database browser for dependency-management-data's web application.
Creating a test harness for validating Renovate regex manager rules (4 mins read).
How to set up a test harness to make it eaiser to modify scary looking regexes in your Renovate configuration.
Modifying the response body of an httputil.ReverseProxy
response (2 mins read).
How to modify the response from a httputil.ReverseProxy
before it goes back to the caller.
Performing cross-database queries with SQLite (2 mins read).
How to query multiple database files with SQLite.
Dependency Management Data's web application can now be deployed as a single static binary (2 mins read).
Announcing dependency-management-data's embedded SQL browser interface.
Using Go's database/sql
to query an arbitrary columns of unknown type(s) (3 mins read).
How you can query an unknown number of columns, of unknown types, with Go's SQL package.
My workflow for writing SQL(ite) queries (2024 edition) (4 mins read).
Writing about my recent workflow for writing, executing, and sharing SQL queries with others.
Calculating the GitHub API's sha
representation of a local file (2 mins read).
How to locally calculate the same sha
of a given file, so you can compare it against the GitHub API's representation.
Making it easier to schedule cross-timezones, with the tz
CLI (3 mins read).
Writing a command-line tool with Charm's Go libraries to compare the suitability of meetings across timezones.
Installing Google Cloud CLI components on Arch Linux (2 mins read).
How to install gcloud
components using pacman
, instead of using the officially supported method.
I'm on Cup o' Go! (2 mins read).
Announcing my appearance on Cup o' Go, talking about oapi-codegen
, OpenAPI, working on Open Source and blogging.
Responsible Disclosure: Using GitHub Search (without logging in using SSO) still allows searching (4 mins read).
Reporting on a HackerOne responsible disclosure that I found in GitHub, where you could exfiltrate data without signing in to GitHub SSO.
Creating a more sustainable model for oapi-codegen
in the future (9 mins read).
Announcing a request for sponsorship to continue to allow allocating more time to oapi-codegen
as well as to make more ambitious changes to the project.
oapi-codegen is moving to its own org (7 mins read).
Announcing oapi-codegen
's move to its own GitHub org, and a history lesson about the project.
Lessons learned self-hosting Renovate (13 mins read).
What I've learned operating Renovate as a self-hosted app on GitHub Actions, GitLab CI, and the Mend Renovate Community Edition, and some tips for getting started
Automating the syncing of files between repos with GitHub Actions (2 mins read).
Creating a GitHub Action workflow to periodically update vendored files which are out-of-sync between GitHub repos.
Querying your organisation's Renovate configuration using SQL(ite) (3 mins read).
A new tool, renovate-config-sqlite
to pull Renovate configuration into an SQLite database.
Why I recommend Renovate over any other dependency update tools (10 mins read).
Explaining why Renovate is going to be my solution to keeping up-to-date with dependencies and it's not likely to change any time soon.
What can we learn about the backdooring of xz
/liblzma
, using OpenSSF Security Scorecards and dependency-management-data? (6 mins read).
Looking at how the recent CVE-2024-3094 vulnerability could provide insight into other cases of risk in dependencies and their lack of code review.
What routes is my http.ServeMux
listening for? (2 mins read).
How to fairly quickly list the routes that your http.ServeMux
is handling, pre- and post-Go 1.22.
Why is Go 1.22's enhanced routing not working for me? (2 mins read).
Why you may be receiving 404 page not found
errors when using Go's new enhanced routing in Go 1.22.
Job titles are bullshit (6 mins read).
When is a Senior Engineer not a Senior Engineer, no standardisation across the industry, and other reasons job titles are frustrating.
I'm on Changelog and Friends! (2 mins read).
Announcing my first podcast appearance on Changelog and Friends, talking about salary history, the IndieWeb, ADHD and dependency-management-data, among other things.
You should listen to The Changelog (5 mins read).
Why you should really be adding The Changelog (and its network of podcasts) to your rotation of tech podcasts.
You're currently viewing page 1 of 16, of 768 posts.