You can now interact with dependency-management-data using GraphQL (2 mins read).
Announcing the release of the GraphQL API for dependency-management-data.
You can now use Open Policy Agent with dependency-management-data (2 mins read).
How to use Open Policy Agent to perform much more effective flagging of package compliance with dependency-management-data.
by 
Jamie Tanna
.
#dependency-management-data
#open-policy-agent.
Introducing snyk-export-sbom to export SPDX and CycloneDX SBOM from Snyk (2 mins read).
Creating a new command-line tool for more easily retrieving Software Bill of Materials (SBOMs) from Snyk, as well as adding licensing information to SBOMs.
by Jamie Tanna
.
#sbom
#snyk.
Using dependency-management-data with npm's SPDX and CycloneDX SBOM export functionality (1 mins read).
How to get started with npm's SBOM export functionality with dependency-management-data.
Introducing renovate-to-sbom to convert Renovate data to Software Bill of Materials (SBOMs) (1 mins read).
Creating a new command-line tool for converting Renovate data exports to Software Bill of Materials (SBOMs).
by Jamie Tanna
.
#dependency-management-data
#renovate
#sbom.
dependency-management-data now supports OSS Review Toolkit (ORT) (1 mins read).
How to use data from OSS Review Toolkit (ORT) with dependency-management-data.
Getting Go modules to work with nested GitLab groups (3 mins read).
How to get Go modules to work with nested groups in GitLab for public or private repos.
by Jamie Tanna
.
#blogumentation
#go
#gitlab.
Performing a v2 release of a Go module (1 mins read).
How to prepare your Go module for its first breaking change release.
by Jamie Tanna
.
#blogumentation
#go.
Building resilient, runnable command-line demos with Asciinema and demo (3 mins read).
How to use the demo library alongside Asciinema to make it easier to build and maintain demos for your command-line tools.
Importing a subdirectory from one repo into another (1 mins read).
How to import a subdirectory of a given Git repository into another one, using git subtree.
by Jamie Tanna
.
#blogumentation
#git
#git-subtree
#command-line.
How we reduced oapi-codegen's dependency overhead by ~84% (6 mins read).
An example of how to reduce the size of a Go module's dependencies by taking advanage of Go module pruning.
by Jamie Tanna
.
#blogumentation
#go.
Plea to Software Composition Analysis (SCA) providers and Software Bill of Materials (SBOMs) producers: give us more data! (2 mins read).
Why I think dependency scanning tooling should be providing as much data as possible about scanned projects, to allow other tooling to make better inferences about the data.
by Jamie Tanna
.
#sbom
#dependency-management-data
#persuasive.
Which version of Go was used to compile this binary? (2 mins read).
How to use a few means to work out what version of Go a given binary was compiled with.
by Jamie Tanna
.
#blogumentation
#go.
Utilising Renovate's local platform to make renovate-graph more efficient (2 mins read).
How using the local platform with renovate-graph can increase the performance of dependency extraction.
by Jamie Tanna
.
#blogumentation
#renovate
#dependency-management-data.
Gotcha: Using vCluster on Elastic Kubernetes Service requires a Container Storage Interface driver (2 mins read).
How to avoid PersistentVolumeClaims getting stuck in a Pending state with vCluster and EKS when you've not set up the cluster with a Container Storage Interface driver for Elastic Block Store.
Listing environment variables used to trigger a Buildkite pipeline (1 mins read).
How to use Buildkite's GraphQL API to list the environment variables provided to trigger a pipeline.
Publishing My On-Call Compensation History (1 mins read).
Publishing a page detailing the on-call compensation I've received over the years.
by Jamie Tanna
.
#job
#on-call
#devopsdays.
Why should you blog? (12 mins read).
A writeup of my talk at DDD East Midlands around why you should start blogging.
Solving /usr/lib/Xorg.wrap: Only console users are allowed to run the X server errors with tmux over SSH (1 mins read).
How to avoid Xorg errors when connecting to a Linux machine over SSH that tries to spawn startx.
This talk should also be a blog post (3 mins read).
How you can improve your public speaking by also writing blog posts for your talks.
How blogging has affected me, as a neurodiverse person (5 mins read).
How I've used blogging to help with my ADHD.
Introducing tweetus-deletus 🐦🪄💀 - a tool to automate deleting your tweets, through the browser (3 mins read).
Announcing the release of tweetus-deletus, a tool to delete all your tweets, driven through the browser with Playwright.
Reusing a browser session with Playwright (1 mins read).
How to re-use your existing browser sessions with Playwright.
Using dependency-management-data with GitLab's Pipeline-specific CycloneDX SBOM exports (1 mins read).
How to take advantage of SBOM export functionality in GitLab 16.4 with dependency-management-data.
Gotchas with pointing Go modules to a fork, when building an installable module (3 mins read).
A gotcha around how to pin a Go module to a fork, if you're building a module that should be go installable.
by Jamie Tanna
.
#blogumentation
#go.
Building dynamic jobs with BuildKite (2 mins read).
How to dynamically generate job configuration for BuildKite, while running inside a pipeline.
Setting up a matrix for GitHub Actions with Go's go.mod and specific versions (2 mins read).
How to use a Go setup matrix in GitHub Actions that can target the go.mod version and arbitrary other version(s).
dependency-management-data now supports Software Bill of Materials (SBOMs) and has better Dependabot support (2 mins read).
Announcing improved support for Dependabot and support for Software Bill of Materials (SBOMs).
Prefer using the GitHub Software Bill of Materials (SBOMs) API over the Dependency Graph GraphQL API (2 mins read).
Why you should use GitHub's Software Bill of Materials API instead of the Dependency Graph GraphQL API.
Setting up your Maven settings.xml to release a Jenkins plugin (1 mins read).
How to set up your crdentials to release a Jenkins plugin via Maven.
Removing ANSI escape codes in Vim (1 mins read).
How to remove ANSI escape codes in (Neo)Vim.
Creating global middleware for net/http servers in Go (1 mins read).
How to wrap net/http servers in Go with middleware(s) on every request.
by Jamie Tanna
.
#blogumentation
#go.
What Go versions are my modules and dependencies targeting? (1 mins read).
Without using go mod vendor, how you can look at the version of Go that each of your modules and dependencies target.
by Jamie Tanna
.
#blogumentation
#go.
Why is Go trying to upgrade my go.mod to Go 1.21? (1 mins read).
Why you may be seeing Go trying to upgrade the Go version in your go.mod to Go 1.21.
by Jamie Tanna
.
#blogumentation
#go.
Creating a Zoho Mail alias using the API (2 mins read).
How to use the Zoho Mail API to add an alias to your account.
by Jamie Tanna
.
#blogumentation
#zoho.
Setting up Mend Renovate Community Edition for GitLab.com on Fly.io (2 mins read).
How to set up Mend Renovate Community Edition on Fly.io, when integrating with GitLab.com.
Custom Advisories: the unsung hero of dependency-management-data (2 mins read).
How to use custom advisories with dependency-management-data to track packages that your organisation may not want to use.
Turning on Caps Lock when the Caps Lock key is bound to a different key (1 mins read).
How to trigger a Caps Lock event when you've rebound the key to a differnet key.
Setting up real-time Slack notifications for GitHub (1 mins read).
How to get Slack's real-time notifications integrated with GitHub.
Managing Buildkite Agent Images with Renovate (1 mins read).
How to use Renovate to manage Buildkite Agent Images.
Running commands against every module in a Go multi-module project (1 mins read).
How to run commands like go test when using a multi-module Go project.
by Jamie Tanna
.
#blogumentation
#go.
Resolving Timeouts when generating entropy when generating a new GPG key (1 mins read).
How I resolved an issue with a Timeout error when generating a new GPG key.
by Jamie Tanna
.
#blogumentation
#gpg.
Resolving black screen display with SDDM and NVIDIA GPUs (1 mins read).
How I resolved an issue with a black screen displaying when SDDM is used with an NVIDIA driver.
by Jamie Tanna
.
#blogumentation
#linux.
Analysing GitHub Pull Request review times with SQLite and Go (3 mins read).
How measuring how long code review took as a team lead to being able to change our processes, and then deliver much more effectively.
by Jamie Tanna
.
#blogumentation
#sqlite
#go.
Getting started with Dependency Management Data (4 mins read).
How you can get started using Dependency Management Data in 3 commands.
Quantifying your reliance on Open Source software (24 mins read).
A writeup of my talk at DevOpsNotts, about the dependency-management-data project and how to use it to understand your internal and external dependencies.
by Jamie Tanna
.
#dependency-management-data
#public-speaking
#devops-notts
#open-source
#free-software.
LeadDev London 2023 (59 mins read).
A writeup of LeadDev London 2023 conference.
by Jamie Tanna
.
#lead-dev
#lead-dev-london
#events
#leadership
#management
#agile
#on-call.
Merging a branch in GitHub - the hard way (4 mins read).
How to (kinda) merge two branches in GitHub using the underlying Git database API.
Validating Renovate configuration changes before merging (2 mins read).
How to perform a dry run to validate your Renovate config before it's merged.
Introducing dmd-web, a web frontend for Dependency Management Data (DMD) (2 mins read).
Introducing a web frontend for the dependency-management-data project, to provide a better, centralised interface for interacting with the data.
by Jamie Tanna
.
#dependency-management-data
#announcement
#go.
You're currently viewing page 1 of 15, of 707 posts.