Jamie Tanna | Software Engineer

Liked https://github.blog/changelog/2022-04-11-secret-scanning-detects-and-revokes-leaked-passwords .

Post details

Watched Free Guy the other day and saw an Octocat sticker! Someone on the set design team should get a promotion. Awesome movie and attention to detail, @VancityReynolds! 😻
Mark Otto (@mdo)Wed, 13 Apr 2022 18:08 +0000

Wed, 13 Apr 2022 21:55 by Jamie Tanna . #github #swag #free-guy.

Liked https://github.blog/changelog/2022-04-12-required-deployments .

Wed, 13 Apr 2022 08:49 by Jamie Tanna . #github.

Tue, 12 Apr 2022 19:30 by Jamie Tanna . #github #security.

Liked 4 ways we use GitHub Actions to build GitHub | The GitHub Blog

Post details

From automating builds and releases to taking care of large-scale regression testing, here are a few ways we use GitHub Actions to build GitHub.

Tue, 12 Apr 2022 18:21 by Jamie Tanna . #github #github-actions.

Liked https://github.blog/changelog/2022-04-06-github-action-for-dependency-review-enforcement .

Fri, 08 Apr 2022 18:19 by Jamie Tanna . #github #github-actions #security.

Post details

If you haven't signed up for the preview of the new GitHub code search you're missing out - I use it every day now, being able to execute complex searches (including regular expression matches!) against every line of code on GitHub is absurdly useful cs.github.com
Simon Willison (@simonw)Mon, 28 Mar 2022 04:51 +0000

Mon, 28 Mar 2022 16:20 by Jamie Tanna . #github.

Liked GitHub's new algorithmic feed leaves coders cold

Post details

GitHub algorithm seeks to improve discovery. Developers disagree.

Sun, 27 Mar 2022 11:14 by Jamie Tanna . #github #feed.

Post details

So here's why I bought a receipt printer: Every time one of my GitHub repos gets a new issue, I now get a physical ticket printed out on my desk 🪄
Andrew Schmelyun (@aschmelyun)Thu, 24 Mar 2022 11:44 GMT

Thu, 24 Mar 2022 19:20 by Jamie Tanna . #automation #open-source #github.

Liked GitHub explains reasons behind the past week's outages

Post details

It was MySQL, with the resource contention, in the database cluster

Thu, 24 Mar 2022 16:02 by Jamie Tanna . #github #production.

Post details

https://twitter.com/_msw_/status/1506459050594082820
I have noticed what seems like an almost generational divide in people who contribute to open source. Those who did open source before 2015, and those who think GitHub = OpenSource. 🙃
Aeva ✈ ShmooCon! ✨ (@aevavoom)Wed, 23 Mar 2022 14:58 GMT

Wed, 23 Mar 2022 19:55 by Jamie Tanna . #github #open-source.

Liked https://github.community/t/feature-request-conditional-required-checks/16761/15 .

Automagically Auditing GitHub (Actions) Security using OpenSSF Scorecards (6 mins read).

How to use the OpenSSF Scorecards GitHub Action to audit your GitHub and GitHub Actions configuration, and a breakdown of some of the issues raised by it.

Tue, 15 Mar 2022 15:03 by Jamie Tanna . #blogumentation #github #github-actions #security.

Thu, 03 Feb 2022 11:19 by Jamie Tanna . #github.

Liked https://github.com/cutenode/encites .

Wed, 02 Feb 2022 07:33 by Jamie Tanna . #github.

Liked https://github.blog/2022-01-19-reducing-security-risk-oss-actions-opensff-scorecards-v4/ .

Fri, 21 Jan 2022 13:35 by Jamie Tanna . #github.

Bookmarked https://github.blog/changelog/2022-01-14-github-actions-prevent-github-actions-from-approving-pull-requests/ .

This is great for anyone using Actions, as this was seen to be a vulnerability for getting past code review

Recommended read: GitHub Actions: Prevent GitHub Actions from approving pull requests | GitHub Changelog https://github.blog/changelog/2022-01-14-github-actions-prevent-github-actions-from-approving-pull-requests/

Fri, 14 Jan 2022 18:21 by Jamie Tanna . #github #github-actions.

Building an Automagically Updating Personal README for GitLab and GitHub (2 mins read).

Announcing the publishing of readme.jvt.me as well as automagically updating READMEs in my GitLab and GitHub profiles.

Wed, 12 Jan 2022 16:21 by Jamie Tanna . #go #github #gitlab #readme.jvt.me #microformats2.

Liked https://github.com/2016rshah/githubchart-api .

Wed, 12 Jan 2022 11:51 by Jamie Tanna . #github.

Post details

https://twitter.com/marak/status/1479200803948830724
Really need a decentralised GitHub now don't we?
Husain Bhagat (@itswhoissane)Fri, 07 Jan 2022 09:26 GMT

Sun, 09 Jan 2022 16:35 by Jamie Tanna . #github.

Post details

https://twitter.com/JoshuaKGoldberg/status/1479235187582148609
Often OSS developers make the world keep the lights on but aren't compensated for their time. Marak was struggling, asked help. Got nothing. In protest, removed his code and github suspended his account for removing something he owned the rights to.

Sam (@metruzanca)Fri, 07 Jan 2022 01:07 GMT

Sun, 09 Jan 2022 16:35 by Jamie Tanna . #github #open-source.

Liked https://sergiodxa.com/articles/github-actions-npm-publish .

Fri, 07 Jan 2022 14:18 by Jamie Tanna . #github #npm #nodejs.

Liked https://michaelzanggl.com/articles/github-actions-cd-setup/ .

Fri, 07 Jan 2022 14:17 by Jamie Tanna . #github #npm #nodejs.

Liked https://snyk.io/blog/github-actions-to-securely-publish-npm-packages/ .

Fri, 07 Jan 2022 14:12 by Jamie Tanna . #github #npm #node.

Improving Life-Work Balance on GitHub using per-Organisation Notification Settings (2 mins read).

How to set up per-organisation notification settings so your personal email doesn't get work-related notifications.

Thu, 06 Jan 2022 16:32 by Jamie Tanna . #blogumentation #github #life-work-balance.

Liked https://github.blog/changelog/2021-12-16-github-pages-using-github-actions-for-builds-and-deployments-for-public-repositories/ .

Post details

https://twitter.com/swyx/status/1474697989713059841
Pull requests predate Github though.
Gustav Wengel (@GeeWengel)Sat, 25 Dec 2021 12:47 GMT

Sat, 25 Dec 2021 13:50 by Jamie Tanna . #git #github.

Sat, 18 Dec 2021 20:38 by Jamie Tanna . #github.

Liked https://github.com/desiderati/github-action-pushover .

Tue, 07 Dec 2021 11:14 by Jamie Tanna . #github #github-actions #pushover.

Liked https://www.youtube.com/watch?v=45eiv4BhXHI&t=1s .

Mon, 06 Dec 2021 16:41 by Jamie Tanna . #github #github-actions #oidc.

It's more that a Pull Request is a GitHub specific name for something in use in Git (https://www.git-scm.com/docs/git-request-pull) for kernel development and other projects for some time

Wed, 01 Dec 2021 12:22 by Jamie Tanna . #git #github.

Liked https://github.blog/2021-11-23-secure-deployments-openid-connect-github-actions-generally-available/ .

Post details

Huh! When did that happen? Today I learned that GitHub supports light/dark mode images with within markdown. ``` ![Logo](./dark.png#gh-dark-mode-only) ![Logo](./light.png#gh-light-mode-only) ``` Video alt: Example showing a markdown image adapting to user preferences.
Stefan Judis (@stefanjudis)Tue, 30 Nov 2021 20:13 GMT

Wed, 01 Dec 2021 07:47 by Jamie Tanna . #github #dark-mode.

https://github.com/github/feedback/discussions/8149 is discussing this right now 👍🏽

Sun, 28 Nov 2021 13:20 by Jamie Tanna . #github.

Note

Has anything recently changed with the way that #GitHub archives work? Finding a tonne of #ArchLinux #AUR packages needing chnages otherwise they won't build, as they're getting 404s?

Sat, 27 Nov 2021 19:14 by Jamie Tanna . #arch-linux #aur #github.

Thu, 25 Nov 2021 12:42 by Jamie Tanna . #github #oidc.

Bookmarked https://github.blog/2021-11-15-githubs-commitment-to-npm-ecosystem-security/ .

Recommended read: GitHub's commitment to npm ecosystem security | The GitHub Blog https://github.blog/2021-11-15-githubs-commitment-to-npm-ecosystem-security/

Tue, 16 Nov 2021 09:09 by Jamie Tanna . #security #github #npm.

Post details

Not a great leading indicator when the person in charge of the hostile product decision gets promoted to lead up the whole dev division, including GitHub. One of the worst parts of devrel is when management decides to ring the register and sell off the earned developer trust.
Post details
The recent open source moves by Microsoft are interesting. On one hand, I love the power of a vocal community; on the other, I hate to see community/devrel teams left to clean up after a bonehead decision from an executive who is clearly disconnected from the reality of the work.
Brandon West (@bwest)Sun, 24 Oct 2021 15:22 +0000
Brandon West (@bwest)Wed, 03 Nov 2021 18:37 GMT

Wed, 03 Nov 2021 20:05 by Jamie Tanna . #microsoft #github.

Improving Team Efficiency By Measuring and Improving Code Review Cycle Time (9 mins read).

How measuring how long code review took as a team lead to being able to change our processes, and then deliver much more effectively.

Wed, 27 Oct 2021 22:11 by Jamie Tanna . #practices #github #code-review.

Listing Which GitHub Pull Requests are in a Project (2 mins read).

How to list the PRs inside a Project on Github, for example, via a Ruby client.

Tue, 26 Oct 2021 09:20 by Jamie Tanna . #blogumentation #github #github-projects #ruby.

Liked https://github.com/giscus/giscus .

Mon, 25 Oct 2021 15:20 by Jamie Tanna . #github.

Post details

https://twitter.com/mjasay/status/1452334102020071431
GitHub isn't Open Source, and it's acquisition by Microsoft was not proof of their commitment to Open Source as a movement. There are other things that indicate a meaningful change in respect of the movement. ASOP is an "Open Source Project" in name and software license only.

Matthew S. Wilson (msw) (@_msw_)Sun, 24 Oct 2021 18:15 +0000

Sun, 24 Oct 2021 19:28 by Jamie Tanna . #github #microsoft #open-source.

Bookmarked https://medium.com/cider-sec/bypassing-required-reviews-using-github-actions-6e1b29135cc7 .

Recommended read: Bypassing required reviews using GitHub Actions | by Omer Gil | Cider Security | Oct, 2021 | Medium https://medium.com/cider-sec/bypassing-required-reviews-using-github-actions-6e1b29135cc7

Tue, 19 Oct 2021 13:48 by Jamie Tanna . #security #github.

Bookmarked https://tech.trivago.com/2021/10/05/postmortem-removing-all-users-from-github.com/trivago/ .

Recommended read: Postmortem: Removing all users from github.com/trivago · trivago tech blog https://tech.trivago.com/2021/10/05/postmortem-removing-all-users-from-github.com/trivago/

Thu, 14 Oct 2021 19:24 by Jamie Tanna . #production #incident-management #github #azure.

Does this include breaking down unethical uses of software by organisations like ICE?

Thu, 07 Oct 2021 22:31 by Jamie Tanna . #github #ethics.

Post details

So with the recent discovery that GitHub Actions create an OIDC identity per run, it's possible to configure Vault to allow auth w/ Actions identities and subsequently use that to get access to... anything. Some cleanup required but this is very promising! (c/o @grantorchard)
Mitchell Hashimoto (@mitchellh)Mon, 20 Sep 2021 21:02 +0000

Mon, 20 Sep 2021 22:19 by Jamie Tanna . #github #oauth2 #oidc.

Bookmarked https://awsteele.com/blog/2021/09/15/aws-federation-comes-to-github-actions.html .

Recommended read: AWS federation comes to GitHub Actions | Aidan Steele’s blog (usually about AWS) https://awsteele.com/blog/2021/09/15/aws-federation-comes-to-github-actions.html

Thu, 16 Sep 2021 10:49 by Jamie Tanna . #aws #github.

Liked https://github.blog/2021-08-11-githubs-engineering-team-moved-codespaces/ .

Post details

https://twitter.com/__steele/status/1437968451717394438
Ok I blogged about it. That's how excited I am. 1. Deploy this CFN template 2. Write this GHA workflow 3. Never worry about IAM users again awsteele.com/blog/2021/09/1…
Aidan W Steele (@__steele)Wed, 15 Sep 2021 03:38 +0000

Thu, 16 Sep 2021 10:48 by Jamie Tanna . #github #aws.

Mon, 16 Aug 2021 14:06 by Jamie Tanna . #github #productivity.

Bookmarked https://www.infoq.com/articles/github-monolith-microservices/ .

Recommended read: GitHub’s Journey From Monolith to Microservices https://www.infoq.com/articles/github-monolith-microservices/

Fri, 30 Jul 2021 08:37 by Jamie Tanna . #monolith #microservices #github.