Musings of a Trust Architect: Architecting Trust in ...
When can you trust a software release? How do you know that a software repo is safe, that it represents the intent of its creators? On the 20th annivers...| Life With Alacrity
When can you trust a software release? How do you know that a software repo is safe, that it represents the intent of its creators? On the 20th annivers...| Life With Alacrity
I started this post by writing that this was going to be a| srazkvt.codeberg.page
When can you trust a software release? How do you know that a software repo is safe, that it represents the intent of its creators? On the 20th anniversary of Git, these questions are more important than ever. Obviously, Git lays the foundation for trust in software releases with its ability to sign commits, but the trust of the system is unfortunately shallow. Untrusted content can be merged into a trusted repo, commit histories can be rewritten, and trust can’t be reliably extended into t...| Blockchain Commons
GitLab product documentation.| docs.gitlab.com
At least not before reading this!| Lucas Seiki Oshiro
Managing so-called “dotfiles” (config files starting with a . in your home directory) in git is a fairly common practice. There are many write-ups on this topic already, but I wanted to share my own workflow as well as some potentially useful tips and tricks.| gpanders.com
Update: This post received quite a lot of healthy discussion on Hacker News. You can follow that conversation here: https://news.ycombinator.com/item?id=18119570| Jackson Gabbard's Blog
Authors: Chris Short, Frederico Muñoz In my work in the Kubernetes world, I look up a label or Prow command often. The systems behind the scenes (Prow and Tide) are here to help Kubernetes Contributors get stuff done. Labeling which SIG, WG, or subproject is as important as the issue or PR having someone assigned. To quote the docs, “Tide is a Prow component for managing a pool of GitHub PRs that match a given set of criteria.| www.kubernetes.dev
Meta and Google have been using stacking for closer to a decade: a coding workflow that is very efficient for small PRs. So what is stacking, and how come it’s not more widespread in the industry?| newsletter.pragmaticengineer.com
Some tips on what not to do while using git| financeit.tech
This document is an overview of the GitHub workflow used by the Kubernetes project. It includes tips and suggestions on keeping your local environment in sync with upstream and how to maintain good commit hygiene.| www.kubernetes.dev
Sensitive data can be removed from the history of a repository if you can carefully coordinate with everyone who has cloned it and you are willing to manage the side effects.| GitHub Docs
