ENOSUCHBLOG| blog.yossarian.net
Overview I reported a subtle race condition in Google Cloud Build’s GitHub integration that could have allowed someone to bypass maintainer review when running pull request integrations tests. Google Cloud Build is a managed CI/CD platform that integrates with third-party source code management systems like GitHub. Since CI/CD systems are essentially code execution as a service, access control becomes very important. When a Google Cloud Build customer integrates with GitHub, they can config...| Adnan Khan's Blog
GitHub automatically runs the jobs that generate Dependabot pull requests on GitHub Actions if you have GitHub Actions enabled for the repository. When Dependabot is enabled, these jobs will run by bypassing Actions policy checks and disablement at the repository or organization level.| GitHub Docs
In this post, I share how to enable testing GitHub webhooks locally using HTTPS with the self-signed ASP.NET Core developer certificate.| Steve Gordon - Code with Steve