Collaborate Disseminate
This is a question for feedback, to find if the problem has a widespread impact.
Situation:
When using GitLab CI with the docker-executor, the ‘git clone’ of the repository in use is done with umask 0000,
This effectively makes all cloned … Continue reading Is everybody aware that GitLab CI+docker-executor produces world-writable files?
Etckeeper is great, but it’s not clear from the docs, how to check out a commit or a branch directly in /etc in a secure way. The issue is when you do a check out, git doesn’t care about metadata and permissions, and you have to restore th… Continue reading etckeeper: check out in a safe way?
The essential database course bundle for professionals looking to advance their skills has over 22 hours of instruction and is on sale for just $24.99. Continue reading Excel in Your Job with Database Expertise
While version control used to be reserved for big corporate projects, it is very mainstream these days. You can attribute much of that to Git, the software that has nearly …read more Continue reading Get Thee to Git
I’m trying to meet a requirement where devs can log in to a server, launch, and test code without having the ability to pull (or access any ssh keys)code from the repository.
I don’t want to grant them access to push or pull from Git.
Curr… Continue reading How can I keep git ssh keys from developers in server
Is there any tools to scan and/or sanitize .stl files?
I maintain a security-critical GitHub repo. A contributor recently created a PR that includes changes to .md, .scad, and .stl files.
The changes to the markdown and OpenSCAD files can … Continue reading How to scan and sanitize STL files?
I’ve recently downloaded and installed Git Bash for Windows https://git-scm.com/downloads, my primary goal is to use it for pushing code to GitHub. I already connect Gitbash with Github in browser login, and it worked pretty fine to push a… Continue reading Is Git Bash Safe to Use on Windows?
How do I grant appropriately-scoped permission for an automated process (like Renovate Bot) to propose new Pull Requests to a group of source code repositories hosted in Atlassian Bitbucket (which is a competitor to GitHub)?
Continue reading How to grant permission to open PRs on Bitbucket?
During its Build 2024 keynote, Microsoft revealed several updates to the Windows 11 developer experience spanning Dev Home, Dev Drive, WSL, and more.
The post Build 2024: Microsoft to Update the Windows 11 Developer Experience appeared first on Thurrot… Continue reading Build 2024: Microsoft to Update the Windows 11 Developer Experience
New versions of Git are out, with fixes for five vulnerabilities, the most critical (CVE-2024-32002) of which can be used by attackers to remotely execute code during a “clone” operation. About Git Git is a widely-popular distributed versio… Continue reading Critical Git vulnerability allows RCE when cloning repositories with submodules (CVE-2024-32002)