In Part 1, I shared how disabling package scripts and using dev containers saved me from Shai-Hulud. But those were just the first two layers. Here’s where things get interesting – I’ll show you how signed commits can catch unauthorized changes before they happen, and how repository protections created a final safety net. These aren’t theoretical security measures. They’re the same practical defenses I use every single day.

When the Shai-Hulud v2 supply chain attack hit last week, I watched thousands of developers scramble to check their systems. Mine? I was able to mark it as safe. This was because I’d already layered in some straightforward security practices. If you’re wondering how to protect your own development environment from these kinds of attacks, I’ll walk you through the exact configurations and tools I use every day that kept me safe.

IPv6 isn’t just coming – it’s here. If you’re managing a network or communicating with the internet, you need to understand how IPv6 affects your infrastructure and deployments. In this post, I will explore the basics of what IPv6 really means, how it works with the DevOps tools you use every day (such as GitHub, Docker containers, and Kubernetes), and how GitHub Actions Runner Controller’s latest update improves support for IPv6.