Java makes it surprisingly easy to manage and package complex projects using Apache Maven. One question I’m frequently asked – how does this integrate with GitHub Actions? Turns out that the answer is “surprisingly well!”
If you can code it, someone will find a way to exploit it ( accidentally or intentionally). Anytime development efforts are involved, it’s important to minimize security risks and bugs. This is also true with GitHub Actions, which allows you to script advanced automation solutions. Because of this, it’s important to understand where injection can occur and how to avoid it.
Git has some interesting behaviors built into it. For example, it makes it easy to squash a set of commits into a single commit. This creates a very simple history. But what happens if that history that you’re eliminating has a tag applied to it? Does that tag get eliminated? Does it point to the newly squashed commit? Today’s article explores what to expect in that situation … and why.
It can sometimes be challenging to understand how branches work with the process of triggering Actions workflows in GitHub. Can you have a workflow per-branch? What about child branches? Plan your strategy with confidence by learning when the Actions workflow will run.
Probot makes it simple to create GitHub Apps, but sometimes the APIs update faster than Probot does. Learn how you can implement unsupported web hooks and APIs.
BuildKit provides native support for caching layers to improve build times. In this post, we’ll explore implementing gha, inline, and registry caches with GHCR and GitHub Actions.
GitHub has a lot of options for verified domains. Have you ever wondered what they all do, when to use them, and how they help keep your brand secure? Then today’s topic is for you!
You’re working in a development container. You need access to a port on the host for a proxy SSH connection to a Git server. Sounds tough, right? Turns out it’s simple.
If you need to connect to multiple Git hosts or environments (like EMU and GHEC) with minimal effort, then SSH may provide the options you need to make it painless.
Trying to understand the options for signing Git commits? Explore the options available for cryptographic signatures and their tradeoffs in today’s post.
