Mastodon - 2024-05-31T05:17:30Z

Mastodon

“We learned that 32% of the actions in the top starred list were, in fact, unpinnable. This discovery implies that if you pin actions used by your workflows, there’s a high chance the pinning doesn’t provide the protection you think it does. Attackers could still have inroads to run malicious code in your pipeline.”

paloaltonetworks.com/blog/pris

Mastodon Source 🐘

“Why three webs?

* The web of names is convenient and easy to use
* The web of UUIDs allows us to track content that changes with time
* The web of hashes (SHA1) allows total precision in managing content”

joearms.github.io/published/20

Mastodon Source 🐘

“The biggest problem we have is we've conflated two things. We've said the idea that I attach to this thing that lasts over time is the thing that lasts over time.”

flyingmachinestudios.com/progr

Mastodon Source 🐘