"zizmor would have caught the Ultralytics workflow vulnerability"
https://blog.yossarian.net/2024/12/06/zizmor-ultralytics-injection#tracking-the-payload
#security #cybersecurity #supplychain #cicd #githubactions
"Guide to Django Performance: Best Practices for Scaling and Optimization"
#django
"Django security releases issued: 5.1.4, 5.0.10, and 4.2.17"
https://www.djangoproject.com/weblog/2024/dec/04/security-releases/
#python #django #security
"The Day We Unveiled the Secret Rotation Illusion"
https://www.clutch.security/blog/the-day-we-unveiled-the-secret-rotation-illusion
#security #cybersecurity #infosec
"The Practical Guide to Scaling Django"
https://slimsaas.com/blog/django-scaling-performance
#python #django #web
I’m using Mise to handle most of my dev tool needs. Not just downloading and managing different versions of my tools but also automating tasks like activating Python virtual environments and installing default packages; automatically setting JAVA_HOME (Java, Kotlin, Scala, etc.), handleing all the gazillion different (and almost equally awful) JavaScript runtimes and package managers; Rust/Cargo, Go, Ruby, Swift/SPM, and more. You name it, Mise handles it well.
Thankz to Mise I’ve uninstalled about half a dozen language-specific environment management tools and trimmed my .zshrc. By far one of the most underrated dev tools I’ve come across: https://mise.jdx.dev/
interesting 🤔, I'll take a look. thanks
"Package compatibility tracker:
Python 3.13 free-threading and subinterpreters"
#python
"Apple Confirms Zero-Day Attacks Hitting macOS Systems"
https://www.securityweek.com/apple-confirms-zero-day-attacks-hitting-intel-based-macs/
#security #cybersecurity #apple
Automatically activating virtual environments"
https://mathspp.com/blog/til/automatically-activating-virtual-environments
#python
"Importing a frontend Javascript library without a build system"
https://jvns.ca/blog/2024/11/18/how-to-import-a-javascript-library/
#javascript #browsers
"I Waited 10 Billion Cycles and All I Got Was This Loading Screen"
https://blog.preyneyv.dev/doing-less-with-more
#performance #web #softwaredevelopment
"Protecting Signal Keys on Desktop"
https://cryptographycaffe.sandboxaq.com/posts/protecting-signal-desktop-keys/
I love signal, but its desktop app always seemed an inferior product when compared with the mobile app.
#signal #security #desktop #infosec
"Writing a blog on the internet"
https://sethmlarson.dev/writing-for-the-internet
Yes, go for it.
#blog #writing #web
"What I Wish Someone Told Me About Postgres"
https://challahscript.com/what_i_wish_someone_told_me_about_postgres
#databases #postgresql #sql
"Abusing Ubuntu 24.04 features for root privilege escalation"
https://snyk.io/blog/abusing-ubuntu-root-privilege-escalation/
#security #ubuntu #cybersecurity
"Opposite of Cloud Native is?"
https://mkennedy.codes/posts/opposite-of-cloud-native-is-stack-native/
#cloud #deployment #hosting #devops
Sentry: "We Just Gave $750,000 to Open Source Maintainers"
https://blog.sentry.io/we-just-gave-750-000-dollars-to-open-source-maintainers/
👏 👏 👏
#opensource #freesoftware #supplychain #foss #sustainability