Mastodon.green

Marco SiccardiJust got both Apple Distribution & Installer certs working in GitHub Actions CI for macOS. The only reliable way? Combine them into one .p12. Full write-up: <a href="https://msicc.net/ci-ready-macos-signing-combining-certs-for-github-actions/" rel="nofollow noopener noreferrer" target="_blank">msicc.net/ci-ready-…</a> #AppleDev #macOS #CI #GitHubActions #Notarization 👩‍💻 👨‍💻 💻

Python Rennes<a href="https://social.breizhcamp.org/tags/CI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CI</a> <a href="https://social.breizhcamp.org/tags/github" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#github</a> il est désormais possible d'utiliser des versions "free-threaded" de <a href="https://social.breizhcamp.org/tags/Python" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Python</a> (sans le global interpreter lock, qui bride la façon de faire de l'exécution concurrente) dans les <a href="https://social.breizhcamp.org/tags/githubactions" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#githubactions</a><a href="https://hugovk.dev/blog/2025/free-threaded-python-on-github-actions/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://hugovk.dev/blog/2025/free-threaded-python-on-github-actions/</a>

Python RennesNous avons tous nos bonnes pratiques lorsqu'il s'agit de créer un nouveau <a href="https://social.breizhcamp.org/tags/projet" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#projet</a> <a href="https://social.breizhcamp.org/tags/Python" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Python</a>, avec l'utilisation de patterns et d'outils éprouvés : lint avec <a href="https://social.breizhcamp.org/tags/ruff" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ruff</a> et <a href="https://social.breizhcamp.org/tags/mypy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#mypy</a>, hooks avec <a href="https://social.breizhcamp.org/tags/precommit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#precommit</a>, tests avec <a href="https://social.breizhcamp.org/tags/pytest" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#pytest</a>, intégration continue <a href="https://social.breizhcamp.org/tags/githubactions" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#githubactions</a> : <a href="https://github.com/neubig/starter-repo" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://github.com/neubig/starter-repo</a> Libre à chaque personne de faire évoluer le porojet selon ses propres goûts et contraintes.

Hugo van KemenadeGitHub Actions now supports free-threaded Python!I wrote up how to add it your workflows so you can start testing free-threaded Python 3.13 and 3.14 with either actions/setup-python or actions/setup-uv.<a href="https://hugovk.dev/blog/2025/free-threaded-python-on-github-actions/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://hugovk.dev/blog/2025/free-threaded-python-on-github-actions/</a><a href="https://mastodon.social/tags/Python" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Python</a> <a href="https://mastodon.social/tags/FreeThreaded" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#FreeThreaded</a> <a href="https://mastodon.social/tags/GitHub" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#GitHub</a> <a href="https://mastodon.social/tags/GitHubActions" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#GitHubActions</a> <a href="https://mastodon.social/tags/CI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CI</a> <a href="https://mastodon.social/tags/testing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#testing</a>

Gisela Torres :verified_paw:return(GiS); | Revisa qué módulos de Node.js no estás usando con depcheck y Github Actions | <a href="https://returngis.net/2025/03/revisa-que-modulos-de-node-js-no-estas-usando-con-depcheck-y-github-actions/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://returngis.net/2025/03/revisa-que-modulos-de-node-js-no-estas-usando-con-depcheck-y-github-actions/</a> <a href="https://hachyderm.io/tags/Nodejs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Nodejs</a> <a href="https://hachyderm.io/tags/DevOps" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DevOps</a> <a href="https://hachyderm.io/tags/DevSecOps" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DevSecOps</a> <a href="https://hachyderm.io/tags/GitHubActions" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#GitHubActions</a>

Lup Yuen Lee 李立源"If you thought <a href="https://qoto.org/tags/GitHubActions" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#GitHubActions</a> was bad, try mixing in <a href="https://qoto.org/tags/Docker" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Docker</a>"<a href="https://www.feldera.com/blog/the-pain-that-is-github-actions" rel="nofollow noopener noreferrer" target="_blank">https://www.feldera.com/blog/the-pain-that-is-github-actions</a>

The New Oil<a href="https://mastodon.thenewoil.org/tags/Coinbase" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Coinbase</a> was primary target of recent <a href="https://mastodon.thenewoil.org/tags/GitHubActions" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#GitHubActions</a> breaches<a href="https://www.bleepingcomputer.com/news/security/coinbase-was-primary-target-of-recent-github-actions-breaches/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.bleepingcomputer.com/news/security/coinbase-was-primary-target-of-recent-github-actions-breaches/</a><a href="https://mastodon.thenewoil.org/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://mastodon.thenewoil.org/tags/GitHub" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#GitHub</a> <a href="https://mastodon.thenewoil.org/tags/crypto" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#crypto</a>

LavX NewsCoinbase Targeted in GitHub Actions Supply Chain Attack: A Deep DiveA sophisticated supply chain attack has put Coinbase in the crosshairs, exploiting GitHub Actions to compromise secrets across hundreds of repositories. This article unpacks the technical details of t...<a href="https://news.lavx.hu/article/coinbase-targeted-in-github-actions-supply-chain-attack-a-deep-dive" rel="nofollow noopener noreferrer" target="_blank">https://news.lavx.hu/article/coinbase-targeted-in-github-actions-supply-chain-attack-a-deep-dive</a><a href="https://mastodon.cloud/tags/news" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#news</a> <a href="https://mastodon.cloud/tags/tech" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#tech</a> <a href="https://mastodon.cloud/tags/GitHubActions" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#GitHubActions</a> <a href="https://mastodon.cloud/tags/SupplyChainSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SupplyChainSecurity</a> <a href="https://mastodon.cloud/tags/Coinbase" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Coinbase</a>

Christoffer S.(horizon3.ai) What to know about recent Github Actions and Apache Tomcat vulnerabilities—before you investigate <a href="https://www.horizon3.ai/attack-research/attack-blogs/critical-or-clickbait-github-actions-and-apache-tomcat-rce-vulnerabilities-2025/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.horizon3.ai/attack-research/attack-blogs/critical-or-clickbait-github-actions-and-apache-tomcat-rce-vulnerabilities-2025/</a>The article from Horizon3 analyzes two recent high-profile vulnerabilities: CVE-2025-30066 affecting GitHub Actions (tj-actions/changed-files) and CVE-2025-24813 affecting Apache Tomcat. Despite widespread publicity, Horizon3.ai's Attack Team found that actual exploitation risk is significantly lower than reported. For the GitHub Actions vulnerability, only one repository among 1,200 examined was exposed, with no evidence of data exfiltration. For Apache Tomcat, analysis of over 10,000 endpoints revealed no vulnerable configurations in production environments. The article emphasizes the importance of prioritizing security responses based on actual risk rather than media hype.<a href="https://swecyb.com/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Cybersecurity</a> <a href="https://swecyb.com/tags/GithubActions" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#GithubActions</a> <a href="https://swecyb.com/tags/Github" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Github</a> <a href="https://swecyb.com/tags/Tomcat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Tomcat</a> <a href="https://swecyb.com/tags/Apache" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Apache</a> <a href="https://swecyb.com/tags/Vulnerability" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Vulnerability</a>

WinbuzzerGitHub has removed a poisoned Action used in 23,000+ repos after it exfiltrated CI secrets, prompting concerns over supply chain security<a href="https://mastodon.social/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Cybersecurity</a> <a href="https://mastodon.social/tags/Microsoft" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Microsoft</a> <a href="https://mastodon.social/tags/GitHub" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#GitHub</a> <a href="https://mastodon.social/tags/CI_CD" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CI_CD</a> <a href="https://mastodon.social/tags/DevSecOps" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DevSecOps</a> <a href="https://mastodon.social/tags/CyberThreats" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CyberThreats</a> <a href="https://mastodon.social/tags/GitHubActions" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#GitHubActions</a> <a href="https://mastodon.social/tags/Malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Malware</a> <a href="https://mastodon.social/tags/CodeSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CodeSecurity</a> <a href="https://mastodon.social/tags/tjactions" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#tjactions</a><a href="https://winbuzzer.com/2025/03/21/github-action-breach-exposes-secrets-in-hundreds-of-repositories-xcxwbn/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://winbuzzer.com/2025/03/21/github-action-breach-exposes-secrets-in-hundreds-of-repositories-xcxwbn/</a>

LavX NewsCascading Supply Chain Attack Exposes Secrets in Over 23,000 GitHub RepositoriesA recent supply chain attack has compromised critical CI/CD secrets across a staggering number of GitHub repositories, revealing vulnerabilities in widely used actions. The breach highlights the inter...<a href="https://news.lavx.hu/article/cascading-supply-chain-attack-exposes-secrets-in-over-23000-github-repositories" rel="nofollow noopener noreferrer" target="_blank">https://news.lavx.hu/article/cascading-supply-chain-attack-exposes-secrets-in-over-23000-github-repositories</a><a href="https://mastodon.cloud/tags/news" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#news</a> <a href="https://mastodon.cloud/tags/tech" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#tech</a> <a href="https://mastodon.cloud/tags/GitHubActions" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#GitHubActions</a> <a href="https://mastodon.cloud/tags/SupplyChainSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SupplyChainSecurity</a> <a href="https://mastodon.cloud/tags/CISA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CISA</a>

Lup Yuen Lee 李立源Compromised `reviewdog` <a href="https://qoto.org/tags/GitHubActions" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#GitHubActions</a> "injected Malicious Code into any CI Workflows using it, dumping the CI Runner memory containing the Workflow Secrets"<a href="https://www.wiz.io/blog/new-github-action-supply-chain-attack-reviewdog-action-setup" rel="nofollow noopener noreferrer" target="_blank">https://www.wiz.io/blog/new-github-action-supply-chain-attack-reviewdog-action-setup</a>

aegilops :github::microsoft:⚠️ Another GitHub Action was hacked ☣️, reviewdog/action-setup v1, again leaking secrets in workflow logsWiz is reporting that it was used in the hack of tj-actions/changed-files, and that other Actions under reviewdog were also affected<a href="https://www.wiz.io/blog/new-github-action-supply-chain-attack-reviewdog-action-setup" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.wiz.io/blog/new-github-action-supply-chain-attack-reviewdog-action-setup</a>It was discovered by Adnan Khan and posted on XMalicious commit: <a href="https://github.com/reviewdog/action-setup/commit/f0d342" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://github.com/reviewdog/action-setup/commit/f0d342</a>Hash: f0d342d24037bb11d26b9bd8496e0808ba32e9ec<a href="https://fosstodon.org/tags/SupplyChain" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SupplyChain</a> <a href="https://fosstodon.org/tags/GitHubActions" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#GitHubActions</a> <a href="https://fosstodon.org/tags/AppSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AppSec</a> <a href="https://fosstodon.org/tags/Malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Malware</a> <a href="https://fosstodon.org/tags/ReviewDog" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ReviewDog</a>

LavX NewsCascading Supply Chain Attack Exposes CI/CD Secrets: A GitHub Action Breach AnalysisA recent cascading supply chain attack has compromised GitHub Actions, leading to the exposure of CI/CD secrets across thousands of repositories. This incident highlights vulnerabilities in the softwa...<a href="https://news.lavx.hu/article/cascading-supply-chain-attack-exposes-ci-cd-secrets-a-github-action-breach-analysis" rel="nofollow noopener noreferrer" target="_blank">https://news.lavx.hu/article/cascading-supply-chain-attack-exposes-ci-cd-secrets-a-github-action-breach-analysis</a><a href="https://mastodon.cloud/tags/news" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#news</a> <a href="https://mastodon.cloud/tags/tech" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#tech</a> <a href="https://mastodon.cloud/tags/GitHubActions" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#GitHubActions</a> <a href="https://mastodon.cloud/tags/SupplyChainSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SupplyChainSecurity</a> <a href="https://mastodon.cloud/tags/CICDSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CICDSecurity</a>

Marco Siccardi :dotnet:I just blogged: Automating Apple Builds: A Practical Guide to GitHub Secrets<a href="https://msicc.net/automating-apple-builds-a-practical-guide-to-github-secrets/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://msicc.net/automating-apple-builds-a-practical-guide-to-github-secrets/</a><a href="https://dotnet.social/tags/ios" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ios</a> <a href="https://dotnet.social/tags/iosdev" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#iosdev</a> <a href="https://dotnet.social/tags/githubactions" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#githubactions</a> <a href="https://dotnet.social/tags/github" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#github</a> <a href="https://dotnet.social/tags/secrets" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#secrets</a> <a href="https://dotnet.social/tags/certificates" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#certificates</a> <a href="https://dotnet.social/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#security</a> <a href="https://dotnet.social/tags/cicd" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cicd</a> <a href="https://dotnet.social/tags/automation" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#automation</a> <a href="https://dotnet.social/tags/build" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#build</a> <a href="https://dotnet.social/tags/deployment" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#deployment</a>

LavX NewsWindows Server 2025 Set to Revolutionize DevOps with New Features in GitHub Actions and Azure DevOpsThe upcoming release of Windows Server 2025, scheduled for general availability on April 1, 2025, promises significant enhancements for developers using GitHub Actions and Azure DevOps. With updated s...<a href="https://news.lavx.hu/article/windows-server-2025-set-to-revolutionize-devops-with-new-features-in-github-actions-and-azure-devops" rel="nofollow noopener noreferrer" target="_blank">https://news.lavx.hu/article/windows-server-2025-set-to-revolutionize-devops-with-new-features-in-github-actions-and-azure-devops</a><a href="https://mastodon.cloud/tags/news" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#news</a> <a href="https://mastodon.cloud/tags/tech" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#tech</a> <a href="https://mastodon.cloud/tags/GitHubActions" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#GitHubActions</a> <a href="https://mastodon.cloud/tags/WindowsServer2025" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#WindowsServer2025</a> <a href="https://mastodon.cloud/tags/AzureDevOps" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AzureDevOps</a>

joschiTIL: pinact is a CLI to edit GitHub Workflow and Composite action files and pin versions of Actions and Reusable Workflows.<a href="https://github.com/suzuki-shunsuke/pinact" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://github.com/suzuki-shunsuke/pinact</a> <a href="https://hachyderm.io/tags/GitHub" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#GitHub</a> <a href="https://hachyderm.io/tags/GitHubActions" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#GitHubActions</a> <a href="https://hachyderm.io/tags/TIL" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#TIL</a>

Beth Pariseau"Another wakeup call:" A <a href="https://hachyderm.io/tags/softwaresupplychain" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#softwaresupplychain</a> attack on a widely used GitHub Actions repository renews experts' calls for better <a href="https://hachyderm.io/tags/buildpipeline" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#buildpipeline</a> security. <a href="https://hachyderm.io/tags/CICD" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CICD</a> <a href="https://hachyderm.io/tags/softwaresupplychainsecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#softwaresupplychainsecurity</a> <a href="https://hachyderm.io/tags/GitHubActions" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#GitHubActions</a> <a href="https://www.techtarget.com/searchitoperations/news/366621078/GitHub-Actions-supply-chain-attack-spotlights-CI-CD-risks" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.techtarget.com/searchitoperations/news/366621078/GitHub-Actions-supply-chain-attack-spotlights-CI-CD-risks</a>

LavX NewsGitHub Action Supply Chain Attack: A Wake-Up Call for CI/CD SecurityA recent supply chain attack on the popular 'tj-actions/changed-files' GitHub Action has exposed critical CI/CD secrets, affecting over 23,000 repositories. This incident underscores the vulnerabiliti...<a href="https://news.lavx.hu/article/github-action-supply-chain-attack-a-wake-up-call-for-ci-cd-security" rel="nofollow noopener noreferrer" target="_blank">https://news.lavx.hu/article/github-action-supply-chain-attack-a-wake-up-call-for-ci-cd-security</a><a href="https://mastodon.cloud/tags/news" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#news</a> <a href="https://mastodon.cloud/tags/tech" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#tech</a> <a href="https://mastodon.cloud/tags/GitHubActions" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#GitHubActions</a> <a href="https://mastodon.cloud/tags/CICDSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CICDSecurity</a> <a href="https://mastodon.cloud/tags/SupplyChainAttack" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SupplyChainAttack</a>

Recent searches

Search options

Administered by:

Server stats:

#githubactions