Search
464 results for “jvt”
-
Using Spotless to auto-format Gradle Verification Metadata
How to use Spotless to allow manual changes to the Gradle Verification Metadata to be auto-formatted as if Gradle generated it.
https://fed.brid.gy/r/https://www.jvt.me/posts/2024/07/31/spotless-gradle-verification/
-
You can now parse repo-level Renovate configuration with renovate-graph
Announcing a new release of `renovate-graph` which now parses repo-level Renovate configuration.
https://fed.brid.gy/r/https://www.jvt.me/posts/2024/07/28/renovate-graph-repo-config/
-
Dependency Management Data's Open Policy Agent support is now a whole lot more efficient
Talking about the latest release of Dependency Management Data and some refactoring that's led to better performance.
https://fed.brid.gy/r/https://www.jvt.me/posts/2024/07/27/dmd-opa-perf/
-
Manually triggering a Buildkite pipeline for a fork
How to trigger a Buildkite pipeline to run on a fork, if you have access to trigger a build.
https://fed.brid.gy/r/https://www.jvt.me/posts/2024/07/16/buildkite-trigger-fork/
-
Dependency Management Data's now on Mastodon!
Announcing the dependency-management-data Mastodon account for automated release announcements (and more?).
https://fed.brid.gy/r/https://www.jvt.me/posts/2024/07/14/dmd-mastodon/
-
Dynamically querying EndOfLife.date data for internal packages with Open Policy Agent and Dependency Management Data
How you can retrieve End-of-Life data via EndOfLife.date using Dependency Management Data's Policies functionality.
https://fed.brid.gy/r/https://www.jvt.me/posts/2024/07/14/dmd-opa-eol/
-
Dependency Management Data is now a lot easier to work with when using Software Bill of Materials
Announcing an improved model for interacting with SBOMs, removing the need to understand the Repo Key up-front.
https://fed.brid.gy/r/https://www.jvt.me/posts/2024/07/09/dmd-sbom/
-
Dependency Management Data can now use sql-studio for database browsing
Announcing the availability of the `sql-studio` database browser for dependency-management-data's web application.
https://fed.brid.gy/r/https://www.jvt.me/posts/2024/06/28/dmd-sql-studio/
-
Dependency Management Data's web application can now be deployed as a single static binary
Announcing dependency-management-data's embedded SQL browser interface.
https://fed.brid.gy/r/https://www.jvt.me/posts/2024/06/16/dmd-web-embedded/
-
What can we learn about the backdooring of xz/liblzma, using OpenSSF Security Scorecards and dependency-management-data?
Looking at how the recent CVE-2024-3094 vulnerability could provide insight into other cases of risk in dependencies and their lack of code review.
https://fed.brid.gy/r/https://www.jvt.me/posts/2024/03/29/xz-scorecards/
-
I'm on Changelog and Friends!
Announcing my first podcast appearance on Changelog and Friends, talking about salary history, the IndieWeb, ADHD and dependency-management-data, among other things.
https://fed.brid.gy/r/https://www.jvt.me/posts/2024/02/17/changelog-friends/
-
Quantifying your reliance on Open Source software (State of Open Con version)
A writeup of my talk about the dependency-management-data project at the State of Open Con 2024 conference.
https://fed.brid.gy/r/https://www.jvt.me/posts/2024/02/06/dmd-talk-sooc/
-
Celebrating dependency-management-data's first birthday
Reflecting on the last year of the project.
https://fed.brid.gy/r/https://www.jvt.me/posts/2024/02/02/dmd-birthday/
-
Introducing insight into your dependencies' health in dependency-management-data
How you can use the new dependency health functionality to better understand your dependencies.
https://fed.brid.gy/r/https://www.jvt.me/posts/2024/01/27/dmd-dependency-health/
-
dependency-management-data now has a logo!
Very excited to note that the project now has a logo.
https://fed.brid.gy/r/https://www.jvt.me/posts/2024/01/24/dmd-logo/
-
You can now use Open Policy Agent with dependency-management-data
How to use Open Policy Agent to perform much more effective flagging of package compliance with dependency-management-data.
https://fed.brid.gy/r/https://www.jvt.me/posts/2023/11/24/dmd-opa/
-
Importing a subdirectory from one repo into another
How to import a subdirectory of a given Git repository into another one, using `git subtree`.
https://fed.brid.gy/r/https://www.jvt.me/posts/2023/10/23/import-subtree-git-repo/
-
Importing a subdirectory from one repo into another
How to import a subdirectory of a given Git repository into another one, using `git subtree`.
https://fed.brid.gy/r/https://www.jvt.me/posts/2023/10/23/import-subtree-git-repo/
-
Importing a subdirectory from one repo into another
How to import a subdirectory of a given Git repository into another one, using `git subtree`.
https://fed.brid.gy/r/https://www.jvt.me/posts/2023/10/23/import-subtree-git-repo/
-
Plea to Software Composition Analysis (SCA) providers and Software Bill of Materials (SBOMs) producers: give us more data!
Why I think dependency scanning tooling should be providing as much data as possible about scanned projects, to allow other tooling to make better inferences about the data.
https://fed.brid.gy/r/https://www.jvt.me/posts/2023/10/22/plea-sca-sbom-data/
-
Listing environment variables used to trigger a Buildkite pipeline
How to use Buildkite's GraphQL API to list the environment variables provided to trigger a pipeline.
https://fed.brid.gy/r/https://www.jvt.me/posts/2023/10/10/buildkite-what-env-trigger/
-
Building dynamic jobs with BuildKite
How to dynamically generate job configuration for BuildKite, while running inside a pipeline.
https://fed.brid.gy/r/https://www.jvt.me/posts/2023/09/14/buildkite-dynamic-pipelines/
-
Managing Buildkite Agent Images with Renovate
How to use Renovate to manage Buildkite Agent Images.
https://fed.brid.gy/r/https://www.jvt.me/posts/2023/08/22/renovate-buildkite-images/
-
LeadDev London 2023
A writeup of LeadDev London 2023 conference.
https://fed.brid.gy/r/https://www.jvt.me/posts/2023/07/17/lead-dev-2023/
-
Describing JSON Patch operations with OpenAPI
How to describe your JSON Patch endpoints using OpenAPI.
https://fed.brid.gy/r/https://www.jvt.me/posts/2022/05/29/openapi-json-patch/
-
Improving Life-Work Balance on GitHub using per-Organisation Notification Settings
How to set up per-organisation notification settings so your personal email doesn't get work-related notifications.https://fed.brid.gy/r/https://www.jvt.me/posts/2022/01/06/github-org-notifications/
-
New Push Notification: Suspicious Transactions
A concerning experience with fraudulent transactions on my Monzo account.https://fed.brid.gy/r/https://www.jvt.me/posts/2019/11/09/suspicious-transactions/
-
Test-Driven Chef Cookbook Development Using ChefSpec (and a sprinkling of InSpec)
Using the example of deploying and running a Java JAR file as a way to show the lifecycle of a fully test-driven Chef cookbook.
https://fed.brid.gy/r/https://www.jvt.me/posts/2018/09/04/tdd-chef-cookbooks-chefspec-inspec/
-
Test-Driven Chef Cookbook Development Using ChefSpec (and a sprinkling of InSpec)
Using the example of deploying and running a Java JAR file as a way to show the lifecycle of a fully test-driven Chef cookbook.
https://fed.brid.gy/r/https://www.jvt.me/posts/2018/09/04/tdd-chef-cookbooks-chefspec-inspec/
-
Test-Driven Chef Cookbook Development Using ChefSpec (and a sprinkling of InSpec)
Using the example of deploying and running a Java JAR file as a way to show the lifecycle of a fully test-driven Chef cookbook.
https://fed.brid.gy/r/https://www.jvt.me/posts/2018/09/04/tdd-chef-cookbooks-chefspec-inspec/