Search
464 results for “jvt”
-
Dependency Management Data can now use sql-studio for database browsing
Announcing the availability of the `sql-studio` database browser for dependency-management-data's web application.
https://fed.brid.gy/r/https://www.jvt.me/posts/2024/06/28/dmd-sql-studio/
-
Dependency Management Data's web application can now be deployed as a single static binary
Announcing dependency-management-data's embedded SQL browser interface.
https://fed.brid.gy/r/https://www.jvt.me/posts/2024/06/16/dmd-web-embedded/
-
What can we learn about the backdooring of xz/liblzma, using OpenSSF Security Scorecards and dependency-management-data?
Looking at how the recent CVE-2024-3094 vulnerability could provide insight into other cases of risk in dependencies and their lack of code review.
https://fed.brid.gy/r/https://www.jvt.me/posts/2024/03/29/xz-scorecards/
-
I'm on Changelog and Friends!
Announcing my first podcast appearance on Changelog and Friends, talking about salary history, the IndieWeb, ADHD and dependency-management-data, among other things.
https://fed.brid.gy/r/https://www.jvt.me/posts/2024/02/17/changelog-friends/
-
Quantifying your reliance on Open Source software (State of Open Con version)
A writeup of my talk about the dependency-management-data project at the State of Open Con 2024 conference.
https://fed.brid.gy/r/https://www.jvt.me/posts/2024/02/06/dmd-talk-sooc/
-
Celebrating dependency-management-data's first birthday
Reflecting on the last year of the project.
https://fed.brid.gy/r/https://www.jvt.me/posts/2024/02/02/dmd-birthday/
-
Introducing insight into your dependencies' health in dependency-management-data
How you can use the new dependency health functionality to better understand your dependencies.
https://fed.brid.gy/r/https://www.jvt.me/posts/2024/01/27/dmd-dependency-health/
-
dependency-management-data now has a logo!
Very excited to note that the project now has a logo.
https://fed.brid.gy/r/https://www.jvt.me/posts/2024/01/24/dmd-logo/
-
Manually triggering a Buildkite pipeline for a fork
How to trigger a Buildkite pipeline to run on a fork, if you have access to trigger a build.
https://fed.brid.gy/r/https://www.jvt.me/posts/2024/07/16/buildkite-trigger-fork/
-
Listing environment variables used to trigger a Buildkite pipeline
How to use Buildkite's GraphQL API to list the environment variables provided to trigger a pipeline.
https://fed.brid.gy/r/https://www.jvt.me/posts/2023/10/10/buildkite-what-env-trigger/
-
Building dynamic jobs with BuildKite
How to dynamically generate job configuration for BuildKite, while running inside a pipeline.
https://fed.brid.gy/r/https://www.jvt.me/posts/2023/09/14/buildkite-dynamic-pipelines/
-
Managing Buildkite Agent Images with Renovate
How to use Renovate to manage Buildkite Agent Images.
https://fed.brid.gy/r/https://www.jvt.me/posts/2023/08/22/renovate-buildkite-images/
-
Importing a subdirectory from one repo into another
How to import a subdirectory of a given Git repository into another one, using `git subtree`.
https://fed.brid.gy/r/https://www.jvt.me/posts/2023/10/23/import-subtree-git-repo/
-
Importing a subdirectory from one repo into another
How to import a subdirectory of a given Git repository into another one, using `git subtree`.
https://fed.brid.gy/r/https://www.jvt.me/posts/2023/10/23/import-subtree-git-repo/
-
Merging multiple repositories into a monorepo, while preserving history, using git subtree
How to merge multiple repositories, with their history, into a single repository, using the `git subtree add` command.
https://fed.brid.gy/r/https://www.jvt.me/posts/2018/06/01/git-subtree-monorepo/
-
Merging multiple repositories into a monorepo, while preserving history, using git subtree
How to merge multiple repositories, with their history, into a single repository, using the `git subtree add` command.
https://fed.brid.gy/r/https://www.jvt.me/posts/2018/06/01/git-subtree-monorepo/
-
Merging multiple repositories into a monorepo, while preserving history, using git subtree
How to merge multiple repositories, with their history, into a single repository, using the `git subtree add` command.
https://fed.brid.gy/r/https://www.jvt.me/posts/2018/06/01/git-subtree-monorepo/
-
Merging multiple repositories into a monorepo, while preserving history, using git subtree
How to merge multiple repositories, with their history, into a single repository, using the `git subtree add` command.
https://fed.brid.gy/r/https://www.jvt.me/posts/2018/06/01/git-subtree-monorepo/
-
The first 100 days as a Renovate maintainer: the shocking inside view of a popular Open Source project
Lessons learned from the first 100 days as my role as a Renovate maintainer, and a sneak peek into how the project works behind the scenes.https://fed.brid.gy/r/https://www.jvt.me/posts/2026/01/21/renovate-100-days/
-
The first 100 days as a Renovate maintainer: the shocking inside view of a popular Open Source project
Lessons learned from the first 100 days as my role as a Renovate maintainer, and a sneak peek into how the project works behind the scenes.https://fed.brid.gy/r/https://www.jvt.me/posts/2026/01/21/renovate-100-days/
-
The first 100 days as a Renovate maintainer: the shocking inside view of a popular Open Source project
Lessons learned from the first 100 days as my role as a Renovate maintainer, and a sneak peek into how the project works behind the scenes.https://fed.brid.gy/r/https://www.jvt.me/posts/2026/01/21/renovate-100-days/
-
The first 100 days as a Renovate maintainer: the shocking inside view of a popular Open Source project
Lessons learned from the first 100 days as my role as a Renovate maintainer, and a sneak peek into how the project works behind the scenes.https://fed.brid.gy/r/https://www.jvt.me/posts/2026/01/21/renovate-100-days/
-
RE: https://mastodon.social/@hugovk/116399324188897230
Starting with v8.0.0, Astral switched setup-uv to immutable releases with no floating v8 tags. This is good for security.
But unfortunately #Dependabot and #Renovate couldn't upgrade from v7 to v8.0.0, and need a manual bump to get back on track. This is not so good for security.
I posted about this on the three social networks, someone tagged @www.jvt.me and soon after Renovate now supports this! 🎉
Here's his writeup into the world of #GitHubActions tags:
https://www.jvt.me/posts/2026/04/24/github-actions-tagging/ -
https://www.europesays.com/ch/51901/ SCA ruling in favour of Glencore reshapes diesel refund landscape for joint ventures #ArmCoal #CustomsAndExciseAct #FreekVanRooyen #Glencore #GlencoreOperationsSa(pty)LtdVcsars #GoedgevondenJointVenture #HighCourt #JohanKotze #jv #JvTheJv #jvs #Minister #mprda #sars #Schedule6OfTheAct #Shepstone&WylieAttorneys #SupremeCourtOfAppeal
-
-
RE: https://mastodon.social/@hugovk/116399324188897230
Starting with v8.0.0, Astral switched setup-uv to immutable releases with no floating v8 tags. This is good for security.
But unfortunately #Dependabot and #Renovate couldn't upgrade from v7 to v8.0.0, and need a manual bump to get back on track. This is not so good for security.
I posted about this on the three social networks, someone tagged @www.jvt.me and soon after Renovate now supports this! 🎉
Here's his writeup into the world of #GitHubActions tags:
https://www.jvt.me/posts/2026/04/24/github-actions-tagging/ -
RE: https://mastodon.social/@hugovk/116399324188897230
Starting with v8.0.0, Astral switched setup-uv to immutable releases with no floating v8 tags. This is good for security.
But unfortunately #Dependabot and #Renovate couldn't upgrade from v7 to v8.0.0, and need a manual bump to get back on track. This is not so good for security.
I posted about this on the three social networks, someone tagged @www.jvt.me and soon after Renovate now supports this! 🎉
Here's his writeup into the world of #GitHubActions tags:
https://www.jvt.me/posts/2026/04/24/github-actions-tagging/ -
RE: https://mastodon.social/@hugovk/116399324188897230
Starting with v8.0.0, Astral switched setup-uv to immutable releases with no floating v8 tags. This is good for security.
But unfortunately #Dependabot and #Renovate couldn't upgrade from v7 to v8.0.0, and need a manual bump to get back on track. This is not so good for security.
I posted about this on the three social networks, someone tagged @www.jvt.me and soon after Renovate now supports this! 🎉
Here's his writeup into the world of #GitHubActions tags:
https://www.jvt.me/posts/2026/04/24/github-actions-tagging/ -
RE: https://mastodon.social/@hugovk/116399324188897230
Starting with v8.0.0, Astral switched setup-uv to immutable releases with no floating v8 tags. This is good for security.
But unfortunately #Dependabot and #Renovate couldn't upgrade from v7 to v8.0.0, and need a manual bump to get back on track. This is not so good for security.
I posted about this on the three social networks, someone tagged @www.jvt.me and soon after Renovate now supports this! 🎉
Here's his writeup into the world of #GitHubActions tags:
https://www.jvt.me/posts/2026/04/24/github-actions-tagging/ -
The first 100 days as a Renovate maintainer
https://www.jvt.me/posts/2026/01/21/renovate-100-days/
#ycombinator #renovate #open_source #mend