GitHub Create GitHub issue hierarchy using the API The newly introduced GitHub Issues updates have added support for issue types as well as parent-child hierarchies. Unfortunately, the GitHub CLI hasn't yet been updated to support setting up this tree structure.
Visual Studio Code Running Model Context protocol servers in a specific Node version inside Visual Studio Code As you might know, I maintain a few Azure Pipelines extensions, for backwards compatibility many of these include Typescript targeting Node 16 still. Today I was playing around with Model Context Protocol (MCP) servers in Visual Studio Code Insiders and ran into an issue where the current active Node version
GitHub Featured (repost) Protect the repository hosting your GitHub Action This post, now 2 years old, is still very valid, especially in light of the changed-files hack recently.
GitHub GitHub's new Billing - Assigning Cost Centers in Bulk I've recently set up the internal cost centers to split our GitHub enterprise bill according to cost centers defined in GitHub. Cost Centers are part of GitHub's new Billing experience which is currently rolling out to GitHub Enterprise customers and which is also coming to GitHub for Teams.
github copilot Use inline completions for more answers with GitHub Copilot Free 2 months ago, GitHub gave everybody their taste of GitHub Copilot with the limited free tier. You get 2000 completions and 50 chats. This is awesome! But 50 chats aren't that many. Did you know you can use your completions for simple chat answers as well? And this
GitHub Troubleshooting GitHub Copilot keyboard shortcuts in Jetbrains IDEs Over the past months I've delivered 100s of GitHub Copilot workshops. Ranging from 2 hour introduction talks, where I quickly walk through the main features of the product, up to day-long workshops with interactive hands-on. For most people it's pretty easy to get started. In Visual
GitHub Scan all workflow artifacts for leaked secrets In response to: Major GitHub repos leak access tokens putting code and clouds at riskBuild artifacts generated by GitHub Actions often contain access tokens that can be abused by attackers to push malicious code into projects or compromise cloud infrastructure.CSO OnlineLucian Constantin I've created a quick powershell
GitHub Looking back on the Global DevOps Experience It's been a few weeks since the Global DevOps Experience 2024 finished, but it's a lot longer since we all started back in March.
git Featured The use or uselessness of signed commits Each commit you make stores the name and email address you've configured in your git config. But Git doesn't verify whether that's you. You can easily make a commit that uses the email of any famous coder out there in the world, and your Git repo will accept that.
Scrum Don't get lost in your plans Today I got a call from a customer who is trying to understand what's going on in their teams and is getting lost among the many different Features and Product Backlog Items on their boards.
GitHub Restrict GitHub branches to specific prefixes Many people follow some kind of naming format for their branches. Be it because they're using GitHub Flow or Git Flow or because they've created their own meaningful naming patterns.
Azure Pipelines Recommendations for using Azure CLI in your workflow Azure CLI is widely used in GitHub Actions and Azure Pipelines, as well as many other CI/CD tools. Over the last few weeks, I've been looking into its performance and security and based on that here are a number of recommendations.
Ghost Allow people to find you on Mastadon from your Ghost Pro domain I wanted people to be able to find me on my me@jessehouwing.net email address without having to know the instance of Mastodon I'm on. And found it not to be too hard.
GitHub Accessing (private) GitHub resources from a Codespace If you want to access packages or repositories from another organization though, you're out of luck. Even though you can request access to repositories outside of your organization or account, GitHub won't grant you that access when the Codespace starts.
GitHub Featured Investigating az-cli performance on the hosted Azure Pipelines and GitHub Runners I've been building a few more workflows and pipelines over the past few days and had been experimenting with the az-cli. And I've been running into all kinds of performance issues.
Azure Pipelines VSBuild task fails on self-hosted Azure Pipelines Agent Today I got this baffling error while trying to run one of the few pipelines I own that requires a self-hosted agent. 2023-09-18T13:24:55.1897667Z ##[section]Starting: VSBuild 2023-09-18T13:24:55.2042232Z ============================================================================== 2023-09-18T13:24:55.2042611Z Task : Visual Studio build 2023-09-18T13:24:55.2042705Z Description : Build with MSBuild and
GitHub Actions Featured Protect the repository hosting your GitHub Action It comes as no surprise that the tags and branches solution to version GitHub Actions is weak at best. There have been rumors of Actions moving to a different model (GitHub Container Registry), but that is yet to see the light.
Azure DevOps Featured Publish Azure DevOps Extensions using Azure Workload Identity As you may know, I maintain several Azure DevOps Extensions. To publish them I use the Azure DevOps extension tasks. And to authenticate you must provide a Personal Access Token.
git Tips & tricks: Git under WSL and windows Since the introduction of WSL I've started to rely on it more and more, but there are still a few quirks when dealing with multiple environments that access the same repo on disk.
Azure Pipelines Hey! You broke our pipeline! One of the advantages of Azure Pipelines is that it automatically updates your tasks to the latest minor version. That way you don't have anything to stay up-to-date. But this also has disadvantages. Both Microsoft and Extension Authors can accidentally break your pipelines.
GitHub Featured Enable RenovateBot for Azure Pipelines In my report on the Security state of the Azure DevOps Marketplace I came to the unfortunate conclusion that about 40% of the extensions contain vulnerabilities. One of the recommendations for both Azure DevOps administrators and pipeline authors was to keep the Azure Pipelines Tasks up-to-date.
Azure Pipelines Speeding up the Azure DevOps Extension tasks I've been maintaining and using the Azure DevOps Extension tasks for years now and I've always been frustrated by the slowness of some steps.
Azure DevOps Featured Security state of the Azure DevOps Marketplace This report focusses on the Azure Pipelines extensions in the Marketplace. At the time of compiling the report there are 1460 extensions in the "Azure Pipelines" category. More than 500 have one or more vulnerabilities or vulnerable dependencies.
Azure DevOps Server 2022 Definitive solution for log4shell in Azure DevOps Server Search Last year around this time the log4shell bug in log4j was made public. Older versions of Team Foundation Server and Azure DevOps Server ship with Elastic Search to power its advanced search features. The version that ships with these versions is quite old and was never truly fixed, only patched.
GitHub What's GitHub's new require approval of the most recent push policy all about? The "require approval of the most recent push" protection rule was recently introduced (oct 2022).
