Home
josh-ops
Cancel

GitHub Advanced Security Permissions Chart

Overview I have several posts discussing GitHub Advanced Security, but practically a question that I get often is: “Who can access the alerts on each repository?” I hope to solve that with this p...

GitHub Advanced Security Feature Comparison

Overview GitHub Advanced Security (GHAS) is an addon for those on GitHub Enterprise. While it costs extra, the code scanning, secret scanning, and the dependency review feature set is quite impres...

GitHub: Block Pull Requests if a Vulnerable Dependency is Added

Overview GitHub has added a new Dependency Review action to help keep vulnerable dependencies out of your repository! One of the complaints with the way Dependabot Security Alerts works in GitHub ...

How to use gh auth login CLI Programmatically in GitHub Actions

Overview Quick post here since I have to search for this every time I try to use the gh cli in GitHub Actions. In order to use the gh cli, you have to run gh auth login to login. If you are runnin...

Migrate Azure DevOps Work Items to GitHub Issues

Overview Quick post since most of this is in the README in the repo, but I created a Powershell script to migrate Azure DevOps work items to GitHub Issues. It’s certainly not perfect, but there wa...

Use Dependabot in GitHub with Azure Artifacts

Overview If you have heavy investment in Azure Artifacts, it can be hard to fully transition to GitHub Packages. However, there is a bit of a transition. In GitHub, while you can see a list of pac...

Ignore Files in GitHub CodeQL Analysis

Overview I was recently working with a customer and we flipped on the security-and-quality query suite and received a a lot of results, mostly in our tests. We wanted a way to ignore these files f...

Docker Container Jobs in GitHub Actions

Overview GitHub Actions has a relatively little known feature where you can run jobs in a container, specifically a Docker container. I liken it to delegating the entire job to the container, so e...

ApproveOps: GitHub IssueOps with Approvals

Overview This is follow-up to my previous post, Demystifying GitHub Apps: Using GitHub Apps to Replace Service Accounts, where I go over the basics of creating a GitHub App and accessing its insta...

Demystifying GitHub Apps: Using GitHub Apps to Replace Service Accounts

Overview In GitHub Actions, the GitHub Token works very well and is convenient for automation tasks that require authentication, but its scope is limited. The GitHub Token is only going to allow u...