Overview If you have heavy investment in Azure Artifacts, it can be hard to fully transition to GitHub Packages. However, there is a bit of a transition. In GitHub, while you can see a list of pac...

Overview I was recently working with a customer and we flipped on the security-and-quality query suite and received a a lot of results, mostly in our tests. We wanted a way to ignore these files f...

Overview I have several posts discussing GitHub Advanced Security, but practically a question that I get often is: “Who can access the alerts on each repository?” I hope to solve that with this p...

Overview GitHub Actions has a relatively little known feature where you can run jobs in a container, specifically a Docker container. I liken it to delegating the entire job to the container, so e...

Overview This is follow-up to my previous post, Demystifying GitHub Apps: Using GitHub Apps to Replace Service Accounts, where I go over the basics of creating a GitHub App and accessing its insta...

Overview In GitHub Actions, the GitHub Token works very well and is convenient for automation tasks that require authentication, but its scope is limited. The GitHub Token is only going to allow u...

Overview I have a large Postman workspace for all my API calls, but it’s sometimes hard to share an example of an API or script with someone. Thus, I decided to create a repo that consolidates my ...

Overview We had a team that wanted to push to GitHub packages, which is relatively easily enough to do and is well documented. However, they had a subsequent job that was building a Docker image w...

Overview Let’s face it: Subversion had its time in the sun, but Git is the more modern source control system. If you want to use GitHub and take advantage of all the collaboration and security fea...

Overview We all probably know by now that there is some pretty solid first-party support for linking GitHub to Azure DevOps, specifically, Azure Boards, with the Azure Boards GitHub app. Assuming ...