TheServerSide

Full GitHub Actions environment variables list for YAML build workflow scripts example

Community driven content discussing all aspects of software development from DevOps to design patterns. If a developer wants to build a workflow, shell script or build job of any merit, they’ll need ...
TheServerSide

How to publish GitHub Actions artifacts by example

Community driven content discussing all aspects of software development from DevOps to design patterns. Unfortunately, the ephemeral Docker container on which the GitHub Actions artifacts are created ...
InfoWorld

Use GitHub Actions to deploy code to Azure

There’s a lot more to building modern applications than hitting F5 and building your app. Code is only part of the process. Building an effective CI/CD (continuous ...
CSOonline

GitHub Actions attack renders even security-aware orgs vulnerable

Many open-source repositories contain privileged GitHub Actions workflows that execute untrusted code and can be triggered by attackers to expose credentials and access tokens, as MITRE and Splunk ...
InfoWorld

AI in CI/CD pipelines can be tricked into behaving badly

Malicious content in issues or pull requests can trick AI agents in CI/CD workflows into running privileged commands in an ...
Geeky Gadgets

GitHub Actions lets you test your Arduino projects

Arduino users and enthusiasts may be interested in some new tools created by the official Arduino team, to make checking your code as easy as possible. The automated tools are used with GitHub Actions ...
CSOonline

GitHub Actions typosquatting: A high-impact supply chain attack-in-waiting

Developers who mistype names and owners of GitHub Actions expose their repositories and accounts to malicious code execution, with significant software supply chain implications, researchers have ...