MindByte Issue #76: Arm64 Runners, GitHub Security, and DevOps Excellence

In this edition, discover how Arm64 runners in GitHub Actions can boost build efficiency and reduce costs. Learn about the gh-dash CLI dashboard for GitHub to streamline your workflow. Understand the "GitLoker" extortion scheme targeting GitHub repositories and how to protect your data. Explore why APIs should avoid HTTP-to-HTTPS redirects for better security. Read about a surprising IT infrastructure setup at a WA council. Finally, delve into the top 10 recent improvements in C# that enhance coding simplicity and performance. Plus, join the Global DevOps Experience with Xebia to tackle real-world issues using GitHub, Azure, and AI.

Hello! Thanks for joining me. To ensure you keep getting these updates seamlessly, please move this email to your primary inbox or mark it as important. A quick reply like "got it" also helps boost visibility. This edition covers exciting topics such as:

  • Enhancing build efficiency with Arm64 on GitHub Actions.

  • Boosting productivity with the gh-dash CLI dashboard.

  • Why your API shouldn't redirect HTTP to HTTPS.

  • Top 10 recent improvements in C#.

Join the Global DevOps Experience!

Together with colleagues from Xebia, I have been working on the Global DevOps Experience, a global event in which you play a role in Globoticket, a fictitious company facing issues you will need to fix using GitHub, Azure, and AIโ€”an ideal way to learn and work together. The event will take place this Saturday, and we have around 40 venues worldwide.

Read more on the Global DevOps Experience website and sign up at a nearby venue.

GitHub Digest

Boost Your Build Efficiency with Arm64 on GitHub Actions

GitHub has announced the public beta of Arm-based Linux and Windows runners for GitHub Actions.

These new runners offer improved power, performance, and sustainability, while being 37% cheaper than x64 runners. With this update, developers can leverage Arm architecture for faster and more efficient builds, supporting a wide range of applications from gaming to AI.

The runners are fully managed by GitHub and include all necessary tools for a seamless integration.

Boost Productivity with gh-dash: A CLI Dashboard for GitHub

The gh-dash is a powerful CLI extension for GitHub, designed to streamline your workflow by providing a customizable dashboard for managing pull requests and issues.

This tool allows you to define sections with GitHub filters, act on PRs and issues with various commands, and use custom themes and keybindings.

Whether you're reviewing code or tracking issues, gh-dash offers a seamless experience within your terminal.

GitLoker Extortion Scheme Wipes GitHub Repositories

A new extortion campaign dubbed "GitLoker" targets GitHub repositories, wiping their contents and demanding a ransom.

Attackers gain access using stolen credentials, rename the repositories, and add a README file instructing victims to contact them on Telegram.

This vulnerability highlights the importance of securing your GitHub account. To protect against such attacks, enable two-factor authentication, review account security logs, and manage SSH keys and authorized integrations.

Coding Corner

Why Your API Shouldn't Redirect HTTP to HTTPS

Juhani Eronen argues that APIs should not redirect HTTP requests to HTTPS, suggesting they either disable HTTP or return a clear error response.

This approach aligns with the fail-fast principle, reducing the risk of exposing unencrypted API keys. Redirects can mask critical integration errors, leading to potential data breaches.

I think the article highlights an interesting point: itโ€™s better to let an issue explicitly fail than to implicitly redirect, ensuring greater security and clarity.

WA Council's Entire IT Infrastructure Found on One Server

A recent investigation revealed that a Western Australian council was running its entire IT infrastructure on a single server.

This almost hilarious approach to IT management raises significant concerns about data security and operational resilience. The setup, which includes all critical services, poses a high risk of total system failure. The article highlights the importance of proper IT infrastructure planning and redundancy.

Azure Updates & Insights

(no Azure updates this week)

.NET Nook

Discover the Top 10 Recent C# Improvements

This article from NDepend highlights the latest enhancements in C#, making the language more powerful and efficient.

Key improvements include single-line Hello World programs, value tuples, deconstruction, advanced pattern matching, and the introduction of raw literal strings.

These updates simplify coding, improve performance, and enhance readability. For a comprehensive overview of these and other features, check out the full article to see how they can benefit your C# projects.

Closing Thoughts

Thank you for reading this edition!

Your feedback is invaluable, so if you have any thoughts, questions, or suggestions, please don't hesitate to reach out. If you enjoyed this update and want to continue receiving more, make sure to subscribe here.

I appreciate your time and look forward to hearing from you!

Reply

or to participate.