MindByte Issue #82: Contribute to Open Source using Private Mirrors

GitHub Private Mirrors, AI for secret scanning, recover data from deleted Forks, scaling GitHub, find the right permissions and much more.

In partnership with

Welcome back, and for all the new subscribers, welcome aboard!

To ensure you keep getting these updates seamlessly, please move this email to your primary inbox or mark it as important. A quick reply like "got it" also helps boost visibility.

I m back from holidays, so fresh GitHub news, some Azure articles and of course .NET related stuff!

Are you interested in FinOps as well? Then have a look at the following newsletters:

Azure FinOps EssentialsWelcome to Azure FinOps Essentials, your weekly source for actionable tips to optimize Azure costs, understand spending, and implement best FinOps practices—helping you unlock Azure's full potentia...
FinOps WeeklyThe Latest FinOps News Delivered each Sunday

New here? Subscribe here to stay updated. Let's dive in.

GitHub Digest

When you work in a repository that you want to open source, but your development work needs to stay private due to compliancy rules, then this might be an interesting solution.

The private mirrors app allows you to contribute using a private mirror to public open source repositories. Allowing you to develop, validate and review inside your own private repo before mirroring it to the public repository. You cannot do this with a Fork as it needs to have the same visibility as the source.

This is a great way to contribute to open source projects, while still taking the legal and security risks of an enterprise in mind.

Did you know that commits on forks, even when made private or deleted, can still be retrieved? And it is even by design and documented by GitHub.

Have a look how this can be used/exploited as it has some serious impact.

Running and scaling a site like GitHub.com is not an easy task. This blog post describes the kind of tooling and solutions used.

Like how to use feature flags with Flipper or the use of Scientist (yes, there is a dotnet version as well) to validate changes. A great read on how to troubleshoot issues or introduce changes.

I learned to never run around with open scissors. And that also applies to running workflows; there should be no need to run with all the high access accounts when they are not needed.

But how do you know what kind of permissions you do need? For this you can include a special action inside your workflow. When the workflow completes, it will output the needed permissions so you can simply copy those.

This makes it very easy to get the right set of permissions.

It looks like everything is AI powered nowadays. There is hardly a product that does not have AI embedded, so no wonder that GitHub secret scanning has it as well.

Of course it makes a bit of sense. Passwords can be found in unstructured data and AI can help with this for sure. You do need GitHub Advanced Security for this and it is limited to git content, not Issues or Pull Requests.

Not directly GitHub news, but related for sure. One of the competitors of GitHub is looking for a buyer. Do you fancy a bid before Datadog?

I never use GitLab, so it is interesting to see where GitLab has put their focus on and how that aligns with Datadogs ambitions.

Coding Corner

There has been enough said about Crowdstrike, but I did found this interesting; due to EU rulling, Microsoft was forced to give others access to the kernel.

There are some good reasons to keep some things closed, and the recent outage proved that once again.

I sometimes try to do some frontend, playing around with CSS, but I m pretty bad at it. I used to build designs using tables, but appearantly that is old skool. The new kids use Grid Areas.

And it does look pretty good, with a nice amount of options, to build complicated grids. This article allows you to learn and play with the different options.

Azure Updates & Insights

This looks like a trivial thing, but I did face this when you provision Azure access for trainings. When the participants need to access the cloud shell, they were forced to select or create a storage account. And you do need certainly permissions for this to do so.

So not forcing the storage account is a nice step here.

I really like the simplicity to Azure Table Storage; just a column storage solution that is cheap and easy to use. Compared to CosmosDB, you do miss some functionality, which is explained in the below article.

.NET Nook

It sounds like yesterday that .NET 6 was released, but we are actually already reaching the end of support for this version. After November, you will not receive any potential security fixes, so it is better to move to .NET 8 as soon as possible.

Benchmarking is hard and you need to be very aware what the compiler is actually doing in order to get the right numbers.

Steven shows with an example what can go wrong and how to correct it.

Closing Thoughts

Thank you for reading this week’s edition!

Your feedback is invaluable, so if you have any thoughts, questions, or suggestions, please don't hesitate to reach out by simply replying to this mail.

If you enjoyed this update and want to continue receiving more, make sure to subscribe here.

I appreciate your time and look forward to hearing from you!

Your Local Solution for Staffing Needs

Quality staffing doesn't have to be complicated, especially when you partner with Express Employment Professionals, your local hiring experts. With teams deeply rooted in your community, they understand the challenges you face and are equipped to provide tailored solutions that meet your unique needs.

From analyzing your staffing requirements to delivering top-notch candidates, they're dedicated to supporting your business growth every step of the way. Get in touch with your local Express team today and discover the difference quality staffing makes.

Did you like this edition?

Login or Subscribe to participate in polls.

Reply

or to participate.