Sign up to save your podcasts
Or
Share Launching 12in12.io, Dependency Confusion Attack, and Conventional Commits
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Launching 12in12.io, Dependency Confusion Attack, and Conventional Commits
[00:02:42] Andrew does a follow up from last week when he talked about moving and archiving repos and he gives an update. Jason tells us problems they’ve had with Dependabot.
[00:05:36] We learn about Andrew perfecting a gem release workflow and using Conventional Commits.
[00:09:43] Chris was busy this week and he tells us about a live stream he did with Freek Van der Herten, who created an app called Ray.
[00:13:15] Find out about the product streaming Chris did with 12in12.io and how he did a zoom call to talk about job boards and domaining with Jon Hainstock and Peter Askew. Peter is famous for the VidaliaOnions.com domain he bought, which is an interesting story you really need to read about. Jason and Chris talk about job postings for junior developers.
[00:16:04] Chris tells us what kind of job boards he’s wanting to do, and Jason and Andrew talk about job postings and some within their companies as well. Andrew shares a story of how he was hired as an intern at his company which he thought was a great way to start, and how companies should hire juniors.
[00:22:42] Andrew stresses how teaching others is how you learn the best, which is why hiring juniors is a benefit, and Chris shares his thoughts as well.
[00:27:42] Andrew asks the guys if they heard about the “Dependency Confusion” attack that was going around on the Interwebs this week and talks about a GitHub blog article that explains how to prevent this with NPM.
[00:31:36] Andrew talks about Diffend, a free service to help make sure your Ruby dependencies are secure.
[00:32:15] Jason tells us he finished the course and launched it so go buy it! Chris and Jason discuss about making videos, re-recording, and editing them.
[00:41:06] Jason explains to us what a recurring rotation does.
[00:47:08] Chris gives us information if you want to join in on 12in12.io.
Panelists:
Jason Charnes
Chris Oliver
Andrew Mason
Sponsor:
Honeybadger
Links:
Fix gem name in release action-andrewmcodes-GitHub
Conventional Commits
Release Please Action-GitHub
Creating a Ruby gem for Ray-LiveStream with Freek Van der Herten and Chris Oliver
Debug with Ray to fix problems faster=GitHub
Avoiding npm substitution attacks-The GitHub Blog
3 Ways to Mitigate Risk When Using Private Package Feeds-Microsoft Azure
“Dependency Confusion: How I Hacked Into Apple, Microsoft and Dozens of Other Companies,” by Alex Birsan
Diffend.io
12in12.io
Interactive Rails
- Chris Oliver X/Twitter
- Andrew Mason X/Twitter
- Jason Charnes X/Twitter
View all episodes
By Chris Oliver, Andrew Mason
4.8
3434 ratings
[00:02:42] Andrew does a follow up from last week when he talked about moving and archiving repos and he gives an update. Jason tells us problems they’ve had with Dependabot.
[00:05:36] We learn about Andrew perfecting a gem release workflow and using Conventional Commits.
[00:09:43] Chris was busy this week and he tells us about a live stream he did with Freek Van der Herten, who created an app called Ray.
[00:13:15] Find out about the product streaming Chris did with 12in12.io and how he did a zoom call to talk about job boards and domaining with Jon Hainstock and Peter Askew. Peter is famous for the VidaliaOnions.com domain he bought, which is an interesting story you really need to read about. Jason and Chris talk about job postings for junior developers.
[00:16:04] Chris tells us what kind of job boards he’s wanting to do, and Jason and Andrew talk about job postings and some within their companies as well. Andrew shares a story of how he was hired as an intern at his company which he thought was a great way to start, and how companies should hire juniors.
[00:22:42] Andrew stresses how teaching others is how you learn the best, which is why hiring juniors is a benefit, and Chris shares his thoughts as well.
[00:27:42] Andrew asks the guys if they heard about the “Dependency Confusion” attack that was going around on the Interwebs this week and talks about a GitHub blog article that explains how to prevent this with NPM.
[00:31:36] Andrew talks about Diffend, a free service to help make sure your Ruby dependencies are secure.
[00:32:15] Jason tells us he finished the course and launched it so go buy it! Chris and Jason discuss about making videos, re-recording, and editing them.
[00:41:06] Jason explains to us what a recurring rotation does.
[00:47:08] Chris gives us information if you want to join in on 12in12.io.
Panelists:
Jason Charnes
Chris Oliver
Andrew Mason
Sponsor:
Honeybadger
Links:
Fix gem name in release action-andrewmcodes-GitHub
Conventional Commits
Release Please Action-GitHub
Creating a Ruby gem for Ray-LiveStream with Freek Van der Herten and Chris Oliver
Debug with Ray to fix problems faster=GitHub
Avoiding npm substitution attacks-The GitHub Blog
3 Ways to Mitigate Risk When Using Private Package Feeds-Microsoft Azure
“Dependency Confusion: How I Hacked Into Apple, Microsoft and Dozens of Other Companies,” by Alex Birsan
Diffend.io
12in12.io
Interactive Rails
- Chris Oliver X/Twitter
- Andrew Mason X/Twitter
- Jason Charnes X/Twitter
More shows like Remote Ruby
View all
Hanselminutes with Scott Hanselman
377 Listeners
Software Engineering Radio - the podcast for professional software developers
272 Listeners
The Changelog: Software Development, Open Source
282 Listeners
The Ruby on Rails Podcast
53 Listeners
The Bike Shed
121 Listeners
Software Engineering Daily
626 Listeners
Ruby Rogues
21 Listeners
Syntax - Tasty Web Development Treats
984 Listeners
REWORK
210 Listeners
CoRecursive: Coding Stories
189 Listeners
Code with Jason
14 Listeners
The Stack Overflow Podcast
64 Listeners
Code and the Coding Coders who Code it
6 Listeners
IndieRails
5 Listeners
The Pragmatic Engineer
52 Listeners