dependabot-sha-comment-action
roadmap
dependabot-sha-comment-action | roadmap | |
---|---|---|
1 | 67 | |
2 | 7,712 | |
- | 0.6% | |
0.9 | 0.0 | |
over 1 year ago | 30 days ago | |
MIT License | Creative Commons Attribution 4.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
dependabot-sha-comment-action
-
GitHub Actions by Example
Def a real concern.
If anyone is interested to mitigate it yourself, these are helpful :)
https://docs.github.com/en/actions/creating-actions/about-cu...
https://github.com/dependabot/dependabot-core/issues/2835
https://github.com/zgosalvez/github-actions-ensure-sha-pinne...
https://github.com/timmeinerzhagen/dependabot-sha-comment-ac...
roadmap
- GitHub: Packages support for fine-grained PATs
- Microsoft cancels plans for Python packages on GitHub
-
Github will unfortunately not provide a helm repository in the future.
Same message as for PyPI compatible package registry: https://github.com/github/roadmap/issues/94
-
GitHub support for PHP Packages: “no longer planned”
Yeah I had to look around a bit but yep… https://github.com/github/roadmap/issues/94
It looks like a lot of things have been killed… which with my cynical hat on I think might have something to do with overlapping capabilities with Azure services.
- GitHub Packages no longer planning Python PyPI support
-
How do you debug CI/CD pipelines? Breakpoints?
Others have mentioned tmate to SSH into a running GitHub Actions workflow; there is a roadmap issue making that functionality built-in to Actions, planned for 2023/Q4.
-
GitHub Actions is Vulnerable to Supply Chain Attacks
Immutable actions are on GitHub's roadmap.
- How to manage large GitHub orgs?
-
Which role does Github Actions currently play in MLOps?
I think not yet, but seems to be in the roadmap
- Developing for M1/M2 without a Mac
What are some alternatives?
setup-msys2 - GitHub Action to setup MSYS2
plantuml - Generate diagrams from textual description
tiny-differentiable-simulator - Tiny Differentiable Simulator is a header-only C++ and CUDA physics library for reinforcement learning and robotics with zero dependencies.
trufflehog - Find and verify secrets
toast - Containerize your development and continuous integration environments. 🥂
act - Run your GitHub Actions locally 🚀
gitlab
dependabot-core - 🤖 Dependabot's core logic for creating update PR's.
xmonad - The core of xmonad, a small but functional ICCCM-compliant tiling window manager
jenkins-std-lib - Bringing the Zen of Python to Jenkins.
gh-action-pypi-publish - The blessed :octocat: GitHub Action, for publishing your :package: distribution files to PyPI: https://github.com/marketplace/actions/pypi-publish