gitoops | roadmap | |
---|---|---|
8 | 67 | |
628 | 7,713 | |
0.5% | 0.6% | |
0.0 | 0.0 | |
7 months ago | about 1 month ago | |
Go | ||
MIT License | Creative Commons Attribution 4.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
gitoops
- Attacking GitHub Organizations
- Show HN: GitOops – map attack paths in your GitHub org
- GitOops! Lateral movement and privesc in GitHub orgs via CI/CD pipelines
- GitOops Lateral movement and privesc in GitHub orgs via CI/CD pipelines
-
Anatomy of a Cloud Infrastructure Attack via a Pull Request
Shameless plug for something I've been working on: https://github.com/ovotech/gitoops/
As a pentester, for most companies I looked at, any employee on GitHub/GitLab could likely single handedly access a variety of production contexts through CI/CD pipelines.
I wrote GitOops to map attacks path through CI/CD systems for a large company I currently work with.
roadmap
- GitHub: Packages support for fine-grained PATs
- Microsoft cancels plans for Python packages on GitHub
-
Github will unfortunately not provide a helm repository in the future.
Same message as for PyPI compatible package registry: https://github.com/github/roadmap/issues/94
-
GitHub support for PHP Packages: “no longer planned”
Yeah I had to look around a bit but yep… https://github.com/github/roadmap/issues/94
It looks like a lot of things have been killed… which with my cynical hat on I think might have something to do with overlapping capabilities with Azure services.
- GitHub Packages no longer planning Python PyPI support
-
How do you debug CI/CD pipelines? Breakpoints?
Others have mentioned tmate to SSH into a running GitHub Actions workflow; there is a roadmap issue making that functionality built-in to Actions, planned for 2023/Q4.
-
GitHub Actions is Vulnerable to Supply Chain Attacks
Immutable actions are on GitHub's roadmap.
- How to manage large GitHub orgs?
-
Which role does Github Actions currently play in MLOps?
I think not yet, but seems to be in the roadmap
- Developing for M1/M2 without a Mac
What are some alternatives?
bettercap - The Swiss Army knife for 802.11, BLE, IPv4 and IPv6 networks reconnaissance and MITM attacks.
plantuml - Generate diagrams from textual description
auth - A GitHub Action for authenticating to Google Cloud.
trufflehog - Find and verify secrets
act - Run your GitHub Actions locally 🚀
gitlab
dependabot-core - 🤖 Dependabot's core logic for creating update PR's.
xmonad - The core of xmonad, a small but functional ICCCM-compliant tiling window manager
jenkins-std-lib - Bringing the Zen of Python to Jenkins.
tiny-differentiable-simulator - Tiny Differentiable Simulator is a header-only C++ and CUDA physics library for reinforcement learning and robotics with zero dependencies.
gh-action-pypi-publish - The blessed :octocat: GitHub Action, for publishing your :package: distribution files to PyPI: https://github.com/marketplace/actions/pypi-publish
SDL - Simple Directmedia Layer