GitHub Actions: Use the GITHUB_TOKEN with workflow_dispatch and repository_dispatch
GitHub Actions: Use the GITHUB_TOKEN with workflow_dispatch and repository_dispatch actions September 8, 2022 Customers will now be able to use the GITHUB_TOKEN with workflow_dispatch and repository_dispatch events to trigger workflows. Prior to this change, events triggered by GITHUB_TOKEN would not create a new workflow run. This was done to prevent the accidental trigger of endless workflows. T
CompanyEngineeringEnterpriseAddressing GitHub’s recent availability issuesGitHub recently experienced several availability incidents, both long running and shorter duration. We have since mitigated these incidents and all systems are now operating normally. Read on for more details about what caused these incidents and what we’re doing to mitigate in the future. Last week, GitHub experienced sever
Anti-Patterns - PagerDuty Incident Response Documentation
Home Getting Started On-Call Being On-Call Who's On-Call? Alerting Principles Before an Incident What is an Incident? Severity Levels Different Roles Call Etiquette Complex Incidents During an Incident During an Incident External Communication Guidelines Security Incident After an Incident After an Incident Postmortem Process Postmortem Template Effective Postmortems Crisis Response Crisis Respons
October 1, 2020 A moderate security vulnerability has been identified in the GitHub Actions runner that can allow environment variable and path injection in workflows that log untrusted data to STDOUT. This can result in environment variables being introduced or modified without the intention of the workflow author. To allow us to address this issue and maintain the ability for you to dynamically
A case study on scroll-driven animations performance | Blog | Chrome for Developers
What’s new with scroll-driven animations? Scroll-driven animations are a way to add interactivity and visual interest to your website or web application, triggered by the user's scroll position. This can be a great way to keep users engaged and make your website more visually appealing. In the past, the only way to create scroll-driven animations was to respond to the scroll event on the main thre
Low latency tuning guide
This guide describes how to tune your AMD64/x86_64 hardware and Linux system for running real-time or low latency workloads. Example workloads where this type of tuning would be appropriate: Line rate packet capture Line rate deep packet inspection (DPI) Applications using kernel-bypass networking Accurate benchmarking of CPU bound programs The term latency in this context refers to the time betwe
Developer Tools secrets that shouldn’t be secrets | Christian Heilmann
Update: As this is blowing up on Hackernews I added information to each of the tips in which environment they are supported in parenthesis after each heading. When I state “Chromium browsers”, this refers to all browsers that use the Chromium core and also feature all the Developer Tools. This is Chrome, Microsoft Edge, Brave and many more. As a reminder: Microsoft Edge is the browser that comes w
Posted Nov 10, 2020 2020-11-10T10:00:00-08:00 by Jun Kokatsu Back in 2018, Chrome enabled Site Isolation by default, which mitigates attacks such as UXSS and Spectre. At the time, I was actively participating in the Chrome Vulnerability Reward Program, and I was able to find 10+ bugs in Site Isolation, resulting in $32k rewards. In this blog post series, I will explain how Site Isolation and relat
New – Provisioned Concurrency for Lambda Functions | Amazon Web Services
AWS News Blog New – Provisioned Concurrency for Lambda Functions It’s really true that time flies, especially when you don’t have to think about servers: AWS Lambda just turned 5 years old and the team is always looking for new ways to help customers build and run applications in an easier way. As more mission critical applications move to serverless, customers need more control over the performan
Amazon ECS supports Automated Draining for Spot Instances running ECS Services
Amazon Elastic Container Service (ECS) supports Automated Spot Instance Draining, a new capability that reduces service interruptions due to Spot termination for ECS workloads. This feature will enable ECS customers to safely manage any interruptions of ECS tasks running on Spot instances due to termination of the underlying EC2 Spot instance. Automated Spot Instance Draining will automatically pl
Defending new vectors: Threat actors attempt SQL Server to cloud lateral movement | Microsoft Security Blog
Microsoft security researchers recently identified a campaign where attackers attempted to move laterally to a cloud environment through a SQL Server instance. This attack technique demonstrates an approach we’ve seen in other cloud services such as VMs and Kubernetes cluster, but not in SQL Server. The attackers initially exploited a SQL injection vulnerability in an application within the target
Do you strive to deliver quality code smoothly and steadily? For development teams that practice a continuous release cycle, establishing a delivery flow can require significant effort when it comes to coordinating team members, setting up processes, and integrating multiple tools. To reduce this burden, we’re introducing the JetBrains Space Git flow, a complete process that helps you achieve bett
Crash/Deprecation/Intervention Reporting について - ASnoKaze blog
目次 Crash/Deprecation/Intervention Reporting Crash Reporting Deprecation Reporting Intervention Reporting ブラウザがWebページを表示する際に発生したエラーを、任意のエンドポイントにレポートさせる「Reporting API」という仕様があります。今回紹介する機能もchromeでいくつか実際に使用できます。 例えば、以前紹介した Deprecation Reporting もこの仕様によって定義されていました。 asnokaze.hatenablog.com 他にもTLS証明書エラーや名前解決エラーといった、ネットワークエラーを通知するNetwork Error Loggingといった仕様もReporting APIを利用しています。 asnokaze.hatenablog.com Cr
And now we welcome the new year. Full of things that have never been. — Rainer Maria Rilke January 4th 2021 was the first working day of the year for many around the globe, and for most of us at Slack too (except of course for our on-callers and our customer experience team, who never sleep). The day in APAC and the morning in EMEA went by quietly. During the Americas’ morning we got paged by an e
The proposal “Pipe operator (|>) for JavaScript” (by J. S. Choi, James DiGioia, Ron Buckton and Tab Atkins) introduces a new operator. This operator is an idea borrowed from functional programming that makes applying functions more convenient in many cases. This blog post describes how the pipe operator works and what its use cases are (there are more than you might expect!). The two competing pro
↓先にご一読下さい https://naonaooan.hatenablog.com/entry/2023/06/24/000000 予約投稿分を誤って、投稿してしまいました 混乱を招き、申し訳ありませんでした🙇♀️🙇♂️ 第95章 X(Twitter)マゾ事情と閑話① Instagram「今日の呉緒様💕」より お美しい呉緒様 最近のX(旧Twitter)のマゾ事情をご案内してみましょう ホント、Xは僕のようなマゾにとっては楽しい世界です 様々な海外の職業女王様の写真やコメントを見ているだけでゾクゾクします😁 それくらい、皆さん素敵です(豚吉は、欧米女性推しです。沼正三の如く白人崇拝というわけではありませんが) 僕にもし、呉緒様という絶対的存在、最愛の女王様がいらっしゃらなければ 僕はとうに、どっかの職業女王様に貢ぎ始めていたかも知れません 〈今はとにかく呉緒様崇拝です。朝から
Amazon ECS タスクの停止理由 (エラー内容) を CloudWatch Logs に保存する方法とその分析をしてみた | DevelopersIO
はじめに AWS Fargateのタスクの停止理由を確認する方法が分からず詰まったため、今回記事を書きました。 ECSのコンソール上では、タスクが停止してから1時間以内であれば、以下のように停止理由であるエラー内容を確認できます。 ただし、上記のエラーは、1時間経過すると、以下のように見られなくなります。 過去にさかのぼって確認したい場合、CloudWatch logsなどに保存する必要があります。 今回は、ECSタスクの停止理由をさかのぼって確認するために、タスクが停止になった時のイベント情報をCloudWatch logsに保存する方法について、解説します。 構成図 構成図は、下記です。 汎用性がありますので、CloudFormationで、イベントルールとロググループを作成します。 流れとしては、ECSタスクが停止した時に、EventBridgeがトリガーとなり、ECSタスクの停止ロ
CI/CD for Machine Learning in 2024: Best Practices & Tips | Qwak
CI/CD for Machine Learning in 2024: Best Practices to Build, Train, and Deploy Explore best practices for CI/CD in Machine Learning in 2024. Learn to build, train, and deploy ML models efficiently with expert strategies. Building and deploying code to production environments is a fundamental aspect of software development. This process is equally pivotal in the realm of production-grade Machine Le
WSDM 2019 : How A/B Tests Could Go Wrong : Automatic Diagnosis of Invalid Online Experiments を読んだ - OKIYUKI99 Blog
dl.acm.org LinkedinでInvalidなA/B テスト検知するための方法論を紹介している論文を読みました A/Bテストにおけるメトリック解析の話から、丁寧にメトリックを分解し、検知ロジックを提案しています。LinkedinのA/B テストプラットフォームで実際に動いてるみたいです Introduction まずはじめに、invalidなA/BテストにはInternally または Externally なテストがあることを紹介しています Internally invalid とは? Treatment と Control間の差がTreatmentによる効果と結論づけれるのが本来のA/B テストの魅力の1つですが、その差がTreatmentによる効果ではない ことを言います 特にこの論文では、incomparable samples(つまり、比較不可なサンプル群)における I
WebKit Features in Safari 17.2
ContentsHTMLCSSImages and videoJavaScriptWeb APIWeb AppsWebGLPrivacyWeb InspectorFixes for Interop 2023 and moreUpdating to Safari 17.2Feedback Web technology is constantly moving forward, with both big new features and small subtle adjustments. Nowadays, web developers expect web browsers to update multiple times a year, instead of the once or twice a year typical of the late 2000s — or the once
EngineeringGitHub Availability Report: July 2020Last month we introduced GitHub’s monthly availability report to address service disruptions and share our learnings with the community. In July we experienced one specific incident resulting in a degraded state of availability for GitHub.com. We’d like to share our learnings from this incident with the community in the spirit of being transparent ab
Overview Rather than copying and pasting from one workflow to another, you can make workflows reusable. You and anyone with access to the reusable workflow can then call the reusable workflow from another workflow. Reusing workflows avoids duplication. This makes workflows easier to maintain and allows you to create new workflows more quickly by building on the work of others, just as you do with
eBPF Summit Day One The first day of the eBPF Summit is a wrap and it certainly was an amazing day full of information about eBPF, the technology that is changing the shape of Linux networking, observability, and performance. If you missed the keynote and lightning talks from Day 1 you can watch the replay of the event in its entirety. Individual talks, along with their links, will be made availab
First published: Oct 2, 2019 Last updated: Jan 5, 2023 Tagged: webperf, ramblings, webpagetest. Matt Hobbs Read time: 149 mins Table of contents Basic Layout 1 - Key 2 - Request list 3 - Request timeline 4 - CPU Utilisation 5 - Bandwidth In 6 - Browser Main Thread 7 - Page is Interactive (Long Tasks) Vertical lines Horizontal timings Request 1 - The HTML Request 7 - A third-party JavaScript file R
TikTok/amandamallur 今週も驚くような事故や、心温まるエピソードが多くありました。さっそく1週間を振り返っていきましょう。 まずは14日に投稿した、記事になります。病院に入院していたホームレスの男性と、病院の外で待っていた愛犬とが再会する場面です。 @amandamallur Linda história da cachorrinha que aguarda ansiosamente pela alta hospitalar do seu dono que é andarilho e que tem muitos dias internado no hospital HRSAJ, e todo dia ele é liberado para visitar seu cachorrinho. #pernambuco #bahia #animais #andarilho #h
Introduction # Over the past years, the adoption of RocksDB increased dramatically. It became a standard for embeddable key-value stores. Today RocksDB runs in production at Meta, Microsoft, Netflix, Uber. At Meta RocksDB serves as a storage engine for the MySQL deployment powering the distributed graph database. Big tech companies are not the only RocksDB users. Several startups were built around
Pirate Weather
Get an API key Quick Links To register for the API Access the old portal for sign-ups before March 2023 Get a weather forecast in the Dark Sky style Home Assistant Integration Processing code repo Changelog Status page Publications and Press AWS blog post TLDR Newsletter BoingBoing Hacker News Front Page Introduction Weather forecasts are primarily found using models run by government agencies, bu
Build low-power, clock-controlled devices - Raspberry Pi
Do you want to make a sensor with a battery life you can measure in days rather than hours? Even if it contains a (relatively!) power-hungry device like a Raspberry Pi? By cunning use of a real-time clock module, you can make something that wakes up, does its thing, and then goes back to sleep. While asleep, the sensor will sip a tiny amount of current, making it possible to remotely monitor the t
The Chemical Brothers - The Darkness That You Fear (Official Video)
The official 'The Darkness That You Fear' music video. Taken from The Chemical Brothers’ album 'The Darkness That You Fear'. https://TheChemicalBrothers.lnk.to/TheDarknessThatYouFear “For That Beautiful Feeling” - the new album out now! https://thechemicalbrothers.lnk.to/FTBF Sign-up to the mailing list: https://thechemicalbrothers.lnk.to/YTSU Limited edition “We Are the Night” vinyl availab
「利上げ時のインフレと失業率には因果関係はあるのか? - himaginary’s diary」で紹介したブランシャールとライスの議論について、ブランシャールが以下のように自分の見解をまとめている。 1. Triggered by the exchange with @R2Rsquared @AngelUbide, @Guido_Lorenzoni and others: The discussion was at the core of macro. The nature of the determinants of the price level is THE fundamental issue in thinking about short run fluctuations, not a marginal or esoteric issue. 2. Without nominal r
URGENT/11
UPDATE (December 15, 2020) 97% of URGENT/11 and 80% of CDPwn Vulnerable Devices Remain Unpatched Putting Thousands of Organizations at Risk of Attack Armis has continued to track the exposures from the URGENT/11 and CDPwn exploits discoveries over the past 18 months. Based on that research, we have identified that 97% of the OT devices impacted by URGENT/11 have not been patched; and 80% of those
Understanding Allocations in Go
Cleaning up heap allocations in GoThis is the 18th article of the Eureka Advent Calendar 2020. Yesterday we had a post from Jun Ernesto Okumura on diversity in Spotify’s recommender systems. IntroductionThanks to efficient in-built memory management in the Go runtime, we’re generally able to prioritise correctness and maintainability in our programs without much consideration for the details of ho
2024-02-04 This article was originally published on DanSvetlov.me and is republished here with permission of the author. This article is relevant to Sidekiq v7. Sidekiq is one of the most ubiquitous1 Ruby background job processors out there. To anybody who has worked with Ruby on and off Rails, it needs no introduction. Sidekiq has a 10+ year track record of being an efficient, battle-tested and s
How Shinzo Abe’s murder and his ties to Moonies blindsided Japanese politics
In the days after Shinzo Abe was shot dead last summer while making an election campaign speech, commentators struggled to articulate a motive for a seemingly senseless attack on Japan’s former and longest-serving prime minister in a country admired for its near-absence of gun crime. Abe’s violent death was an affront to democracy, said the prime minister, Fumio Kishida, adding that his mentor wou
All times are PDT. Summary Discord was unavailable for most users for a period of an hour. The root cause is well understood and fixed. The bug was in our service discovery system, which is used by services within our infrastructure to discover one another. In this instance, service discovery is used by our real time chat services services in order to discover the RPC endpoint that they use to loa
Don't Remove Your Lost iPhone From Your iCloud Account: Here's Why
A lost or stolen iPhone that's connected to iCloud is almost as useless as a slab of metal to criminals. Losing an iPhone is painful because it costs a lot of money. Monetary loss aside, it's an inconvenience as your iPhone is a gateway to your photos, contacts, social media, and schedule. After a while, when you're convinced that you'll never get your iPhone back, it makes sense to remove it from
Since May 26, 2024, Phylum has been monitoring a persistent supply chain attacker involving a trojanized version of jQuery. We initially discovered the malicious variant on npm, where we saw the compromised version published in dozens of packages over a month. After investigating, we found instances of the trojanized jQuery on other platforms, such as GitHub, and even as a CDN-hosted resource on j
Do any of these experiences sound familiar? You get to the bottom of the page and realize you have no idea what you just read. Entering a room, you've forgotten why you went there in the first place. Looking up from your phone, you realize you've been scrolling for way too long. What happened? Your attention lapsed. And it lapses a lot, so much so that, according to research, we are missing 50 per
Windows 10 bug corrupts your hard drive on seeing this file's icon
HomeNewsSecurityWindows 10 bug corrupts your hard drive on seeing this file's icon An unpatched zero-day in Microsoft Windows 10 allows attackers to corrupt an NTFS-formatted hard drive with a one-line command. In multiple tests by BleepingComputer, this one-liner can be delivered hidden inside a Windows shortcut file, a ZIP archive, batch files, or various other vectors to trigger hard drive erro
If you’ve embarked on your site reliability engineering (SRE) journey, you’ve likely started using service-level objectives (SLOs) to bring customer-focused metrics into your monitoring, perhaps even utilizing Service Monitoring as discussed in “Setting SLOs: a step-by-step guide.” Once you're able to decrease your alert volume, your oncallers are experiencing less operational overhead and are foc
j次のブックマーク
k前のブックマーク
lあとで読む
eコメント一覧を開く
oページを開く
Addressing GitHub’s recent availability issues
GitHub Actions: Deprecating set-env and add-path commands
Deep Dive into Site Isolation (Part 1)
Introducing the Space Git Flow | The Space Blog
Slack’s Outage on January 4th 2021 - Slack Engineering
A pipe operator for JavaScript: introduction and use cases
第95章 X(Twitter)マゾ事情と閑話① - 呉緒様の奴隷 豚吉日記
GitHub Availability Report: July 2020
Reusing workflows - GitHub Docs
eBPF Summit Day 1 Recap
How to read a WebPageTest Waterfall View chart - Matt Hobbs
今週のニュース(11月13日から19日まで) - switch news
How RocksDB works - Artem Krylysov
名目硬直性の重要性と知的分断 - himaginary’s diary
How does Sidekiq work? | Mike Perham
Server Outages and Increased API Errors
Persistent npm Campaign Shipping Trojanized jQuery
3 Science-Backed Habits of People With Remarkable Mental Focus
Setting SLOs for services -- SRE | Google Cloud Blog