About 18 results
https://nesbitt.io/2026/05/07/free-as-in-tribbles.html · 7 May 2026
The next metaphor after free-as-in-puppy
https://nesbitt.io/2026/04/28/github-actions-is-the-weakest-link.html · 28 Apr 2026
Anne Robinson would like a word with .github/workflows
https://nesbitt.io/2026/04/15/the-tuesday-test.html · 15 Apr 2026
Like the Turing test but with more tacos.
https://nesbitt.io/2026/04/07/who-built-this.html · 7 Apr 2026
Tracing a dependency back to its source commit.
https://nesbitt.io/2026/03/19/the-fragmented-world-of-dependency-policy.html · 19 Mar 2026
Every tool that makes automated decisions about dependencies invented its own policy format. There are standards for describing software components but none for writing rules about them.
https://nesbitt.io/2026/03/12/reviewing-enisas-package-manager-advisory.html · 12 Mar 2026
Notes on ENISA's Technical Advisory for Secure Use of Package Managers.
https://nesbitt.io/2026/03/11/git-pkgs-actions.html · 11 Mar 2026
How to add git-pkgs to your GitHub Actions workflows.
https://nesbitt.io/2026/02/04/package-management-at-fosdem-2026.html · 4 Feb 2026
Summary of package management talks from FOSDEM 2026, covering supply chain security, attestations, SBOMs, dependency resolution, and distribution packaging across multiple devrooms.