Why isn't Hugo regenerating my SCSS files? (1 mins read).
How to ensure you're using the right Hugo version to build SCSS files.
by 
Jamie Tanna
.
#blogumentation
#hugo.
Why can't I use a comma with gcloud? (1 mins read).
How to resolve commas being ignored when interacting with gcloud, and how to escape them.
Using Spotless to auto-format Gradle Verification Metadata (3 mins read).
How to use Spotless to allow manual changes to the Gradle Verification Metadata to be auto-formatted as if Gradle generated it.
Common issues faced with execing an executable on Linux (2 mins read).
Some common issues you may face, with esoteric error messages, and how to fix them.
by Jamie Tanna
.
#blogumentation
#shell
#command-line
#linux.
You can now parse repo-level Renovate configuration with renovate-graph (2 mins read).
Announcing a new release of renovate-graph which now parses repo-level Renovate configuration.
Dependency Management Data's Open Policy Agent support is now a whole lot more efficient (2 mins read).
Talking about the latest release of Dependency Management Data and some refactoring that's led to better performance.
by Jamie Tanna
.
#dependency-management-data
#open-policy-agent.
Migrating Renovate bots, while keeping existing PRs updated (2 mins read).
How to migrate between two Renovate bot accounts, in the case you want to do a 'big bang rollout'.
Manually triggering a Buildkite pipeline for a fork (1 mins read).
How to trigger a Buildkite pipeline to run on a fork, if you have access to trigger a build.
Dependency Management Data's now on Mastodon! (1 mins read).
Announcing the dependency-management-data Mastodon account for automated release announcements (and more?).
Dynamically querying EndOfLife.date data for internal packages with Open Policy Agent and Dependency Management Data (3 mins read).
How you can retrieve End-of-Life data via EndOfLife.date using Dependency Management Data's Policies functionality.
by Jamie Tanna
.
#dependency-management-data
#blogumentation
#open-policy-agent.
89 things I know about Git commits (7 mins read).
Some of the things I've learned over a decade of Git usage, and working on writing good commit messages.
by Jamie Tanna
.
#git.
Dependency Management Data is now a lot easier to work with when using Software Bill of Materials (3 mins read).
Announcing an improved model for interacting with SBOMs, removing the need to understand the Repo Key up-front.
One THOUSAND blog posts (3 mins read).
Celebrating a massive milestone in my blog, and a short reflection.
by Jamie Tanna
.
#blogging
#www.jvt.me.
Reader survey: Who reads my blog? (2 mins read).
Wondering how my readers read my blog, and why.
by Jamie Tanna
.
#blogging
#www.jvt.me.
Dependency Management Data can now use sql-studio for database browsing (1 mins read).
Announcing the availability of the sql-studio database browser for dependency-management-data's web application.
Creating a test harness for validating Renovate regex manager rules (4 mins read).
How to set up a test harness to make it eaiser to modify scary looking regexes in your Renovate configuration.
Modifying the response body of an httputil.ReverseProxy response (2 mins read).
How to modify the response from a httputil.ReverseProxy before it goes back to the caller.
by Jamie Tanna
.
#blogumentation
#go.
Performing cross-database queries with SQLite (2 mins read).
How to query multiple database files with SQLite.
Dependency Management Data's web application can now be deployed as a single static binary (2 mins read).
Announcing dependency-management-data's embedded SQL browser interface.
Using Go's database/sql to query an arbitrary columns of unknown type(s) (3 mins read).
How you can query an unknown number of columns, of unknown types, with Go's SQL package.
by Jamie Tanna
.
#blogumentation
#go.
My workflow for writing SQL(ite) queries (2024 edition) (4 mins read).
Writing about my recent workflow for writing, executing, and sharing SQL queries with others.
by Jamie Tanna
.
#blogumentation
#sql
#sqlite
#neovim
#datasette
#lsp.
Calculating the GitHub API's sha representation of a local file (2 mins read).
How to locally calculate the same sha of a given file, so you can compare it against the GitHub API's representation.
by Jamie Tanna
.
#blogumentation
#github
#go.
Making it easier to schedule cross-timezones, with the tz CLI (3 mins read).
Writing a command-line tool with Charm's Go libraries to compare the suitability of meetings across timezones.
by Jamie Tanna
.
#blogumentation
#command-line
#go
#charm
#elastic
#remote-work.
Installing Google Cloud CLI components on Arch Linux (2 mins read).
How to install gcloud components using pacman, instead of using the officially supported method.
by Jamie Tanna
.
#blogumentation
#arch-linux
#google-cloud
#serverless.
I'm on Cup o' Go! (2 mins read).
Announcing my appearance on Cup o' Go, talking about oapi-codegen, OpenAPI, working on Open Source and blogging.
by Jamie Tanna
.
#openapi
#oapi-codegen
#podcast
#adhd
#blogging
#public-speaking
#go.
Responsible Disclosure: Using GitHub Search (without logging in using SSO) still allows searching (4 mins read).
Reporting on a HackerOne responsible disclosure that I found in GitHub, where you could exfiltrate data without signing in to GitHub SSO.
Creating a more sustainable model for oapi-codegen in the future (9 mins read).
Announcing a request for sponsorship to continue to allow allocating more time to oapi-codegen as well as to make more ambitious changes to the project.
oapi-codegen is moving to its own org (7 mins read).
Announcing oapi-codegen's move to its own GitHub org, and a history lesson about the project.
Lessons learned self-hosting Renovate (13 mins read).
What I've learned operating Renovate as a self-hosted app on GitHub Actions, GitLab CI, and the Mend Renovate Community Edition, and some tips for getting started
Automating the syncing of files between repos with GitHub Actions (2 mins read).
Creating a GitHub Action workflow to periodically update vendored files which are out-of-sync between GitHub repos.
Querying your organisation's Renovate configuration using SQL(ite) (3 mins read).
A new tool, renovate-config-sqlite to pull Renovate configuration into an SQLite database.
Why I recommend Renovate over any other dependency update tools (10 mins read).
Explaining why Renovate is going to be my solution to keeping up-to-date with dependencies and it's not likely to change any time soon.
by Jamie Tanna
.
#blogumentation
#renovate
#dependabot
#snyk.
What can we learn about the backdooring of xz/liblzma, using OpenSSF Security Scorecards and dependency-management-data? (6 mins read).
Looking at how the recent CVE-2024-3094 vulnerability could provide insight into other cases of risk in dependencies and their lack of code review.
by Jamie Tanna
.
#dependency-management-data
#security
#open-source.
What routes is my http.ServeMux listening for? (2 mins read).
How to fairly quickly list the routes that your http.ServeMux is handling, pre- and post-Go 1.22.
by Jamie Tanna
.
#blogumentation
#go.
Why is Go 1.22's enhanced routing not working for me? (2 mins read).
Why you may be receiving 404 page not found errors when using Go's new enhanced routing in Go 1.22.
by Jamie Tanna
.
#blogumentation
#go.
Job titles are bullshit (6 mins read).
When is a Senior Engineer not a Senior Engineer, no standardisation across the industry, and other reasons job titles are frustrating.
by Jamie Tanna
.
#career.
I'm on Changelog and Friends! (2 mins read).
Announcing my first podcast appearance on Changelog and Friends, talking about salary history, the IndieWeb, ADHD and dependency-management-data, among other things.
by Jamie Tanna
.
#podcast
#adhd
#salary
#indieweb
#public-speaking
#dependency-management-data.
You should listen to The Changelog (5 mins read).
Why you should really be adding The Changelog (and its network of podcasts) to your rotation of tech podcasts.
by Jamie Tanna
.
#podcast.
Gotcha: Don't try and authenticate to URLs generated by GitHub Actions Artifacts v4 (3 mins read).
Why you may be receiving errors when trying to authenticate to download GitHub Actions Artifacts using the v4 Actions.
Quantifying your reliance on Open Source software (State of Open Con version) (20 mins read).
A writeup of my talk about the dependency-management-data project at the State of Open Con 2024 conference.
by Jamie Tanna
.
#dependency-management-data
#public-speaking
#state-of-open-con
#soocon24
#open-source
#free-software
#sbom.
Celebrating dependency-management-data's first birthday (6 mins read).
Reflecting on the last year of the project.
Introducing insight into your dependencies' health in dependency-management-data (2 mins read).
How you can use the new dependency health functionality to better understand your dependencies.
dependency-management-data now has a logo! (1 mins read).
Very excited to note that the project now has a logo.
Why am I getting Too many arguments with vault? (1 mins read).
Why you may be getting Too many arguments from the vault CLI, and how to fix it.
Using renovate-to-sbom with the GitHub Dependency Submission API (4 mins read).
How to improve the data in GitHub's Dependency Graph by using an SBOM produced by Renovate data.
by Jamie Tanna
.
#dependency-management-data
#renovate
#sbom
#github.
Comparing the different Merge Request / Pull Request merge methods in GitLab and GitHub (2 mins read).
How the different merge methods for contributions work between GitLab and GitHub.
How to unpublish/redact/undo/retract a Go release (3 mins read).
How to retract a release version of a Go version, without risking folks automagically upgrade to that version.
by Jamie Tanna
.
#blogumentation
#go.
How do you represent a JSON field in Go that could be absent, null or have a value? (5 mins read).
Why it's surprisingly hard to work out a field has been sent or whether it's explicitly null, when using Go's encoding/json.
Why is set -eu not working? (2 mins read).
Why you may be finding set -u in a shell script not exiting when set -e is also present.
You can now interact with dependency-management-data using GraphQL (2 mins read).
Announcing the release of the GraphQL API for dependency-management-data.