-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathrss.xml
More file actions
116 lines (116 loc) · 8.65 KB
/
rss.xml
File metadata and controls
116 lines (116 loc) · 8.65 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
<?xml version="1.0" encoding="UTF-8"?>
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom">
<channel>
<title>depmedic blog</title>
<link>https://depmedicdev-byte.github.io/</link>
<description>Notes on cheaper, faster, less leaky CI. Free CLIs and a small set of paid playbooks.</description>
<language>en-us</language>
<atom:link href="https://depmedicdev-byte.github.io/rss.xml" rel="self" type="application/rss+xml" />
<lastBuildDate>Tue, 28 Apr 2026 09:10:18 GMT</lastBuildDate>
<item>
<title>I audited 10 famous GitLab projects with gitlab-ci-doctor. Here are the patterns.</title>
<link>https://depmedicdev-byte.github.io/blog/audit-10-gitlab-projects.html</link>
<guid isPermaLink="true">https://depmedicdev-byte.github.io/blog/audit-10-gitlab-projects.html</guid>
<pubDate>Tue, 28 Apr 2026 12:00:00 GMT</pubDate>
<description>Real findings from 10 well-known gitlab.com pipelines (gitlab-runner, gitaly, gitlab-pages, release-cli, glab, inkscape and more). The rules that fire most often, and the tiny YAML changes that fix them.</description>
</item>
<item>
<title>depmedic weekly #2 - the GitHub Action ships, Azure Pipelines joins the family</title>
<link>https://depmedicdev-byte.github.io/blog/depmedic-weekly-2.html</link>
<guid isPermaLink="true">https://depmedicdev-byte.github.io/blog/depmedic-weekly-2.html</guid>
<pubDate>Tue, 28 Apr 2026 18:00:00 GMT</pubDate>
<description>ci-doctor-action ships to GitHub Marketplace as a composite action with sticky PR comment + SARIF. azure-pipelines-ci-doctor lands as the fourth sister CLI with 8 rules tuned to Azure DevOps quirks. /scan-azure.html in-browser scanner is up. Sitemap hits 69 URLs.</description>
</item>
<item>
<title>depmedic weekly #1 - 16 rules, the GitHub App is live, the pin bar is 59%</title>
<link>https://depmedicdev-byte.github.io/blog/depmedic-weekly-1.html</link>
<guid isPermaLink="true">https://depmedicdev-byte.github.io/blog/depmedic-weekly-1.html</guid>
<pubDate>Tue, 28 Apr 2026 12:00:00 GMT</pubDate>
<description>depmedic weekly issue 1: ci-doctor 0.5.0 ships docker-no-pin and service-no-healthcheck, the depmedic-bot GitHub App lands, VS Code/Cursor extension hits 0.2.0, and the pin bar across 20 OSS repos comes in at 59%.</description>
</item>
<item>
<title>The Pin Bar 2026: 20 famous OSS repos, 1461 uses:, 59% pinned to a SHA</title>
<link>https://depmedicdev-byte.github.io/blog/pin-bar-2026.html</link>
<guid isPermaLink="true">https://depmedicdev-byte.github.io/blog/pin-bar-2026.html</guid>
<pubDate>Tue, 28 Apr 2026 12:00:00 GMT</pubDate>
<description>Real data: across 20 popular OSS repos and 1461 'uses:' references, 59.4% are pinned to a 40-char SHA. The rest float on a tag. Six repos hit 100%. Four repos hit 0%. Here's the per-repo board and what to do about it.</description>
</item>
<item>
<title>A .cursorrules that actually fits your stack.</title>
<link>https://depmedicdev-byte.github.io/blog/cursorrules-starter.html</link>
<guid isPermaLink="true">https://depmedicdev-byte.github.io/blog/cursorrules-starter.html</guid>
<pubDate>Mon, 27 Apr 2026 12:00:00 GMT</pubDate>
<description>cursor-rules-init scaffolds a starter .cursorrules / AGENTS.md / system prompt for Cursor, Claude Code, and ChatGPT. Stack-aware: TypeScript, React, Next.js, Python, Node servers.</description>
</item>
<item>
<title>I shipped 3 new ci-doctor rules. Then I ran them on my own repos.</title>
<link>https://depmedicdev-byte.github.io/blog/dogfood-found-real-bug.html</link>
<guid isPermaLink="true">https://depmedicdev-byte.github.io/blog/dogfood-found-real-bug.html</guid>
<pubDate>Mon, 27 Apr 2026 12:00:00 GMT</pubDate>
<description>ci-doctor 0.4.0 added stale-cache-key, fail-fast-true, and always-run-on-pr. The first thing I did was run them on my own 6 repos. fail-fast-true caught real waste. The CLI also crashed on a single-file argument. 0.4.1 fixes both.</description>
</item>
<item>
<title>I let Gemini explain 10 famous OSS GitHub Actions workflows. Here's what it found.</title>
<link>https://depmedicdev-byte.github.io/blog/gemini-explains-10-workflows.html</link>
<guid isPermaLink="true">https://depmedicdev-byte.github.io/blog/gemini-explains-10-workflows.html</guid>
<pubDate>Mon, 27 Apr 2026 12:00:00 GMT</pubDate>
<description>Next.js, Vite, React, Vue, Deno, Prettier, Nuxt, Svelte, MUI, TanStack Query - their primary CI workflows, explained by Gemini Flash. ~30 cost and reliability smells across 10 repos. No editorial picking; raw output, cited line by line.</description>
</item>
<item>
<title>How much does my GitHub Actions workflow cost?</title>
<link>https://depmedicdev-byte.github.io/blog/github-actions-cost-estimate.html</link>
<guid isPermaLink="true">https://depmedicdev-byte.github.io/blog/github-actions-cost-estimate.html</guid>
<pubDate>Mon, 27 Apr 2026 12:00:00 GMT</pubDate>
<description>Estimate GitHub Actions workflow cost in dollars from the YAML alone. gha-budget reads jobs, expands matrices, applies the official runner pricing, and projects monthly spend.</description>
</item>
<item>
<title>GitHub Actions linters compared: actionlint, ci-doctor, sherif, octoscan</title>
<link>https://depmedicdev-byte.github.io/blog/github-actions-linters-compared.html</link>
<guid isPermaLink="true">https://depmedicdev-byte.github.io/blog/github-actions-linters-compared.html</guid>
<pubDate>Mon, 27 Apr 2026 12:00:00 GMT</pubDate>
<description>Comparison of the four open-source GitHub Actions linters in 2026: actionlint, ci-doctor, sherif, and octoscan. What each one catches, where each one stops, and how to combine them.</description>
</item>
<item>
<title>npm audit without the noise. depmedic triages instead.</title>
<link>https://depmedicdev-byte.github.io/blog/npm-audit-without-the-noise.html</link>
<guid isPermaLink="true">https://depmedicdev-byte.github.io/blog/npm-audit-without-the-noise.html</guid>
<pubDate>Mon, 27 Apr 2026 12:00:00 GMT</pubDate>
<description>npm audit reports every CVE in every transitive dep regardless of reachability. depmedic prioritizes by reachability, severity, and fix availability. CI-friendly exit codes.</description>
</item>
<item>
<title>What 20 popular OSS projects pay for GitHub Actions</title>
<link>https://depmedicdev-byte.github.io/blog/oss-ci-cost-benchmarks.html</link>
<guid isPermaLink="true">https://depmedicdev-byte.github.io/blog/oss-ci-cost-benchmarks.html</guid>
<pubDate>Mon, 27 Apr 2026 12:00:00 GMT</pubDate>
<description>Pulled the live workflow YAML from React, Next.js, Deno, TypeScript, Vite and 15 more, priced every job, ran ci-doctor against all of them. 229 workflows, 944 real CI smells, modeled ~$51k/mo combined spend at 30 runs/day. Public methodology and dataset.</description>
</item>
<item>
<title>Pin every GitHub Action to a SHA. One command.</title>
<link>https://depmedicdev-byte.github.io/blog/pin-github-actions-to-sha.html</link>
<guid isPermaLink="true">https://depmedicdev-byte.github.io/blog/pin-github-actions-to-sha.html</guid>
<pubDate>Mon, 27 Apr 2026 12:00:00 GMT</pubDate>
<description>Tags are mutable. Branches are mutable. SHAs are not. pin-actions rewrites every uses: line in your workflows to a full commit SHA. Supply chain hardening in one command.</description>
</item>
<item>
<title>I scanned 5 popular OSS repos in 5 minutes. Here's what I found.</title>
<link>https://depmedicdev-byte.github.io/blog/scan-five-random-repos.html</link>
<guid isPermaLink="true">https://depmedicdev-byte.github.io/blog/scan-five-random-repos.html</guid>
<pubDate>Mon, 27 Apr 2026 12:00:00 GMT</pubDate>
<description>vitejs/vite, prettier/prettier, axios/axios, sveltejs/svelte, eslint/eslint - all popular, all maintained by good engineers. All five have the same three workflow-level smells. Real numbers, no judgement.</description>
</item>
<item>
<title>Stop linting your GitHub Actions. Fix them.</title>
<link>https://depmedicdev-byte.github.io/blog/stop-linting-github-actions.html</link>
<guid isPermaLink="true">https://depmedicdev-byte.github.io/blog/stop-linting-github-actions.html</guid>
<pubDate>Mon, 27 Apr 2026 12:00:00 GMT</pubDate>
<description>ci-doctor 0.2 ships --fix mode: auto-applies safe fixes for missing-permissions, missing-concurrency, missing-timeout, and artifact-no-retention. Comments preserved.</description>
</item>
<item>
<title>depmedic weekly #3: 9 package updates this week</title>
<link>https://depmedicdev-byte.github.io/blog/depmedic-weekly-3.html</link>
<guid isPermaLink="true">https://depmedicdev-byte.github.io/blog/depmedic-weekly-3.html</guid>
<pubDate>Mon, 04 May 2026 18:05:36 GMT</pubDate>
<description>9 depmedic packages shipped this week.</description>
</item>
</channel>
</rss>