jessehouwing.net
Loves Charlotte and Lily & Mika. Works at Xebia. Scrum.org, Github and Microsoft Trainer
102 posts
72 followers
84 following
Regular Contributor
Active Commenter
comment in response to
post
Smokey BBQ
comment in response to
post
> The patch, released as part of duo-ui!52, prevents Duo from rendering unsafe HTML tags such as <img> or <form> that point to external domains not under `gitlab.com`, effectively mitigating the risk of HTML-based data exfiltration.
Wouldn't that allow exfil to another gitlab org/account?
comment in response to
post
Didn't know about the TV series. I really enjoyed the audio books.
comment in response to
post
Or the murder it series. The dramatized versions in audiobook were a delight.
comment in response to
post
Must be a compiler bug. Wonder if it happens when you do this in a lambda or reflection.
comment in response to
post
Or, when donating from abroad, make a donation through my PayPal account and I'll forward it.
www.paypal.com/paypalme/jes...
comment in response to
post
If cyclists posed a 'clear and regular' danger to pedestrians we would see that in accident and fatality statistics. We don't.
bsky.app/profile/wils...
comment in response to
post
In Europe AliExpress has been working around similar costs by shipping the container as 1 package to Europe and then resending the individual contents from a EU shipper.
That way they only pay imports for the value of the container as a one time fee.
comment in response to
post
Making this generic for the Windows Credential Manager, VScode vault, Mac keyvault ..
Would be an awesome extension to make MCP in VScode a lot more secure and easy to use.
comment in response to
post
Nice. Even at a PoC this is super useful.
comment in response to
post
Now we're tokking!
comment in response to
post
Enjoy man! Looks stunning.
comment in response to
post
You could for new things. Competing against commodity is going to be a nightmare.
comment in response to
post
I like inputs for the cases where that makes sense. But for access to IP or PII like GitHub or production databases, I'd want a token which expires and renews. Not some all access forever token.
Heck we finally got rid of many of those.
comment in response to
post
But US manufacturers move work to Asia. The hopes are this will bring manufacturing back to the US. But that doesn't happen over night. And until it happens it's going to remain madness.
comment in response to
post
I'd expect GitHub to host a remote MCP server at some point ...
comment in response to
post
Not sure what to think of that... That wouldn't allow me to scope certain MCP servers to different sets of scopes.
And with SSO enabled orgs it's currently a nightmare.
comment in response to
post
I've got something that work nicely now though. But of course not in docker. Would be nice if MCP servers in general could leverage one or more token sources which would be seperate command lines to call.
comment in response to
post
All the info I can find requires me to create a VScode extension... Looks like...
comment in response to
post
Still don't want to manage personal access tokens. Ideally this would rely on my logged in user in VScode, at least now it uses my gh-cli allowing me to control the registered scopes.
But I can't find any info on how the MCP server would use the VScode secure storage. Have a link?
comment in response to
post
```
"mcp": {
"github": {
"command": "node",
"args": ["node", "E:\\mcp-servers\\src\\github\\dist\\index.js" ],
"env": { "GITHUB_PERSONAL_ACCESS_TOKEN_USE_GHCLI": "true" } } } }
```
github.com/modelcontext...
comment in response to
post
Then again, running docker in visual studio code on windows on wsl is still not the best experience int he world.
If you'd like to try this yourself, clone this PR, build the GitHub MCP server locally and update your vscode insiders settings to the following:
comment in response to
post
I can simply rely on the token stored in the Windows Credential Store for added safety.
Did a pull request, lets see if this will land.
Don't think this will easily be supported by the docker version of the MCP servers, since it won't have access to the Windows Credential Store.
comment in response to
post
Way too easy for any process to capture that file and exfiltrate it.
So I set out to update the @github.com MCP Server with support for the GitHub CLI. Now when I chat to github using Visual Studio Code,
comment in response to
post
Thank you #xebia for sponsoring my trip. It was a pleasure to be there with such a large crowd of people. Thanks you #microsoft and #github for inviting me.
Hope to be back next year.
comment in response to
post
Cause most everything shared is under NDA.
Met new friends! Met with old friends! Played some board games, bought a few board games. Hiked to the Microsoft Campus, drove a bus-sized-van (that wouldn't fit any parking garage).
Learned tons. Loved the diversity among the participants.
comment in response to
post
I really enjoyed speaking with the GitHub teams working on Copilot, Copilot Agent, Actions and Enterprise. These are the topics closest to my daily work and for which I find it hardest to suppress my opinions. I love how honest and open these conversations are. Can't share more until later though.