Profile avatar
tracymiranda.bsky.social
Open Source
126 posts 920 followers 354 following
Prolific Poster
Conversation Starter
Posts 35 Comments 14

Maybe I need to watch sports with Mexican commentators. Congratulations are in order for Canada 🇨🇦 🍁 it seems

submitted 6 days ago • 3 comments

evergreen post

submitted 6 days ago • 0 comments

Congratulations to the Firefox team for shipping CT enforcement! > Starting in Firefox 135, Certificate Transparency is now enforced on all desktop platforms. groups.google.com/a/mozilla.or...

submitted 23 days ago • 1 comment

That's a wrap #Fosdem! 👋old friends & new @puerco.mx @daniel.haxx.se

submitted 25 days ago • 0 comments

10 years (already!) of Let's Encrypt. Painless access to free certificates has been transformative to secure the Internet. #FOSDEM

submitted 25 days ago • 0 comments

Friendly reminder that each talk has a feedback link in the schedule. Please let us know about the quality of the talk and speaker, if the room was overcrowded, ... feedback helps us improve the next edition! You can also mail your general feedback to [email protected]

submitted 25 days ago • 0 comments

Kiss, Marry, Kill: 1.Python 2.Golang 3.Rust #Fosdem

submitted 25 days ago • 1 comment

GitHub Artifact Attestation guarantees integrity for artifacts built with GHA. It's based on open source Sigstore, SLSA & Tuf #Fosdem

submitted 26 days ago • 0 comments

Great overview of security pitfalls in GitHub Actions that should be required viewing for anyone working with GHA by @yossarian.net - read the detailed slides at fosdem.org/2025/schedul... #FOSDEM

submitted 26 days ago • 0 comments

Github Actions are relatively new but widely used, and can be subject to bugs & vulnerabilities. Use zizmor to help identify issues and for good gha hygiene #Fosdem

submitted 26 days ago • 0 comments

Learning about zizmor, a static analysis tool for GitHub Actions from @yossarian.net github.com/woodruffw/zi...

submitted 26 days ago • 0 comments

Learning about GuardDog, a CLI tool that allows to identify malicious PyPI and npm packages or Go modules. #fosdsm github.com/DataDog/guar...

submitted 26 days ago • 1 comment

Swift build is now open source #Fosdem www.swift.org/blog/the-nex...

submitted 26 days ago • 1 comment

First elephant sighting #Fosdem

submitted 26 days ago • 0 comments

Good news for Java developers! Central now validates OpenSSF sigstore signatures as part of publishing. If you’re already signing your artifacts with Sigstore, you’ll now get real-time validation feedback in the Central Publisher Portal. Read more details here: www.sonatype.com/blog/central...

submitted 29 days ago • 0 comments

So much warmer than the -11°C in Ottawa! Looking forward to it!

submitted 28 days ago • 0 comments

Never forget open source is a strategic weapon for levelling the playing field

submitted 31 days ago • 0 comments

Gold. 😂 www.reddit.com/r/csMajors/s...

submitted 34 days ago • 1 comment

CVSS is dead to us daniel.haxx.se/blog/2025/01... #curl

submitted 35 days ago • 9 comments

Nice statement from FOSDEM folks: * we don't trade sponsorship for speaking slots * Open Source and Free Software are inherently political * y'all are welcome to protest peacefully fosdem.org/2025/news/20...

submitted 41 days ago • 1 comment

accolades to @sjvn.bsky.social for writing honestly about what's happening right now www.computerworld.com/article/3803...

submitted 42 days ago • 0 comments

Anyhoo, this is the #FOSDEM keynote I'll be looking forward to fosdem.org/2025/schedul...

submitted 42 days ago • 0 comments

👀

submitted 42 days ago • 0 comments

attestations attestations attestations

submitted 42 days ago • 0 comments

I’d call this a successful opening weekend for the Canal. It’s great to see such an iconic attraction open and being well-used.

submitted 46 days ago • 4 comments

Has anyone set up any #FOSDEM feeds yet?

submitted 43 days ago • 0 comments

Certificate transparency and related technologies are having quite the renaissance! blog.transparency.dev/what-2025-ho...

submitted 43 days ago • 0 comments

Tiktok to Rednote is quite the American coming of age story.

submitted 43 days ago • 1 comment

When I say that the hiring process in tech has utterly lost its mind, this is what I mean. This is bonkers.

submitted 51 days ago • 3 comments

it's a new year and I spent my first workday writing a quick ★ terminal survey ★! it should take about 5 minutes and I'd love for folks to fill it out, I'm writing a zine about the terminal and my goal is to understand who we're writing it for a little better s.surveyplanet.com/wkepwlsp

submitted 51 days ago • 7 comments

It took longer than expected, but the @fosdem.bsky.social "testing and continuous delivery" devroom schedule is now ready Thanks to all the people who submitted a talk proposal. and see you at @fosdem.bsky.social on February the first fosdem.org/2025/schedul... #oss #cicd #testing

submitted 50 days ago • 0 comments

Currently thinking ahead to 2025 and all the great cycling and "complete streets" projects that are underway in Ottawa - let's highlight a few! #1) Bank Street Renewal will continue in 2025, with 2024 having already seen major progress on the section near Billings Bridge:

submitted 64 days ago • 3 comments

My love language is end-of-year retros

submitted 60 days ago • 0 comments

Supply chain attack via a shell injection in a PR branch name (!) due to unsafe use of GitHub Actions' pull_request_target. Inserted a crypto miner in the PyPI package. Paging @yossarian.net to the courtesy phone. Would github.com/woodruffw/zi... have caught it?

submitted 83 days ago • 1 comment

If you’re curious about how I spent most of 2024 building sigstore-ruby… www.youtube.com/watch?v=h-UX...

submitted 98 days ago • 0 comments