The Auth0 service is a multi-vendor OAuth provider. It has around 60 different social login providers.
So the user hits "Sign In With Twitter1", gives Twitter their username, password, blood sample, and 2FA token. Twitter gives OpenBenches an authentication token with read only access.

A useful script to work offline, in the train, to run in a local git clone of the target repository :

gh issue list --json number --jq .[].number | while read nb; do
    gh issue view $nb > $nb.md
    gh issue view $nb --comments >> $nb.md
done

Join us in sending a token of appreciation to your favorite open source developers and projects.
Here’s how:

1. Choose a card
2. Log in with GitHub
3. Choose recipient
4. Send your card

git-remote-gcrypt is a git remote helper to push and pull from repositories encrypted with GnuPG, using a custom format
Supported backends are local, rsync:// and sftp://, where the repository is stored as a set of files, or instead any where gcrypt will store the same representation in a git repository
The aim is to provide confidential, authenticated git storage and collaboration using typical untrusted file hosts or services.

Tested: it works fine and is very easy to setup:

git remote add gitcrypt gcrypt::git@...
git config user.signingkey ...
git config gcrypt.participants ...
git push gitcrypt master

To encrypt only SOME files in a git repo, better look at git-crypt

Why Give Up GitHub?

• Copilot is a for-profit product. [...] Its AI model was trained exclusively with projects that were hosted on GitHub [...] Microsoft and GitHub have been ignoring these license requirements for more than a year
• GitHub has a for-profit software services contract with the USA Immigration and Customs Enforcement (ICE)
• While GitHub pretends to be pro-FOSS, their entire hosting site is, itself, proprietary and/or trade-secret software
• GitHub has long sought to discredit copyleft generally. Their various CEOs have often spoken loudly and negatively about copyleft [...] GitHub is wholly owned by Microsoft, a company whose executives have historically repeatedly attacked copyleft licensing

How Do I Give Up GitHub?

[...]
Alternative Hosting Services: SourceHut, CodeBerg (that can be used with builds.sr.ht to get CI pipelines)

Ways To Help Even Before You Give Up GitHub
... (more details in the article)

Added

• new parameters new_x and new_y for cell() and multi_cell(), replacing ln=0, thanks to @gmischler
• new add_highlight() method to insert highlight annotations: documentation
• new offset_rendering() method: documentation
• new .text_mode property: documentation
• the page structure of the documentation has been revised, with a new page about adding text, thanks to @gmischler
• a warning is now raised if a context manager is used inside an unbreakable() section, which is not supported

Changed

• local_context() can now "scope" even more properties, like blend_mode: documentation

Fixed

• No font properties should be leaked anymore after using markdown or in any other situations (cf. #359), thanks to @gmischler
• If multi_cell(align="J") is given text with multiple paragraphs (text followed by an empty line) at once, it now renders the last line of each paragraph left-aligned,
  instead of just the very last line (cf. #364), thanks to @gmischler
• a regression: now again multi_cell() always renders a cell, even if txt is an empty string - cf. #349
• a bug with string width calculation when Markdown is enabled - cf. #351
• a few bugs when parsing some SVG files - cf. #356, #358 & #376
• a bug when using multi_cell(..., split_only=True) inside an unbreakable section - cf. #359

Deprecated

• The parameter ln to cell() and multi_cell() is now deprecated, use new_x and new_y instead.
• The parameter center to cell() is now deprecated, use align="C" instead.

Displaying deprecation warnings

DeprecationWarnings are not displayed by Python by default.

Hence, every time you use a newer version of fpdf2, we strongly encourage you to execute your scripts
with the -Wd option (cf. documentation)
in order to get warned about deprecated features used in your code.

This can also be enabled programmatically with warnings.simplefilter('default', DeprecationWarning).

TL;DR: There are three options to fix an NPM dependency:

• Open a bug ticket on the repository of the maintainer
• Fork & Fix
• Create a patch and fix it

J'avais tendance à privilégier la 2e solution, mais elle a l’inconvénient de créer une dépendance à github.com au moment du build, ce qui n'est pas toujours pratique dans un contexte d'entreprise... patch-package peut donc s'avérer bien pratique dans ce cas

Last month, I realized late that October was hacktoberfest month!

This online event is a month-long celebration (October 1-31) of open source software run in partnership with different software companies, with a focus on encouraging contributions to open source projects.

While I participated in the 2019 edition as a contributor …

The world is simultaneously underwater and on fire, and people want to know what they can do about it. Let's share resources, services, products and ideas you can use to stop kicking the planet in the face.

Script to install Datalogics PDF Checker CLI on a Linux system:

curl https://raw.githubusercontent.com/Lucas-C/dotfiles_and_notes/master/bin/install-pdfchecker.sh | bash
PDF_Checker/pdfchecker --profile PDF_Checker/CheckerProfiles/everything.json --input $pdf

tl;dr: User countermeasures:

• Noreply-Email-Address: Every GitHub user should either use a dedicated commit email address or GitHub’s noreply-email-address service, also enabling the option to block accidental command line pushes.
• 2-Factor-Authentication: Every GitHub user should have 2-Factor-Authentication enabled
• Raise Awareness: it’s the duty of developers aware of this issue toinform their colleagues about it

sed -i "s/$real_email/$github_email/" /opt/*/.git/config

FreeBoardGames.org is a free and open-source board game platform. Enjoy free high-quality games on any device that can access the web. Study how the games are made, change them, and contribute back to the community!

• Take 6 ! (6 Nimmt ! / 6 qui prend !)
• Secret Codes (CodeNames)
• Cornerus (Blokus)

...and many more

"The problem is, if we don’t deal with politics, politics will deal with us. We can choose to not act when people are being oppressed, but when it's our turn to be oppressed, it will be too late and there will be no one for us. You don't need to be Uyghur or a Muslim to act, you need only to be a human and have empathy for our fellow humans."

The iframe above displays some graphs I've built last week, in order to get some insight on some GitHub projects issues & pull requests evolution. They are directly inspired by nf-core project activity statistics.

Click here to open those …

Awesome !

FROM: https://pagedout.institute/

Almost a year ago, GitHub introduced security alerts. They are an awesome feature.

They function as notifications you receive whenever a vulnerability affecting one of your project dependencies.

But long after receiving a notification, how to list all security alerts affecting your repositories ?

I didn't found an out-of-the box solution …

manage groups of collaborators and associate each private repo with one of those groups + enable all of your contributors to manage who is and isn't a collaborator.

Example of project combining:

• Github API usage & its AWS SNS integration
• AWS Lambda written in Python