-
Just encountered a situation where the build and preview workflow occurred at the same time (during the merge of a PR). They both attempted to write a commit on top of the current `gh-pages` commit. T…
-
https://github.com/jtesta/ssh-audit/wiki/Proxmox-VE-7.3-6
-
The current release of dropbear can be hardened by building it adding the following three lines to `localoptions.h`:
```
#define DROPBEAR_RSA_SHA1 0
#define DROPBEAR_DH_GROUP14_SHA1 0
#define DROP…
-
### Describe the bug
okio starts a thread via the class `okio.AsyncTimeout.Watchdog` once "it has to deal with a timeout". The thread's configured as a daemon thread and seems to have some shutdown l…
-
How to protect your GitHub workflow files and prevent anyone to modify them in any incorrect way?
Here is the solution:
Using CODEOWNERS to monitor changes
You can use the CODEOWNERS feature to c…
-
**Description**
See https://github.com/sigstore/root-signing/pull/742
The POP verification flow fails, as it can't get access to a secret which is needed to post a comment back to the PR that th…
-
Per GH security docs: https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-third-party-actions
I think we should consider locking down all GH Actions that …
-
### Is this feature missing in the latest version?
- [X] I'm using the latest release
### Is your feature request related to a problem? Please describe.
Due to restrictions in my organization…
-
**Rancher Server Setup**
- Rancher version: `v2.7.2-rc5`
- Installation option (Docker install/Helm Chart): `Docker install`
- If Helm Chart, Kubernetes Cluster and version (RKE1, RKE2, k3s, EKS…
-
Hi, I installed K8S 1.25 using RKE2 without the option enabled `profile: "cis-1.23"`, then Rancher using helm, and it seems to have pulled rancher-webhook:
```
helm3 list
NAME NAMESP…