@veit@mastodon.social2026-06-25 05:49:24
#TIL that there is also a pre-commit check for uv audit: https://www.python4data.science/en/latest/productive/security.html#codecell3
@veit@mastodon.social2026-06-25 05:49:24
@azonenberg@ioc.exchange2026-05-24 05:06:00
I'm wondering how plausible it would be for the new ngscopeclient CI to have a private web form (probably just restricted by simple https basic auth with creds shared among project maintainers) to request a build of a specific commit in order to enable testing of PRs.
The idea is that this will still allow pre-testing of PR content before we merge them, but won't allow any possibility for an outside attacker to trigger a build on our infrastructure without a maintainer at least…
@michabbb@social.vivaldi.net2026-04-24 20:26:13
🔧 Code quality:
• tdd — full test-driven dev workflow
• scaffold-exercises — builds coding exercises from spe cs
• edit-article — structured editing with context transfer
🛡️ Safety rails:
• git-guardrails-claude-code — blocks push, reset --hard & clean before #AI executes them
• setup-pre-commit — configures