InfoWorld4 months agoDevOpsGitHub takes aim at software supply chain securityArtifact Attestations in GitHub Actions workflows based on Sigstore enhance software integrity and security. [ more ]
DevOps.com2 months agoInformation securityGitLab Fixes Security Flaw That Lets Attackers Run Pipeline Jobs - DevOps.comGitLab urges immediate upgrade to fix critical security flaw allowing malicious pipeline execution. [ more ]