Quantcast
Channel: Scrum Bug
Browsing all 216 articles
Browse latest View live

Image may be NSFW.
Clik here to view.

Azure DevOps 2020 and 2019 (and 2018) patch for log4j vulnerability

Update: Official patches are now available:Azure DevOps Server and Team Foundation Server patchesWith this patch cycle, we are releasing fixes that impact our self-hosted product, Azure DevOps Server,...

View Article


Image may be NSFW.
Clik here to view.

Log4J – A 10 step mitigation plan

Originally posted on the Xebia Blog.Update: which vulnerabilities are present?The initial blog below was written around CVE-2021-45046 and CVE-2021-44228, in which Log4J its JNDI functionalities could...

View Article


Image may be NSFW.
Clik here to view.

Ask a Professional Scrum Trainer - Scaling Scrum with Nexus - Part 2

The Scrum.org Ask a Professional Scrum Trainer series features Professional Scrum Trainers (PSTs) in a live session, answering your most pressing questions regarding the challenges and situations your...

View Article

Image may be NSFW.
Clik here to view.

Customizing Codespaces

You’ve probably had this situation at least once on your career: you join a new team and it takes you at least 10 days to finally get the build to succeed on your local machine, the tests to pass, the...

View Article

Image may be NSFW.
Clik here to view.

Installing git-filter-repo on windows

I've been trying to get git-filter-repo to work on Windows and WSL today and it's been quite a struggle. The docs are pretty limited and call out I may have to update some values in the script itself...

View Article


Image may be NSFW.
Clik here to view.

Be Secure and Compliant with GitHub

How do we ensure security after we have deployed our application? This question comes up in many customer engagements. How do we make something secure and how can we ensure we are compliant?...

View Article

Image may be NSFW.
Clik here to view.

Upgrade Hosted Agent / GitHub Runner PowerShell

I managed to upgrade PowerShell at the start of the run and the agent will happily use it after installation.You need to do two simple things.Install the PowerShell Core Preview onto the agent.Make...

View Article

Image may be NSFW.
Clik here to view.

Update Ghost blogs and pages with PowerShell

The samples provided by Ghost are in JavaScript, Curl and Python, all languages I'm not fluent in, so I set out to do the same from PowerShell or C#.The hardest part turned out to be the code to create...

View Article


Image may be NSFW.
Clik here to view.

Issuing workflow commands from the Windows shell in GitHub Actions

It's a little-known fact that the default shell in for GitHub Actions is different depending on the operating system on which you run. And that the syntax to set a variable, for example, differs...

View Article


Image may be NSFW.
Clik here to view.

What's GitHub's new require approval of the most recent push policy all about?

It was introduced with the express intent to prevent someone responding to a code review request from sneaking in changes and approving them themselves or using the already supplied approval from...

View Article

Image may be NSFW.
Clik here to view.

Definitive solution for log4shell in Azure DevOps Server Search

A version of Azure DevOps Server with a reasonably recent, secure, and supported version of Elastic Search is coming soon.Azure DevOps 2020 and 2019 (and 2018) patch for log4j vulnerabilityAzure DevOps...

View Article

Image may be NSFW.
Clik here to view.

Security state of the Azure DevOps Marketplace

My colleague Rob Bos has been working on analyzing the GitHub Actions Marketplace for security and it got me thinking about the level of security for Azure Pipelines.Analyzing the GitHub marketplace -...

View Article

Image may be NSFW.
Clik here to view.

Speeding up the Azure DevOps Extension tasks

In particular the Publish Azure DevOps Extension task that spent quite a bit of time extracting the vsix prior to putting it back together.Azure DevOps Extension Tasks - Visual Studio...

View Article


Image may be NSFW.
Clik here to view.

Enable RenovateBot for Azure Pipelines

Security state of the Azure DevOps MarketplaceThis report focusses on the Azure Pipelines extensions in the Marketplace. At the time of compiling the report there are 1460 extensions in the “Azure...

View Article

Image may be NSFW.
Clik here to view.

Hey! You broke our pipeline!

I've personally shipped a version of my Variable Toolbox extension that impacted 10.000 developers at a single corporation that relied on my pipeline tasks.And yesterday Microsoft had a world-wide...

View Article


Image may be NSFW.
Clik here to view.

Tips & tricks: Git under WSL and windows

Some of the issues I've encountered are:Ensuring line-endings are properly handled on the mounted windows volumesCentralizing credential managementLet's tackle them one-by-one.Ensuring line-endings are...

View Article

Image may be NSFW.
Clik here to view.

Publish Azure DevOps Extensions using Azure Workload Identity

If you need help configuring a basic CI/CD pipeline for an Azure DevOps Extension, check out the guidance on Microsoft Learn).The issue with Personal Access Tokens is that they're always active, expire...

View Article


Image may be NSFW.
Clik here to view.

Protect the repository hosting your GitHub Action

The GitHub Actions Worm: Compromising GitHub Repositories Through the Actions Dependency TreeGitHub Actions worm compromises GitHub repositories via action dependencies in a novel attack vector...

View Article

Image may be NSFW.
Clik here to view.

VSBuild task fails on self-hosted Azure Pipelines Agent

Today I got this baffling error while trying to run one of the few pipelines I own that requires a self-hosted agent.2023-09-18T13:24:55.1897667Z ##[section]Starting: VSBuild...

View Article

Image may be NSFW.
Clik here to view.

Investigating az-cli performance on the hosted Azure Pipelines and GitHub...

Azure CLI is a great nifty tool to chat to Azure as well as Azure DevOps and there's a AzureCLI@v2 task in Azure DevOps that preconfigures your Azure subscription and all.While testing I got...

View Article
Browsing all 216 articles
Browse latest View live