Software Deployment and Developer Confidence: Why Your Release Process Matters
Developer confidence in your software deployment process directly impacts shipping velocity, code quality, and team retention. Here's why your release process matters.
Updates and recent posts about Sigstore.. Story
@laura_garcia shared a post, 2ย months ago
Software Developer, RELIANOID
๐ช๐ผ๐ฟ๐น๐ฑ ๐๐ฟ๐ฒ๐ฎ๐๐ถ๐๐ถ๐๐ ๐ฎ๐ป๐ฑ ๐๐ป๐ป๐ผ๐๐ฎ๐๐ถ๐ผ๐ป ๐๐ฎ๐ ๐ฎ๐ฌ๐ฎ๐ฒ
๐ ๐ช๐ผ๐ฟ๐น๐ฑ ๐๐ฟ๐ฒ๐ฎ๐๐ถ๐๐ถ๐๐ ๐ฎ๐ป๐ฑ ๐๐ป๐ป๐ผ๐๐ฎ๐๐ถ๐ผ๐ป ๐๐ฎ๐ ๐ฎ๐ฌ๐ฎ๐ฒ At RELIANOID, creativity and innovation are not just concepts we celebrate once a yearโthey are embedded in everything we build, deliver, and improve every day. In a world where digital services must be ๐ณ๐ฎ๐๐๐ฒ๐ฟ, ๐บ๐ผ๐ฟ๐ฒ ๐๐ฒ๐ฐ๐๐ฟ๐ฒ, ๐ฎ๐ป๐ฑ ๐ฎ๐น๐๐ฎ๐๐ ๐ฎ๐๐ฎ๐ถ๐น๐ฎ๐ฏ๐น๐ฒ, innovatio..
Story Keploy Team
@sancharini shared a post, 2ย months ago
Test Automation Tools Comparison: Keploy vs Selenium
Explore a practical comparison of test automation tools like Keploy and Selenium. Learn how their approaches differ in test creation, maintenance, and scalability in modern development workflows.
Story Trending
@laura_garcia shared a post, 2ย months ago
Software Developer, RELIANOID
๐๐ผ๐ป๐ณ๐ฐ๐ฎ ๐๐น๐ผ๐๐ฑ ๐ก๐ฎ๐๐ถ๐๐ฒ ๐ฎ๐ฌ๐ฎ๐ฒ
- ๐๐ผ๐ป๐ณ๐ฐ๐ฎ ๐๐น๐ผ๐๐ฑ ๐ก๐ฎ๐๐ถ๐๐ฒ ๐ฎ๐ฌ๐ฎ๐ฒ | ๐๐ฝ๐ฟ๐ถ๐น ๐ฎ๐ฏ | ๐ข๐ป๐น๐ถ๐ป๐ฒ Join Conf42 Cloud Native 2026 โ a global virtual event focused on cloud-native technologies, Kubernetes, and modern infrastructure. - ๐ช๐ต๐ฎ๐ ๐๐ผ ๐ฒ๐ ๐ฝ๐ฒ๐ฐ๐: Kubernetes & containerization Cloud security & DevSecOps Microservices & scalability Observability & au..
Link
@simme shared a link, 2ย months ago
Senior Engineering Manager, @canonical
Boring code is an organizational tell
Boring code is an organizational symptom, not an aesthetic failure. Co-change patterns in version control reveal team boundaries before any retrospective does; ownership concentration predicts defects better than code complexity metrics. With agents removing the friction that contained clever code accumulation, the incentive structures that produce boring code have never mattered more.
Story
@cloudsignals shared a post, 2ย months ago
Director - Cloud Engineering, osttra
Terraform Production Readiness Cheatsheet
Terraform working isnโt enough. Learn what it takes to make it production-ready โ from backend design to security and automated pipelines.
Story
@cloudsignals shared a post, 2ย months ago
Director - Cloud Engineering, osttra
DevSecOps: Rapid & Secure Delivery
If security is your last step, youโre already too late. This guide shows how to build a DevSecOps pipeline where security is continuous, automated, and invisible to delivery speed.
Link
@varbear shared a link, 2ย months ago
FAUN.dev()
I told Claude Code to build me an executive assistant. This is what my work as CTO looks like now
CTO at ZAR shares his experience managing 10 engineers, shipping code, and operating at the C-level with an AI assistant named Claude Code. The system allows him to maintain context across multiple workstreams, automate tasks, and scale his productivity. In just three weeks, he has documented 82 mee.. read more ย
Link
@varbear shared a link, 2ย months ago
FAUN.dev()
GitHub backs down, kills Copilot PR โtipsโ after backlash
GitHub revoked Copilot's ability to inject tips into other users' pull requests after reports that Copilot Review inserted aRaycastlink. They disabled agent tips in PR comments, blamed a programming-logic bug, and said they won't turn tips into ads... read more ย
Link
@varbear shared a link, 2ย months ago
FAUN.dev()
Python 3.3: The Version That Quietly Rewired Everything
Python 3.3 introduced three key features that have had a lasting impact on Python development. Firstly, yield from simplified the composition of generators by allowing easy delegation between them. Secondly, venv standardized virtual environments in Python, improving isolation and reproducibility of.. read more ย
At its core, sigstore removes many of the traditional barriers associated with code signing. Instead of managing long-lived private keys manually, sigstore supports keyless signing, where identities are issued dynamically using OpenID Connect (OIDC) providers such as GitHub Actions, Google, or Microsoft. This dramatically lowers operational complexity and reduces the risk of key compromise.
The sigstore ecosystem is composed of several key components:
- Cosign: A tool for signing, verifying, and storing signatures for container images and other artifacts. Signatures are stored alongside artifacts in OCI registries, rather than embedded in them.
- Fulcio: A certificate authority that issues short-lived X.509 certificates based on OIDC identities, enabling keyless signing.
- Rekor: A transparency log that records signing events in an append-only, tamper-evident ledger. This provides public auditability and detection of suspicious or malicious signing activity.
Together, these components allow anyone to verify who built an artifact, when it was built, and whether it has been tampered with, using publicly verifiable cryptographic proofs. This aligns closely with modern supply chain security practices such as SLSA (Supply-chain Levels for Software Artifacts).
sigstore is widely adopted in the cloud-native ecosystem and integrates with tools like Kubernetes, container registries, CI/CD pipelines, and package managers. It is commonly used to sign container images, Helm charts, binaries, and SBOMs, and is increasingly becoming a baseline security requirement for production software delivery.
The project is governed by the OpenSSF (Open Source Security Foundation) and supported by major industry players.
