Commit Signing Let’s start with WHY?
Neat article on this topic - FBI Warning
The article above lays out a few Supply Chain Security attacks that are applicable to software development. The TLDR is that - without signing your commits - there are ways to impersonate your github account through fairly trivial means. This is a pretty scary thought - impersonation is a pretty simple social engineering attack that could result in someone letting down their defenses when they otherwise shouldn’t - or worse - attributing some known bad code to someone else in an attempt to degrade their reputation.I am a firm believer that a continuous growth-mindset is essential for any developer (and any other person to be honest). We execute day-in and day-out and more often than not will find ourselves playing to our strengths and focusing on the mission need instead of poking at every new skill and programming language under the sun.
Devoting yourself - your time, energy, focus and grit towards the skills you know will be required for making the next big decision is a great way to continue to grow.It’s amazing to me the return on investment that comes from a company investing in themselves. Every month we’re given 2 days and the ability to focus on an area of experimentation that could align with our mission objectives.
July 2022 - Small team formed to discuss the topic “OSCAL”. That’s it - no prior solutioning or planning, just prior knowledge from a few on other R&D engagements that informed us OSCAL was a topic we wanted to look at.Another wellbeing topic - as I believe people need reminders on a regular basis. This one being important to me because it comes from a conversation with a friend.
Self Perception: How do you perceive yourself - here and now - as well as where you believe you can go.
Self deprecating comments can be fun jokes at the expense of oneself and do no harm when you know the truth behind them.New Year - same me. Everyone has a different opinion on Resolutions and aiming to be a better person/spouse/parent/etc. It’s admirable to have that mindset.
I’m far from alone in taking the stance that I am not a resolutions-person. I both don’t wait until the new years to start thinking about resolutions and I don’t wait until the new years to start doing them. I do it all the time - continuously.