Matt Moore
@mattmoor.dev
π€ 384
π₯ 301
π 32
Founder/CTO of
@chainguard.dev
reposted by
Matt Moore
The New Stack
16 days ago
Chainguard's new scanner blocks "greyware" β open source packages that pass every security check but still steal credentials, harvest API keys, and phone home to remote servers.
loading . . .
"Don't just grab random stuff off the internet": What Chainguard found in 52,000 open-source packages
Chainguard's new scanner blocks "greyware" β open source packages that pass every security check but still steal credentials, harvest API keys, and phone home to remote servers.
https://bit.ly/4xArQGY
0
3
1
reposted by
Matt Moore
Justin Garrison
6 months ago
Anyone who builds software with client side validation should go read about phreaking
4
17
2
reposted by
Matt Moore
The New Stack
9 months ago
By maintaining focus on your existing goals and proven metrics, you can ensure that AI becomes a genuine accelerator of your mission rather than an expensive distraction. By
@stevefenton.co.uk
loading . . .
How To Measure AI's Organizational Impact
By maintaining focus on your existing goals and proven metrics, you can ensure that AI becomes a genuine accelerator of your mission rather than an expensive distraction.
https://bit.ly/4oeUZ5c
0
1
1
reposted by
Matt Moore
Jorge Castro π΅π· π¦
10 months ago
LOL they won't listen to me, maybe they'll listen to
@mattmoor.dev
1
10
3
reposted by
Matt Moore
The New Stack
10 months ago
Vibe coders must understand that AI is just a productivity tool, and they β not the AI β are ultimately accountable for the code it produces for them. By
@mattmoor.dev
, thanks to Chainguard
loading . . .
Should Your Team Be Vibe Coding?
Vibe coders must understand that AI is just a productivity tool, and they β not the AI β are ultimately accountable for the code it produces for them.
https://bit.ly/4mWxVb6
0
4
1
reposted by
Matt Moore
Matt "msw" Wilson
10 months ago
PSA: attacks on public infrastructure like software package registries are on the rise. Hereβs an active one targeting folks who have
crates.io
accounts.
add a skeleton here at some point
1
4
3
reposted by
Matt Moore
The New Stack
10 months ago
Six months after launching container host VMs, Chainguard is expanding into application and base VM images with zero-CVE guarantees. By
@darrylktaft.bsky.social
loading . . .
Why Chainguard Is Doubling Down on Virtual Machines in a Container World
Six months after launching container host VMs, Chainguard is expanding into application and base VM images with zero-CVE guarantees.
https://bit.ly/3V3sD1f
1
3
1
reposted by
Matt Moore
The New Stack
10 months ago
Vibe coders must understand that AI is just a productivity tool, and they β not the AI β are ultimately accountable for the code it produces for them. By
@mattmoor.dev
, thanks to Chainguard
loading . . .
Should Your Team Be Vibe Coding?
Vibe coders must understand that AI is just a productivity tool, and they β not the AI β are ultimately accountable for the code it produces for them.
https://bit.ly/45RCygK
0
2
1
reposted by
Matt Moore
Bryan Liles
11 months ago
Thereβs a difference between genAI not being good and not being able to get good results when using genAI.
2
6
1
reposted by
Matt Moore
Brad Fitzpatrick
12 months ago
For CI reasons (speed), I wrote a FUSE filesystem to act like the $GOMODCACHE directory to make it look like all world's
#golang
modules are available locally on disk without having to download them. Then the FS downloads them if/as needed, storing them in git trees/blobs (no commits) for de-dup.
12
148
12
Sounds like ko for swift π
add a skeleton here at some point
12 months ago
0
4
0
reposted by
Matt Moore
Nick Frichette
12 months ago
Cool to see AWS notifying customers of misconfigured OIDC trusts which are vulnerable!
1
8
2
reposted by
Matt Moore
The Onion
over 1 year ago
Report: 83% Of Americans Just Want To Put On Sunglasses And Say βLetβs Do Thisβ
theonion.com/report-...
34
2097
164
reposted by
Matt Moore
Dare Obasanjo
over 1 year ago
It costs nothing yet the feeling it generates is priceless when you let people know you appreciate the work theyβre putting in.
9
279
27
reposted by
Matt Moore
Jeremy, the patronizing Saint of DevOps πΊπ¦
over 1 year ago
"Matt Damon famous?" "Well, maybe Ben Affleck famous..."
2
3
1
Find someone that looks at you the way Biden looks awarding Magic Johnson the medal of freedom.
add a skeleton here at some point
over 1 year ago
1
3
0
reposted by
Matt Moore
The Needling
over 1 year ago
Parents Mortified as Kids Turn Elf on the Shelf Into Snitch in the Ditch:
bit.ly/4gnERdA
7
519
128
Optimist: head Pessimist: tail Realist: grep
add a skeleton here at some point
over 1 year ago
1
13
2
reposted by
Matt Moore
Joe Beda
over 1 year ago
How do you weigh an elephant? The same way you weight a human, just on a much larger scale.
2
13
1
King Charlie begging for π¦
over 1 year ago
0
4
0
PSA: donβt forget to take the giblets out of the neck area.
over 1 year ago
0
1
0
reposted by
Matt Moore
Ian Lewis
over 1 year ago
Google Cloud's most annoying feature is probably that so much relies on GCP load balancers. You need them to do an static https site backed by a bucket, you need them to use IAP with Cloud Run, etc. etc. So many low cost services instantly jump to $30/m because they need an LB.
1
2
1
reposted by
Matt Moore
Justin Garrison
over 1 year ago
Someone told me it's the same pattern as cp and mv and I'll never forget command <thing that exists> <thing you want to create>
4
32
5
This is cool. I guess I'm now
@mattmoor.dev
add a skeleton here at some point
over 1 year ago
2
8
0
you reached the end!!
feeds!
log in