markjm
Repos
51
Followers
13
Following
7

Node ease-of-use exec wrapper. Simple and fluent API intended for short-running tasks for CI/CD scripting

A tool for classifying pain grimaces in mouse images. Featured in https://www.nature.com/articles/s41684-018-0078-8?WT

A presentation of a previously unexamined method for improving the efficiency of first-order logic provers

Allows you to wrap caching behavior around an arbitrary command. It will take in a list of source files, generate a hash, then check a cache (stored in Azure Storage) to see if those inputs have been seen before. If so it will download the cached outputs instead of running the command. If no cache is found matching the hash it will run the command instead.

A bundler for javascript and friends. Packs many modules into a few bundled assets. Code Splitting allows for loading parts of the application on demand. Through "loaders", modules can be CommonJs, AMD, ES6 modules, CSS, Images, JSON, Coffeescript, LESS, ... and your custom stuff.

61881
8127

Wrapper library for directory and file watching.

346
87

Events

pr comments

Created at 2 days ago
issue comment
Allow removing teams from override config

That is strange, as that is the exact scenario ive been testing. Just tested again and it is still working.

One thing I notice is the teams diffable expects you pass slugs as names (as evidenced where comparator operator is comparing config name with remote slug), but mergeDeep is only looking at name and username. im not sure if/how this might cause differing results, but seems like a possibility. For reference, we are using slugs as names and name != slug, so perhaps I am hitting a hasChanges case always

Created at 5 days ago
issue comment
Allow removing teams from override config

Any further concerns on this, or are we good to merge?

Created at 1 week ago
issue comment
Resolve a bunch of snyk vulnerabilities

Hi @alexmcode - to answer your questions:

  1. Was it necessary to update to node:16? Yes, but in a round-about way. Essentially, there were a bunch of deb vulnerabilities in the underlying alpine image. Since node@14 is out of support, the base images are not updated to pull in those patched underlying changes. Since 16 is LTS and is being built more regularly, the underlying alpine vulnerabilities are getting patched out in the base image. If, for example, we could just update the underlying alpine image backing node@14, that would work too, but requires much more to do.
  2. My place of employment had a bunch of monitoring and whatnot with partners like Snyk - unfortunately no valuable knowledge or tools I can share out here :/
Created at 1 week ago
pull request opened
Resolve a bunch of snyk vulnerabilities

Update the base image and some of the add-on dependencies to resolve a bunch of CVEs identified by Snyk. I have tested AWS and file storage types with node16, and dont see anything that would prohibit using node 16 for the other storage types (though did not test myself)

Created at 1 week ago

Resolve a bunch of snyk vulnerabilities

Created at 1 week ago
Created at 1 week ago
delete branch
markjm delete branch mmolinaro/pass-repo
Created at 1 week ago

fix brackets

Created at 1 week ago
issue comment
Allow removing teams from override config

It also makes sense to me to have both. I consider settings.yml to be the "admin" role, while repo-specific configs are for teams/owners. I don't think it makes sense for teams to need to alter global configs for their specific use-case (though do like that admins do have "override" capabilities, both from include/exclude) and validators.

I believe this approach continues to support previously-working include/exclude while adding the capability for specific repos.

I think the change makes sense given we allow repos to make "additive" changes already (adding more teams), so it makes sense to support "negative" changes as well if we say repo.yml supports "overrides"

Created at 1 week ago

Filter deeper in the stack

Created at 2 weeks ago
Created at 2 weeks ago

fix comparator

Created at 2 weeks ago

move to comparator

Created at 2 weeks ago

short-circuit add

Created at 2 weeks ago

move to beginngng of func to get correct nop logs

Created at 2 weeks ago
pull request opened
Allow removing teams from override config

Consider the below scenario: I want to have a global team (say engineering), but want to exclude this team specifically from one repo (<repo>). Right now there is no way to do this, because omitting permission from the override will cause it to be merged from the base config.

With this change, specifying null permissions will remove the team, instead of unsuccessfully trying to add the team with an unknown permission.

.github/settings.yml:

teams:
  - name: engineering
    permission: push

.github/repos/<repo>.yml:

teams:
  - name: engineering
    permission:

The above configuration will cause engineering to have write access to all teams except

Created at 2 weeks ago
create branch
markjm create branch mmolinaro/teams-remove
Created at 2 weeks ago

Only process applicable repos for suborg setting change

remove dead code

remove dead code

add tests for mergedeep, fix lint issues

reverse merge from main-enterprise

fix as per https://github.com/github/safe-settings/pull/194#discussion_r821659019

Merge branch 'main-enterprise' into decyjphr/suborg-scalability

add linting to workflow

add linting to workflow

add linting to workflow

add linting to workflow

reformat the PR status check text

remove unneeded wait

fix bug https://github.com/github/safe-settings/pull/194#discussion_r836581665

resolve issues from testing

call API to make changes only if the settings has changes

add code for performance improvements

remove trailing spaces

fix minor issues

Merge branch 'main-enterprise' into decyjphr/suborg-scalability

Created at 2 weeks ago

Update test.yml

Created at 2 weeks ago

Update test.yml

Created at 2 weeks ago

Create test.yml

Created at 2 weeks ago
create branch
markjm create branch main
Created at 2 weeks ago
create repository
markjm create repository
Created at 2 weeks ago

Fix call to hotBean

Created at 3 weeks ago
pull request opened
Pass repo parameter through to hotfix builds

While this parameter will currently be unused by the hotfix build (and, thus, a no-op), this is valuable information to include.

We can't get a fill repo name based off the job name, because teletraan strips the organization from github repo names in the job name it queues

Created at 3 weeks ago
create branch
markjm create branch mmolinaro/pass-repo
Created at 3 weeks ago
Created at 3 weeks ago