Blog Entries

26. 06. 2025 Gabriele Bocchi Automation, Development, DevOps

How to Secure GitHub Actions with SHA Pinning

GitHub Actions offer a powerful and flexible infrastructure for CI/CD, deployments and monitoring. But every external dependency we include opens a potential door for supply-chain attacks. One simple, effective, and low-cost way to seal that door is pinning your Actions to specific commit SHAs. In this article, we’ll explore the risks, walk through how to…

Read More
12. 09. 2024 Mattia Codato Development, DevOps

Publish NPM Package to GitHub Packages Registry with GitHub Actions

With the rise of continuous integration and delivery (CI/CD) in modern software development, automating tasks like publishing npm packages has become crucial for efficiency. GitHub packages Registry (npm.pkg.github.com) allows developers to host and manage npm packages directly within GitHub, offering a seamless experience for both private and public repositories. By leveraging GitHub Actions, developers can…

Read More

Search by technology

Contact

Contact us
Serviceportal

Archive