E
Things you should be doing:
- Pin dependency versions
- Update ONLY when you need a particular fix/feature
- No approving your own MRs (a SOC 2 requirement!)
- Malware/security scans on all builds
And obvs the usual MFA, etc. for your identity layer.
Reading on this LiteLLM compromise and it's a doozy. Looks like the repo owner was popped and did not have two-party approval for merging, so the attacker could instantly push malware into new releases. Nevermind that there was no malware scanning in the build pipeline either.
Not shocking that Google was bored with GFiber, only that it took them this long to really admit it. https://www.theregister.com/2026/03/12/googles_fiber_biz_and_stonepeaks/
You think you've seen all the jank in #homelab and then someone shows a takeout container being used as a GPU enclosure.
I'm doing a thread on Bluesky about the proposed data center in Iron County. #utpol https://bsky.app/profile/elforesto.coolestfamilyever.com/post/3mge2xmw3ys2q
