https://www.softwarecraftsperson.com/categories/security/ Recent content in Security on Software Craftsperson https://www.softwarecraftsperson.com/logos/web/png/Color%20logo%20-%20no%20background.png https://www.softwarecraftsperson.com/logos/web/png/Color%20logo%20-%20no%20background.png Hugo -- 0.147.1 en Wed, 01 Apr 2026 09:00:00 +0100 https://www.softwarecraftsperson.com/posts/github-repository-hardening-playbook/ Wed, 01 Apr 2026 09:00:00 +0100 https://www.softwarecraftsperson.com/posts/github-repository-hardening-playbook/ A practical playbook for hardening a Hugo repository with reproducible builds, dependency controls, secret scanning, Semgrep, scorecards, and local guardrails. https://www.softwarecraftsperson.com/posts/github-org-policies-affect-personal-repos/ Wed, 01 Apr 2026 09:00:00 +0100 https://www.softwarecraftsperson.com/posts/github-org-policies-affect-personal-repos/ Joining a GitHub organisation with your personal account means enterprise policies can silently restrict your private repos. Here is how GitHub permission layers work and what to expect. https://www.softwarecraftsperson.com/posts/2024-11-12-signing-gpg-commit/ Thu, 12 Dec 2024 09:00:00 +0000 https://www.softwarecraftsperson.com/posts/2024-11-12-signing-gpg-commit/ Learn how to sign Git commits with GPG, why commit signing matters for security and trust, and step-by-step setup for macOS, Linux and GitHub. Prevent identity spoofing and enable verified commits.