This week's articles
GitHub Actions could be so much better
GitHub Actions is a regular source of profound frustration for the author of this post in their development processes. This post lists some of those frustrations, and how they think GitHub could improve on them (or even fix them outright).
Surprise: When Dependabot Contributes Malicious Code
MITRE Security Automation Framework
MITRE SAF supports security processes at all stages of the software lifecycle, from planning secure system design to analyzing operational security data.