Category

Development

Development, Tools, Visual Studio

Self-signed certificate chain problems with GitHub Copilot and Visual Studio and Visual Studio Code

My customers have been excited to start using and experimenting with GitHub Copilot. Their proof of value has really proven to be beneficial in a lot of their development aspects. Some of them have tougher security controls in their corporate environments. One of them is SSL inspection through their firewall/NVA. This had lead to the dreadful error: [CopilotClientManager Information] statusNotification: Warning: The pending stream has been canceled (caused by: self-signed certificate in certificate chain)[CopilotClientManager Error] [ghostText] Error on ghost text request: FetchError: The pending stream has been canceled (caused by: self-signed certificate in certificate chain) The GitHub engineering team is aware of the problem. While the tools continue to improve and a more native fix / solution can hopefully be baked in, as I tell my customers, always open a support ticket to help the engineering team navigate these issues. If your organization is doing SSL inspection and you have access to the Root certificate (and it…

Read more
Azure, Development, Web, WebApi

Load testing your applications using Azure Load Testing, JMeter and GitHub Actions

I’ve been working with more customers that are starting to take testing (unit, integration, end to end and load testing) more seriously. You may ask, “Dom, really? I thought testing was trivial”. Unfortunately not. As we’re entering an era where businesses are producing software like never before, relatively speaking, these businesses are not software companies. They are seeking to prioritize the speedy creation of business value while disregarding the importance of testing. Development teams, most often than not, are under pressure when the applications they develop do not perform the way they intended it to work, after being released. Testing is not engrained within their DNA. If it would have been, the extra stress and anxiety associated with debugging the…

Read more
Development, Tools

Signing your GitHub commits with GPG and YubiKey

I got a YubiKey recently and saw a YouTube video where the presenter quickly showed how to sign GitHub commits. I found this a useful thing, as on GitHub, you can just set your name and email in your git config and GitHub will link that it’s from you but when in fact it may not. I saw this with Linus Torvalds, where someone saw he had “made” commits on a repo, but it did not seem to be something he would contribute on. Was it really him? Who knows, but I realized it was time for me to go a little bit beyond the normal security aspect and use my YubiKey for more than just for FIDO2 authentication. For…

Read more
Development

Azure DevOps GIT with SSH: fetch-pack: unexpected disconnect while reading sideband packet

In the organization I currently am, on a specific projet, the GIT repository is pretty beefy and large. I had not updated the development branch in a while, due to my assignation on some other projects. Once I had some time to come back to work on this project and see where the team was in terms of code, I wanted to make sure my local development branch was up to date with the remote by pulling the code using the the git pull command. After issuing the command, I got the following error:

This seems to be related to the decompression of the code once it’s received from the remote. One solution to counter this problem, is to…

Read more
Development, Tools

Easily nuke secrets from your Git history

I came across an excellent article from Don Goodman-Wilson on GitGuardian on Rewriting your git history, removing files permanently – cheatsheet & guide. I had a scenario where I wanted to remove a secret deep in my history. In his article, he speaks about the git extension tool git-filter-repo. Eager as I am, I’m like yes lets use it! However, I realize that for starters, the install steps, if you’re working on a Windows machine, may not be as straight forward as download/install. For the ones like me that want a quick cheatsheet on how to make it work on Windows, here’s a quick summary. Thanks to the GitHub issues in the repo that helped me put this together. Setup…

Read more
Development

Managing multiple SSH keys for authentication to GitHub on Windows 10

Where I currently work, we have the opportunity to use our own personal computers to work. This means I’m able to use my own super computer. The company hosts their code on GitHub. In order to not mix my personal GitHub account and my work account, I created a new GitHub account for my work. GitHub has a limitation that it cannot use the same public key for 2 different accounts. As such, I created a new pair of keys to authenticate

The idea now is that I want to be able to use both keys and both accounts simultaneously. I want to also not have to enter my ssh key pass every time I do an operation. You…

Read more