GitHub Actions

Browse all articles, tutorials, and guides about GitHub Actions

5posts

Guides

Introduction to CI/CD with GitHub Actions

Learn to automate your development workflow with GitHub Actions, from basic builds to sophisticated deployment pipelines.

Posts

⌘K

DevOps

2026-05-23|10 min read

When the Malicious Hook Is in the Other Manifest: 700+ Repos, 8 Packagist Packages, One package.json Trick

On May 22, 2026, Socket disclosed a Composer supply chain attack that hid an npm-style postinstall command inside package.json on PHP projects. composer.json was clean, the PHP review missed it, and 700+ GitHub repos pulled it in. Here is the exact payload, why ecosystem-boundary blindness keeps catching teams, and how to wire your CI to look at both manifests.

DevOps

2026-05-12|11 min read

TanStack npm Worm: The Supply-Chain Attack With a Dead-Man's Switch

On May 11, 2026, attackers republished 14+ official TanStack packages on npm with a worm that signs itself with valid SLSA provenance and arms a dead-man's switch that wipes your home directory the moment you revoke the stolen GitHub token. Here is what happened, how the payload works, and how to check your machine.

DevOps

2026-01-24|14 min read

GitOps: Deploy Docker Containers with GitHub Actions and ArgoCD

Learn how to implement a modern GitOps workflow for Docker deployments. This guide covers building images with GitHub Actions, pushing to container registries, and automated deployments with ArgoCD.

CI/CD

2024-11-18|7 min read

The GitHub Actions Workflow That Eliminated Our DevOps Bottleneck

How we reduced deployment time from 2 hours to 8 minutes using smart GitHub Actions patterns and parallel execution strategies.