今日已更新 328 条资讯 | 累计 20300 条内容
关于我们

标签:#git

找到 1090 篇相关文章

开源项目

🔥 NanmiCoder / MediaCrawler - 小红书笔记 | 评论爬虫、抖音视频 | 评论爬虫、快手视频 | 评论爬虫、B 站视频 | 评论爬虫、微博帖子 | 评论爬

GitHub热门项目 | 小红书笔记 | 评论爬虫、抖音视频 | 评论爬虫、快手视频 | 评论爬虫、B 站视频 | 评论爬虫、微博帖子 | 评论爬虫、百度贴吧帖子 | 百度贴吧评论回复爬虫 | 知乎问答文章|评论爬虫 | Stars: 52,587 | 347 stars today | 语言: Python

2026-06-25 原文 →
开源项目

🔥 xbtlin / ai-berkshire - AI 时代的伯克希尔:基于 Claude Code 的价值投资研究框架。巴菲特·芒格·段永平·李录四大师方法论 + 多A

GitHub热门项目 | AI 时代的伯克希尔:基于 Claude Code 的价值投资研究框架。巴菲特·芒格·段永平·李录四大师方法论 + 多Agent并行研究。| AI-era Berkshire: a value investing research framework built on Claude Code. 4 masters' methodologies + multi-agent adversarial analysis. | Stars: 1,563 | 201 stars today | 语言: Python

2026-06-25 原文 →
AI 资讯

GitHub ships a one-click self-revoke for users whose credentials just leaked

You forwarded the phishing email to the security channel about ninety seconds too late. The laptop is already cooperating with someone else. Your personal access token, the one you minted "just for that one script", is on its way to whatever Discord pays for stolen tokens this week. Now what? For users on GitHub Enterprise, what was previously a clickthrough checklist you complete while your hands shake is now one button. On June 24 the GitHub Changelog announced a self-service credential revocation flow under Settings, Credentials. From that view a user can see counts of every credential they have generated or authorized through SSO, then revoke or delete all of them in a single action. Personal access tokens, SSH keys, OAuth tokens, SSO authorizations: gone together. What actually shipped Containment used to be a manual scavenger hunt. PATs sat under Developer Settings. SSH keys lived one tab over. OAuth apps you forgot you authorized two years ago hid behind a different submenu. SSO was its own world. In practice that meant during an incident you forgot something, and the something you forgot was the credential the attacker actually wanted. The new view collapses that surface onto one screen. Counts on one side, a revoke-or-delete-everything action on the other. Whoever wrote it had clearly pictured the 3am screenshot: a user who has just been told to "rotate everything" and has no idea where "everything" lives. GitHub frames this as a complement to an earlier enterprise-owner capability that lets admins with the "Manage enterprise credentials" permission bulk-revoke across one user or many. So there are now two pairs of hands on the kill switch: the user, and the org. (Whichever one notices first.) Why a pipeline owner should care Because users are the trust boundary you keep pretending is somebody else's problem. A leaked PAT in a CI pipeline is rarely a CI bug. It is a human who pasted the token into a script, then a laptop, then a sync folder, then a backup,

2026-06-25 原文 →
AI 资讯

Building a Real-Time World Cup 2026 Bracket Predictor with Vanilla JS and GitHub Actions

Introduction With the World Cup 2026 group stage reaching its climax, football fans worldwide are speculating about who will make it to the finals. To make this experience interactive, I built a fully dynamic World Cup 2026 Bracket Simulator. Instead of just letting users click and choose winners, this app dynamically calculates ELO win probabilities and probabilistically generates realistic match scores (including extra time and penalties) based on team ratings. It also syncs with live match data in real-time. Live URL: https://worldcup-predict2026.github.io/champion/ Tech Stack: Vanilla JS, CSS3 (3D parallax), GitHub Actions, Python, football-data.org API Core Features & Technical Implementation ELO-Based Win Probability & Score Simulation Each team in the database is assigned an ELO-based strength rating. When a user runs the AI auto-prediction, the script calculates win probability and generates a realistic scoreline. Here is the goal roll algorithm (Poisson-like simulation) implemented in Vanilla JS: javascript function generateMatchScore(team1, team2, winner) { if (team1 === "TBD" || team2 === "TBD" || !winner) return null; const s1 = teamStrengths[team1] || 70; const s2 = teamStrengths[team2] || 70; const winnerIsTeam1 = (winner === team1); const strengthDiff = Math.abs(s1 - s2); const baseGoalExpected = 1.1; const bonusGoal = Math.min(1.8, strengthDiff / 12.0); // Goal weight based on ELO difference const rollGoals = (lambda) => { let L = Math.exp(-lambda); let k = 0; let p = 1.0; do { k++; p *= Math.random(); } while (p > L && k < 10); return k - 1; }; let gWin = 0; let gLose = 0; const r = Math.random(); if (r < 0.75) { // Regular time win (90 mins) gLose = rollGoals(baseGoalExpected); gWin = gLose + 1 + rollGoals(0.7 + bonusGoal); return winnerIsTeam1 ? ${gWin} - ${gLose} : ${gLose} - ${gWin} ; } else if (r < 0.92) { // Extra time win (AET) const normalGoals = rollGoals(baseGoalExpected); gLose = normalGoals; gWin = normalGoals + 1; return winnerIsTeam1 ?

2026-06-25 原文 →
AI 资讯

GuardDuo — The AI Guardian That Keeps Vibe-Coding in Check

AI coding tools are incredible. But I noticed something — they ship code fast, skip the rules, and nobody catches it until it's already in production. That's exactly what GuardDuo is built to fix. The Problem We're in the age of vibe-coding. You describe what you want, the AI builds it, it works — and you ship it. But "works" and "correct" are two very different things. Imagine asking an AI to build a login form. It works perfectly. But under the hood it has hardcoded API keys, no input validation, missing aria-labels , and it's using fetch directly instead of your project's apiClient wrapper. Your Issue said none of that was allowed. Nobody caught it. That's the vibe-coding trap — and it's happening on every team using AI-assisted development right now. What is GuardDuo GuardDuo is a GitLab Duo Agent skill that acts as your AI guardian. Instead of just reviewing code in isolation, it cross-references your code changes against the actual intent of the linked GitLab Issue — using the Orbit Knowledge Graph , which is essentially the brain that knows your project's rules, requirements, and success criteria. In plain terms: GuardDuo reads what the Issue asked for , reads what the code actually does , and tells you exactly where they don't match. It audits across three dimensions: 🔐 Security — hardcoded secrets, SQL injection, missing input validation ♿ Accessibility — missing alt text, aria-labels , poor color contrast 📐 Standards — deviations from your project's established patterns and conventions And when it finds a problem, it doesn't just flag it — it fixes it. How It Works Just open GitLab Duo Chat or GitLab Agent Platform(on your choice of IDE) -> choose the agent as GuardDuo and type: Audit issue #[issue no.] — GuardDuo pulls the Issue context from Orbit, analyzes the code, and returns a structured report Fix issue #[issue no.] — GuardDuo generates a corrected implementation that satisfies all requirements Or paste any code snippet directly and ask it to audit o

2026-06-25 原文 →