Chris Swan
@cpswan.net
Engineer at Atsign & Dart GDE.
Husband, dad, maker, hacker, InfoQ editor, co-host TechDebtPodcast.
He/him.
#include stddisclaimer.h
Husband, dad, maker, hacker, InfoQ editor, co-host TechDebtPodcast.
He/him.
#include stddisclaimer.h
Midway Arcade Origins looks like the most recent non MAME compilation.
en.wikipedia.org/wiki/Midway_...
But I do love the MAME team’s dedication to preserving our gaming heritage
en.wikipedia.org/wiki/Midway_...
But I do love the MAME team’s dedication to preserving our gaming heritage
Midway Arcade Origins - Wikipedia
en.wikipedia.org
October 10, 2025 at 10:42 PM
Midway Arcade Origins looks like the most recent non MAME compilation.
en.wikipedia.org/wiki/Midway_...
But I do love the MAME team’s dedication to preserving our gaming heritage
en.wikipedia.org/wiki/Midway_...
But I do love the MAME team’s dedication to preserving our gaming heritage
Have you got all the games lined up on MAME?
October 10, 2025 at 6:37 PM
Have you got all the games lined up on MAME?
Good stuff, though I can't believe you got through it with just a single mention of SBOM.
Maybe a follow up with hachyderm.io/@vpetersson who's a friend of RedMonk and very active in that space?
Maybe a follow up with hachyderm.io/@vpetersson who's a friend of RedMonk and very active in that space?
Viktor Petersson (@vpetersson@hachyderm.io)
285 Posts, 27 Following, 38 Followers ·
hachyderm.io
October 10, 2025 at 12:50 PM
Good stuff, though I can't believe you got through it with just a single mention of SBOM.
Maybe a follow up with hachyderm.io/@vpetersson who's a friend of RedMonk and very active in that space?
Maybe a follow up with hachyderm.io/@vpetersson who's a friend of RedMonk and very active in that space?
Thanks. I'm starting to think the right compromise (at least for READMEs explaining how to verify) is something like:
--certificate-identity-regexp='^https://github.com/org/repo/.+'
Which will test that it came from where you'd expect (and further details are their in the JSON if needed).
--certificate-identity-regexp='^https://github.com/org/repo/.+'
Which will test that it came from where you'd expect (and further details are their in the JSON if needed).
October 9, 2025 at 12:16 PM
Thanks. I'm starting to think the right compromise (at least for READMEs explaining how to verify) is something like:
--certificate-identity-regexp='^https://github.com/org/repo/.+'
Which will test that it came from where you'd expect (and further details are their in the JSON if needed).
--certificate-identity-regexp='^https://github.com/org/repo/.+'
Which will test that it came from where you'd expect (and further details are their in the JSON if needed).
@adrianmouat.com I finally got around to trying this.
When verifying with cosign what do you use for your --certificate-identity flag?
Looks like this was something that used to 'just work' in earlier versions, but now the UX is much less friendly, presumably in the interests of securitay.
When verifying with cosign what do you use for your --certificate-identity flag?
Looks like this was something that used to 'just work' in earlier versions, but now the UX is much less friendly, presumably in the interests of securitay.
October 9, 2025 at 9:22 AM
@adrianmouat.com I finally got around to trying this.
When verifying with cosign what do you use for your --certificate-identity flag?
Looks like this was something that used to 'just work' in earlier versions, but now the UX is much less friendly, presumably in the interests of securitay.
When verifying with cosign what do you use for your --certificate-identity flag?
Looks like this was something that used to 'just work' in earlier versions, but now the UX is much less friendly, presumably in the interests of securitay.