Michael Heap
LightNews LightNews
banner
mheap.dev
Michael Heap
@mheap.dev
1.6K followers 21 following 12 posts
Sr Director of DevRel/DX at Kong | he/him | Wrote http://actionsbook.com | Board game fan | GitHub Star
Posts Replies Media Videos
Pinned
mheap.dev
Michael Heap @mheap.dev · Nov 24
More seriously, hi! I’m Michael. I do product-y type things with a focus on developer experience. Once upon a time I was a developer, but now that’s just at weekends.

I also talk about: weightlifting, parenting, hiking and games. Usually not in that order.

Say hello! We might just become friends ❤️
mheap.dev
The tj-actions/changed-files compromise prompted me to write up how I secure GitHub Actions workflows using SHAs without maintenance pain

Go from insecure to security conscious in < 15 minutes, including configuring automatic updates through Dependabot or Renovate

michaelheap.com/pin-your-git...
Pin your GitHub Actions
Secure your GitHub Actions by pinning them to commit SHAs, preventing supply chain attacks. Learn how to automate updates and enforce best security practices.
michaelheap.com
March 15, 2025 at 8:41 PM
Reposted by Michael Heap
thebasement.nz
Manager: "What's this milestone 'Living on a prayer' ?"
Me: "That's the documentation deliverable."
Manager: "What's the status of that?"
Me: "We're halfway there"
Manager: "Why is progress so slow?"
Me: "You fired Tommy"
Manager: "So?"
Me: "Tommy used to work on the docs"
February 23, 2025 at 9:12 PM
mheap.dev
More flights means more writing. This time, I've explicitly written down my thoughts on the quality <> speed <> scope tradeoff for teams that I work with (now, and in the future)

michaelheap.com/quality-spee...
Quality > Speed > Scope
Never compromise on quality. Never compromise on speed. Ship regularly, and deliver value faster.
michaelheap.com
February 23, 2025 at 2:05 PM
mheap.dev
More time on planes means more time to polish up old drafts.

This time, how to source your AWS credentials from 1Password when using the aws CLI

michaelheap.com/aws-credenti...
Using AWS credential_process and 1Password
Store your AWS credentials securely in 1Password and load them at runtime using the AWS CLI's `credential_process` helper
michaelheap.com
February 18, 2025 at 5:33 PM
mheap.dev
Some people think that one gigantic Slack channel is the way to communicate. I don't know why, but they do.

Don't be like them.

michaelheap.com/slack-channe...
Slack channels are free
Good Slack hygiene isn’t about having fewer channels - it’s about having the right channels.
michaelheap.com
February 13, 2025 at 12:07 PM
Reposted by Michael Heap
julesh.mathstodon.xyz.ap.brid.gy
"Bikeshedding" is a potentially confusing term, we should discuss possible options for alternative names
December 19, 2024 at 4:46 PM
mheap.dev
This week’s festival of consumerism has been a great success*

After many years of “this will last a little longer” I bit the bullet and replaced everything that’s > 5 years old (most are 8-10)

* (for some definition of success)
December 1, 2024 at 5:45 PM
mheap.dev
I planned to write something insightful as my pinned intro post, but then I saw this.

Introduce yourself with four video games:
Final Fantasy 7 Left 4 Dead Hades League of Legends
November 24, 2024 at 7:04 PM
mheap.dev
Hello! Yes, you there. The one looking at a screen

I heard early tech twitter was having a resurgence here

I left the bird site about 2 years ago and have happily been social-free since then

But now it’s time to come back. I’ve missed you all, and can’t wait to get to know you all over again
November 20, 2024 at 9:11 AM