Writing

Notes on software engineering, infrastructure, and DevSecOps.

Search posts

Search blog posts by title, description, or tag

  1. newThe npm Package Publishing Mental Model

    Things you need to do for npm trusted publishing to work, and the secure mental model behind it: OIDC identity chain, provenance attestation, and a complete GitHub Actions workflow.

    14 minnpmsecurityci-cdgithub-actionsoidcdevops

  2. Apple Home Key vs. UniFi Touch Pass: A Deep Technical Breakdown of How Your Phone Unlocks Doors

    A technical breakdown of how Apple Home Key and UniFi Touch Pass use the Secure Element, NFC, provisioning, and access control.

    14 minapplenfcsecuritysmart-homeunifi
GitHub
LinkedIn
X