Press enter or click to view image in full sizeNested routes, or child routes, can be used when multiple router outlets are present in an Angular application. Why would we have multiple router outlets in the first place? Let’s take an example.Say you have an application with multiple screens (pages) that you can navigate to. One of these screens is a complex dashboard that includes a section with tabs. You could use the router to implement navigation within those tabs, using nested routes.This means we have a main router outlet as follows in the App component:<< MenuAnd then, in our…
Author: drweb
North Korean hackers are accused of hijacking the npm account of an axios maintainer, a highly popular and widely used JavaScript HTTP client library, in the latest in a growing number of sophisticated attacks targeting open-source software developers. For a brief few hours running from late March 30 into early March 31, the bad actors were able to hijack the npm account of the primary axios maintainer and publish two new malicious versions – “axios@1.14.1” and “axios@0.30.4” – that introduced a hidden runtime dependency, plain-crypto-js@4.2.1. When a developer or CI/CD pipeline ran the npm install, the dependency installed a remote…
Developers never really voiced any major desire to enter the age of AI coding; they always appeared quite happy to tap away at both chiclet and clacky mechanical keyboards into the wee small hours on manual coding tasks. But that relaxed indifference changed once real coding assistants came onto the scene. Among the most appealing tools in this space is Anthropic’s Claude Code, an AI-powered command-line coding assistant that helps developers write, edit, debug and automate code. But there’s no such thing as a free lunch or an unlimited Claude Code quota, even on the company’s $200 annual subscription deal.…
GitHub shipped four secret scanning updates in March that collectively represent the most significant expansion of the platform’s credential detection capabilities in months. The numbers: 37 new secret detectors across 22 providers; 39 token types now push-protected by default; new validity checks for AI and developer infrastructure tokens; and — most notably — secret scanning that now works inside AI coding agents through the GitHub MCP Server. For DevOps teams managing repositories where AI agents are increasingly generating code and opening pull requests, this last addition changes the security equation. What Shipped in March March 10: The big batch. 28…
I have a presentation on finding balance in your career that got quite a few people thinking and commenting on their own experiences. I decided to write a few posts supporting the ideas in the presentation, which my wife and I have used to both drive our careers forward while enjoying our lives.Just this week, I had an example.This is a series of posts on finding balance in your career.It Starts with a PictureMy daughter told me this happened Monday afternoon. This is one of our horse feeders, and as you can see, the bottom has fallen out.This happens periodically,…
Mar 23, 2026 Trivy supply chain compromise: What Docker Hub users should know On March 19, 2026, threat actors compromised Aqua Security’s CI/CD pipeline and used stolen credentials to push backdoored versions of the aquasec/trivy vulnerability scanner to Docker Hub. A second wave of compromised images followed on March 22. The malicious images contained an infostealer targeting CI/CD secrets, cloud credentials, SSH keys, and Docker configurations. This post summarizes what happened, what Docker did in response, and what you should do if you use Trivy. Read now
Amazon Web Services (AWS) today made a pair of artificial intelligence (AI) agents to manage DevOps workflows and conduct penetration tests generally available. Neha Goswami, director of Agentic DevOps at AWS, said AWS DevOps Agent provides software engineering teams with an always-available assistant that can automatically optimize application reliability and performance in addition to automating specific incident management tasks. The AWS Security Agent, meanwhile, provides on-demand penetration testing capability that reduces the time required to test an application for vulnerabilities and other security weaknesses from months to days, said Goswami. The overall goal is to provide DevOps teams with AI…
Mar 23, 2026 Trivy supply chain compromise: What Docker Hub users should know On March 19, 2026, threat actors compromised Aqua Security’s CI/CD pipeline and used stolen credentials to push backdoored versions of the aquasec/trivy vulnerability scanner to Docker Hub. A second wave of compromised images followed on March 22. The malicious images contained an infostealer targeting CI/CD secrets, cloud credentials, SSH keys, and Docker configurations. This post summarizes what happened, what Docker did in response, and what you should do if you use Trivy. Read now
Here’s a scenario every developer recognizes: You push code at 3 p.m., grab a coffee and return to a red dashboard. The errors point to a timeout in a service you didn’t touch. Your first instinct? Hit re-run. When that fails, you hit it again. This is the trust tax — the cost you pay when your test infrastructure loses credibility. It’s the thing that kills most CI/CD investments. Not bad technology. Not missing features. Just developers quietly deciding the results aren’t worth paying attention to. Three Metrics That Actually Matter I started tracking what predicts when developers give up on tests. It’s not code coverage or test count. What matters are three specific behaviors. Re-run rate is how often developers manually retry tests. When they’re hitting retry on more than 30% of their PRs, they’re not testing — they’re gambling. That 30% mark is where I’ve consistently seen the mental shift: Below it, developers assume failures are their fault. Above it, they…
On the internet, you will find plenty of tools for checking disk space usage in Linux. However, Linux has a strong built-in utility called ‘df‘. The ‘df‘ command stands for “disk filesystem“, it is used to get a full summary of available and used disk space usage of the file system on the Linux system. Using ‘-h‘ parameter with (df -h) will show the file system disk space statistics in “human-readable” format, which means it gives the details in bytes, megabytes, and gigabytes. In this guide, we’ll go beyond the basic flags and show you how to actually read df…