Where does your software (really) come from? Keeping secrets out of public repositories GitHub Advanced Security Dependabot Introducing Artifact Attestations–now in public beta Software Bill of Materials (SBOM) 😶🌫️ Who in the world is Jia Tan?!