Content and examples for TPM Pills, a site that introduces Trusted Platform Modules (TPM) with a series of short articles.
The repository provides a Nix definition which embed everything:
nix-build -A html-split && open result/tpm-pills/index.htmlIf you are not familiar with Nix, to build the site locally, you will need to have mdbook + mdbook-linkcheck and run:
mdbook build && open result/tpm-pills/index.htmlNote
For those interested in understanding the motivations behind this approach, I recommend reading Filippo Valsorda's thoughts on Dependabot.
This project does not rely on automated dependency update tools like Dependabot. When managing multiple projects in parallel, such tools generate more noise than value.
Instead, this project follows a pragmatic, security-first approach:
govulncheckruns daily to detect vulnerable dependencies. When a vulnerability is identified → we bump the affected dependency.- Feature-driven updates: Dependencies are updated when the project needs a new feature provided by a newer version.
go testruns daily with the latest dependency versions to detect breaking changes early.
This approach balances security with intentionality, ensuring updates happen for concrete reasons rather than on autopilot.
This work is copyright Loïc Sikidi and licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International.