Inside the Trenches of CI/CD

Inside the Trenches of CI/CD

Stories, insights, and opinions from the team behind Mergify

Oct 23, 2025

5 min

read

The Magic (and Mayhem) Behind Our Config Deprecation Transformers

We built a "self-healing" system that fixes deprecated configs by opening PRs automatically. It worked like magic, until it didn't. Here's what we learned about the thin line between elegant automation and uncontrollable complexity.

Guillaume Risbourg

Oct 23, 2025

5 min

read

The Magic (and Mayhem) Behind Our Config Deprecation Transformers

We built a "self-healing" system that fixes deprecated configs by opening PRs automatically. It worked like magic, until it didn't. Here's what we learned about the thin line between elegant automation and uncontrollable complexity.

Guillaume Risbourg

Oct 23, 2025

5 min

read

The Magic (and Mayhem) Behind Our Config Deprecation Transformers

We built a "self-healing" system that fixes deprecated configs by opening PRs automatically. It worked like magic, until it didn't. Here's what we learned about the thin line between elegant automation and uncontrollable complexity.

Guillaume Risbourg

Oct 23, 2025

5 min

read

The Magic (and Mayhem) Behind Our Config Deprecation Transformers

We built a "self-healing" system that fixes deprecated configs by opening PRs automatically. It worked like magic, until it didn't. Here's what we learned about the thin line between elegant automation and uncontrollable complexity.

Guillaume Risbourg

Oct 22, 2025

7 min

read

TypeScript's import type: The Flag That Makes Builds Honest

TypeScript doesn’t run your code, but your bundler might think it does. Learn why marking your type imports with import type (and enabling `verbatimModuleSyntax`) makes your builds faster, cleaner, and more predictable.

Alexandre Gaubert

Oct 22, 2025

7 min

read

TypeScript's import type: The Flag That Makes Builds Honest

TypeScript doesn’t run your code, but your bundler might think it does. Learn why marking your type imports with import type (and enabling `verbatimModuleSyntax`) makes your builds faster, cleaner, and more predictable.

Alexandre Gaubert

Oct 22, 2025

7 min

read

TypeScript's import type: The Flag That Makes Builds Honest

TypeScript doesn’t run your code, but your bundler might think it does. Learn why marking your type imports with import type (and enabling `verbatimModuleSyntax`) makes your builds faster, cleaner, and more predictable.

Alexandre Gaubert

Oct 22, 2025

7 min

read

TypeScript's import type: The Flag That Makes Builds Honest

TypeScript doesn’t run your code, but your bundler might think it does. Learn why marking your type imports with import type (and enabling `verbatimModuleSyntax`) makes your builds faster, cleaner, and more predictable.

Alexandre Gaubert

Oct 15, 2025

5 min

read

Should We Still Write Docs If AI Can Read the Code?

AI can explain what code does — but not why it does it. This post explores how documentation is evolving in the age of AI, and why writing down human intent is becoming one of the most practical forms of AI alignment.

Alexandre Gaubert

Oct 15, 2025

5 min

read

Should We Still Write Docs If AI Can Read the Code?

AI can explain what code does — but not why it does it. This post explores how documentation is evolving in the age of AI, and why writing down human intent is becoming one of the most practical forms of AI alignment.

Alexandre Gaubert

Oct 15, 2025

5 min

read

Should We Still Write Docs If AI Can Read the Code?

AI can explain what code does — but not why it does it. This post explores how documentation is evolving in the age of AI, and why writing down human intent is becoming one of the most practical forms of AI alignment.

Alexandre Gaubert

Oct 15, 2025

5 min

read

Should We Still Write Docs If AI Can Read the Code?

AI can explain what code does — but not why it does it. This post explores how documentation is evolving in the age of AI, and why writing down human intent is becoming one of the most practical forms of AI alignment.

Alexandre Gaubert

Sep 25, 2025

4 min

read

Friends Don't Let Friends Use :latest

Floating versions like :latest, ^, and ~ promise convenience but deliver broken builds, hidden regressions, and supply chain risks. Here we explain why they undermine reproducibility and security and shows how to pin GitHub Actions, Docker images, and dependencies safely.

Mehdi Abaakouk

Sep 25, 2025

4 min

read

Friends Don't Let Friends Use :latest

Floating versions like :latest, ^, and ~ promise convenience but deliver broken builds, hidden regressions, and supply chain risks. Here we explain why they undermine reproducibility and security and shows how to pin GitHub Actions, Docker images, and dependencies safely.

Mehdi Abaakouk

Sep 25, 2025

4 min

read

Friends Don't Let Friends Use :latest

Floating versions like :latest, ^, and ~ promise convenience but deliver broken builds, hidden regressions, and supply chain risks. Here we explain why they undermine reproducibility and security and shows how to pin GitHub Actions, Docker images, and dependencies safely.

Mehdi Abaakouk

Sep 25, 2025

4 min

read

Friends Don't Let Friends Use :latest

Floating versions like :latest, ^, and ~ promise convenience but deliver broken builds, hidden regressions, and supply chain risks. Here we explain why they undermine reproducibility and security and shows how to pin GitHub Actions, Docker images, and dependencies safely.

Mehdi Abaakouk

Sep 18, 2025

6 min

read

Application vs. Database: Where Should Permissions Live?

Permissions drift is real: scattered checks, forgotten filters, and data leaks. PostgreSQL’s Row Level Security (RLS) flips the script: pushing verification into the database for stronger safety, but with trade-offs in debugging and performance.

Fabien Martinet

Sep 18, 2025

6 min

read

Application vs. Database: Where Should Permissions Live?

Permissions drift is real: scattered checks, forgotten filters, and data leaks. PostgreSQL’s Row Level Security (RLS) flips the script: pushing verification into the database for stronger safety, but with trade-offs in debugging and performance.

Fabien Martinet

Sep 18, 2025

6 min

read

Application vs. Database: Where Should Permissions Live?

Permissions drift is real: scattered checks, forgotten filters, and data leaks. PostgreSQL’s Row Level Security (RLS) flips the script: pushing verification into the database for stronger safety, but with trade-offs in debugging and performance.

Fabien Martinet

Sep 18, 2025

6 min

read

Application vs. Database: Where Should Permissions Live?

Permissions drift is real: scattered checks, forgotten filters, and data leaks. PostgreSQL’s Row Level Security (RLS) flips the script: pushing verification into the database for stronger safety, but with trade-offs in debugging and performance.

Fabien Martinet

Sep 10, 2025

14 min

read

The Origin Story of Merge Queues

From Bors and Homu to Bulldozer, Kodiak, Mergify, and now GitHub and GitLab, merge queues have shaped how we keep main branches green. This article traces their history, why they emerged, and how they became a standard in modern software development.

Julien Danjou

Sep 10, 2025

14 min

read

The Origin Story of Merge Queues

From Bors and Homu to Bulldozer, Kodiak, Mergify, and now GitHub and GitLab, merge queues have shaped how we keep main branches green. This article traces their history, why they emerged, and how they became a standard in modern software development.

Julien Danjou

Sep 10, 2025

14 min

read

The Origin Story of Merge Queues

From Bors and Homu to Bulldozer, Kodiak, Mergify, and now GitHub and GitLab, merge queues have shaped how we keep main branches green. This article traces their history, why they emerged, and how they became a standard in modern software development.

Julien Danjou

Sep 10, 2025

14 min

read

The Origin Story of Merge Queues

From Bors and Homu to Bulldozer, Kodiak, Mergify, and now GitHub and GitLab, merge queues have shaped how we keep main branches green. This article traces their history, why they emerged, and how they became a standard in modern software development.

Julien Danjou

Sep 8, 2025

4 min

read

What I Learned Building My First Jenkins Plugin

Building a Jenkins plugin sounded simple — until it became a crash course in Java, Jenkins internals, and community code review. Here’s what I learned, why the process surprised me, and how it now powers Mergify CI Insights.

Mehdi Abaakouk

Sep 8, 2025

4 min

read

What I Learned Building My First Jenkins Plugin

Building a Jenkins plugin sounded simple — until it became a crash course in Java, Jenkins internals, and community code review. Here’s what I learned, why the process surprised me, and how it now powers Mergify CI Insights.

Mehdi Abaakouk

Sep 8, 2025

4 min

read

What I Learned Building My First Jenkins Plugin

Building a Jenkins plugin sounded simple — until it became a crash course in Java, Jenkins internals, and community code review. Here’s what I learned, why the process surprised me, and how it now powers Mergify CI Insights.

Mehdi Abaakouk

Sep 8, 2025

4 min

read

What I Learned Building My First Jenkins Plugin

Building a Jenkins plugin sounded simple — until it became a crash course in Java, Jenkins internals, and community code review. Here’s what I learned, why the process surprised me, and how it now powers Mergify CI Insights.

Mehdi Abaakouk

Sep 5, 2025

8 min

read

Pull Request Management: Streamline Your Workflow with Automation

Pull requests are essential, but they don’t scale without automation. Learn PR basics, best practices, and how to automate reviews, tests, and merges with GitHub Actions or Mergify.

Julien Danjou

Sep 5, 2025

8 min

read

Pull Request Management: Streamline Your Workflow with Automation

Pull requests are essential, but they don’t scale without automation. Learn PR basics, best practices, and how to automate reviews, tests, and merges with GitHub Actions or Mergify.

Julien Danjou

Sep 5, 2025

8 min

read

Pull Request Management: Streamline Your Workflow with Automation

Pull requests are essential, but they don’t scale without automation. Learn PR basics, best practices, and how to automate reviews, tests, and merges with GitHub Actions or Mergify.

Julien Danjou

Sep 5, 2025

8 min

read

Pull Request Management: Streamline Your Workflow with Automation

Pull requests are essential, but they don’t scale without automation. Learn PR basics, best practices, and how to automate reviews, tests, and merges with GitHub Actions or Mergify.

Julien Danjou

Sep 4, 2025

6 min

read

Feature Branch Workflow: A Practical Guide for Git

A feature branch workflow is one of Git’s most popular strategies. Learn how it works, its pros and cons, and how modern automation (like merge queues) keeps feature branches fast, safe, and frustration-free.

Julien Danjou

Sep 4, 2025

6 min

read

Feature Branch Workflow: A Practical Guide for Git

A feature branch workflow is one of Git’s most popular strategies. Learn how it works, its pros and cons, and how modern automation (like merge queues) keeps feature branches fast, safe, and frustration-free.

Julien Danjou

Sep 4, 2025

6 min

read

Feature Branch Workflow: A Practical Guide for Git

A feature branch workflow is one of Git’s most popular strategies. Learn how it works, its pros and cons, and how modern automation (like merge queues) keeps feature branches fast, safe, and frustration-free.

Julien Danjou

Sep 4, 2025

6 min

read

Feature Branch Workflow: A Practical Guide for Git

A feature branch workflow is one of Git’s most popular strategies. Learn how it works, its pros and cons, and how modern automation (like merge queues) keeps feature branches fast, safe, and frustration-free.

Julien Danjou

Join our community on Slack

Join our community on Slack

Get tips, news, and resources from Mergify and its users.

Curious where your CI is slowing you down?

Try CI Insights — observability for CI teams.

Curious where your CI is slowing you down?

Try CI Insights — observability for CI teams.

Curious where your CI is slowing you down?

Try CI Insights — observability for CI teams.

Curious where your CI is slowing you down?

Try CI Insights — observability for CI teams.