The network for creativity
Join 1.25M professional creatives like you
Connect with clients, get discovered, and run your business 100% commission-free
Creatives on Contra have earned over $150M and we are just getting started
Back to feedPost
DevSecOps Pipeline — SAST, SCA, IaC Scanning & Keyless AWS Auth
Built a security-first CI/CD pipeline with GitHub Actions — security scanning at every stage, zero stored AWS credentials, and automated vulnerability detection before anything reaches production.
Security layers included:
Semgrep SAST for source code vulnerability scanning SonarQube quality gates with custom rule sets npm audit SCA for dependency vulnerabilities Checkov for Terraform and Kubernetes manifest scanning Dockerfile hardening with non-root user enforcement Kubernetes NetworkPolicy for pod-level traffic isolation GitHub Actions OIDC — zero stored AWS access keys Sealed Secrets for encrypted Kubernetes secret management
The network for creativity
Join 1.25M professional creatives like you
Connect with clients, get discovered, and run your business 100% commission-free
Creatives on Contra have earned over $150M and we are just getting started
Related posts
Title:
I built a design system generator inside Figma Make. Here's the workflow.
The problem I kept running into: every new client project meant re-explaining the brand to every AI tool from scratch. Figma Make didn't know the colors. Cursor didn't know the tokens. Claude didn't know the rules. I was the shared memory — and I kept losing things.
So I built Design System Gen. Entirely inside Figma Make. Powered by Claude API.
The workflow:
Upload brand references → Claude API analyzes them across 8 dimensions (palette, mood, typography, composition, lighting, texture, motion, UI DNA) → structured data, not vibes → generates 11 files, each formatted for a specific tool in your stack.
figma-make.md → paste once, Figma Make knows your entire design system
design-system.css → all tokens as CSS custom properties
tokens.json → W3C format, imports directly into Figma Variables
starter.tsx → React starter with tokens already bound
.cursorrules → Cursor knows your system from root
Claude.md → Claude reads it automatically every session
+ 5 more for docs, LLMs, prompts, components
Every tool gets its own context file. All consistent with each other.
The part I'm most proud of: I'm a designer. I don't write code. The entire tool — UI, API integration, file generation logic — was built and shipped inside Figma Make. No external hosting. No separate codebase.
Live at: vibecodingdsgen.figma.site
Add your Claude API key and try it with your own moodboard.
#FigmaMake #DesignSystem #VibeCoding #AI #Claude #UXUI #DesignSystems #ConfigMakeathon
As someone who constantly jumps between Figma, Claude, ChatGPT, Cursor, Lovable, and other AI tools, this problem feels very familiar 😅
The tools are getting smarter, but keeping context consistent is still surprisingly manual. Love seeing people tackle that gap.
I didn't believe the TypeScript 7 speed claims. So I benchmarked it on my own production app — not a toy repo.
1,358 source files. 260K+ lines. The live codebase behind lokerdollar.com.
One change: tsc → tsgo (TS7, rewritten in Go). Same tsconfig, same tree, --noEmit.
Cold type-check: 77.1s → 11.6s. 6.6× faster. −85% wall-clock.
Then the part most "10× faster" posts skip — I checked whether it still catches bugs. Seeded 4 classic type errors. Byte-identical diagnostics: same codes, same line and column. The speed isn't bought by missing errors.
But I'm not putting it in your CI yet — and here's the honest reason:
— It's a release candidate
— The native binary drops the JS typescript API, so typescript-eslint type-aware rules, ts-morph, ts-node and ts-jest break
— Custom transformers and incremental builds are still maturing
My call: run it now as a fast local / pre-PR check, and keep tsc as the authoritative CI gate until 7.0 ships stable. You get a 6.6× tighter local loop with zero risk to the pipeline.
The ~$190/year in saved runner minutes is rounding error. The real return is nobody waiting on a turtle.
#TypeScript #DevTools #WebDev
Designed Locc cybersecurity dashboard components focused on real-time threat monitoring, clean data visualization, and intuitive security operations control. 🔐📊
#Cybersecurity #DashboardDesign #UIUX
Trending
Claude
Claude has entered the design space. How are you using Claude Design?
Contra University
Learn from expert creatives how to earn more using next-gen AI tools.
MagicPath
The canvas is infinite, and exploration is becoming the workflow. How are you using MagicPath?
creativeaiflow
Creative AI workflows are evolving. What tools do you use, and what are their strengths and weaknesses?
freelancerlife
Freelancer life is wins, pivots, and everything in between. What’s yours right now?