Skip to content

Instantly share code, notes, and snippets.

View hryvinskyi's full-sized avatar

Volodymyr Hryvinskyi hryvinskyi

37 followers · 1 following
View GitHub Profile
@hryvinskyi
hryvinskyi / 1 SRI hashes broke magento checkout (Magento 2.4.8-p3, 2.4.7-p8, 2.4.6-p13).md
Last active May 2, 2026 10:24
SRI hashes broke magento checkout (Magento 2.4.8-p3, 2.4.7-p8, 2.4.6-p13)

CSP Storage File Locking Patch

Overview

This patch addresses two critical issues in Magento's Content Security Policy (CSP) module:

  1. Race Condition: Fixes corrupted sri-hashes.json files caused by concurrent write operations during normal storefront operation, which results in malformed JSON and 500 checkout errors.

  2. Minification Support: Ensures that static.min.js and mixins.min.js are correctly loaded and their SRI hashes properly recorded when CSP and SRI are enabled along with JS bundling and minification enabled simultaneously.

Problems

@hryvinskyi
hryvinskyi / CVE-2025-54236_SessionReaper.md
Last active April 11, 2026 18:50
CVE-2025-54236 (SessionReaper) Security Patch

CVE-2025-54236 (SessionReaper) Security Patch

Problem

CVE-2025-54236 (SessionReaper) is a critical unauthenticated Remote Code Execution vulnerability (CVSS 9.1) affecting Magento 2 / Adobe Commerce.

  • Attack Vector: /customer/address_file/upload endpoint
  • Impact: Unauthenticated RCE via Phar deserialization

What the Patch Does

@ubermanu
ubermanu / README.md
Last active August 10, 2024 16:30
Setup Magento 2 MFTF tests in DDEV env
@estsaon
estsaon / wsl-port-forwarding.md
Last active February 22, 2025 14:58
How to SSH into WSL2 on an external Window

WSL:

  1. Install openssh-server:
sudo apt install openssh-server
  1. Add or uncomment following lines in /etc/ssh/sshd_config:
@nerzhulart
nerzhulart / Windows Defender Exclusions for Developer.ps1
Last active April 18, 2026 16:56 — forked from dknoodle/Windows Defender Exclusions VS 2017.ps1
Adds Windows Defender exclusions for developers (Visual Studio, JetBrains Rider, IntellIJ Idea, Git, MsBuild, dotnet, mono etc.)
$userPath = $env:USERPROFILE
$pathExclusions = New-Object System.Collections.ArrayList
$processExclusions = New-Object System.Collections.ArrayList
$pathExclusions.Add('C:\Windows\Microsoft.NET') > $null
$pathExclusions.Add('C:\Windows\assembly') > $null
$pathExclusions.Add($userPath + '\AppData\Local\Microsoft\VisualStudio') > $null
$pathExclusions.Add('C:\ProgramData\Microsoft\VisualStudio\Packages') > $null
$pathExclusions.Add('C:\Program Files (x86)\MSBuild') > $null
$pathExclusions.Add('C:\Program Files (x86)\Microsoft Visual Studio 14.0') > $null
@dfelton
dfelton / Magento 2 - tar exclusion parameters.MD
Last active March 27, 2024 10:45
Magento 2 - Directories to exclude when tarballing a site

Exclusion List

List of exclusion paramters for tar command. Focus put on image cache directories, tmp files, log files, and generated source files.

  • --exclude="./pub/media/*/*/cache"
  • --exclude="./pub/media/js"
  • --exclude="./pub/media/tmp"
  • --exclude="./pub/media/wysiwyg/.thumbs"
@finalfantasia
finalfantasia / improving_text_antialiasing_and_gui_performance_in_intellij_idea_on_openjdk_8.md
Last active May 5, 2025 21:11
Improving Text Anti-aliasing and GUI Performance in IntelliJ IDEA on OpenJDK 8

This is a list of tweaks to make IntelliJ IDEA work better with OpenJDK 8. Refer to System Properties for Java 2D Technology for the details of the options used below.

Note that the performance boost achieved via the OpenGL-based hardware acceleration pipeline is made possible by using the open-source Radeon driver (for AMD graphics cards) included in the latest stable version (10.3.3 as of now) of the Mesa 3D Graphics Library available in the official Fedora 21 stable repository. Therefore, the gained performance boost might vary based on the types of graphics cards and the versions of the drivers used in your system.

  1. Fixing Text Anti-aliasing in Fedora (Ubuntu users may skip this step.)
  2. Fixing text anti-aliasing in IntelliJ IDEA

In $IDEA_HOME/bin/idea64.vmoptions (or $IDEA_HOME/bin/idea.vmoptions on a x86 architecture), change