krlozadan

This is a summary of the OWASP YouTube video I watched, hosted by Katie Paxton:

Top 10 API vulnerabilities

1 - Broken Object Level Authorization

Check if the user has access to the resource being edited. You can check this by:

• Logging out and trying to access the resource OR
• Logging with a different user credential and try to edit the resource of someone else

krlozadan

// Future versions of Hyper may add additional config options,
// which will not automatically be merged into this file.
// See https://hyper.is#cfg for all currently supported options.

module.exports = {
  config: {
    // choose either `'stable'` for receiving highly polished,
    // or `'canary'` for less polished but more frequent updates
    updateChannel: 'stable',

krlozadan

# Queries

# Use fragments when we want to reuse fields for the same object
fragment sharedOrganizationFields on Organization {
  name
  url
  description
	websiteUrl
  repositories(first:2) {
    edges{

krlozadan

Pull from another repository without history using Git

Ok, so lets contextualize ourselves

• Let's say you have a main repo A which could be an open source project or a company project
• Project A served as blueprint for your next project, B. So you either forked or cloned A and removed the .git folder to have a clean git history
• You start working on project B as you would normally do

Now... at some point A changes and you want to pull those changes to B without getting the entire commit history. Maybe there's only 1 commit, maybe there's thousands.

krlozadan

#######################################################################
# Python mathematical operators
2 + 2 # Sum
2 - 2 # Substraction
2 * 2 # Multiplication
2 / 2 # Division (Always returns a float)
2 // 2 # Division (Returns an int loosing the decimal part)
2 ** 2 # Power

#######################################################################