Skip to content

Instantly share code, notes, and snippets.

View mon-jai's full-sized avatar

Mon mon-jai

  • National Taipei University of Technology
  • Taiwan
  • 19:45 (UTC +08:00)
View GitHub Profile
adrienne /
Last active March 13, 2025 18:46
The Mullenweg/WPE Thing
thesamesam /
Last active March 12, 2025 15:55
xz-utils backdoor situation (CVE-2024-3094)

FAQ on the xz-utils backdoor (CVE-2024-3094)

This is a living document. Everything in this document is made in good faith of being accurate, but like I just said; we don't yet know everything about what's going on.

Update: I've disabled comments as of 2025-01-26 to avoid everyone having notifications for something a year on if someone wants to suggest a correction. Folks are free to email to suggest corrections still, of course.


  • Dogfooding is using an app or feature shortly before it's publically released.
  • The term dogfood comes from the expression "eating your own dogfood".
  • Fishfooding is using an app or feature really early in its development before it's even really finished.
  • The term "fishfood" actually comes from the Google+ team inside of Google.
  • Google+ was internally codenamed Emerald Sea.
runevision / Unity versions not affected by Unity Runtime
Created September 14, 2023 09:45
Unity versions not affected by Unity Runtime Fee

Unity versions not affected by Unity Runtime Fee

This is information that has been dug up by me and others in the Unity community. It's not official information from Unity (but most of the linked resources are). It is also not legal advise. I am not a lawyer.


Contrary to what Unity themselves are saying, for games made with these Unity versions, developers can elect not to be affected by a newer version of the Terms of Service that introduces the Unity Runtime Fee:

  • Unity 2022.x or earlier
  • Unity 2021.x LTS or earlier
Klerith /
Last active March 11, 2025 22:51
Node con TypeScript - TS-Node-dev simplificado

Node con TypeScript - TS-Node-dev (preferido)

  1. Instalar TypeScript y demás dependencias
npm i -D typescript @types/node ts-node-dev rimraf
  1. Inicializar el archivo de configuración de TypeScript ( Se puede configurar al gusto)
npx tsc --init --outDir dist/ --rootDir src
aileftech / hex-colors.txt
Created October 1, 2022 18:10
A Bash one-liner to produce a list of HEX color codes that read like (supposedly) valid English words
$ grep -P "^[ABCDEFabcdefOoIi]{6,6}$" /usr/share/dict/words | tr 'OoIi' '0011' | tr '[:lower:]' '[:upper:]' | awk '{print "#" $0}'
Verify Github on Galxe. gid:qgEqtqyhKfsVBpWCdU4fhS

The ffast and the Furious

This is a small and admittedly contrived demo showing how some weird but safe code could become vulnerable if run in an environment where some shared library has changed the FPU's FTZ/DAZ bits to force denormals to zero.

To run it:

# Create an empty file
$ touch gofast.c      
pudquick /
Last active February 24, 2025 18:19
Lightly "sandboxed" homebrew on macOS

brew is a bad neighbor

This isn't a guide about locking down homebrew so that it can't touch the rest of your system security-wise.

This guide doesn't fix the inherent security issues of a package management system that will literally yell at you if you try to do something about "huh, maybe it's not great my executables are writeable by my account without requiring authorization first".

But it absolutely is a guide about shoving it into its own little corner so that you can take it or leave it as you see fit, instead of just letting the project do what it likes like completely taking over permissions and ownership of a directory that might be in use by other software on your Mac and stomping all over their contents.

By following this guide you will:

  • Never have to run sudo to forcefully change permissions of some directory to be owned by your account
raysan5 /
Last active March 12, 2025 13:38
raylib vs SDL - A libraries comparison


In the last years I've been asked multiple times about the comparison between raylib and SDL libraries. Unfortunately, my experience with SDL was quite limited so I couldn't provide a good comparison. In the last two years I've learned about SDL and used it to teach at University so I feel that now I can provide a good comparison between both.

Hope it helps future users to better understand this two libraries internals and functionality.

Table of Content