Skip to content

Instantly share code, notes, and snippets.

View oiler's full-sized avatar

Justen Fox oiler

18 followers · 29 following
View GitHub Profile
@oiler
oiler / dockerize-untrusted-code.md
Created April 7, 2026 13:27
Running Untrusted Code in Docker on macOS

Running Untrusted Code in Docker on macOS

You downloaded a public repo from GitHub. It looked fine at the time. A month later, a dependency gets compromised, or a contributor pushes malicious code, or an auto-updater pulls something you didn't ask for. The code is on your filesystem. If it runs with your user permissions, it can read your SSH keys, your AWS credentials, your browser cookies — anything your user account can touch.

Docker fixes this. A container is an isolated Linux environment that only sees what you explicitly give it. No mounts means no access to your Mac's filesystem. No network flag means no outbound connections. The code runs, but it runs in a box.

This guide covers how to set that up from scratch on macOS.

@oiler
oiler / gist:182cc94d8fccf9718af756bdac2a6089
Last active February 10, 2026 17:07
Google Sheet Formula to convert names to lowercase values with no whitespace
=LOWER(
SUBSTITUTE(
SUBSTITUTE(
SUBSTITUTE(
SUBSTITUTE(
SUBSTITUTE(
SUBSTITUTE(
SUBSTITUTE(
SUBSTITUTE(
SUBSTITUTE(
@oiler
oiler / prospects_2022.md
Last active February 17, 2022 20:48
baseball prospect rankings - 2022
SNAME AVERAGE KLAW BA BP MLB
adleyrutschman 1 1 1 2 1
bobbywittjr 2 2 3 1 3
juliorodriguez 4 9 2 3 2
spencertorkelson 4 4 5 4 4
rileygreene 5 3 4 6 7
cjabrams 8 5 9 11 6
graysonrodriguez 8 14 6 5 8
franciscoalvarez 10 8 13 10 10
@oiler
oiler / .json
Created May 27, 2020 19:11
latest unminified json of candidate directory
This file has been truncated, but you can view the full file.
var candidates = [{
"id": 9483,
"link": "https:\/\/runforsomething.net\/candidates\/yassamin-ansari\/",
"first_name": "Yassamin",
"last_name": "Ansari",
"office": "Phoenix City Council, District 7",
"state": "AZ",
"city": "",
"bio": "Yassamin is an internationally recognized climate leader running for Phoenix City Council, District 7. She is an Arizona native, the...",
"photo_id": {
@oiler
oiler / rss-engineer-blogs
Last active July 3, 2025 13:00
RSS for Engineering Blogs
{
"https://blog.twitter.com/developer": "https://blog.twitter.com/api/blog.rss?name=developer",
"https://code.facebook.com/posts/": "https://code.facebook.com/posts/rss",
"http://blog.chromium.org/": "http://blog.chromium.org/feeds/posts/default",
"http://www.theguardian.com/info/developer-blog": "http://www.theguardian.com/info/developer-blog/rss",
"http://open.blogs.nytimes.com/": "http://open.blogs.nytimes.com/feed/",
"http://blog.apps.npr.org/": "http://blog.apps.npr.org/atom.xml",
"http://www.webperformancetoday.com/": "http://www.webperformancetoday.com/feed/",
"http://www.filamentgroup.com/lab/": "http://www.filamentgroup.com/lab/atom.xml",
"http://githubengineering.com/": "http://githubengineering.com/atom.xml",
@oiler
oiler / jquery-plugins
Last active August 29, 2015 14:08
jQuery plugin authoring
<!--
http://blog.teamtreehouse.com/writing-your-own-jquery-plugins
http://programmers.stackexchange.com/questions/160732/function-declaration-as-var-instead-of-function
-->
<html>
<head>
<meta charset="utf-8">
<meta name="viewport", content="width=device-width">
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js"></script>
</head>