Skip to content

Instantly share code, notes, and snippets.

View olaurendeau's full-sized avatar

Olivier Laurendeau olaurendeau

20 followers · 8 following
  • Briançon, France
View GitHub Profile
@olaurendeau
olaurendeau / README.md
Last active March 31, 2026 09:26
Detect compromised axios versions (1.14.1, 0.30.4) — npm supply chain attack 2026-03-31

🔍 check-axios-compromise.sh

Detects compromised axios versions (1.14.1, 0.30.4) and IOCs from the March 31, 2026 supply chain attack.

On March 31, 2026, the npm account of the lead axios maintainer was hijacked. Two malicious versions were published, injecting a phantom dependency plain-crypto-js@4.2.1 whose sole purpose is to execute a cross-platform RAT (Remote Access Trojan) via a postinstall hook. The malware self-destructs after execution — it deletes setup.js, overwrites its own package.json with a clean stub, and detaches from the process tree via nohup — making post-infection detection non-trivial.

Both versions were unpublished by npm within ~3 hours, but any npm install that ran during that window is potentially compromised.

📖 Full technical analysis: StepSecurity — axios Compromised on npm

@olaurendeau
olaurendeau / README.md
Last active November 27, 2025 14:15
Incubateur des territoires - Shai-Hulud Vulnerability Checker

🛡️ Shai-Hulud Vulnerability Checker

Script bash rapide pour détecter les paquets npm compromis par l'attaque supply-chain Shai-Hulud 2.0 (novembre 2024).

🚀 Utilisation

# Rendre le script exécutable
chmod +x check-shai-hulud-fast.sh
@olaurendeau
olaurendeau / README.md
Last active September 4, 2025 11:00

Mattermost Import Username Updater

This script updates usernames in a Mattermost JSONL import file to match existing users in a Mattermost instance. It's particularly useful when migrating from Slack to Mattermost and you need to ensure usernames in the import file match those of existing Mattermost users.

Requirements

  • Bash environment (macOS or Linux)
  • mmctl installed and configured with access to your Mattermost instance
  • The JSONL import file from Slack export
@olaurendeau
olaurendeau / README.md
Created February 23, 2024 09:03
Reorder google photos by their creation date, based on an export from google Takeout
@olaurendeau
olaurendeau / roman.php
Created May 21, 2021 15:16
Decimal to roman
<?php
function partToRoman($part, $one, $five, $ten) {
$romanPart = "";
if ($part >= 5) {
$romanPart = $five;
if ($part == 5) {
return;
}
}
@olaurendeau
olaurendeau / review.json
Created June 2, 2016 17:54
[
{"site_code":"3477","total_photo_count":6,"pref_photo_id":2,"photos":[{"id":0,"date_added":"2016-05-31T21:53:20+00:00","caption":{"text":"","locale":"es_ES"},"photo_sizes":{"thumbnail":{"url":"http:\/\/u.tfstatic.com\/restaurant_photos\/477\/3477\/169\/240\/9e9f7649c4f7308c20df2159171a38f8.jpg","pixel_height":"135","pixel_width":"240"},"small":{"url":"http:\/\/u.tfstatic.com\/restaurant_photos\/477\/3477\/169\/480\/9e9f7649c4f7308c20df2159171a38f8.jpg","pixel_height":"270","pixel_width":"480"},"medium":{"url":"http:\/\/u.tfstatic.com\/restaurant_photos\/477\/3477\/169\/612\/9e9f7649c4f7308c20df2159171a38f8.jpg","pixel_height":"344","pixel_width":"612"},"large":{"url":"http:\/\/u.tfstatic.com\/restaurant_photos\/477\/3477\/169\/664\/9e9f7649c4f7308c20df2159171a38f8.jpg","pixel_height":"374","pixel_width":"664"},"original":{"url":"http:\/\/u.tfstatic.com\/restaurant_photos\/477\/3477\/169\/1350\/9e9f7649c4f7308c20df2159171a38f8.jpg","pixel_height":"759","pixel_width":"1350"}}},{"id":1,"date_added":"2016-05-31
@olaurendeau
olaurendeau / restaurant.json
Created June 2, 2016 17:54
[
{"site_code":"3477","business_status":{"status":"Open"},"names":[{"name":"Botin","locale":"es_ES"}],"display_point":{"coordinates":{"latitude":40.41385,"longitude":-3.70816}},"additional_info":{"web_url":"http:\/\/www.lafourchette.com\/restaurant\/botin\/3477"}},
{"site_code":"8453","business_status":{"status":"Open"},"names":[{"name":"Auberge de Venise","locale":"fr_FR"}],"display_point":{"coordinates":{"latitude":48.841810724031,"longitude":2.3286499977112}},"additional_info":{"web_url":"http:\/\/www.lafourchette.com\/restaurant\/auberge-de-venise\/8453"}},
{"site_code":"11814","business_status":{"status":"Open"},"names":[{"name":"St. James - Gastro James Rosario Pino","locale":"es_ES"}],"display_point":{"coordinates":{"latitude":40.462183238522,"longitude":-3.6930201053619}},"additional_info":{"web_url":"http:\/\/www.lafourchette.com\/restaurant\/st-james-gastro-james-rosario-pino\/11814"}},
{"site_code":"14234","business_status":{"status":"Open"},"names":[{"name":"Matsuri Marbeuf","locale":"fr_FR"}],"di
@olaurendeau
olaurendeau / .gitconfig
Created December 15, 2015 15:46
.gitconfig
[user]
name = Olivier Laurendeau
email = o.laurendeau@gmail.com
[core]
autocrlf = input
editor = vim
excludesfile = ~/.gitignore
[http]
sslVerify = false
[alias]
@olaurendeau
olaurendeau / gist:4682671
Created January 31, 2013 12:58
mysql> explain SELECT DISTINCT r0_.id_reservation AS id_reservation0, r0_.create_dt AS create_dt1, l1_.phone AS phone2, r2_.name AS name3, c3_.code AS code4, p4_.name AS name5, r0_.create_dt AS create_dt6 FROM reservation r0_ INNER JOIN product p5_ ON r0_.id_product = p5_.id_product INNER JOIN product_localized_text p4_ ON p5_.id_product = p4_.id_product INNER JOIN campaign c3_ ON r0_.id_campaign = c3_.id_campaign INNER JOIN provider p6_ ON c3_.id_provider = p6_.id_provider INNER JOIN lfcustomer l1_ ON r0_.id_lfcustomer = l1_.id_lfcustomer INNER JOIN restaurant r2_ ON r0_.id_restaurant = r2_.id_restaurant INNER JOIN brand b7_ ON l1_.id_brand = b7_.id_brand INNER JOIN sale_type s8_ ON r0_.id_sale_type = s8_.id_sale_type WHERE r0_.is_request = 'listResa' ORDER BY r0_.create_dt DESC LIMIT 10 OFFSET 0;
+----+-------------+-------+--------+-----------------------------------------------------------------------------------------------------+----------------------+---------+------------------------------+-------+---
@olaurendeau
olaurendeau / test.php
Created November 17, 2012 18:36
test
$foo = new Foo();
$foo2 = clone $foo;
$foo->setFoo($foo2);