Skip to content

Instantly share code, notes, and snippets.

View sethmlarson's full-sized avatar
🛡️

Seth Michael Larson sethmlarson

🛡️
847 followers · 22 following
View GitHub Profile
@sethmlarson
sethmlarson / slsa-notes.md
Last active January 28, 2023 23:20

SLSA + Python Notes

Created example project: https://github.com/sethmlarson/python-slsa-release-test

Python doesn't have a specific builder yet. Only have source attestation using the generic builder. Used: slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml

Attestation "subject.name" is taken as input from sha256sum, so check the output of that to ensure it's what you want (ie package.tar.gz vs dist/package.tar.gz) For this I had to include a cd dist/ && before the sha256sum * call. Not sure where this matters though?

Success:

@sethmlarson
sethmlarson / schema.json
Last active November 18, 2022 16:43
OpenAPI 3.1 JSON schema with $schema
{
"$id": "https://spec.openapis.org/oas/3.1/schema/2022-10-07",
"$schema": "https://json-schema.org/draft/2020-12/schema",
"description": "The description of OpenAPI v3.1.x documents without schema validation, as defined by https://spec.openapis.org/oas/v3.1.0",
"type": "object",
"properties": {
"$schema": {
"type": "string"
},
"openapi": {
@sethmlarson
sethmlarson / psf-cna-onboarding.md
Created August 2, 2023 20:23
PSF CNA onboarding materials
@sethmlarson
sethmlarson / pycodeorg.py
Created November 13, 2023 18:08
Simple module for querying data from py-code.org
# MIT License
#
# Copyright (c) 2023 Seth Michael Larson
#
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to deal
# in the Software without restriction, including without limitation the rights
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
# copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
@sethmlarson
sethmlarson / xar-generator.py
Created January 29, 2024 17:09
Simple script for constructing small XAR files (License: CC0-1.0)
"""
Simple script for constructing small XAR files.
License: CC0-1.0
"""
import datetime
import gzip
import hashlib
import io
import struct
@sethmlarson
sethmlarson / source-and-docs-dependencies.csv
Created May 1, 2024 20:54
Package Version Ecosystem
python 3.10.12 binary
adduser 3.118ubuntu5 deb
apt 2.4.11 deb
asymptote 2.78+ds-2 deb
base-files 12ubuntu4.4 deb
base-passwd 3.5.52build1 deb
bash 5.1-6ubuntu1 deb
biber 2.17-2 deb
bsdutils 1:2.37.2-4ubuntu3 deb
@sethmlarson
sethmlarson / pycon-us-2025.md
Last active April 22, 2025 18:30
#PyConUS2025