Dave Hall skwashd

Purge GitHub Invites

Large organisations invite new users to GitHub all the time. Some times the user never accepts the invite. GitHub invites never expire. Long after the user has been forgotten they can still accept the invite. This is a potential security issue.

Back in September 2015 I asked GitHub to expose invite information via their API. In December 2016 GitHub launched their new Organization Memberships APIs, which included an endpoint for pending invitations. The initial implementation lacked information of when the invite was sent. GitHub added this property after I asked for it.

I created a script that uses this new API that checks for any invites which have been pending more than a week. If they exist they're pruged. I hope someone else finds this usef

I'm not Dow Jones

This script will audit your S3 buckets and flag those with configuration that might cause you to be the next Dow Jones.

Quick Start

Clone this gist - git clone https://gist.github.com/8bfcd7096558044dc84689ac05575fa8.git im-not-dow-jones
Change into the newly created directory - im-not-dow-jones
Install the dependencies - pip install -r requirements.txt
Setup your AWS credentials - aws configure (The account will need full access to your S3 buckets)
Set the excute bit on the script - chmod +x im-not-dow-jones.py

This code snippet is for exporting passwords stored in Google Chrome for use in 1Password. It generates a 1Password compatiable CSV file.

NOTE: Your password are exported as plain text. Take proper precautions when storing the file and use a secure deletion tool.

To export your passwords follow these steps:

visit chrome://settings-frame/passwords
Open the Chrome console (Mac: [Cmd] + [Option] + J / Windows or Linux: [Ctrl] + [Shift] + J`)

Let the Machines do the Work

Resources used during my DrupalCon Dublin presention:

Local pre commit hook
Travis Code Sniffer example
Sanitisation bot
Acquia Cloud API python client library
New Relic notification from Pantheon
2 repo deployments on github and platform.sh Coming Soon

This pre-commit hook is designed to be used for Drupal 7 and 8 sites.

Download the pre-commit file. Save it as .git/hook/pre-commit in your git repo. You need to ensure that the file is executable.

If you want this to be added to all new projects automatically, add it to your git init templates.

To install and PHP CodeSniffer for Drupal, please read the official documentation.

To see this working checking out this short YouTube video.

	#!/bin/sh

	# Enable modern TLS only mode for all sites on Cloudflare (max 50)
	#
	# Written by Dave Hall <[email protected]>
	# CC-0 License applies - https://creativecommons.org/publicdomain/zero/1.0/

	BASE_URI="https://api.cloudflare.com/client/v4"

	if [[ -z "${AUTH_EMAIL}" ]]; then

	<?php

	$aliases['local'] = array(
	'uri' => 'http://dev.example.com',
	'root' => '~/www',
	);

	from robot import Robot
	from ultrasonic import Ultrasonic
	us = Ultrasonic(13, 15)
	rbt = Robot(us)
	rbt.auto_pilot()

	<?xml version="1.0"?>
	<ruleset name="Combined Drupal Standard">
	<rule ref="Drupal" />
	<rule ref="DrupalPractice" />
	</ruleset>

	language: php
	sudo: false

	php:
	- 5.6

	install:
	# Remove xdebug to make composer faster.
	- phpenv config-rm xdebug.ini