- Use yarn to avoid accidentally running code from un-installed packages
sh-3.2$ npx tsc --init
This is not the tsc command you are looking for
To get access to the TypeScript compiler, tsc, from the command line either:
Sander Verweij sverweij
🌪️
sverweij
/ gist:5802e6234e91999790642993aa596b09
Last active
May 14, 2024 19:05
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # the grep --invert-match to prevent deletion of branches you'd want to keep no matter what | |
| git branch | grep LCM | grep --invert-match master | sed s/^/git\ branch\ -D/g | sh |
- for the package in your npmjs account set the publishing access to "Require two-factor authentication or an automation or granular access token" (with just two-factor auth publishing will bork).
- in your npmjs account create an automation token (or a 'finegrained' one) and remember the key to paste ...
- under your repo's settings -> secrets and variables -> actions add an NPM_TOKEN and paste the key from your npmjs account in it
- add below workflow files to .github/workflows
- the setup uses
npm clean-install(=npm ci) so it needs a package-lock.json- change .npmrc so it allows for package locks
- ensure .gitignore doesn't contain a line for package-locks
- run
npm ito generate the package lock
- commit & push the shebang
- on GitHub create a release (or prerelease)
You have a cookie that stores a client's session id. To validate the session you probably need to check it against a server. An attacker might exploit this. E.g. with the big list of naughty strings [^0], or with a big string crafted for the occasion.
We're going to look at one such example and try to find a way to prevent these attacks
sverweij
/ gist:42822db443561886c8c48da791dd36a4
Created
February 6, 2023 21:59
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| {SAFe} ∩ {Agile} = ∅ |
sverweij
/ .gitconfig
Created
November 22, 2022 12:46
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This is Git's per-user configuration file. | |
| [user] | |
| name = redacted | |
| email = [email protected] | |
| signingkey = REDACTED3REDACTE | |
| [credential] | |
| helper = osxkeychain | |
| [format] | |
| pretty = %Cred%h%Creset -%C(yellow)%d%Creset %s %Cgreen(%cr) %C(bold blue)<%an>%Creset | |
| [alias] |
sverweij
/ sourcmapthings.md
Created
March 15, 2022 21:17
gpg --full-generate-keyAnd follow the instructions. For e-mail address us the [email protected] from your github profile
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // bookmarklettalize with e.g. https://chimurai.github.io/bookmarklet/ | |
| /* global document */ | |
| /* eslint-disable no-console, unicorn/prevent-abbreviations, security/detect-object-injection */ | |
| function htmlCollectionToArray(pElementArray) { | |
| let lReturnValue = []; | |
| for (let lElement of pElementArray) lReturnValue.push(lElement); | |
| return lReturnValue; | |
| } |
NewerOlder